PTAB

IPR2024-00677

Cisco Systems Inc v. InfoExpress Inc

Key Events

Petition

petition

1. Case Identification

Case #: IPR2024-00677
Patent #: 8,578,444
Filed: March 26, 2024
Petitioner(s): Cisco Systems, Inc. and Fortinet, Inc.
Patent Owner(s): InfoExpress Inc.
Challenged Claims: 1-7, 10, 12, 17, and 22

2. Patent Overview

Title: Method and System for Auditing a Device on a Protected Network
Brief Description: The ’444 patent discloses a network security method where a device seeking access is first connected to a restricted network subset. A "gatekeeper" audits the device by applying security policies, and if the device complies, it is granted access to a less-restricted network subset, often by reconfiguring an access point.

3. Grounds for Unpatentability

Ground 1: Claims 1-7, 10, 12, 17, and 22 are obvious over Krantz in view of Herrmann.

Prior Art Relied Upon: Krantz (Application # 2004/0111520) and Herrmann (Application # 2004/0107360).
Core Argument for this Ground:
- Prior Art Mapping: Petitioner argued that Krantz discloses the core framework of the challenged claims. Krantz teaches a method for providing controlled network access where a client device connects to an access point and is authenticated by a server (a "gatekeeper") before being granted access to different network segments (e.g., VLANs). This process involves using credentials as "audit data" and employing protocols like EAP and 802.1x, satisfying the fundamental limitations of auditing, authentication, and connecting via an access point as recited in independent claims 1 and 22.
  
  Petitioner asserted that Herrmann remedies a key deficiency in Krantz by teaching the use of a software "policy agent" running on the client device. This agent retrieves detailed system information—such as the status of antivirus software—as part of the security audit. Petitioner contended this maps directly to the claim limitations of "sending a request for audit data to an agent running on the device" and receiving audit data "obtained by the agent." The combination of Krantz's access control architecture with Herrmann's agent-based device integrity checks allegedly renders every limitation of the independent claims obvious.
  
  Dependent claims were argued to be obvious as they recite features well-known in the art or explicitly taught by the combination. For example, configuring the access point (claim 2) by assigning an access control list (claim 3) or a VLAN (claim 4) was described as inherent to the VLAN-based architecture of Krantz. Similarly, the continuous or updated auditing recited in claims 5-7 and 22 was taught by Herrmann's periodic "HEARTBEAT" messages and Krantz's session timeout/re-authentication mechanisms.
- Motivation to Combine: Petitioner contended that a person of ordinary skill in the art (POSITA) would combine Krantz with Herrmann to enhance network security, a primary goal of both references. Krantz provided a robust system for authenticated access, but its policies were largely based on user credentials. Herrmann addressed the known problem of ensuring the connecting device itself is secure (e.g., has updated antivirus software). A POSITA would combine Herrmann's agent-based integrity check into Krantz's framework as a logical next step to create a more secure, automated access system that verifies both the user and the device's health.
- Expectation of Success: A POSITA would have a high expectation of success because both systems were designed for network security and utilized compatible technologies. Herrmann's policy agent was designed to communicate using the EAP protocol, the same protocol explicitly disclosed for authentication in Krantz. Therefore, integrating Herrmann’s agent into the Krantz system would have been a straightforward software modification.

4. Arguments Regarding Discretionary Denial

Arguments against §325(d) Denial: Petitioner argued that denial under 35 U.S.C. §325(d) is unwarranted because the asserted prior art, Krantz and Herrmann, was never cited or considered by the examiner during the prosecution of the ’444 patent. The petition therefore presented new arguments and evidence not previously before the Office.
Arguments against §314(a) Denial (Fintiv): Petitioner argued that the Fintiv factors weigh strongly against discretionary denial of institution under 35 U.S.C. §314(a).
- Stay & Trial Date: No stay has been requested in the parallel district court litigation, and the trial date is projected for mid-to-late 2027, well after a Final Written Decision (FWD) would issue in this inter partes review (IPR) by August 2025.
- Investment & Overlap: The parallel litigation is in its early stages with minimal party investment. Furthermore, the Patent Owner is asserting only a subset of the challenged claims in that litigation, reducing the overlap with this proceeding.
- Strength of Petition: Petitioner asserted that the merits of the petition are particularly strong, as Krantz and Herrmann disclose nearly identical architecture to the ’444 patent to solve the same problem.

5. Relief Requested

Petitioner requests institution of an IPR and cancellation of claims 1-7, 10, 12, 17, and 22 of the ’444 patent as unpatentable.