PTAB

IPR2024-01196

Cisco Systems Inc v. Croga Innovations Ltd

Log In
Key Events
Petition
petition Intelligence

1. Case Identification

2. Patent Overview

  • Title: Network Isolation in a Computer System
  • Brief Description: The ’780 patent describes network security techniques for a host computer that supports a virtual guest system. The patent’s purported novelty is its use of three distinct methods of isolation: an internal firewall, a host-based firewall, and an external network firewall or web proxy.

3. Grounds for Unpatentability

Ground 1: Claims 1-7, 9-17, and 19-20 are obvious over Delco and Adams

  • Prior Art Relied Upon: Delco (Patent 8,166,474) and Adams (Application # 2010/0077476).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Delco teaches the core architecture of the ’780 patent. Delco described a host system supporting virtual machines that is protected by three distinct firewalls: (1) an "internal firewall" (packet filter 74) separating the virtual machine from the host system; (2) a "host-based firewall" (packet filter application 32) protecting the host system from the network; and (3) an external "network firewall" (firewall system 30). This combination directly maps to the three isolation methods claimed in the ’780 patent. While Delco described its external firewall as a conventional "network appliance," Adams provided the obvious structural details for such an appliance, teaching that it would include a processor and memory to perform its functions.
    • Motivation to Combine: Petitioner contended that a person of ordinary skill in the art (POSITA) would combine the teachings of Delco and Adams as a matter of simple design choice. A POSITA would have understood Delco's functionally described "network appliance" to require standard components like a processor and memory to operate. Adams merely provided an express description of this well-known and necessary hardware configuration for a firewall appliance, making the combination a predictable implementation.
    • Expectation of Success: A POSITA would have had a high expectation of success because combining the references involved implementing a known device (Delco’s firewall) with standard components (Adams's processor and memory) to achieve its intended and well-understood firewalling functions.

Ground 2: Claims 8 and 18 are obvious over Delco, Adams, and Dadhia

  • Prior Art Relied Upon: Delco (Patent 8,166,474), Adams (Application # 2010/0077476), and Dadhia (Patent 7,886,351).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner asserted that the combination of Delco and Adams established the foundational three-firewall system. Dadhia was introduced to teach the specific limitations of claims 8 and 18: implementing different firewall policies based on the type of network connection. Dadhia described a "network aware firewall" that applied a first, more permissive policy (e.g., allowing file sharing) when connected to a trusted private network and a second, more restrictive policy (e.g., disabling file sharing) when connected to an untrusted public network. This directly addressed the claims' requirements for implementing first and second policies depending on the network.
    • Motivation to Combine: Petitioner argued a POSITA would combine Dadhia's teachings with the Delco/Adams system to improve its security. Providing network-aware, adaptable security policies was a known method for enhancing firewall protection. Delco itself taught the concept of applying different policy rules based on "defined zones of application," making the incorporation of Dadhia's specific trusted/untrusted policy scheme a natural and obvious improvement to further this goal.
    • Expectation of Success: There would be a reasonable expectation of success in the combination. Delco already provided a framework for detecting the network environment ("zone") and applying corresponding policies. Dadhia merely taught a well-known technique for defining those policies (e.g., a permissive policy for trusted networks, a restrictive one for untrusted networks) that was fully compatible with Delco's system architecture.

4. Arguments Regarding Discretionary Denial

  • Petitioner argued that discretionary denial under 35 U.S.C. § 314(a) based on Fintiv factors would be inappropriate. The petition was filed promptly after service of the complaint in the parallel district court case, which is in its early stages with key events like claim construction and the close of discovery scheduled after the Board’s institution decision. Petitioner also stipulated that if the trial is instituted, it will not pursue the same grounds in the district court litigation, which weighs strongly in favor of institution.
  • Petitioner further contended that denial under 35 U.S.C. § 325(d) is not warranted because the prior art references presented (Delco, Adams, and Dadhia) are not cumulative to the art considered during prosecution. The Examiner did not review any of these references, and the art directly addresses the "three distinct methods of isolation" that the Applicant relied upon to overcome prior art rejections and secure the patent.

5. Relief Requested

  • Petitioner requested the institution of an inter partes review and the cancellation of claims 1-20 of the ’780 patent as unpatentable under 35 U.S.C. §103.