Ex Parte 7779459 et alDownload PDFPatent Trial and Appeal BoardMar 9, 201595002250 (P.T.A.B. Mar. 9, 2015) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 95/002,250 09/13/2012 7779459 PALOG459REX 3650 29000 7590 03/10/2015 IRELL & MANELLA LLP 1800 AVENUE OF THE STARS SUITE 900 LOS ANGELES, CA 90067 EXAMINER GE, YUZHEN ART UNIT PAPER NUMBER 3992 MAIL DATE DELIVERY MODE 03/10/2015 PAPER Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE PATENT TRIAL AND APPEAL BOARD ____________ PALO ALTO NETWORKS, INC. Third Party Requester and Cross-Appellant v. JUNIPER NETWORKS, INC. Patent Owner, Appellant, and Cross-Appeal Respondent ____________ Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 Technology Center 3900 ____________ Before ANDREW J. DILLON, JENNIFER L. McKEOWN, and IRVIN E. BRANCH, Administrative Patent Judges. McKEOWN, Administrative Patent Judge. DECISION ON APPEAL Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 2 Patent Owner Juniper Networks, Inc. (“Patent Owner”) appeals under 35 U.S.C. §§ 134 and 315 the Examiner’s decision to reject claims 1–9, 11– 20, 22–25, 35–38, and 48–49.1 Third Party Requester Palo Alto Networks, Inc. (“Requester”) responds to Patent Owner’s appeal and cross appeals the Examiner’s decision to confirm claims 10, 21, 26–34, and 39–47.2 Patent Owner responds to Requester’s appeal.3 We have jurisdiction under 35 U.S.C. §§ 134 and 315. We affirm-in-part. STATEMENT OF THE CASE United States Patent 7,779,459 (hereinafter the “’459 patent”), issued to Yu Ming Mao, et al. on August 17, 2010, is the subject of the current inter partes reexamination. The parent of the ’459 patent, U.S. Patent No. 7,302,700 (“the ’700 patent”), is also the subject of reexamination proceedings. We recently affirmed the Examiner’s decision to confirm all claims in the ’700 patent. See Decision on Appeal, dated March 2, 2015, Control No. 95/002,252. Both the ’459 Patent and the ’700 Patent are the subject of the civil action, Juniper Networks, Inc. v. Palo Alto Networks, Inc., No.1:11-cv- 01258 (D. Del.). See PO App. Br. 1. 1 See Patent Owner’s Appel Brief, filed May 5, 2014 (“PO App. Br.”); Examiner’s Answer, mailed August 25, 2014, incorporating by reference the Examiner’s Right of Appeal Notice, mailed January 30, 2014 (“RAN”). 2 See Requester’s Appeal Brief, filed May 5, 2014 (“TPR App. Br.”); 3 See Patent Owner’s Response, filed June 5, 2014 (“PO Resp. Br.”). Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 3 THE INVENTION The invention generally relates to data routing systems, and more particularly to methods and apparatus for providing secure communications on a network. ’459 patent, col. 1, ll. 10–15. Claim 1, which is illustrative of the appealed subject matter, reads as follows: 1. In a network device, a method comprising: receiving a packet via a network that includes a plurality of distinct security domains; determining whether the packet is to remain within a first one of the distinct security domains or pass between two of the distinct security domains; performing, based on a first determination that the packet is to pass between the two distinct security domains [security], security screening on the packet before routing the screened packet to an egress port of the network device for forwarding on the network; and routing, based on a second determination that the packet is to remain within the first distinct security domain, the packet to an egress port of the network device for forwarding on the network without performing the security screening on the packet. PO App. Br., Claims App’x. PRIOR ART REJECTIONS The Requester relies on the following references: Shani US 6,023,563 Feb. 8, 2000 Xylan Corporation, OmniSwitch 3.2, Complete Switching Systems for the Next Generation of Computing, User Manual, Part No. 030181-00, Rev. D, May 15,1998 (“Xylan”). Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 4 Check Point FireWall-l Architecture and Administration, Version 4.0, Part No.:71300001400, September 1998 (“Check Point”). Byres, Eric J, Designing Secure Networks For Process Control, Conference Record of 1999 Annual Pulp and Paper Industry Technical Conference, June 21–25, 1999 (“Byres”). Requester also relies on the Declaration of Gil Tene, dated February 22, 2013 (“Tene Decl.”) and a Declaration Authenticating Documents Produced by Alcatel-Lucent, dated February 21, 2013 (“Authentication Decl.”). See TPR App. Br., Evid. App’x. Patent Owner relies on the Declaration of Wes Peters, dated January 21, 2013 (“Peters Decl.”) and the Declaration of Bernhard Plattner, dated January 22, 2013 (“Plattner Decl.”). See PO Resp. Br., Evid. App’x. Patent owner contends that the Examiner erred by entering the following rejections: 1. The rejection of claims 1–9, 11–20, and 22–25, 36–38, and 49 under 35 U.S.C. §102(b) as anticipated by Byres. 2. The rejection of claims 35 and 48 under 35 U.S.C. §103(a) as unpatentable over Byres and Shani. Requester contends that the Examiner erred in not adopting the following rejections: 1. The rejection of claims 10 and 21 under 35 U.S.C. §102(b) as being anticipated by Byres. 2. The rejection of claims 1–23 under 35 U.S.C. §102(b) as being anticipated by Xylan. Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 5 3. The rejection of claims 26–34 and 39–47 under 35 U.S.C. §103(a) as unpatentable over Byres and Shani. 4. The rejection of claims 36 and 49 under 35 U.S.C. §103(a) as unpatentable over Xylan and Check Point. PATENT OWNER’S APPEAL - ISSUES 1. Did the Patent Owner show that Byres is not enabled? 2. Did the Examiner err by rejecting claims 1–9, 11–20, and 22–25, 36–38, and 49 under 35 U.S.C. §102(b) as anticipated by Byres? 3. Did the Examiner err by rejecting claims 35 and 48 under 35 U.S.C. §103(a) as being unpatentable over Byres and Shani? REQUESTER’S APPEAL - ISSUES 1. Did the Examiner err in finding that Requester has not shown that Xylan constituted a “printed publication” within the meaning of 35 U.S.C. §102, thus making it available as “prior art” for the purposes of rejecting the claims? 2. Did the Examiner err by not adopting the rejections of claims 10 and 21 under 35 U.S.C. §102(b) as anticipated by Byres? 3. Did the Examiner err by not adopting the rejections of claims 26– 34 and 39–47 under 35 U.S.C. §103(a) as being unpatentable over Byres and Shani? PRINCIPLES OF LAW Enablement of Cited Prior Art Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 6 Enablement is a question of law based on underlying factual findings. In re Antor Media Corp., 689 F.3d 1282, 1287 (Fed. Cir. 2012). “[A] prior art printed publication cited by an examiner is presumptively enabling barring any showing to the contrary by a patent applicant or patentee.” Id. at 1288. Once an applicant makes a non-frivolous argument that cited prior art is not enabling, however, the examiner must address that challenge. While an applicant must generally do more than state an unsupported belief that a reference is not enabling, and may proffer affidavits or declarations in support of his position, we see no reason to require such submissions in all cases. In re Morsa, 713 F.3d 104, 110 (Fed. Cir. 2013). Printed Publication Whether a “document qualifies as a ‘printed publication’ under § 102 is a legal conclusion based on underlying factual determinations.” SRI Int’l, Inc. v. Internet Sec. Sys., Inc., 511 F.3d 1186, 1192 (Fed. Cir. 2008) (citation omitted); see also In re Klopfenstein, 380 F.3d 1345, 1347 (Fed. Cir. 2004) (“Where no facts are in dispute, the question of whether a reference represents a ‘printed publication’ is a question of law.”). “Because there are many ways in which a reference may be disseminated to the interested public, ‘public accessibility’ has been called the touchstone in determining whether a reference constitutes a ‘printed publication’ bar under 35 U.S.C. § 102(b).” SRI Int’l, Inc., 511 F.3d at 1194 (quoting In re Hall, 781 F.2d 897, 898–99 (Fed. Cir. 1986)). “A given reference is ‘publicly accessible’ upon a satisfactory showing that such document has been disseminated or otherwise made available to the extent that persons interested and ordinarily Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 7 skilled in the subject matter or art exercising reasonable diligence can locate it.” Id. (quoting Bruckelmyer v. Ground Heaters, Inc., 445 F.3d 1374, 1378 (Fed. Cir. 2006)); In re Cronyn, 890 F.2d 1158, 1160 (Fed. Cir. 1989) (“[D]issemination and public accessibility are the keys to the legal determination whether a prior art reference was ‘published.’” (quoting Constant v. Advanced Micro-Devices, Inc., 848 F.2d 1560, 1568 (Fed. Cir. 1988)). PATENT OWNER’S APPEAL - ANALYSIS BYRES ENABLEMENT Having considered the arguments and the evidence before us, we are not persuaded that the Examiner erred in finding Byres enabling. Prior art publications and patents are presumed to be enabled. In re Antor Media Corp., 689 F.3d 1282, 1287–88 (Fed. Cir. 2012); Amgen Inc. v. Hoechst Marion Roussel, Inc., 314 F.3d 1313, 1355 (Fed. Cir. 2003).4 Patent Owner 4 Patent Owner asserts that the burden on the Patent Owner to prove non- enablement in ex parte reexamination is not and should not apply to inter partes reexamination. We disagree. Not only has the Federal Circuit found the burden is on the Patent Owner to prove non-enablement in ex parte reexamination, but also in district court proceedings. See Amgen, 314 F.3d at 1355 (“an accused infringer [in the district court] should be similarly entitled to have the district court presume the enablement of unclaimed (and claimed) material in a prior art patent defendant asserts against a plaintiff.” While the Federal Circuit addressed prior art patents, not prior art printed publications, the Court noted that “by logical extension, our reasoning here might also apply to prior art printed publications as well.” Amgen, 314 F.3d at 1355 n.22. Moreover, while a requester supplies the prior art in inter partes reexamination proceedings, it is still the Examiner that rejects the claims. As such, we are unconvinced that the presumption of enablement does not apply here. Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 8 does not proffer persuasive reasoning or evidence to support its assertion that Byres is non-enabling prior art. Nor does Patent Owner explain adequately the basis for its non-enablement assertion. Cf. In re Morsa, 713 F.3d 104, 110 (Fed. Cir. 2013) (“Once an applicant makes a non-frivolous argument that cited prior art is not enabling, however, the examiner must address that challenge.”). Patent Owner here merely asserts that “Byres nowhere establishes how one of skill in the art could create a system with the features of the ’459 patent claims without undue experimentation.” Further, [t]here is no indication in Byres explaining how existing conventional switches or routers were to be modified to provide for the patented features of the ’459 patent claims (e.g., providing certain security screening for interzone packets only), nor does Requester present any extrinsic evidence on the enablement issue. PO App. Br. 8–9. We do not find these conclusory remarks persuasive. Moreover, we find that Byres is enabling. For example, Byres teaches providing certain security screening for interzone packets only by creating VLANs to define the boundaries where filtering is desired. See Byres, p. 66 (“When two devices are defined as being on the same VLAN, the switch passes through messages with no filtering, just as if the devices were on the same physical segment. However, if two devices are not on the same VLAN, then the switch runs the message through its filtering software, passing or blocking the message as appropriate.”). As such, we are not persuaded that the Examiner improperly relied on Byres in rejecting the claims. Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 9 THE ANTICIPATION REJECTION OVER BYRES Claims 1–9, 11–20, and 22–23 We are not persuaded that the Examiner erred by rejecting claims 1–9, 11–20, and 22–23 under 35 U.S.C. §102(b) as anticipated by Byres. Patent Owner argues that Byres fails to disclose multiple security domains, which is required directly or indirectly by each of claims 1–9, 11– 20, and 22–23. According to the Patent Owner, “the Examiner adopted an incorrect and overly broad interpretation of ‘security domain’ which posits that any VLAN is necessarily a ‘security domain.’” PO App. Br. 10 (citing RAN 5–6). Namely, the Examiner concluded that “the broadest reasonable interpretation of ‘security domains’ includes VLANs, each of which can include separate policy, traffic management, accounting and administrative definitions and functions.” RAN 6. We disagree with Patent Owner’s characterizations of the Examiner’s findings. Specifically, the Examiner does not find that “any VLAN is necessarily ‘a security domain’” but instead finds that a skilled artisan would understand that the broadest reasonable interpretation consistent with the Specification of security domains would include VLANs that are configured so that each has its own policy for firewall control. See e.g., RAN 5 (“[T]he examiner agrees with the Requester that the broadest reasonable interpretation of security domains includes VLANs, each of which is configured to have its own policy for firewall control.”); RAN 6 (“[T]he examiner agrees with the Requester that the security domains in the ’459 patent can correspond to distinct VLANs that are configured so that each has its own policy for firewall control.”). Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 10 As the Examiner and Requester point out, the ’459 patent supports this interpretation. Specifically, the ’459 patent describes that [e]ach zone 104 embodies a security domain in the communication system. Each security domain can include separate policy, traffic management, accounting and administrative definitions and functions. Security policies, traffic management and other filtering functions can be enforced among and within zones. ’459 patent, col. 5, ll. 35–40. And the ’459 patent further identifies that “[i]n one implementation, the packet switched communication system can be configured to include multiple IEEE 802.1 Q VLAN based L2 transparent domains. A user can create multiple VLANs, each having its own policy for firewall control.” ’459 patent, col. 4, ll. 53–56. According to the Patent Owner though, by disclosing that the VLAN can be subdivided, the ’459 patent makes clear that VLANs are not the claimed security domain. PO App. Br. 10. We disagree. The mere disclosure, in one embodiment, of security sub-divisions does not negate the fact that the VLAN configured with security features is also a security domain. Moreover, the ’459 patent expressly contemplates security zones or domains at different levels. See’459 patent, col. 5, ll. 42–48 (describing that security policies may overlap or be distinct between the parent and sub- zones). Patent Owner additionally contends that ‘459 patent’s teaching that a user “can” create multiple VLANs, each having its own policy for firewall control, shows that security measures are not inherent in all VLANs. PO App. Br. 10 (citing ’459 Patent at 4:53-56). As discussed above though, the Examiner does not rely on inherency but instead finds that a VLAN Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 11 configured with its own policy for firewall control, such as disclosed by Byres, would be understood by a skilled artisan to be a security domain. See e.g., RAN 5–6. We, therefore, find Patent Owner’s argument unconvincing. Patent Owner, turning to Byres, then contends that even if the Examiner’s construction of security domains were adopted, “[t]here is no indication that these VLANs include ‘separate policy, traffic management, accounting and administrative definitions and functions,’ as opposed to (for example) sharing all administrative definitions and functions at the common ‘Server.’” PO App. Br. 11 (citing Byres, p. 66). And Patent Owner further contends that “[t]he only other passage of Byres relied upon to show purported ‘security domains’ is a passage that does not describe security but rather the use of VLANs to reduce ‘IP broadcast storms.” PO App. Br. 11. We find Patent Owner’s arguments unavailing. As the Examiner explains, Byres uses VLANs (as shown in Fig. 5) to form a secure separation between the process and business networks. RAN 6. Moreover, Byres discloses implementing internal security through application-based VLANs and installing protocol filters to restrict traffic between VLANs. RAN 7–8 (citing Byres, p. 67). Accordingly, for the reasons discussed above and set forth by the Examiner, we find that the Examiner did not err in rejecting claims 1–9, 11– 20, 22–23 as anticipated by Byres. Claims 8, 9, 19 and 20 Patent Owner contends that Byres fails to disclose the limitations of claims 8, 9, 19 and 20. As Patent Owner explains, claims 8 and 19, which Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 12 require operating parameters not be known by a user, are essentially the opposite of claims 9 and 20, which require the user to define the operating parameters. See App. Br. 12. The Examiner finds Byres discloses a user not knowing the operating parameters “[b]ecause operating parameters related to VLANs in Byres were established at the switch.” RAN 11. The Examiner further supports this findings by aligning Byres’s disclosure with the description in the ’459 patent that identifies “[u]sers in each zone may be unaware of the zone structure and may communicate with other users in a conventional manner.” RAN 10; ’459 patent, col. 7, l. 63–col. 8, l. 2. We agree with the Patent Owner that Byres is silent regarding whether a user is unaware of or defines operating parameters. PO App. Br. 12–13. As Patent Owner points out, [i]t is possible that users associated with the VLANs could define some or all of the VLANs’ operating parameters. See, e.g., ’459 patent, 8:17-19. It is also possible that even if users did not define the parameters, they could still have knowledge of them. See, e.g., id., 8: 15-17. Byres discloses nothing that would preclude either of these possibilities, and so claims 8 and 19 cannot be inherent in Byres. PO App. Br. 13. With respect to claims 9 and 20, we also agree with Patent Owner that the Examiner incorrectly construes administrators as users. See RAN 14–15 (“The examiner agrees with the Requester that because the switches are configured by human beings such as network or system administrators who are also users of the security domains, the operating parameters associated with each of the plurality of distinct security domains are defined by users”). Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 13 Namely, the’459 patent distinguishes users from administrators. See e.g., PO App. Br. 14–15; ’459 patent, col. 8, ll. (describing one embodiment where an administrator creates a virtual private network with security features that are unknown to users and an alternative embodiment where the users define their own security requirements). As such, we agree with the Patent Owner that the Examiner erred in rejecting claims 8, 9, 19 and 20 as anticipated by Byres.5 Claims 11 and 22 Claims 11 and 22 additionally require identifying a security domain indicator in the packet. According to the Patent Owner, the Examiner incorrectly construed a security domain indicator and found that Byres discloses this limitation. We disagree. Instead, we agree with the Examiner that the claimed “security domain indicator” could be satisfied by the layer 2 source or destination address in a standard packet. See RAN 14–15 (“As is well known in the art, a standard data packet has a header including destination address identifying the receiving LAN station, [and] source address identifying the transmitting LAN station” and citing Chou to support this finding). Further, the Examiner explains that “[e]ither one of the destination and source addresses is a security domain indicator in the packet because from either of the addresses, the corresponding security domain or VLAN can be determined.” RAN 15. 5 We note that the rejection proposed by the Requester and adopted by the Examiner is an anticipation rejection. See RAN 19. As such, we do not address whether claims 8-9 and 19-20 would be obvious in view of Byres. Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 14 Patent Owner responds that this interpretation is inconsistent with the disclosure of ’459 patent. Specifically, “[t]he ’459 patent presents two contrasting embodiments which clearly establish the security domain indicator must be something distinct from the conventional source and destination addresses included in any standard packet.” PO App. Br. 16. To support this position, Patent Owner relies on the’459 patent description that users may include indicators or zone identifiers when the users are aware of the security structure. PO App. Br. 16. According to the Patent Owner, this disclosure shows that indicators require an additional awareness of the security structure and that “these ‘indicators’ cannot be the source and destination addresses contained in any conventional packet (as with the packets of the first embodiment), since they are ‘include[d]’ in only this alternative, second embodiment. See id., 7:63-8:17.” PO App. Br. 16–17. We find this argument unavailing. Namely, we disagree with the premise that disclosure of adding zone indicators to packets, in turn, suggests that a skilled artisan would understand the destination address or other header information cannot be a security domain indicator. Particularly when the’459 Patent also discloses that “[i]n one implementation, the security zones are determined based on the destination MAC address included in the L2 header of the packet received.” ’459 Patent, col. 7, ll. 3–5; see also RAN 14-16. As such, we agree with the Examiner’s interpretation of the claimed security domain indicator. Accordingly, for the reasons discussed above and set forth by the Examiner, we find that the Examiner did not err in rejecting claims 11 and 22 anticipated by Byres. Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 15 Claims 24, 25, 37 and 38 For the reasons above, we find unconvincing Patent Owner’s arguments with respect to the claimed security domain. Patent Owner here though additionally argues that Byres fails to disclose “that security screening be performed using a ‘zone-specific policy.’” PO App. Br. 17. According to the Patent Owner, the rejection relies on “passages from Byres indicating that traffic between VLANs may be ‘filter[ed]’ or ‘restrict[ed],’ but without identifying specific policies or explaining how they are (or could be) configured to be specific to any zones in particular.” PO App. Br. 18. We disagree. As discussed above, Byres uses VLANs (as shown in Fig. 5) to form a secure separation between the process and business networks. RAN 6. Moreover, Byres discloses implementing internal security through application-based VLANs and installing protocol filters to restrict traffic between VLANs. See RAN 7–9 (citing Byres, p. 67). We agree with Examiner that Byres then sufficiently discloses wherein the security screening is performed using a zone-specific policy. Accordingly, for the reasons discussed above and set forth by the Examiner, we find that the Examiner did not err in rejecting claims 24, 25, 37 and 38 as anticipated by Byres. Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 16 Claims 36 and 49 Claims 36 and 49 additionally require that the claimed security screening be performed by a layer 7 firewall device. PO App. Br. 18. We agree with the Patent Owner that Byres fails to disclose this limitation. Requester and the Examiner rely on Byres disclosing that devices “have the ability to define filters based on address, IP subnet, protocol or application.” See Requester’s Comments, p. 44 (quoting Byres at 66); RAN 20. As Patent Owner point out though, this statement refers to the routing enabled switching devices, i.e. layer 3 devices. App. Br. 19-20; see also App. Br. 19 (citing Byres 65 and Fig. 1)(citing Fig. 1 to show that Byres considers “application” to be “FTP, Telnet, SMTP” and citing page 65 to show that layer 3 routing protocols “contain information about type of packet (e.g., email, file transfer, telnet, video, etc.). . . .”). As such, we are persuaded that the citation relied upon does not support disclosure of a layer 7 firewall device expressly or inherently. Therefore, we find that the Examiner erred in rejecting claims 36 and 49 as anticipated by Byres.6 6 We note that Requester, during the reexamination proceedings before the Examiner, only proposed an anticipation rejection. See Requester’s Comments, pp. 44 and 47 (arguing that Byres anticipates claims 36 and 49). As such, we do not address whether claims 36 and 49 would be obvious in view of Byres. Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 17 THE OBVIOUSNESS REJECTION OVER BYRES AND SHANI Claims 35 and 48 We are not persuaded that the Examiner erred by rejecting claims 35 and 48 as obvious over Byres and Shani. We find Patent Owner’s arguments with respect to claims 35 and 48 unavailing. Specifically, Patent Owner argues that, because the Examiner found that Shani does not disclose a layer 2 switching engines, it cannot disclose the claimed limitations. PO App. Br. 21. Claims 35 and 48 though do not require a layer 2 switching engine but merely recites “the routing associated with the second determination includes using a table of MAC addresses and corresponding ports.” As the Requester identifies, Shani teaches using MAC addresses and as such teaches the claimed limitation. Accordingly, for the reasons discussed above and set forth by the Examiner, we find that the Examiner did not err in rejecting claims 35 and 48 as unpatentable over Byres and Shani. REQUESTER’S APPEAL – ANALYSIS THE ANTICIPATION REJECTION OVER BYRES Claims 10 and 21 We are not persuaded that the Examiner erred by not adopting the proposed rejection of claims 10 and 21 under 35 U.S.C. §102(b) as anticipated by Byres. Claim 10, which depends on claim 1, requires that the claimed determination be based on “comparing a security domain identifier associated with an ingress port on which the packet was received to a Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 18 security domain associated with an egress port on which the packet is to be forwarded.” Claim 21 recites similar limitations. Requester argues that Byres discloses these claimed limitations. See TPR App. Br. 8–11. Namely, according to Requester, because Byres determines whether to filter a packet based on whether the source device and the destination device for the packet are in the same VLAN, Byres discloses the same functionality recited by claims 10 and 21. TPR App. Br. 10. As the Examiner explains though, “checking the membership of whether two devices belong to the same VLAN is different from comparing whether a security domain identifier or VLAN ID of an ingress port is different or same as that of the egress port.” RAN 13. Requester further contends that the IEEE standard “confirms” that each VLAN has an associated VLAN identifier (VID) and that “VLANs are defined by assigning ports to a particular VID and associating packets received on that port with the same VID” with an ingress port. TPR App. Br. 10–11. While comparing VIDs associated with ingress and egress ports may be one way to identify whether the source device and the destination device for the packet are in the same VLAN, we are not convinced Byres inherently discloses this limitation. Accordingly, for the reasons discussed above and set forth by the Examiner, we find that the Examiner did not err in not adopting the rejection of claims 10 and 21 as anticipated by Byres. Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 19 THE XYLAN REFERENCE As an initial matter, we note that Requester must show public accessibility. See In re Hall, 781 F.2d 897, 899 (Fed. Cir. 1986) (“The proponent of the publication bar must show that prior to the critical date the reference was sufficiently accessible . . . .”); In re Lister, 583 F.3d 1307, 1317 (Fed. Cir. 2009)(rejecting the position that the burden shifted from the PTO to the applicant to show inaccessibility where there was a lack of substantial evidence that the reference was publicly accessible as of the critical date). The question before us then is whether the Requester has established, by a preponderance of the evidence, that Xylan was sufficiently accessible to the public interested in the art before the priority date of the ’459 Patent. We agree with the Examiner that Requester has not. See e.g., RAN 3–4. Requester relies on a date in the lower left corner of Xylan’s cover page as well as a declaration from a Xylan system architect to demonstrate public accessibility. TPR App. Br. 13. According to the Requester, Xylan’s cover page date “provides prima facie evidence of the qualification as prior art.” RAN 3 (quoting Requester’s Comments, p. 3); see also TPR App. Br. 13-15. We disagree. While Xylan’s cover page reflects the date May 15, 1998, this date alone does not persuasively show if or when the Xylan was sufficiently accessible to the public. As Patent Owner points out, Xylan’s cover page date “could reflect a date of authorship, an intermediate draft, approval, submission, processing, private distribution to a group other than Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 20 the general interested public, or some other date not indicative of public accessibility front page date in no way indicates this is the date the document became publicly accessible.” PO Resp. Br 6. Requester’s reliance on a Petition Decision in Inter Partes Reexamination No. 95/000,020 to show that Xylan’s date demonstrates public availability is also unconvincing. TPR App. Br. 14 (quoting Petition Decision, March 30, 2007, Inter Partes Reexamination No. 95/000,020(“Petition Decision”). The date at issue in the Petition Decision was not merely a document date but a date stamp indicating the date a thesis was received by a university library. See Action Closing Prosecution, Inter Partes Reexamination No. 95/000,020, dated Feb. 1, 2006, pp. 156–157. Moreover, in that case, public accessibility was further supported by emails from the university coordinator confirming when the documents were received and cataloged. Similar supporting evidence notably is absent here. We similarly find unavailing Requester’s argument that the Authentication Declaration sufficiently demonstrates public accessibility. See TPR App. Br. 13–15. Specifically, the Authentication Declaration states that the “document is dated May 15, 1998, and was publicly available on or around that date.” Authentication Decl. ¶ 5. While the declarant was employed by Xylan during the relevant timeframe, the declaration provides no persuasive basis or factual support for the conclusion that the document was publicly available. As such, without the necessary supporting factual basis, we find Requester’s contention unpersuasive. Similarly, we are unpersuaded by Requester’s reliance on the Peters Declaration. Namely, the Peters Declaration merely states generally that Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 21 Peters worked at Xylan “on the design and development of the OmniSwitch product.” Peters Decl. ¶3. This general statement does not show that the Xylan user manual at issue here was publicly available. Finally, Requester contends that “simple Google searches of ‘Omniswitch’ provide numerous references to OmniSwitch products on the market at the relevant time.” TPR App. Br. 15. Requester fails to provide any of these alleged references. Moreover, Requester’s argument refers to OmniSwitch generally, not the particular OmniSwitch 3.2 product or the product number listed in Xylan. Compare TPR App. Br. 15 with Xylan, cover page. As such, we are not persuaded that the Examiner erred in finding that Requester failed to show that Xylan was sufficiently accessible to the public interested in the art before the priority date of the ’459 Patent. Accordingly, for the reasons discussed above and set forth by the Examiner, we see no error in the Examiner’s decision that Xylan did not constitute prior art. As such, we also see no error in the Examiner’s decision not to adopt the proposed rejections based on Xylan. THE OBVIOUSNESS REJECTION OVER BYRES AND SHANI Claims 26–34 and 39–47 With respect to new claims 26–34 and 39–47, Requester contends that the Examiner erred by improperly construing the claimed L2 routing related terms to exclude any L3 or higher layer hardware or functionality. TPR App. Br. 19–20, 23. According to the Requester, [b]ased on the plain language of these claims, and under the broadest reasonable interpretation, there are no limitations that exclude L3 or higher functionality or hardware from being a Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 22 part of or aiding in the claimed routing. Instead, the claims’ broadest reasonable interpretation requires only that an L2 controller/switching engine participate in the claimed routing. Accordingly, the “L2” related terms, when given their broadest reasonable interpretation, do not exclude L3 functionality or hardware from participating in the claimed routing. TPR App. Br. 20. Requester further argues that the Examiner’s construction is inconsistent with the Specification. TPR App. Br. 21. Specifically, Requester argues that because the Specification discloses an inter-zone packet traveling though the firewall device, that in turns means that the L3 devices or function is not precluded from the claimed routing limitation. See TPR App. Br. 22 (“the L2 controller only routes the inter-zone packet after the firewall engine (L3 or higher hardware) processes the inter-zone packet and moves the packet to a portion of memory,” and inter-zone transfer therefore, “depends on the use of L3 or higher hardware.”). We disagree. The disputed claim limitations are not directed to “participating in routing” but expressly recite that routing is performed by an L2 switching engine or by an L2 controller in accordance with L2 header information using L2 protocols. See also PO App. Br., Claims App’x, claim 32 (reciting that the first determination is based on a destination MAC address and not a layer 3 destination network address). The disclosures relied upon by the Requester refers to the firewall security features, not inter-zone packet transfer. See PO Resp. Br. 16. As the Patent Owner points out, the ’459 patent emphasizes that the layer(s) processed by the device’s firewall/screening function not only can be different Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 23 from the layer(s) processed by the packet transfer function-they are expected to be different. For example, while describing movement of packets between zones that occurs at L2, the ’459 patent specification expressly discusses firewalls operating at L3 or above. Eg., ’459 patent, 2: 13-19,3:8-10,4:40. PO Resp. Br. 16. Further, we agree with the Patent Owner that “moving the packet to [a particular] portion of memory is simply how the firewall may communicate a positive result from the claimed inspection process.” PO Resp. Br. 16 (citing ’459 patent, col. 9, ll. 45-50). This does not “route” the packet or indicate where the packet should be transferred. PO Resp. Br. 17 (citing ’459 patent 9:47–49). As such, we agree with the Patent Owner that the Examiner properly construed the L2 routing related terms. Byres is directed to designing secure networks for process controls. In particular, Byres describes network problems that have arisen with the evolution of data communications in process control and discusses solutions, such as use of Virtual Local Area Networks (VLANs). Byres, 63–66. Similar to the present invention, Byres recognizes that bridges (L2 devices) are fast, but they fail to provide sufficient security against broadcast storms or network intrusion. Byres 66. Byres, though, provides a different solution to address this issue. Namely, Byres describes using routing-enabled switches along with creating VLANs to define where filtering is needed. See Byres p. 66. Specifically, Byres describes that [t]he solution to this dilemma is the Virtual Local Area Network (VLAN). In the VLAN, a routing switch is the center point for all network traffic. When two devices are defined as being on the same Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 24 VLAN, the switch passes through messages with no filtering, just as if the devices were on the same physical segment. However, if two devices are not on the same VLAN, then the switch runs the message through its filtering software, passing or blocking the message as appropriate. Byres 66. According to the Requester, Byres’ routing enabled switches “combine switches (layer 2 devices) and routers (layer 3 devices).” TPR App. Br. 24. As such, these routing-enabled switches of Byres include “L3 routing capabilities as well as L2 routing capabilities,” and thus, “[e]ven if L3 or higher hardware and functionality are also used for routing packets between security domains, the routing still relies on L2 protocols and L2 headers.” TPR App. Br. 24–25. We are not convinced that Byres discloses routing or transferring packets between VLANs using an L2 switching engine or L2 controller in accordance with L2 header information using L2 protocols, as required by the claims. Requester fails to persuasively identify any disclosure of Byres that suggests packets transferred between VLANs would be routed by an L2 switching engine or using L2 protocols. Moreover, we agree with the Patent Owner that a skilled artisan would understand Byres’s inter-zone packets would be routed by conventional L3 routing. See PO Resp. Br. 19 (citing Peters declaration ¶ 15). Finally, Requester also unpersuasively tries to rely on teachings in Xylan to support the rejection based on Byres and Shani. TPR App. Br. 24– 25. A general statement by Patent Owner’s declarant that the references are similar in one respect, does not then import the disclosure of Xylan into Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 25 Byres. As such, we are not persuaded that Byres discloses the claimed L2 related terms. Accordingly, for the reasons discussed above and set forth by the Examiner, we are not persuaded that the Examiner erred by not adopting the proposed rejection of claims 26–34 and 39–47 as obvious over by Byres and Shani. Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 26 CONCLUSIONS We are not persuaded that the Examiner erred in rejecting claims 1–7, 11–18, 22–25, 37, and– 38 as anticipated by Byres. Accordingly, we sustain the rejections as to these claims. We are persuaded that the Examiner erred in rejecting claims 8, 9, 19, 20, 36, and 49 as anticipated by Byres. Accordingly, we reverse the rejection as to these claims. We are not persuaded that the Examiner erred in rejecting claims 35 and 48 as unpatentable over Byres and Shani. Accordingly, we sustain the rejection. We are not persuaded that the Examiner erred by not adopting the proposed rejection of claims 10 and 21 as anticipated by Byres. We are not persuaded that the Examiner erred by not adopting the proposed rejections based on Xylan. We are not persuaded that the Examiner erred by not adopting the proposed rejection of claims 26–34 and 39–47 as unpatentable over Byres and Shani. AFFIRMED-IN-PART Appeal 2015-001462 Reexamination Control 95/002,250 Patent 7,779,459 B2 27 peb Patent Owner: IRELL & MANELLA LLP 1800 AVENUE OF THE STARS SUITE 900 LOS ANGELES, CA 90067 Third Party Requester: VAN PELT, YI & JAMES LLP 10050 N. FOOTHILL BLVD., #200 CUPERTINO, CA 95014 Copy with citationCopy as parenthetical citation
