PTAB

IPR2024-00498

Cisco Systems Inc v. UMBRA Technologies Ltd

Log In

1. Case Identification

2. Patent Overview

  • Title: Multi-Perimeter Firewall in the Cloud
  • Brief Description: The ’482 patent discloses a distributed, cloud-based firewall system that provides a layered security defense. The system uses a first perimeter firewall for stateful packet inspection and a second perimeter firewall for deep packet inspection, with the deep packet inspection being performed on a cloned copy of network traffic to avoid interrupting data flow.

3. Grounds for Unpatentability

Ground 1: Obviousness over Shieh and Potti - Claims 1-26 are obvious over Shieh in view of Potti.

  • Prior Art Relied Upon: Shieh (Patent 8,955,093) and Potti (Application # 2007/0156919).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Shieh discloses all major architectural elements of the challenged claims. Shieh teaches a distributed firewall system located in the cloud that uses various modules, including "security processing modules" and "service processing modules," which can be located at different perimeters. Petitioner mapped these modules to the claimed access point servers and perimeter firewalls. Shieh further discloses that its firewall modules perform a variety of security functions, including deep packet inspection (DPI). While Shieh does not use the explicit term "stateful packet inspection," Petitioner contended that its disclosure of stateful, session-based packet processing using session tables would have been understood by a person of ordinary skill in the art (POSITA) as teaching this industry-standard firewall function. The primary limitation Petitioner argued was not expressly disclosed in Shieh is performing the DPI on a "cloned copy of traffic." To supply this element, Petitioner relied on Potti, which explicitly teaches performing resource-intensive DPI on copied packets to avoid interrupting the primary traffic flow, a known technique to address latency issues.
    • Motivation to Combine: Petitioner asserted that a POSITA would combine Shieh’s distributed cloud firewall with Potti’s offline inspection method to solve a known problem. A POSITA implementing Shieh's system would recognize that inline DPI could create undesirable latency. To improve performance, particularly for latency-sensitive applications, the POSITA would have looked to known solutions and found Potti's method of performing DPI on cloned traffic. The motivation was to gain the benefits of Shieh's scalable, multi-layer security architecture while simultaneously achieving the performance advantages of Potti's non-disruptive inspection technique.
    • Expectation of Success: A POSITA would have had a reasonable expectation of success in this combination. The integration involved applying a well-understood technique (offline packet inspection from Potti) to a known system architecture (Shieh's distributed firewall) to achieve the predictable result of improved performance without sacrificing security.

4. Arguments Regarding Discretionary Denial

  • Petitioner argued that discretionary denial under §325(d) is unwarranted because the primary prior art references, Shieh and Potti, were not considered during prosecution. Petitioner asserted that the Shieh reference is substantially different from a related "Shieh 2" reference that was before the examiner, particularly in its disclosure of stateful session processing.
  • Petitioner further argued against discretionary denial under §314(a) based on the Fintiv factors. It contended that the petition's merits are exceptionally strong and offered a Sotera-style stipulation, agreeing not to pursue the same invalidity grounds in co-pending district court litigation if the inter partes review (IPR) is instituted. Petitioner also noted that the related litigation is in a very early stage, with no trial date set and minimal investment, and that a Final Written Decision in the IPR would issue well before any potential trial.

5. Relief Requested

  • Petitioner requests institution of an IPR and cancellation of claims 1-26 of the ’482 patent as unpatentable.