PTAB

IPR2024-00679

Cisco Systems Inc v. InfoExpress Inc

Log In
Key Events
Petition
petition

1. Case Identification

2. Patent Overview

  • Title: Method and System for Granting Access to a Protected Network
  • Brief Description: The ’484 patent discloses a method for controlling access to a protected computer network that is logically divided into a restricted subset and a less-restricted subset. An access device must first connect to the restricted subset, where a "gatekeeper" applies security policies before reconfiguring a communication port to grant the device access to the less-restricted subset.

3. Grounds for Unpatentability

Ground 1: Obviousness over Krantz and Herrmann - Claims 28, 38-39, 41-43, 53, 56-59, 61-63, and 65-68 are obvious over Krantz in view of Herrmann.

  • Prior Art Relied Upon: Krantz (Application # 2004/0111520) and Herrmann (Application # 2004/0107360).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Krantz discloses the core architecture of the ’484 patent. Krantz teaches a network logically divided using VLANs into a restricted subset (VLAN B) and a less-restricted subset (VLAN C). An access device (client) requests access via an access point to a server (the "gatekeeper" in Krantz) located in the restricted subset. This server authenticates the device and, if authorized, reconfigures the network connection to allow the device to access resources on the less-restricted subset without data passing through the server. Petitioner contended that Herrmann teaches the missing element: enforcing a security policy that audits the device's security status. Herrmann discloses using a client-side "policy agent" to retrieve system data (e.g., antivirus status) and report it to a policy server. If the device complies with the policy, access is granted. Petitioner asserted that adding Herrmann's device-level security check to Krantz’s authentication framework renders the challenged claims obvious.
    • Motivation to Combine: Petitioner argued a POSITA would combine Krantz and Herrmann to improve the security of the network access system taught by Krantz. Krantz already describes a security policy based on user authentication, and Herrmann addresses the well-known problem of client devices infected with viruses compromising a network. Incorporating Herrmann’s device integrity checks (e.g., ensuring up-to-date antivirus software) into Krantz’s access control process would have been a logical and predictable step to enhance overall network security by preventing compromised devices from gaining access. Both references are in the same field of endeavor (network security) and address complementary aspects of the same problem.
    • Expectation of Success: Petitioner asserted a POSITA would have had a reasonable expectation of success because the combination required only minimal changes to Krantz's system. Herrmann’s policy agent is a client-side component designed to work with the Extensible Authentication Protocol (EAP), the same protocol utilized in Krantz’s system. This compatibility would make the integration of Herrmann’s security agent into Krantz's client device straightforward, resulting in a predictable and functional combined system.

4. Arguments Regarding Discretionary Denial

  • Petitioner argued that discretionary denial under 35 U.S.C. §325(d) is unwarranted because neither Krantz nor Herrmann was cited or considered during the original prosecution of the ’484 patent.
  • Petitioner further argued against discretionary denial under Fintiv. It was asserted that the district court trial date in the parallel litigation is projected for mid-2027, well after the statutory deadline for a Final Written Decision (FWD) in this inter partes review (IPR). Petitioner also contended that the parallel litigation is in its early stages with minimal investment and discovery, and that only a subset of the challenged claims are at issue in that proceeding. Finally, Petitioner claimed the merits of the petition are particularly strong, as the prior art discloses a nearly identical architecture to that of the ’484 patent.

5. Relief Requested

  • Petitioner requests institution of IPR and cancellation of claims 28, 38-39, 41-43, 53, 56-59, 61-63, and 65-68 of the ’484 patent as unpatentable under 35 U.S.C. §103.