PTAB

IPR2022-00259

Cisco Systems Inc v. SecurityProfiling LLC

Log In
Key Events
Petition
petition

1. Case Identification

2. Patent Overview

  • Title: Management of Security of Computing and Network Devices
  • Brief Description: The ’063 patent discloses a security server that collects operating system and configuration data from network devices. The server uses this data to determine if network traffic is attempting to exploit a known vulnerability and, if so, selects one or more remediation techniques to mitigate the threat.

3. Grounds for Unpatentability

Ground 1: Claims 10, 11, 39, and 58 are obvious over Willebeek-LeMair.

  • Prior Art Relied Upon: Willebeek-LeMair (Patent 7,359,962) (“W-L”).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that W-L, by itself, discloses every limitation of the challenged claims. W-L describes a unified network security appliance that integrates firewall, intrusion detection system (IDS), and vulnerability assessment scanner (VAS) functionalities. Petitioner mapped the claim limitation of receiving "first vulnerability information" from a "first data storage" that was generated using "second vulnerability information" from a "second data storage" to W-L's system. Specifically, W-L’s threat aggregation functionality (the "second data storage") stores threat information and detection signatures ("second vulnerability information"). A security management agent uses this information to generate tailored signatures ("first vulnerability information") that are stored locally (the "first data storage"). These tailored signatures are then used to identify device configurations (e.g., specific operating systems), determine if those devices are vulnerable to a threat, and cause diverse mitigation actions, including firewall blocking and terminating sessions, thereby meeting the limitations of independent claims 10 and 39. Dependent claims 11 and 58 were argued to be obvious for similar reasons, with W-L's disclosure of instantiating signatures prior to detecting an attack rendering the "prior to the occurrence" limitation obvious.

Ground 2: Claims 10, 11, 39, and 58 are obvious over Gupta in view of Graham.

  • Prior Art Relied Upon: Gupta (Application # 2003/0004689) and Graham (Patent 7,237,264).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner asserted that Gupta taught most limitations of the challenged claims and Graham supplied the remaining teachings for a firewall-based mitigation type. Gupta discloses a security system where a hierarchical attack categorization module ("second data storage") generates an "attack file" containing actual vulnerability information ("first vulnerability information") for a target platform. This attack file, stored in a download module ("first data storage"), includes device configuration data (e.g., operating system) used to determine specific vulnerabilities. Gupta also discloses providing mitigation options, such as terminating TCP connections, and displaying intrusion-related information to a user via a graphical user interface. Graham was cited for its disclosure of using firewall-based precautionary measures, such as blocking incoming data transmissions from a suspect node, to prevent attacks.
    • Motivation to Combine: Petitioner argued a person of ordinary skill in the art (POSITA) would combine the teachings of Gupta and Graham to improve Gupta's vulnerability management system. A POSITA would have found it obvious to incorporate the conventional firewall-based mitigation actions taught by Graham into Gupta's system to provide a more robust and diverse set of corrective actions for identified threats.
    • Expectation of Success: The combination involved applying a known technique (Graham's firewalling) to a similar system (Gupta's security framework) to achieve a predictable improvement in security functionality.

4. Arguments Regarding Discretionary Denial

  • §325(d) Arguments: Petitioner argued discretionary denial under 35 U.S.C. §325(d) was inappropriate. The primary combination of Gupta and Graham was not considered during prosecution. Although W-L was cited by the examiner, Petitioner contended the evaluation was cursory and involved material error. Specifically, the examiner allegedly overlooked W-L's clear teachings on identifying an occurrence, determining vulnerability based on device configuration, and selectively utilizing diverse mitigation actions including a firewall—the very concepts that formed the basis for allowance.
  • Fintiv Arguments: Petitioner asserted that discretionary denial under Fintiv was unwarranted. The parallel district court litigation was in its nascent stages, having been filed only six weeks prior to the petition, with minimal investment by the parties and no trial date scheduled. Petitioner argued the Board's Final Written Decision would issue well before any potential trial. Further, Petitioner noted only a partial overlap in challenged claims between the IPR and the litigation and stipulated it would not pursue the same invalidity grounds in district court if the IPR was instituted.
  • General Plastic Arguments: As this was Petitioner’s second IPR against the ’063 patent, Petitioner argued against denial under General Plastic. It contended the second filing was necessitated by the Patent Owner’s litigation strategy of dismissing an earlier complaint and filing a new one asserting different claims (notably dependent claim 11). This petition was filed to address these newly asserted claims.

5. Relief Requested

  • Petitioner requests institution of an inter partes review (IPR) and cancellation of claims 10, 11, 39, and 58 of Patent 10,609,063 as unpatentable.