Netskope Inc v. Fortinet Inc

1. Case Identification

• Case #: IPR2022-01587
• Patent #: 10,237,282
• Filed: October 6, 2022
• Petitioner(s): Netskope, Inc.
• Patent Owner(s): Fortinet, Inc.
• Challenged Claims: 1-8, 11-18

2. Patent Overview

• Title: Methods and Systems for Data Leak Prevention (DLP) in an Enterprise Network
• Brief Description: The ’282 patent discloses a data leak prevention system where a network security device, such as a gateway, intercepts outbound files. The device inspects files for embedded digital watermarks, compares information within the watermark (e.g., company identifier, sensitivity level) against a database of filtering rules, and takes a specified action (e.g., blocking the file) if a rule is matched.

3. Grounds for Unpatentability

Ground 1: Claims 1-2 and 11-12 are obvious over Nagayama and Crawford.

• Prior Art Relied Upon: Nagayama (EP 1 063 833) and Crawford (Patent 7,966,654).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that Nagayama disclosed the core system of the independent claims: a filtering device positioned between an internal and external network that protects against data leakage. Nagayama’s device extracts electronic watermarks from outbound data, compares the watermark information against a database of filter rules (based on source, destination, and watermark type), and takes a specified action (e.g., enabling/disabling transfer). Petitioner asserted that Crawford supplemented this by teaching the use of filter policies in a firewall that explicitly specify a network service (e.g., HTTP, FTP) for which a rule is active.
  • Motivation to Combine: A Person of Ordinary Skill in the Art (POSITA) would combine Nagayama and Crawford to improve the flexibility and security of Nagayama's content filtering system. While Nagayama taught filtering based on protocol, Crawford provided the obvious next step of incorporating specific network services into the filter rules. This would allow for more granular control, as different network services (like web-based email) were known to pose different security risks.
  • Expectation of Success: A POSITA would have a reasonable expectation of success because filtering traffic based on network service was a well-known and finite criterion for network security devices.

Ground 2: Claims 3, 5-8, 13, and 15-18 are obvious over Nagayama, Crawford, and Sharma.

• Prior Art Relied Upon: Nagayama (EP 1 063 833), Crawford (Patent 7,966,654), and Sharma (Application # 2005/0271246).
• Core Argument for this Ground:
  • Prior Art Mapping: This ground builds on the Nagayama and Crawford combination by adding the teachings of Sharma. Petitioner contended that Sharma disclosed applying a hash function to a watermark payload to create a fixed-length, secure watermark value. The dependent claims challenged under this ground require this hashing of a watermark payload that contains information like a user/company identifier and sensitivity level. Petitioner argued that Nagayama disclosed a watermark payload with company and sensitivity information, making it the obvious subject for Sharma's hashing technique. Other dependent claims, such as converting the hash to Base-64 (claim 5) or using a separate client program to embed the watermark (claim 6), were also taught by the prior art or would have been obvious design choices.
  • Motivation to Combine: A POSITA would combine Sharma with the Nagayama/Crawford system to improve its security and efficiency. Applying a hash function, as taught by Sharma, would prevent watermark tampering and standardize the watermark length, making detection more reliable and efficient. Hash functions were well-known and widely applied to watermarks to yield these predictable benefits.
  • Expectation of Success: Combining these known elements—a watermarking system, network service filtering, and watermark hashing—was argued to be a predictable combination of prior art elements to achieve a more robust and secure data leak prevention system.

Ground 3: Claims 1-2 and 11-12 are obvious over Jones and Crawford.

• Prior Art Relied Upon: Jones (Patent 7,298,864) and Crawford (Patent 7,966,654).

• Core Argument for this Ground:

  • Prior Art Mapping: Petitioner presented Jones as an alternative primary reference to Nagayama. Jones disclosed a system to control document transmission using digital watermarks, specifically an email server with a Watermark Detection and Reading Program (WDRP). The WDRP inspected outgoing emails for watermarks containing fields like owner identification and a confidentiality flag. Based on a database of transfer rules, the WDRP would take an action, such as blocking the email or logging the transmission. Petitioner asserted, as in Ground 1, that Crawford provided the teaching of adding network-service-specific criteria (HTTP, FTP, etc.) to the filtering rules.
  • Motivation to Combine: A POSITA would combine Jones and Crawford to expand Jones’s primarily email-focused system into a more comprehensive solution. Jones already contemplated application to FTP and web servers, and Crawford provided the explicit mechanism for managing policies across these multiple network services from a single database. This would improve the scope, efficiency, and security of the system.
  • Expectation of Success: Combining Jones's watermark-based rules with Crawford's network-service-based policies would have been a straightforward and predictable integration for a POSITA seeking to create a more robust data filtering system.

• Additional Grounds: Petitioner asserted additional obviousness challenges, including combinations incorporating Hawthorn (Application # 2013/0347085) to explicitly teach web-based email and device synchronization services, and Wolge (Application # 2010/0017436) to teach the specific use of a Fowler-Noll-Vo hash function as recited in claims 4 and 14.

4. Key Claim Construction Positions

• Petitioner argued that the term "watermark" was explicitly defined by the patentee in the specification. Based on this definition, Petitioner contended that a "watermark" must include two components: (1) information indicative of a source, owner, or company identifier, and (2) a sensitivity level. This proposed construction was central to Petitioner's arguments that prior art references teaching watermarks with such information met the claim limitations.

5. Arguments Regarding Discretionary Denial

• Petitioner argued that discretionary denial under §325(d) would be inappropriate. The argument was based on the fact that the examiner allowed the ’282 patent's claims without citing or discussing any prior art during the original prosecution. Therefore, Petitioner contended that the art and arguments presented in the petition were entirely new and had never been considered by the USPTO, weighing strongly against discretionary denial.

6. Relief Requested

• Petitioner requests institution of an inter partes review and cancellation of claims 1-8 and 11-18 of Patent 10,237,282 as unpatentable under 35 U.S.C. §103.