Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 1 of 29
`
`
`
`PAUL J. ANDRE (State Bar No. 196585)
`pandre@kramerlevin.com
`LISA KOBIALKA (State Bar No. 191404)
`lkobialka@kramerlevin.com
`JAMES HANNAH (State Bar No. 237978)
`jhannah@kramerlevin.com
`KRAMER LEVIN NAFTALIS & FRANKEL LLP
`990 Marsh Road
`Menlo Park, CA 94025
`Telephone: (650) 752-1700
`Facsimile: (650) 752-1800
`
`Attorneys for Plaintiff
`FINJAN, INC.
`
`
`
`IN THE UNITED STATES DISTRICT COURT
`
`FOR THE NORTHERN DISTRICT OF CALIFORNIA
`
`FINJAN, INC., a Delaware Corporation,
`
`
`
`
`
`
`Plaintiff,
`
`v.
`
`SAN JOSE DIVISION
`
`
`Case No.:
`
`COMPLAINT FOR PATENT
`INFRINGEMENT
`
`DEMAND FOR JURY TRIAL
`
`
`
`BLUE COAT SYSTEMS, INC., a Delaware
`Corporation,
`
`
`
`
`
`
`Defendant.
`
`
`
`
`
`
`____________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 2 of 29
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`Plaintiff Finjan, Inc. (“Finjan”) files this Complaint for Patent Infringement and Jury Demand
`
`against Defendant Blue Coat Systems, Inc. (“Defendant” or “Blue Coat”) and alleges as follows:
`
`THE PARTIES
`
`1.
`
`Finjan is a corporation organized and existing under the laws of Delaware, with its
`
`principal place of business at 2000 University Ave., Ste. 600, East Palo Alto, California 94303.
`
`2.
`
`Blue Coat is a corporation organized and existing under the laws of Delaware, with its
`
`principal place of business at 420 North Mary Avenue, Sunnyvale, California 94085.
`
`JURISDICTION AND VENUE
`
`3.
`
`This action arises under the Patent Act, 35 U.S.C. § 101 et seq. This Court has
`
`original jurisdiction over this controversy pursuant to 28 U.S.C. §§ 1331 and 1338.
`
`4.
`
`5.
`
`Venue is proper in this Court pursuant to 28 U.S.C. §§ 1391(b) and (c) and/or 1400(b).
`
`This Court has personal jurisdiction over Defendant. Upon information and belief,
`
`Defendant has conducted business in this District and continues to infringe and/or induce the
`
`infringement in this District. Defendant also markets its products primarily in and from this District.
`
`In addition, the Court has personal jurisdiction over Defendant because it has established minimum
`
`contacts with the forum and the exercise of jurisdiction would not offend traditional notions of fair
`
`play and substantial justice.
`
`INTRADISTRICT ASSIGNMENT
`
`6.
`
`Pursuant to Local Rule 3-2(c), Intellectual Property Actions are assigned on a district-
`
`wide basis.
`
`FINJAN’S INNOVATIONS
`
`7.
`
`Finjan was founded in 1997 as a wholly-owned subsidiary of Finjan Software Ltd., an
`
`1
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 3 of 29
`
`
`
`Israeli corporation. Finjan was a pioneer in developing proactive security technologies capable of
`
`detecting previously unknown and emerging online security threats, recognized today under the
`
`umbrella of “malware.” These technologies protect networks and endpoints by identifying suspicious
`
`patterns and behaviors of content delivered over the Internet. Finjan has been awarded, and continues
`
`to prosecute, numerous patents in the United States and around the world as a result of Finjan’s more
`
`than decade-long research and development efforts, supported by many inventors.
`
`8.
`
`Finjan built and sold software, including application programming interfaces and
`
`appliances for network security, using these patented technologies. Finjan’s licensing partners
`
`continue to support these products and customers. At its height, Finjan employed nearly 150
`
`employees around the world, building and selling security products, while operating the Malicious
`
`Code Research Center through which it frequently published research regarding network security and
`
`current threats on the Internet. Finjan’s pioneering approach to online security drew equity
`
`investments from two major software and technology companies, the first in 2005 and the second in
`
`2006.
`
`9.
`
`Finjan generated millions of dollars in product sales and related services and support
`
`revenues through 2009, when it spun off certain hardware and technology assets in a merger. Pursuant
`
`to this merger, Finjan was bound to a non-compete and confidentiality agreement, under which it
`
`could not make or sell a competing product or disclose the existence of the non-compete clause.
`
`10.
`
`Finjan became a publicly traded company in June 2013, capitalized with $30 million.
`
`After Finjan’s obligations under the non-compete and confidentiality agreement expired in March
`
`2015, Finjan re-entered the development and production sector of secure products for the consumer
`
`market. On June 16, 2015, Finjan introduced its first Finjan Mobile Secure Browser, which offers
`
`users security and awareness to keep their data safe while surfing the web on their mobile devices.
`
`2
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 4 of 29
`
`
`
`11.
`
`Finjan’s commitment to innovation in the security space continues through incubating
`
`and investing in up-and-coming technology startups that are pioneering a new generation of security
`
`technologies. Finjan has distributed $1 million of a $5 million commitment to one such startup so far.
`
`Additionally, in June 2015, Finjan announced the expansion of its “Mobile Defense Challenge 2015”
`
`for College Students, in which a $40,000 grant will be awarded to develop a winning security
`
`application. Also in June 2015, Finjan launched CybeRisk Security Solutions, a product that provides
`
`cybersecurity risk advisory services to customers around the world.
`
`12.
`
`Finjan’s founder and original investors are still involved with and invested in the
`
`company today, as are a number of other key executives and advisors. Finjan continues to work with
`
`inventors, acquire technology companies, and invest in research laboratories, startups and
`
`universities.
`
`13.
`
`On March 18, 2014, U.S. Patent No. 8,677,494 (“the ‘494 Patent”), entitled
`
`MALICIOUS MOBILE CODE RUNTIME MONITORING SYSTEM AND METHODS, was issued
`
`to Yigal Mordechai Edery, Nimrod Itzhak Vered, David R. Kroll and Shlomo Touboul. A true and
`
`correct copy of the ‘494 Patent is attached to this Complaint as Exhibit A and is incorporated by
`
`reference herein.
`
`14.
`
`All rights, title, and interest in the ‘494 Patent have been assigned to Finjan, who is the
`
`sole owner of the ‘494 Patent. Finjan has been the sole owner of the ‘494 Patent since its issuance.
`
`15.
`
`The ‘494 Patent is generally directed towards computer networks and more
`
`particularly provides a system that protects devices connected to the Internet from undesirable
`
`operations from web-based content. One of the ways in which this is accomplished is by deriving
`
`security profiles for content and storing the profiles in a database.
`
`3
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 5 of 29
`
`
`
`16.
`
`On October 22, 2013, U.S. Patent No. 8,566,580 (“the ‘580 Patent”), entitled
`
`SPLITTING AN SSL CONNECTION BETWEEN GATEWAYS, was issued to Yuval Ben-Itzhak,
`
`Shay Lang and Dmitry Rubinstein. A true and correct copy of the ‘580 Patent is attached to this
`
`Complaint as Exhibit B and is incorporated by reference herein.
`
`17.
`
`All rights, title, and interest in the ‘580 Patent have been assigned to Finjan, who is the
`
`sole owner of the ‘580 Patent. Finjan has been the sole owner of the ‘580 Patent since its issuance.
`
`18.
`
`The ‘580 Patent is generally directed towards a system for secure communication.
`
`The ‘580 Patent generally discloses a system which uses an SSL connector to provide secure
`
`communication.
`
`19.
`
`On November 28, 2000, U.S. Patent No. 6,154,844 (“the ‘844 Patent”), entitled
`
`SYSTEM AND METHOD FOR ATTACHING A DOWNLOADABLE SECURITY PROFILE TO
`
`A DOWNLOADABLE, was issued to Shlomo Touboul and Nachshon Gal. A true and correct copy
`
`of the ‘844 Patent is attached to this Complaint as Exhibit C and is incorporated by reference herein.
`
`20.
`
`All rights, title, and interest in the ‘844 Patent have been assigned to Finjan, who is the
`
`sole owner of the ‘844 Patent. Finjan has been the sole owner of the ‘844 Patent since its issuance.
`
`21.
`
`The ‘844 Patent is generally directed towards computer networks, and more
`
`particularly, provides a system that protects devices connected to the Internet from undesirable
`
`operations from web-based content. One of the ways this is accomplished is by linking a security
`
`profile to such web-based content to facilitate the protection of computers and networks from
`
`malicious web-based content or to provide further analysis of potential threats on the Internet.
`
`22.
`
`On November 15, 2005, U.S. Patent No. 6,965,968 (“the ‘968 Patent”), entitled
`
`POLICY-BASED CACHING, was issued to Shlomo Touboul. A true and correct copy of the ‘968
`
`Patent is attached to this Complaint as Exhibit D and is incorporated by reference herein.
`
`4
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 6 of 29
`
`
`
`23.
`
`All rights, title, and interest in the ‘968 Patent have been assigned to Finjan, who is the
`
`sole owner of the ‘968 Patent. Finjan has been the sole owner of the ‘968 Patent since its issuance.
`
`24.
`
`The ‘968 Patent is generally directed towards methods and systems for enabling
`
`policy-based cache management to determine if digital content is allowable relative to a policy. One
`
`of the ways this is accomplished is scanning digital content to derive a content profile and
`
`determining whether the digital content is allowable for a policy based on the content profile.
`
`25.
`
`On August 26, 2008, U.S. Patent No. 7,418,731 (“the ‘731 Patent”), entitled
`
`METHOD AND SYSTEM FOR CACHING AT SECURE GATEWAYS, was issued to Shlomo
`
`Touboul. A true and correct copy of the ‘731 Patent is attached to this Complaint as Exhibit E and is
`
`incorporated by reference herein.
`
`26.
`
`All rights, title, and interest in the ‘731 Patent have been assigned to Finjan, who is the
`
`sole owner of the ‘731 Patent. Finjan has been the sole owner of the ‘731 Patent since its issuance.
`
`27.
`
`The ‘731 Patent is generally directed towards methods and systems for providing an
`
`efficient security system. One of the ways this is accomplished is by implementing a variety of
`
`caches to increase performance of the system.
`
`28.
`
`On December 13, 2011, U.S. Patent No. 8,079,086 (“the ‘086 Patent”), entitled
`
`MALICIOUS MOBILE CODE RUNTIME MONITORING SYSTEM AND METHODS, was issued
`
`to Yigal Mordechai Edery, Nimrod Itzhak Vered, David R Kroll and Shlomo Touboul. A true and
`
`correct copy of the ‘086 Patent is attached to this Complaint as Exhibit F and is incorporated herein.
`
`29.
`
`All rights, title, and interest in the ‘086 Patent have been assigned to Finjan, who is the
`
`sole owner of the ‘086 Patent. Finjan has been the sole owner of the ‘086 Patent since its issuance.
`
`30.
`
`The ‘086 Patent is generally directed towards computer networks and, more
`
`particularly, provides a system that protects devices connected to the Internet from undesirable
`
`5
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 7 of 29
`
`
`
`operations from web-based content. One of the ways this is accomplished is by creating a profile of
`
`the web-based content and sending a representation of these profiles to another computer for
`
`appropriate action.
`
`31.
`
`On July 17, 2012, U.S. Patent No. 8,225,408 (“the ‘408 Patent”), entitled METHOD
`
`AND SYSTEM FOR ADAPTIVE RULE-BASED CONTENT SCANNERS, was issued to Moshe
`
`Rubin, Moshe Matitya, Artem Melnick, Shlomo Touboul, Alexander Yermakov and Amit Shaked. A
`
`true and correct copy of the ‘408 Patent is attached to this First Supplemental Complaint as Exhibit G
`
`and is incorporated by reference herein.
`
`32.
`
`All rights, title, and interest in the ‘408 Patent have been assigned to Finjan, who is the
`
`sole owner of the ‘408 Patent. Finjan has been the sole owner of the ‘408 Patent since its issuance.
`
`33.
`
`The ‘408 Patent is generally directed towards network security and, in particular, rule
`
`based scanning of web-based content for a variety of exploits written in different programming
`
`languages. One of the ways in which this is accomplished is by expressing the exploits as patterns of
`
`tokens. Additionally, the system provides a way to analyze these exploits by using a parse tree.
`
`BLUE COAT
`
`34.
`
`Blue Coat makes, uses, sells, offers for sale, and/or imports into the United States and
`
`this District its Web Security Service, WebPulse Cloud Service, ProxySG Appliances and Software,
`
`Blue Coat Systems SV2800 and SV3800, Malware Analysis Appliances and Software, Security
`
`Analytics Platform, Content Analysis System, and Mail Threat Defense, S400-10 and S400-20, which
`
`in combination form Blue Coat’s Advanced Threat Protection Lifecycle Defense:
`
`6
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 8 of 29
`
`
`
`
`
`https://image.slidesharecdn.com/lifecycle-poster-v2-131023233916-phpapp01/95/advanced-threat-
`
`protection-lifecycle-infographic-1-1024.jpg?cb=1394539516 (attached as Exhibit H).
`
`35.
`
`The Blue Coat Web Security Service is a family of Blue Coat Cloud Services that
`
`provides, without limitation: malware scanning, web and content filtering, real-time advanced threat
`
`protection, behavioral analysis, generation of proactive malware defenses and security profiles in
`
`response to downloadable files and data received, and secure caching of that data and security profile
`
`information. See https://www.bluecoat.com/documents/download/3b698df2-62ab-4354-8dce-
`
`fc4d7b2cd752/34572c90-898b-4852-8055-c6cec6c64852 (attached as Exhibit I). The Blue Coat
`
`Web Security Service also provides policies, such as global settings (basic policy), granular rules
`
`(advanced policy) or verdict policy which are efficiently applied in deciding the allowability of
`
`content requested by various groups of users:
`
`7
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 9 of 29
`
`
`
`See https://bto.bluecoat.com/sites/default/files/tech_pubs/BCWSSPolicyCookbook.pdf (attached as
`
`
`
`Exhibit J).
`
`Id.
`
`
`
`36.
`
`The Blue Coat WebPulse Cloud Service is a cloud-based infrastructure utilizing
`
`multiple technologies to analyze content requests and can be used with the ProxySG Appliances and
`
`Software and Blue Coat’s Web Security Service as shown below:
`
`8
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 10 of 29
`
`
`
`http://www.bluecoat.com/documents/download/d84549c4-05f3-4c64-920c-f48cdccad4ae/4e23e1a8-
`
`b292-4aff-9271-e2431918dc0f at 2 (attached as Exhibit K). WebPulse includes Dynamic Real-Time
`
`Rating (“DRTR”) to analyze unknown content in real-time, including parsing incoming program code
`
`for potential exploits. WebPulse capabilities includes more than 20 detection and rating modules that
`
`accept web categorization requests from its over 75 million users around the world. See
`
`Bcs_WebPulse_Tech_Overview_wp_v1b.pdf at 7-8 (attached as Exhibit L); see also
`
`bcs_ds_Web_Security_Service_EN_v5a.pdf at 1 (attached as Exhibit I); see also
`
`https://www.bluecoat.com/security/security-archive/2012-04-13/webpulse-nutshell (attached as
`
`Exhibit M).
`
`37.
`
`The Blue Coat ProxySG Appliances and Software provide, without limitation, web
`
`filtering, data loss prevention, inspection, content caching, bandwidth management, and stream-
`
`splitting. The ProxySG Appliances and Software include the ProxySG S200, ProxySG S300,
`
`ProxySG S400, ProxySG S500, ProxySG S600, ProxySG S900 and ProxySG S9000. See
`
`9
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 11 of 29
`
`
`
`https://www.bluecoat.com/products/proxysg-secure-web-gateway (attached as Exhibit N).
`
`38.
`
`The Blue Coat ProxySG Appliances and Software enforce network policy utilizing the
`
`Blue Coat Policy Processing Engine, the Visual Policy Manager (VPM) and a syntax known as
`
`Content Policy Language (CPL). See https://bto.bluecoat.com/documentation/All-
`
`Documents/ProxySG (attached as Exhibit O); also see
`
`https://bto.bluecoat.com/sites/default/files/tech_pubs/SGOS%20Administration%20Guide_0.pdf at
`
`62 (attached as Exhibit P).
`
`39.
`
`The Blue Coat ProxySG Appliances and Software are able to cache an object each
`
`time a request is received and check its object store for a cached copy.
`
`Preventing_Malware_with_Blue_Coat_Proxies.pdf at 7 (attached as Exhibit Q).
`
`40.
`
`The Blue Coat Systems SV2800 and SV3800 are able to enforce policies. The Blue
`
`Coat Systems SV2800 and SV3800 are appliances that provide complete inspection, visibility, and
`
`control of SSL-encrypted traffic, allowing a user to add policy-based SSL management capabilities.
`
`The Blue Coat Systems SV2800 and SV3800 can be transparent thereby eliminating the need for
`
`network reconfiguration, IP addressing or topology changes or modification to client IP and web
`
`browser configurations. See https://www.bluecoat.com/documents/download/462306fa-1514-481d-
`
`899a-0ad57c59a9e7/3a25e097-3f1a-4de8-b5fd-e42c037af57b (attached as Exhibit R). SV2800 and
`
`SV3800 also support both passive and active appliances as well as in-line and tap modes of operation.
`
`Id. They can also preserve applications by delivering decrypted plaintext to security appliances as a
`
`generated TCP stream with the packet headers as they were received, thereby allowing applications
`
`and appliances, such as NGFW, IDS/IPS, DLP and forensics, to expand their scope and provide
`
`protection from previously hidden traffic and potential threats. Id. Blue Coat’s SV2800 and SV3800
`
`can also work in conjunction with Blue Coat’s ProxySG Appliances and Software to add, without
`
`10
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 12 of 29
`
`
`
`limitation, data loss prevention, sandboxing, firewall, and intrusion prevention systems with complete
`
`visibility into SSL /TLS traffic. See https://www.bluecoat.com/products/ssl-visibility-appliance
`
`(attached as Exhibit S).
`
`
`
`See https://bto.bluecoat.com/sites/default/files/tech_pubs/SV2800_SV3800_Admin-Guide._3.7_1.pdf
`
`at pg. 76 (attached as Exhibit T)(Describing deploying SSL Visibility Appliance in networks that
`
`already have an SSL proxy device in place that is inspecting some of the outgoing SSL traffic using
`
`certificate resign. The SSL Visibility Appliance would typically be deployed in order to allow other
`
`security appliances to view inspected traffic in addition to the existing proxy device that may not
`
`have an ability to pass inspected traffic to other devices).
`
`41.
`
`The Blue Coat Malware Analysis Appliances and Software comprise a customizable
`
`sandbox solution that provides malware detonation and analysis using a dual-detection approach that
`
`combines virtualization and emulation to capture malicious behavior across a wide range of custom
`
`environments. The Malware Analysis Appliances and Software generate security profiles for
`
`downloadables that include a list of suspicious operations. The Malware Analysis Appliances and
`
`Software can also work in conjunction with Blue Coat’s WebPulse or Security Analytics Platform to
`
`disseminate, store, and implement these profiles. See
`
`bcs_ds_Malware_Analysis_Appliance_S400_S500_EN_v2f.pdf (attached as Exhibit U).
`
`11
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 13 of 29
`
`
`
`Id. at 4. The Blue Coat Malware Analysis System Appliances and Software include the Malware
`
`Analysis Appliance S400-10 and S500-10. Id. at 3.
`
`42.
`
`The Blue Coat Security Analytics Platform is software that delivers complete visibility
`
`of web traffic within a network and also analyzes, collects, and reports forensic information of
`
`malicious downloadables. The Blue Coat Security Analytics Platform can work in conjunction with
`
`its Malware Analysis System Appliances and Software and WebPulse to derive and store security
`
`profiles of downloadables. For example, the Blue Coat Security Analytics Platform automatically
`
`detects, extracts, classifies and brokers suspicious or unknown files in real-time to the Blue Coat
`
`Malware Analysis Appliance for malware detonation and scoring. See
`
`https://www.bluecoat.com/products/security-analytics-platform (attached as Exhibit V); see also
`
`12
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 14 of 29
`
`
`
`bcs_ds_Security_Analytics_Software_EN_v3c.pdf (attached as Exhibit W).
`
`43.
`
`The Blue Coat Content Analysis System is a layered software platform that includes,
`
`without limitation, malware scanning, anti-virus, whitelisting and sandboxing technologies. The
`
`Content Analysis System works with its ProxySG and Malware Analysis Appliances and scans
`
`incoming content, derives a security profile for the content, and stores that content and related policy
`
`in caches.
`
`See bcs_ds_Content_Analysis_System_S200_S400_S500_EN_v1a.pdf (attached as Exhibit X).
`
`44.
`
`The Blue Coat Mail Threat Defense is a software platform that protects against threats
`
`transmitted by email and includes, without limitation, the ability to scan, inspect, and analyze all
`
`incoming downloadables, filter incoming data, sandbox downloadables for behavioral analysis, and
`
`generate, apply, and store downloadable security profiles or policies in a cache or database. The Blue
`
`Coat Mail Threat Defense appliance includes the MTD S400-10 and MTD S400-20 products, and can
`
`work in conjunction with the Malware Analysis Appliance MAA S400-10 product, as described
`
`below:
`
`13
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 15 of 29
`
`
`
`See bcs_ds_Mail_Threat_Defense_S400_EN_v1h.pdf (attached as Exhibit Y).
`
`BLUE COAT’S INFRINGEMENT OF FINJAN’S PATENTS
`
`45.
`
`Defendant has been and is now infringing the ‘494 Patent, the ‘580 Patent, the ‘086
`
`Patent, the ‘408 Patent, the ‘844 Patent, the ‘968 Patent and the ‘731 Patent, (collectively “the
`
`Patents-In-Suit”) in this judicial District, and elsewhere in the United States by, among other things,
`
`making, using, importing, selling, and/or offering for sale the claimed system and methods on the
`
`Blue Coat Web Security Service, WebPulse Cloud Service in combination with ProxySG Appliances
`
`and Software, Blue Coat Systems SV2800 and SV3800 in combination with ProxySG Appliances and
`
`Software, Malware Analysis Appliances and Software in combination with WebPulse or Security
`
`Analytics Platform, ProxySG Appliances and Software in combination with Content Analysis System
`
`and Malware Analysis Appliances and Software and Mail Threat Defense S400-10 and S400-20 in
`
`combination with Malware Analysis Appliances and Software.
`
`
`
`14
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 16 of 29
`
`
`
`COUNT I
`(Direct Infringement of the ‘494 Patent pursuant to 35 U.S.C. § 271(a))
`
`46.
`
`Finjan repeats, realleges, and incorporates by reference, as if fully set forth herein, the
`
`allegations of the preceding paragraphs.
`
`47.
`
`Defendant has infringed and continues to infringe one or more claims of the ‘494
`
`Patent in violation of 35 U.S.C. § 271(a).
`
`48.
`
`Defendant’s infringement is based upon literal infringement or, in the alternative,
`
`infringement under the doctrine of equivalents.
`
`49.
`
`Defendant’s acts of making, using, importing, selling, and/or offering for sale
`
`infringing products and services have been without the permission, consent, authorization or license
`
`of Finjan.
`
`50.
`
`Defendant’s infringement includes, but is not limited to, the manufacture, use, sale,
`
`importation and/or offer for sale of Defendant’s products and services, including but not limited to
`
`the Blue Coat Web Security Service, WebPulse Service in combination with ProxySG Appliances
`
`and Software, Malware Analysis Appliances and Software in combination with WebPulse or Security
`
`Analytics Platform and Mail Threat Defense S400-10 or S400-20 in combination with Malware
`
`Analysis Appliances and Software, which embody the patented invention of the ‘494 Patent.
`
`51.
`
`As a result of Defendant’s unlawful activities, Finjan has suffered and will continue to
`
`suffer irreparable harm for which there is no adequate remedy at law. Accordingly, Finjan is entitled
`
`to preliminary and/or permanent injunctive relief.
`
`52.
`
`Defendant’s infringement of the ‘494 Patent has injured and continues to injure Finjan
`
`in an amount to be proven at trial.
`
`53.
`
`Defendant has been well aware of the ‘494 Patent. On August 28, 2013, Finjan filed a
`
`complaint against Defendant for, inter alia, infringement of the U.S. Patent Nos. 6,804,780 and
`
`15
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 17 of 29
`
`
`
`7,058,822 Patents, that are related to the ‘494 Patent, based in part on the manufacture, use, sale,
`
`importation and/or offer for sale of the Blue Coat ProxySG Appliances and Software. Furthermore,
`
`Defendant was on actual notice of the ‘494 Patent at least as of May 1, 2014 when Finjan and
`
`Defendant filed Second Joint Case Management Statement. See Finjan, Inc. v. Blue Coat Systems,
`
`Inc., ND. Cal. Case No. 13-cv-03999-BLF, Dkt. No. 58 (Second Joint Case Management Statement
`
`& Proposed Order, Appendix B at 1, 3). Finjan also provided Blue Coat the entire file history of the
`
`‘494 Patent on July 25, 2014. Despite the awareness of the ‘494 Patent, Defendant continues to
`
`manufacture, use, sale, import and/or offer for sale the Blue Coat Web Security Service, the Blue
`
`Coat WebPulse Service in combination with ProxySG and the Blue Coat Malware Analysis
`
`Appliances and Software in combination with WebPulse or Security Analytics Platform, while
`
`Defendant also elected to manufacture, use, sale, import and/or offer for sale the Mail Threat Defense
`
`S400-10 or S400-20 in combination with Malware Analysis Appliance S400-10, which embody the
`
`patented invention of the ‘494 Patent, at least as of July 7, 2015. See
`
`https://www.bluecoat.com/blogs/2015-07-07/securing-agency-email-against-targeted-attacks
`
`(attached as Exhibit Z); see also https://www.bluecoat.com/documents/download/6c2783ab-7f0c-
`
`4ffd-b96a-9345d3723f7e/6fc3b569-eaf1-4d73-93c6-1f6fa8334c88 (attached as Exhibit AA). As
`
`such, Defendant has acted recklessly and continues to willfully, wantonly, and deliberately engage in
`
`acts of infringement of the ‘494 Patent, warranting an award to Finjan of enhanced damages under 35
`
`U.S.C. § 284, and attorneys’ fees and costs incurred under 35 U.S.C. § 285.
`
`COUNT II
`(Direct Infringement of the ‘580 Patent pursuant to 35 U.S.C. § 271(a))
`
`54.
`
`Finjan repeats, realleges, and incorporates by reference, as if fully set forth herein, the
`
`allegations of the preceding paragraphs.
`
`16
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295-BLF Document 1 Filed 07/15/15 Page 18 of 29
`
`
`
`55.
`
`Defendant has infringed and continues to infringe one or more claims of the ‘580
`
`Patent in violation of 35 U.S.C. § 271(a).
`
`56.
`
`Defendant’s infringement is based upon literal infringement or, in the alternative,
`
`infringement under the doctrine of equivalents.
`
`57.
`
`Defendant’s acts of making, using, importing, selling, and/or offering for sale
`
`infringing products and services have been without the permission, consent, authorization or license
`
`of Finjan.
`
`58.
`
`Defendant’s infringement includes, but is not limited to, the manufacture, use, sale,
`
`importation and/or offer for sale of Defendant’s products and services, including but not limited to,
`
`the Blue Coat Systems SV2800 and SV3800 in combination with ProxySG Appliances and Software,
`
`which embody the patented invention of the ‘580 Patent.
`
`59.
`
`As a result of Defendant’s unlawful activities, Finjan has suffered and will continue to
`
`suffer irreparable harm for which there is no adequate remedy at law. Accordingly, Finjan is entitled
`
`to preliminary and/or permanent injunctive relief.
`
`60.
`
`Defendant’s infringement of the ‘580 Patent has injured and continues to injure Finjan
`
`in an amount to be proven at trial.
`
`61.
`
`Defendant has been well aware of the ‘580 Patent. On August 28, 2013, Finjan filed a
`
`complaint against Defendant for infringement of six patents out of Finjan’s patent portfolio based in
`
`part on the manufacture, use, sale, importation and/or offer for sale of various products of Blue Coat.
`
`Furthermore, Defendant was on actual notice of the ‘580 Patent at least as of May 1, 2014 when
`
`Finjan and Defendant filed a Second Joint Case Management Statement. See Finjan, Inc. v. Blue
`
`Coat Systems, Inc., ND. Cal. Case No. 13-cv-03999-BLF, Dkt. No. 58 (Second Joint Case
`
`Management Statement & Proposed Order, Appendix B at 3). Finjan also provided Blue Coat with
`
`17
`__________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 5:15-cv-03295