Centripetal Networks, Inc.Download PDFPatent Trials and Appeals BoardMar 22, 2022IPR2021-01520 (P.T.A.B. Mar. 22, 2022) Copy Citation Trials@uspto.gov Paper 23 Tel: 571-272-7822 Date: March 22, 2022 UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________ PALO ALTO NETWORKS, INC., Petitioner, v. CENTRIPETAL NETWORKS, INC., Patent Owner. ____________ IPR2021-01520 Patent 9,686,193 B2 ____________ Before BRYAN F. MOORE, BRIAN J. McNAMARA, and STEVEN M. AMUNDSON, Administrative Patent Judges. AMUNDSON, Administrative Patent Judge. DECISION Denying Institution of Inter Partes Review 35 U.S.C. § 314 IPR2021-01520 Patent 9,686,193 B2 2 I. INTRODUCTION Palo Alto Networks, Inc. (“Petitioner”) filed a Petition requesting an inter partes review of claims 1, 2, 4, 9-11, 13, 18, and 19 in U.S. Patent No. 9,686,193 B2 (Ex. 1001, “the ’193 patent”) under 35 U.S.C. §§ 311-319. Paper 2 (“Pet.”). Centripetal Networks, Inc. (“Patent Owner”) filed a Preliminary Response. Paper 16 (“Prelim. Resp.”). Further, after receiving Board authorization, Petitioner filed a Preliminary Reply, and Patent Owner filed a Preliminary Sur-reply. Paper 18 (“Prelim. Reply”); Paper 20 (“Prelim. Sur-reply”). Under 37 C.F.R. § 42.4(a), we have authority to determine whether to institute an inter partes review. We may institute an inter partes review only if “the information presented in the petition filed under section 311 and any response filed under section 313 shows that there is a reasonable likelihood that the petitioner would prevail with respect to at least 1 of the claims challenged in the petition.” 35 U.S.C. § 314(a) (2018). We have discretion to deny a petition even when a petitioner satisfies the “reasonable likelihood” threshold standard for instituting trial. See, e.g., 35 U.S.C. § 325(d); Cuozzo Speed Techs., LLC v. Lee, 136 S. Ct. 2131, 2140 (2016) (“[T]he agency’s decision to deny a petition is a matter committed to the Patent Office’s discretion.”). Based on the current record and for the reasons explained below, we exercise our discretion under 35 U.S.C. § 325(d) to deny institution of an inter partes review. IPR2021-01520 Patent 9,686,193 B2 3 II. BACKGROUND A. Real Parties in Interest Petitioner identifies itself as the real party in interest. Pet. 2. Patent Owner identifies itself as the real party in interest. Paper 4, 1; Paper 10, 1. The parties do not raise any issue about real parties in interest. B. Related Matters Petitioner and Patent Owner identify the following civil action where Patent Owner has asserted the ’193 patent against an alleged infringer: Centripetal Networks, Inc. v. Cisco Systems, Inc., No. 2:18-cv-00094 (E.D. Va. filed February 13, 2018), Appeal No. 21-1888 (Fed. Cir. filed April 7, 2021). Pet. 3; Paper 4, 1; Paper 10, 1. Petitioner identifies the following Board proceedings as related matters involving patents related to the ’193 patent: • Palo Alto Networks, Inc. v. Centripetal Networks, Inc., IPR2021-01155 (PTAB filed July 6, 2021) (Patent 10,567,343 B2); • Palo Alto Networks, Inc. v. Centripetal Networks, Inc., IPR2021-01156 (PTAB filed July 19, 2021) (Patent 10,735,380 B2); and • Palo Alto Networks, Inc. v. Centripetal Networks, Inc., IPR2021-01270 (PTAB filed July 19, 2021) (Patent 10,735,380 B2). Pet. 3. Petitioner and Patent Owner identify an earlier Board proceeding involving the ’193 patent, i.e., Cisco Systems, Inc. v. Centripetal Networks, Inc., IPR2018-01559 (PTAB filed August 21, 2018). Pet. 9-10; Prelim. Resp. 10; see Ex. 1045 (Board decision denying institution). IPR2021-01520 Patent 9,686,193 B2 4 Additionally, Patent Owner identifies ex parte reexamination no. 90/014,476 involving claims 1-20 in the ’193 patent. Prelim. Resp. 10-11. As a result of that reexamination, the Office confirmed the patentability of claims 1-20. Ex. 2016, 604-05. C. The ’193 Patent (Exhibit 1001) The ’193 patent, titled “Filtering Network Data Transfers,” issued on June 20, 2017, from application no. 14/625,486 (“the ’486 application”) filed on February 18, 2015. Ex. 1001, codes (22), (45), (54). The patent claims priority to application no. 13/795,822 filed on March 12, 2013. Id. at 1:6-10, code (63). The patent discloses systems and methods for “filtering network data transfers,” e.g., between a secured network and an unsecured network, such as the Internet. See id. at 1:58-2:10. The ’193 patent explains that the “TCP/IP network protocols (e.g., the Transmission Control Protocol (TCP) and the Internet Protocol (IP)) were designed to build large, resilient, reliable, and robust networks.” Ex. 1001, 1:14-17. The patent also explains that those protocols “were not originally designed with security in mind.” Id. at 1:17-18. The ’193 patent describes a “category of cyber attack known as exfiltrations (e.g., stealing sensitive data or credentials via the Internet)” that “has proven to be especially difficult for conventional cyber defense systems to prevent.” Ex. 1001, 1:24-27. The patent identifies the use of “popular network data transfer protocols, such as the Hypertext Transfer Protocol (HTTP),” as a cause of the difficulty in preventing exfiltrations. Id. at 1:27-30. The patent explains that those network data transfer protocols “often appear to an observer (e.g., a conventional cyber defense system) as normal network behavior.” Id. at 1:27-32. IPR2021-01520 Patent 9,686,193 B2 5 The ’193 patent addresses those alleged deficiencies with a two-stage filtering process. Ex. 1001, 8:39-40; see id. at 1:58-2:54. The first stage “may determine if the network policy allows any communications between” a source address or network and a destination address or network. Id. at 8:45-47. If the network policy allows such communications, the second stage “may determine if the policy allows the specific method or type of communication (e.g., file read, file write, encrypted communication, etc.).” Id. at 8:48-51. The two-stage filtering process permits a user to perform some types of data transfer, such as surfing to web sites, but prevents other types of data transfer, such as “writing files” or “posting forms” to a web server. See id. at 2:43-54, 7:10-20. Figure 1 in the ’193 patent (reproduced below) depicts an exemplary network environment: IPR2021-01520 Patent 9,686,193 B2 6 Figure 1 illustrates network environment 100 with networks 102, 104, 106, and 108, packet security gateway (PSG) 110 located between networks 102 and 104, PSG 112 located between networks 102 and 106, and security policy management server 114 connected to network 104. Ex. 1001, 3:27-30, 4:11-15, Fig. 1; see id. at 3:1-3. For instance, network 102 “may be the public Internet, or some other large TCP/IP network functioning as an interconnect between one or more Local Area Networks (LANs) or Wide- Area Networks (WANs).” Id. at 3:31-34. Moreover, networks 104, 106, and 108 “may be LANs or WANs operated by or otherwise associated with various organizations (e.g., one or more commercial enterprises, companies, universities, military commands, government agencies, or cyber criminal organizations).” Id. at 3:37-41. The ’193 patent discusses an example where (1) geographically distributed enterprise X operates networks 104 and 106 that may access network 102, e.g., the Internet, and (2) cyber criminal organization Z operates network 108 and may attempt to steal sensitive data from enterprise X via network 102. Ex. 1001, 3:42-52; see id. at 4:17-32. “Members of organization Z may attach one or more computing devices (e.g., workstations or servers) to network 108, and may use these workstation(s) or server(s) to attack or collect data from one or more networks affiliated with enterprise X (e.g., network 104 or 106).” Id. at 3:52-57. To prevent unauthorized activity, “[n]etwork environment 100 may include one or more packet security gateways and one or more security policy management servers” with the packet security gateways located at “each boundary” between a protected network and “one or more public IPR2021-01520 Patent 9,686,193 B2 7 interconnect networks.” Ex. 1001, 4:11-25. For example, PSG 110 “may protect network 104 from one or more cyber attacks (e.g., exfiltrations) mediated by network 102 (e.g., the Internet),” and PSG 112 “may protect network 106 from one or more cyber attacks (e.g., exfiltrations) mediated by network 102.” Id. at 4:32-37. PSGs 110 and 112 may include one or more computing devices configured to accomplish the following: (1) receive a dynamic security policy from security policy management server 114; (2) receive packets associated with networks 104, 106, and 108; and (3) apply to the received packets one or more rules or operators, including an identity (e.g., allow) operator or a null (e.g., block) operator, specified by the dynamic security policy from security policy management server 114. Ex. 1001, 3:58-62, 4:38-54; see id. at 2:20-24, 6:31-36. IPR2021-01520 Patent 9,686,193 B2 8 Figure 3 in the ’193 patent (reproduced below) depicts “an exemplary dynamic security policy”: Figure 3 illustrates dynamic security policy 218 comprising rules 1 through 7 denoted by reference numerals 302 through 314, respectively. Ex. 1001, 5:25-28, 5:46-49, Fig. 3; see id. at 3:5-7. In this dynamic security policy, each rule “specif[ies] criteria and one or more operators that may be applied to packets associated with (e.g., matching) the specified criteria.” Id. at 5:49-52. The “specified criteria may take the form of a five- tuple” comprising “one or more values selected from” packet header information, such as the following: (1) “a protocol type of the data section of an IP packet (e.g., TCP, User Datagram Protocol (UDP), Internet Control Message Protocol (ICMP), or one or more other protocols)”; (2) “one or more source IP addresses”; (3) “one or more source port values”; IPR2021-01520 Patent 9,686,193 B2 9 (4) “one or more destination IP addresses”; and (5) “one or more destination ports.” Id. at 5:52-60, Fig. 3. As an example, rule 2 in Figure 3 specifies that IP packets “containing one or more TCP packets, originating from a source IP address that begins with 140.210, having any source port, destined for an IP address that begins with 140.212, and destined for port 25 (e.g., associated with the Simple Mail Transfer Protocol (SMTP))” should have “an ALLOW operator” applied to them. Ex. 1001, 6:1-7, Fig. 3. As another example, rule 5 in Figure 3 specifies that IP packets “containing one or more TCP packets, originating from a source IP address that begins with 140.210, having any source port, destined for an IP address that begins with 140.212, and destined for port 443 (e.g., associated with the port for the Hypertext Transfer Protocol Secure (HTTPS) protocol)” should have “a specified Transport Layer Security (TLS) protocol (e.g., REQUIRE- TLS 1.1-1.2) operator” applied to them. Ex. 1001, 6:22-30, Fig. 3. Rule 5 permits web browsers attached to network 104 to conduct HTTPS sessions (e.g., secure web sessions) with web servers attached to network 106. Id. at 6:58-60. To permit HTTPS sessions, however, rule 5 requires that the headers of application packets contained in IP packets specify version 1.1 or 1.2 of the TLS protocol because version 1.0 of the TLS protocol “has a known security vulnerability that attackers may exploit to decrypt HTTPS sessions.” Id. at 6:58-67, 7:38-45; see id. at 8:11-38. More specifically, rule 5 causes a packet security gateway to compare “the value of the version field in the TLS Record Protocol packet header” to “the values that encode version numbers 1.0, 1.1, and 1.2.” Ex. 1001, IPR2021-01520 Patent 9,686,193 B2 10 8:28-34. “If a match is found, then the REQUIRE-TLS-1.1-1.2 operator may return either ALLOW or BLOCK, depending on the version number value.” Id. at 8:34-37. “If no match is found, then the REQUIRE-TLS-1.1- 1.2 operator may return BLOCK.” Id. at 8:37-38. Figure 4 in the ’193 patent (reproduced below) depicts “an exemplary method for protecting a secured network”: IPR2021-01520 Patent 9,686,193 B2 11 Figure 4 illustrates steps 400 through 410 in “an exemplary method for protecting a secured network” performed at “one or more packet security gateways associated with a security policy management server.” Ex. 1001, 3:8-10, 9:11-15, Fig. 4; see id. at 9:15-18. At step 400, “packets may be received,” e.g., packets originating from network 104 and destined for network 106. Ex. 1001, 9:18-21, Fig. 4. At step 402, “a determination may be made as to whether a portion of the received packets have packet header field values corresponding to a packet filtering rule,” e.g., rule 5 in Figure 3. Ex. 1001, 9:22-30, 10:26-35, Fig. 4. At step 404, “responsive to determining that one or more of the portion of received packets have packet header field values corresponding to the packet filtering rule, an operator specified by the packet filtering rule may be applied to the portion of the received packets,” e.g., the REQUIRE- TLS-1.1-1.2 operator specified by rule 5 in Figure 3. Ex. 1001, 9:30-37, Fig. 4. At step 406, “a determination may be made as to whether one or more application header field values of one or more of the portion of the received packets correspond to one or more application header field criteria specified by the operator,” e.g., whether application header field values correspond to TLS version 1.0, 1.1, or 1.2. Ex. 1001, 9:38-47, Fig. 4. At step 408, “responsive to determining that one or more of the portion of received packets have application header field values corresponding to one or more application header field criteria specified by the operator, a packet transformation function specified by the operator may be applied to the one or more of the portion of the received packets.” IPR2021-01520 Patent 9,686,193 B2 12 Ex. 1001, 9:47-53, Fig. 4. For example, an ALLOW function may be applied if the application header field values correspond to TLS version 1.1 or 1.2, whereas a BLOCK function may be applied if the application header field values correspond to TLS version 1.0. Id. at 9:53-61; see id. at 8:18-38. At step 410, “[r]esponsive to determining that the portion of received packets have packet header field values that do not correspond to the packet filtering rule” at step 402, “one or more additional packet filtering rules may be applied to the one or more of the portion of the received packets,” e.g., rule 7 in Figure 3. Ex. 1001, 10:35-44, Fig. 4. After step 408 or step 410, the method may “return to step 400 and await receipt of one or more additional packets,” e.g., packets originating from network 104 and destined for network 106. Ex. 1001, 10:21-25, 10:43-47, Fig. 4. D. The Challenged Claims Petitioner challenges independent claim 1, claims 2, 4, 9-11, and 13 that depend directly or indirectly from claim 1, independent claim 18, and independent claim 19. Pet. 7, 26-68. Claim 1 recites a method for filtering network data transfers comprising several steps. Ex. 1001, 11:28-62. Claim 18 recites a system comprising components for performing the steps in claim 1. Id. at 14:1-36. Claim 19 recites a non-transitory computer- readable medium comprising instructions for performing the steps in claim 1. Id. at 14:37-15:2. Claim 1 exemplifies the challenged claims and reads as follows (with formatting added for clarity): IPR2021-01520 Patent 9,686,193 B2 13 1. A method comprising: receiving, by a computing system and from a computing device located in a first network, a plurality of packets, wherein the plurality of packets comprises a first portion of packets and a second portion of packets; responsive to a determination by the computing system that the first portion of packets comprises data corresponding to criteria specified by one or more packet-filtering rules configured to prevent a particular type of data transfer from the first network to a second network, wherein the data indicates that the first portion of packets is destined for the second network: applying, by the computing system and to each packet in the first portion of packets, a first operator, specified by the one or more packet-filtering rules, configured to drop packets associated with the particular type of data transfer; and dropping, by the computing system, each packet in first portion of packets; and responsive to a determination by the computing system that the second portion of packets comprises data that does not correspond to the criteria wherein the data indicates that the second portion of packets is destined for a third network: applying, by the computing system and to each packet in the second portion of packets, and without applying the one or more packet-filtering rules configured to prevent the particular type of data transfer from the first network to the second network, a second operator configured to forward packets not associated with the particular type of data transfer toward the third network; and forwarding, by the computing system, each packet in the second portion of packets toward the third network. Ex. 1001, 11:28-62. IPR2021-01520 Patent 9,686,193 B2 14 E. The Asserted Reference For its challenge, Petitioner relies on the following reference: Name Reference Exhibit Sourcefire “Sourcefire 3D System User Guide,” version 4.10, dated March 16, 2011 1004 Petitioner asserts that Sourcefire “was publicly accessible at least as early as April 2011 and qualifies as prior art under § 102(b).” Pet. 5; see 35 U.S.C. § 102(b) (2006).1 At this stage of the proceeding, Patent Owner does not dispute that Sourcefire qualifies as prior art. See, e.g., Prelim. Resp. 44-53. F. The Asserted Challenge to Patentability Petitioner asserts the following challenge to patentability: Claim(s) Challenged 35 U.S.C. § Reference(s)/Basis 1, 2, 4, 9-11, 13, 18, 19 103(a) Sourcefire Pet. 7, 26-68. G. Testimonial Evidence To support its challenge, Petitioner relies on the declaration of Robert Akl, D.Sc. (Ex. 1003, “Akl Decl.”). Dr. Akl states, “I have been retained by counsel for Petitioner Palo Alto Networks Inc. (‘PAN’ or ‘Petitioner’) as an expert witness to provide assistance regarding” the ’193 patent. Ex. 1003 ¶ 1. 1 The Leahy-Smith America Invents Act (“AIA”), Pub. L. No. 112-29, 125 Stat. 284 (2011), amended 35 U.S.C. §§ 102 and 103 effective March 16, 2013. Because the ’193 patent’s effective filing date predates the AIA’s amendments to § 102 and § 103, this decision refers to the pre-AIA versions of § 102 and § 103. IPR2021-01520 Patent 9,686,193 B2 15 III. DISCRETIONARY DENIAL Patent Owner argues that we should exercise our discretion under § 314(a) or § 325(d) to deny institution. See Prelim. Resp. 13-43; Prelim. Sur-reply 1-8; 35 U.S.C. §§ 314(a), 325(d). Petitioner argues that we should decline to exercise our discretion to deny institution. See Pet. 8-12; Prelim. Reply 1-10. For the reasons explained below, we exercise our discretion under § 325(d) to deny institution. Because we exercise our discretion under § 325(d) to deny institution, we do not reach discretionary denial under § 314(a). A. Background Section 325(d) provides that “[i]n determining whether to institute” an inter partes review, “the Director may take into account whether, and reject the petition or request because, the same or substantially the same prior art or arguments previously were presented to the Office.” 35 U.S.C. § 325(d). The Director “is permitted, but never compelled, to institute” an inter partes review. Harmonic Inc. v. Avid Tech., Inc., 815 F.3d 1356, 1367 (Fed. Cir. 2016). 1. THE ADVANCED BIONICS FRAMEWORK When deciding whether to exercise our discretion under § 325(d), we follow the two-part framework set forth in Advanced Bionics, LLC v. MED- EL Elektromedizinische Geräte GmbH, IPR2019-01469, Paper 6 (PTAB Feb. 13, 2020) (precedential). Specifically, we must first determine “whether the same or substantially the same art previously was presented to the Office or whether the same or substantially the same arguments previously were presented to the Office.” Advanced Bionics, Paper 6 at 8. That determination involves “two separate issues”: (1) “whether the petition IPR2021-01520 Patent 9,686,193 B2 16 presents to the Office the same or substantially the same art previously presented to the Office”; and (2) “whether the petition presents to the Office the same or substantially the same arguments previously presented to the Office.” Id. at 7. If “either condition of first part of the framework is satisfied,” we must then determine “whether the petitioner has demonstrated that the Office erred in a manner material to the patentability of challenged claims.” Advanced Bionics, Paper 6 at 8. “An example of a material error may include misapprehending or overlooking specific teachings of the relevant prior art where those teachings impact patentability of the challenged claims.” Id. at 8 n.9. When deciding whether to exercise our discretion under § 325(d) in view of the Advanced Bionics framework, we weigh the following nonexclusive factors: (a) the similarities and material differences between the asserted references and the prior art involved during prosecution; (b) the cumulative nature of the asserted references and the prior art evaluated during prosecution; (c) the extent to which the asserted references were evaluated during prosecution, including whether a rejection rested on any reference; (d) the extent of overlap between the arguments made during prosecution and Petitioner’s reliance on the asserted references or Patent Owner’s contentions concerning them; (e) whether Petitioner has pointed out sufficiently how the Examiner erred in analyzing the asserted references; and IPR2021-01520 Patent 9,686,193 B2 17 (f) the extent to which additional evidence and facts presented in the petition warrant reconsideration of the asserted references or arguments. See Becton, Dickinson & Co. v. B. Braun Melsungen AG, IPR2017-01586, Paper 8 at 17-18 (PTAB Dec. 15, 2017) (precedential as to § III.C.5, first paragraph) (“Becton”). 2. THE ’552 PATENT The ’193 patent issued from a continuation of the application for U.S. Patent No. 9,124,552 B2 (“the ’552 patent”). Ex. 1001, code (63). In a July 2018 petition in IPR2018-01436, Cisco Systems, Inc. (“Cisco”) challenged claims 1-21 in the ’552 patent. Cisco Sys., Inc. v. Centripetal Networks, Inc., IPR2018-01436, Paper 1 at 22-69 (PTAB Jul. 20, 2018). Cisco asserted that claims 1-21 are unpatentable under § 103(a) as obvious over Sourcefire in view of an ordinarily skilled artisan’s “knowledge, skill and creativity.” Id. at 22-23. In a January 2020 decision in IPR2018-01436, the Board determined that claims 1-21 are unpatentable under § 103(a) as obvious over Sourcefire and an ordinarily skilled artisan’s knowledge. IPR2018-01436, Paper 40 at 36-67, 70-71 (PTAB Jan. 23, 2020); Ex. 1042 (Board decision determining all challenged claims unpatentable). In a March 2021 decision, the Federal Circuit affirmed the Board’s unpatentability determination for the ’552 patent claims. Centripetal Networks, Inc. v. Cisco Sys., Inc., 847 F. App’x 869, 871, 881 (Fed. Cir. 2021); Ex. 1043 (Federal Circuit decision affirming Board decision). 3. OTHER OFFICE PROCEEDINGS INVOLVING THE ’193 PATENT In an August 2018 petition in IPR2018-01559, Cisco challenged claims 1-20 in the ’193 patent. Cisco Sys., Inc. v. Centripetal Networks, IPR2021-01520 Patent 9,686,193 B2 18 Inc., IPR2018-01559, Paper 1 at 23-68 (PTAB Aug. 21, 2018). Cisco asserted that claims 1-20 are unpatentable under § 103(a) as obvious over Sourcefire in view of an ordinarily skilled artisan’s “knowledge, skill and creativity.” Id. at 24. In an April 2019 decision in IPR2018-01559, the Board denied institution of an inter partes review. IPR2018-01559, Paper 7 at 13 (PTAB Apr. 21, 2019); Ex. 1045 (Board decision denying institution). Among other things, the Board determined that Cisco failed to adequately explain how the “first operator” and the “packet-filtering rules” recited in the independent claims relate to one another and how Sourcefire’s intrusion rules map to both the “first operator” and the “packet-filtering rules.” Ex. 1045, 10-13. In a March 2020 submission, Cisco requested ex parte reexamination of claims 18 and 19 in the ’193 patent. Ex. 2016, 1-100. Cisco asserted that claims 18 and 19 are unpatentable under § 103(a) as obvious over Sourcefire in view of an ordinarily skilled artisan’s “knowledge, skill and creativity.” Id. at 42; see id. at 58-87. In a May 2020 decision granting Cisco’s reexamination request, the Office determined that “Sourcefire raises a substantial new question of patentability as to” claims 18 and 19. Ex. 2016, 188; see id. at 183-88. In a September 2020 Office action, the Examiner rejected claims 1-20 under § 103(a) as obvious over Sourcefire in view of an ordinarily skilled artisan’s knowledge. Ex. 2016, 205, 207-28, 247, 249-70. In a January 2021 response to the September 2020 Office action, Patent Owner argued that Sourcefire fails to teach or suggest applying the following “operators” required by claims 1, 18, and 19: “a first operator, specified by the one or more packet-filtering rules, configured to drop IPR2021-01520 Patent 9,686,193 B2 19 packets associated with the particular type of data transfer” and “a second operator configured to forward packets not associated with the particular type of data transfer toward the third network.” See, e.g., Ex. 2016, 539, 541, 549-52. In the January 2021 response, Patent Owner also argued that an ordinarily skilled artisan would have had no motivation to modify Sourcefire “to reach the claims” in the ’193 patent for several reasons. Ex. 2016, 539, 552-59. For instance, Patent Owner asserted that “the Examiner’s obviousness rationale fails as a matter of law because it focuses on what a POSA could do with the Sourcefire system but does not establish that a POSA would have been motivated to do it.” Id. at 553 (emphasis omitted) (footnote omitted). Further, Patent Owner asserted that objective indicia of nonobviousness support patentability. See, e.g., id. at 541-42, 559-67. In a February 2021 interview with the Examiner, Patent Owner “pointed out differences between claim 18 of the ’193 Patent and claim 8 of the parent ’552 patent” and further clarified the terms “operator” and “data exfiltrations.” Ex. 2016, 581-82. In a March 2021 summary of the February 2021 interview, Patent Owner noted that the attendees discussed “that the ‘operator’ claimed in the ’193 Patent is ‘configured to drop packets associated with the particular type of data transfer’ while the ’552 Patent includes no such requirement.” Ex. 2016, 584. Patent Owner also noted that the attendees discussed “that the ’193 Patent is directed to preventing data exfiltration, targeting communications leaving a first network and bound for different (second and third) networks.” Id. IPR2021-01520 Patent 9,686,193 B2 20 In an April 2021 notice of intent to issue an ex parte reexamination certificate, the Examiner provided a Statement of Reasons for Patentability and/or Confirmation. Ex. 2016, 595-96. In the Statement, the Examiner found that Sourcefire: fails to disclose or render obvious a system which includes a series of filtering steps recited in the claim especially, steps of applying “a first operator, specified by the one or more packet- filtering rules, configured to drop packets associated with the particular type of data transfer” and “a second operator configured to forward packets not associated with the particular type of data transfer toward the third network” as recited in the claim. Id. at 595. The Examiner explained that while Sourcefire “is capable of performing each individual step recited in the claim by programming,” Sourcefire “does not disclose a filtering process which includes a series of steps recited in the claim.” Id. at 596. The Examiner also found that an ordinarily skilled artisan “would unlikely to be motivated to apply a first operator to drop packets associated with a particular type of transfer and a second operator to forward packets not associated with a particular type of data transfer toward a third network as recited in the claim.” Ex. 2016, 596. Hence, “[i]n view of the objective indicia of non-obviousness presented in the record,” the Examiner “agree[d] to withdraw the rejection based on obviousness.” Id. In a May 2021 ex parte reexamination certificate, the Office confirmed the patentability of claims 1-20. Ex. 2016, 604-05. B. Arguments in the Petition Petitioner argues that we should decline to exercise our discretion under § 325(d) to deny institution because Sourcefire (1) was not “identified IPR2021-01520 Patent 9,686,193 B2 21 or considered by the Examiner during prosecution” and (2) is not “cumulative of the references considered during prosecution.” Pet. 8-9; see id. at 20-22. According to Petitioner, Sourcefire “teaches the two-stage packet filtering process that the Examiner found missing from the prior art.” Id. at 9. Petitioner notes that Cisco filed a petition in IPR2018-01559 challenging claims in the ’193 patent based on Sourcefire. Pet. 9; see supra § II.B. Petitioner contends that “institution of that petition was denied in view of Cisco’s failure to construe the term ‘operator’ and the corresponding lack of explanation as to how that element is met.” Pet. 9 (citing Ex. 1045 (Board decision denying institution)). Petitioner also contends that in IPR2018-01559 the Board “did not have a proper opportunity to consider the ‘operator’ element” of the challenged claims. Id. Further, Petitioner asserts that even if the Board substantively considered Sourcefire in IPR2018-01559, the Board overlooked disclosures material to the challenged claims “because of Cisco’s failure to construe the ‘operator’ term and the petition’s poor presentation of the art with respect to that term.” Pet. 9-10. Petitioner also asserts that the Petition “addresses the two possible interpretations of the ‘operator’ limitation, and explains how Sourcefire discloses the limitation under either interpretation.” Id. at 10 (emphases omitted). C. Arguments in the Preliminary Response Patent Owner argues that we should exercise our discretion under § 325(d) to deny institution because “the Office confirmed the patentability of claims 1-20 over Sourcefire” after the Board denied institution in IPR2018-01559. See Prelim. Resp. 10-12. Specifically, Patent Owner IPR2021-01520 Patent 9,686,193 B2 22 asserts that after the Board denied institution in IPR2018-01559, “Cisco filed a request for ex parte reexamination of claims 18 and 19,” again “alleging obviousness over Sourcefire.” Id. at 10-11 (citing Ex. 2016, 4-100). Patent Owner asserts that the Office ordered reexamination and that the Examiner rejected claims 1-20 as obvious over Sourcefire. Id. at 11 (citing Ex. 2016, 180-91, 203-45). Patent Owner asserts that it responded to the rejection by arguing nonobviousness over Sourcefire, including that “objective indicia of nonobviousness demonstrated that the challenged claims were patentable over Sourcefire.” Id. (citing Ex. 2016, 539, 549-652). Additionally, Patent Owner contends that “the Office confirmed the patentability of claims 1-20 over Sourcefire” and recognized that Sourcefire: fails to disclose or render obvious a system which include [sic] a series of filtering steps recited in the claim especially, steps of applying “a first operator, specified by the one or more packet- filtering rules, configured to drop packets associated with the particular type of data transfer” and “a second operator configured to forward packets not associated with the particular type of data transfer toward the third network” as recited in the claim. Prelim. Resp. 12-13 (quoting Ex. 2016, 595). Patent Owner also contends that the Examiner “agreed to withdraw the obviousness rejection of claims 1-20 over Sourcefire ‘[i]n view of the objective indicia of non-obviousness presented in the record.’” Id. at 13 (alteration by Patent Owner) (quoting Ex. 2016, 596). Patent Owner also argues that an ex parte reexamination certificate for the ’193 patent issued “over three months before” the Petition was filed and that the Petition “fails to mention” the reexamination. Prelim. Resp. 11-12 (citing Ex. 2016, 604-05). IPR2021-01520 Patent 9,686,193 B2 23 Further, Patent Owner asserts that “the Office extensively and indisputably evaluated Sourcefire” during the reexamination. Prelim. Resp. 20. Patent Owner asserts that Petitioner “has not ‘pointed out sufficiently how the examiner erred in its evaluation of the asserted prior art.’” Id. at 21 (quoting Advanced Bionics, IPR2019-01469, Paper 6 at 8, 9 n.10). Patent Owner also asserts that the Petition “neither acknowledge[s] the reexamination proceeding nor attempt[s] to demonstrate any error- much less any material error-by the Office.” Id. at 19. D. Analysis As explained in more detail below, we have analyzed the Becton factors in view of the Advanced Bionics framework and the record before us, and we determine that, on balance, the factors weigh against an inter partes review. 1. THE FIRST PART OF THE ADVANCED BIONICS FRAMEWORK Under the Advanced Bionics framework, we initially consider Becton factors (a), (b), and (d) in determining “whether the same or substantially the same art previously was presented to the Office or whether the same or substantially the same arguments previously were presented to the Office.” Advanced Bionics, IPR2019-01469, Paper 6 at 8, 10. Becton factors (a) and (b) “broadly provide guidance as to whether the art presented in the petition is the ‘same or substantially the same’ as the prior art previously presented to the Office during any proceeding.” Id. at 10 (emphasis in the original). “Previously presented art includes art made of record by the Examiner, and art provided to the Office by an applicant,” e.g., with an information-disclosure statement. Id. at 7-8. IPR2021-01520 Patent 9,686,193 B2 24 For the “same or substantially the same art” inquiry under the Advanced Bionics framework, we agree with Patent Owner that “the Office confirmed the patentability of claims 1-20 over Sourcefire” after the Board denied institution in IPR2018-01559. See Prelim. Resp. 10-12; Ex. 2016, 592-98, 604-05. As Patent Owner asserts, after the Board denied institution in IPR2018-01559, “Cisco filed a request for ex parte reexamination of claims 18 and 19,” again “alleging obviousness over Sourcefire.” See Prelim. Resp. 10-11; Ex. 2016, 1-100. As discussed above, the Examiner considered Sourcefire during the reexamination and relied on Sourcefire to initially reject claims 1-20 under § 103(a). See Ex. 2016, 249-70, 581-82, 595-96; supra § III.A.3. Despite the initial rejection, the Office confirmed the patentability of claims 1-20. Ex. 2016, 604-05. Petitioner’s assertion that Sourcefire was not “identified or considered by the Examiner during prosecution” concerns prosecution of the ’486 application, i.e., the initial examination. See Pet. 8-9, 20-22. In the Petition, Petitioner does not address the reexamination. See, e.g., id. at 8-12, 20-22. For the reasons discussed above, under the Advanced Bionics framework, the Petition “presents to the Office the same or substantially the same art previously presented to the Office.” See, e.g., Pet. 7, 26-68; Ex. 2016, 42, 51-87, 249-70; Advanced Bionics, Paper 6 at 7. 2. THE SECOND PART OF THE ADVANCED BIONICS FRAMEWORK Because the Petition “presents to the Office the same or substantially the same art previously presented to the Office,” we turn to the second part of the Advanced Bionics framework and consider Becton factors (c), (e), IPR2021-01520 Patent 9,686,193 B2 25 and (f) in determining “whether the petitioner has demonstrated that the Office erred in a manner material to the patentability of challenged claims.” See Advanced Bionics, IPR2019-01469, Paper 6 at 7-8, 10. We agree with Patent Owner that “Petitioner has not ‘pointed out sufficiently how the examiner erred in its evaluation of the asserted prior art,’” i.e., Sourcefire. See Pet. 8-12; Prelim. Resp. 21 (quoting Advanced Bionics, IPR2019-01469, Paper 6 at 8, 9 n.10). As Patent Owner asserts, the Petition “neither acknowledge[s] the reexamination proceeding nor attempt[s] to demonstrate any error-much less any material error-by the Office.” See Pet. 8-12; Prelim. Resp. 19. Further, Becton factor (c) concerns “the extent to which the asserted art was evaluated during examination, including whether the prior art was the basis for rejection.” Becton, IPR2017-01586, Paper 8 at 17. Our review of the reexamination’s prosecution history indicates that the Examiner evaluated Sourcefire when relying on Sourcefire alone as the basis for rejection. See, e.g., Ex. 2016, 249-70, 581-82. In the Preliminary Reply, Petitioner argues the merits of discretionary denial under § 325(d), i.e., whether the Examiner “erred in a manner material to the patentability of challenged claims.” See Prelim. Reply 2, 8-10. In particular, Petitioner contends that during the reexamination the Examiner (1) “mistakenly” relied upon “purported distinctions” between the ’193 patent claims and the ’552 patent claims and (2) “failed to properly apply the Board’s ’552 decision as affirmed by the Federal Circuit.” Id. at 8-10. According to Petitioner, “the Federal Circuit’s binding affirmance of the unpatentability” of the ’552 patent claims demonstrates that the ’193 patent claims are “unpatentable and that the Examiner erred.” Id. at 2. IPR2021-01520 Patent 9,686,193 B2 26 We note that the Order authorizing the Preliminary Reply and the Preliminary Sur-reply permitted Petitioner to address (1) “Patent Owner’s arguments that attempt to link Petitioner with Cisco for § 314(a) purposes” and (2) “Patent Owner’s harassment allegations.” Paper 17, 4. The Order did not permit briefing about the merits of discretionary denial under § 325(d). See id. Nevertheless, we address the contentions in the Preliminary Reply about the merits of discretionary denial under § 325(d). Petitioner wrongly relies on the unpatentability determination for the ’552 patent to demonstrate Examiner error during the ’193 patent’s reexamination because the ’552 patent claims differ materially from the ’193 patent claims. See, e.g., Ex. 1001, 11:28-15:10; Ex. 1040, 11:5-16:48; Ex. 2016, 584-85; Prelim. Resp. 46-48. Among other things, the ’193 patent claims require a “first operator” and a “second operator,” whereas the ’552 patent claims require only an “operator.” Ex. 1001, 11:28-15:10; Ex. 1040, 11:5-16:48. In the Statement of Reasons for Patentability and/or Confirmation, the Examiner identified the “first operator” and the “second operator” required by the ’193 patent claims as features “the prior art of record [Sourcefire] fails to disclose or render obvious.” Ex. 2016, 595. In the Preliminary Reply, Petitioner says nothing about the “second operator” required by the ’193 patent claims and identified by the Examiner as absent from Sourcefire. See Prelim. Reply 2, 8-10. Hence, Petitioner fails to demonstrate that the Examiner “erred in a manner material to the patentability of challenged claims.” The Advanced Bionics framework “reflects a commitment to defer to previous Office evaluations of the evidence of record unless material error is IPR2021-01520 Patent 9,686,193 B2 27 shown.” Advanced Bionics, IPR2019-01469, Paper 6 at 9. Under the circumstances here, we see no reason to depart from that commitment to deference. 3. CONCLUSION CONCERNING DISCRETIONARY DENIAL Petitioner relies on the same art the Examiner evaluated during the reexamination. Further, Petitioner fails to demonstrate that the Examiner “erred in a manner material to the patentability of challenged claims” during the reexamination. After analyzing the Becton factors in view of the Advanced Bionics framework and the record before us, we determine that, on balance, the factors weigh against an inter partes review. Hence, we exercise our discretion under § 325(d) to deny institution. IV. ORDER Accordingly, it is ORDERED that the Petition is denied and no trial is instituted. IPR2021-01520 Patent 9,686,193 B2 28 PETITIONER: Scott A. McKeown Mark Rowland James Batchelder Andrew Radsch Christopher M. Bonny ROPES & GRAY LLP scott.mckeown@ropesgray.com mark.rowland@ropesgray.com james.batchelder@ropesgray.com andrew.radsch@ropesgray.com christopher.bonny@ropesgray.com PATENT OWNER: James Hannah Jeffrey H. Price Jenna Fuller KRAMER LEVIN NAFTALIS & FRANKEL LLP jhannah@kramerlevin.com jprice@kramerlevin.com jfuller@kramerlevin.com svdocketing@kramerlevin.com Bradley C. Wright Scott M. Kelly Blair A. Silver BANNER & WITCOFF, LTD. bwright@bannerwitcoff.com skelly@bannerwitcoff.com bsilver@bannerwitcoff.com Copy with citationCopy as parenthetical citation
