throbber
Case 6:07-cv—O0080-LED Document 194
`
`Filed 12/30/08 Page 1 of 53 Page|D #: 8609
`
`IN THE UNITED STATES DISTRICT COURT
`FOR THE EASTERN DISTRICT OF TEXAS
`TYLER DIVISION
`
`CASE NO. 607CV80 (LED)
`PATENT CASE
`
`JURY TRIAL DEMANDED
`
`§ §
`

`
`§ §
`


`g
`
`§ §
`
`VIRNETX INC.
`
`AND
`
`PLAINTIFF,
`
`SCIENCE APPLICATIONS
`INTERNATIONAL CORPORATION
`INVOLUNTARY
`PLAINTIFF,
`

`V.
`g
`MICROSOFT CORPORATION
`DEFENDANT.
`
`PLAINTIFF VIRNETX INC.’S OPENING BRIEF IN SUPPORT OF ITS
`
`CONSTRUCTION OF CLAIMS PURSUANT TO P.R. 4-5
`
`Page 1 of 53
`
`VIRNETX EXHIBIT 2032
`
`Mangrove V. VirnetX
`Trial |PR2015—01046
`
`
`
`
`
`
`
`
`
`VIRNETX EXHIBIT 2032
`Mangrove v. VirnetX
`Trial IPR2015-01046
`
`Page 1 of 53
`
`

`
`Case 6:07-cv-00080-LED Document 194 Filed 12/30/08 Page 2 of 53 PageID #: 8610
`
`TABLE OF CONTENTS
`
`
`
`C.
`
`-i-
`
`I.
`II.
`III.
`
`INTRODUCTION ............................................................................................................. 1
`APPLICABLE CLAIM CONSTRUCTION STANDARDS............................................. 1
`BACKGROUND OF THE TECHNOLOGY .................................................................... 1
`A.
`VirnetX’s U.S. Patent No. 6,502,135 (the “’135 Patent”)................................... 2
`B.
`VirnetX’s U.S. Patent No. 6,839,759 (the “’759 Patent”) ..................................... 3
`C.
`VirnetX’s U.S. Patent No. 7,188,180 (the “’180 Patent”) ..................................... 3
`VIRNETX’S PROPOSED CONSTRUCTIONS FOR THE ’135 PATENT
`CLAIM TERMS AND PHRASES SHOULD BE ADOPTED ......................................... 4
`A.
`virtual private network (VPN) ............................................................................... 4
`B.
`transparently creating [creates] a virtual private network (VPN).......................... 9
`C.
`Domain Name Service (DNS) ............................................................................. 11
`D.
`domain name........................................................................................................ 14
`E.
`secure web site ..................................................................................................... 17
`F.
`determining whether the DNS request transmitted in step (1) is requesting
`access to a secure web site................................................................................... 23
`automatically initiating the VPN ......................................................................... 25
`G.
`DNS proxy server ................................................................................................ 27
`H.
`VIRNETX’S PROPOSED CONSTRUCTIONS FOR THE ’759 PATENT
`CLAIM TERMS AND PHRASES SHOULD BE ADOPTED ....................................... 29
`A.
`virtual private network communication link........................................................ 30
`B.
`secure communication link (… the secure communication link being a
`virtual private network communication link) ...................................................... 31
`enabling a secure communication mode of communication at the [a] first
`computer without a user entering any cryptographic information for
`establishing the secure communication mode of communication ....................... 33
`VIRNETX’S PROPOSED CONSTRUCTIONS FOR THE ’180 PATENT
`CLAIM TERMS AND PHRASES SHOULD BE ADOPTED ....................................... 37
`A.
`secure computer network address ........................................................................ 38
`B.
`secure domain name............................................................................................. 40
`C.
`secure domain name service ................................................................................ 44
`VII. CONCLUSION................................................................................................................ 46
`
`
`IV.
`
`V.
`
`VI.
`
`
`
`Page 2 of 53
`
`

`
`Case 6:07-cv-00080-LED Document 194 Filed 12/30/08 Page 3 of 53 PageID #: 8611
`
`
`
`TABLE OF AUTHORITIES
`
`FEDERAL CASES
`
`
`Acumed LLC v. Stryker Corp.,
`483 F.3d 800 (Fed. Cir. 2007)..............................................................................................5
`
`Alcatel United States Res., Inc. v. Microsoft Corp.,
`2008 U.S. Dist. LEXIS 49615 (E.D. Tex. Jun. 27, 2008)..............................................1, 33
`
`Baldwin Graphic Sys., Inc. v. Siebert, Inc.,
`512 F.3d 1338 (Fed. Cir. 2008)..........................................................................................14
`
`Electro Sci. Indus. v. Dynamic Details, Inc.,
`307 F.3d 1343 (Fed. Cir. 2002)............................................................................................9
`
`O2 Micro Inter. Ltd. v. Beyond Innovation Tech. Ltd.,
`521 F.3d 1351 (Fed. Cir. 2008)..........................................................................................13
`
`Oatey Co. v. IPS Corp.,
`514 F.3d 1271 (Fed. Cir. 2008)............................................................................................8
`
`Phillips v. AWH Corp.,
`415 F.3d 1303 (Fed. Cir. 2005)....................................................................1, 15, 20, 36, 41
`
`Pitney Bowes, Inc. v. Hewlett-Packard Co.,
`182 F.3d 1298 (Fed. Cir. 1999)............................................................................................9
`
`Rambus Inc. v. Infineon Techs. Ag,
`318 F.3d 1081 (Fed. Cir. 2003)..........................................................................................42
`
`U.S. Surgical Corp. v. Ethicon, Inc.,
`103 F.3d 1554 (Fed. Cir. 1997)....................................................................................23, 32
`
`Verizon Servs. Corp.. v. Vonage Holdings Corp.,
`503 F.3d 1295 (Fed. Cir. 2007)......................................................................................8, 24
`
`Vitronics Corp. v. Conceptronic,
`90 F.3d 1576 (Fed. Cir. 1996)............................................................................................16
`
`Voda v. Cordis Corp.,
`536 F.3d 1311 (Fed. Cir. 2008)..........................................................................................15
`
`Warner-Lambert Co. v. Purepac Pharm. Co.,
`503 F.3d 1254 (Fed. Cir. 2007)....................................................................................20, 45
`
`-ii-
`
`Page 3 of 53
`
`

`
`Case 6:07-cv-00080-LED Document 194 Filed 12/30/08 Page 4 of 53 PageID #: 8612
`
`LIST OF EXHIBITS TO VIRNETX’S
`OPENING CLAIM CONSTRUCTION BRIEF
`
`
`1.
`
`2.
`
`3.
`
`4.
`
`5.
`
`6.
`
`7.
`
`8.
`
`9.
`
`’135 patent
`
`’759 patent
`
`’180 patent
`
`Jones declaration
`
`Williamson deposition
`
`FreeS/WAN glossary
`
`Risley ’158 patent
`
`Office Action (Paper No. 8) dated March 13, 2002
`
`Amendment and Response (Paper No. 11) dated June 13, 2002
`
`10. WO 99/48303
`
`11.
`
`12.
`
`B. Gleeson et al., Request for Comments (RFC) 2764
`
`Douglas E. Comer, Computer Networks and Internets (2d ed. 1999)
`
`13. Microsoft Internet & Networking Dictionary (2003)
`
`14. Microsoft document (VNET 000008935)
`
`15.
`
`16.
`
`RFC 1034
`
`RFC 1035
`
`17. McGraw-Hill Dictionary of Electrical & Computer Engineering (2003)
`
`18.
`
`19.
`
`20.
`
`21.
`
`22.
`
`Andrew S. Tanenbaum, Computer Networks (3d ed. 1996)
`
`Notice of Allowability (Paper No. 13)
`
`U.S. Patent No. 6,119,171
`
`U.S. Patent No. 6,286,047
`
`J. Gilmore, "Swan: Securing the Internet against Wiretapping", printed from
`http://liberty.freeswan.org/freeswan_trees/freesswan-1.3/doc/rationale. html on Feb. 21,
`2002, 4 pages
`
`-iii-
`
`Page 4 of 53
`
`

`
`Case 6:07-cv-00080-LED Document 194 Filed 12/30/08 Page 5 of 53 PageID #: 8613
`
`23.
`
`24.
`
`Second Preliminary Amendment (Paper No. 9) dated February 22, 2002
`
`Notice of Allowability dated August 9, 2004
`
`25. Merriam Webster’s Collegiate Dictionary (10th ed. 1996)
`
`Amendment dated August 17, 2006
`
`Notice of Allowability dated November 13, 2006
`
`Dr. D. Johnson deposition rough transcript
`
`RFC 2637
`
`RFC Index
`
`
`
`26.
`
`27.
`
`28.
`
`29.
`
`30.
`
`-iv-
`
`Page 5 of 53
`
`

`
`Case 6:07-cv-00080-LED Document 194 Filed 12/30/08 Page 6 of 53 PageID #: 8614
`
`
`I.
`
`INTRODUCTION
`
`A consistent theme emerges from examination of the parties’ competing constructions.
`
`VirnetX’s proposed constructions give full scope to the claim language, as firmly supported by the
`
`intrinsic evidence. Microsoft’s proposed constructions, however, seek to limit the claims to certain
`
`preferred embodiments (while excluding others), to extrinsic industry standards, or to extrinsic
`
`dictionary definitions that conflict with the context of the patented inventions. The canons of claim
`
`construction favor VirnetX’s proposed constructions and compel rejection of Microsoft’s.
`II.
`
`APPLICABLE CLAIM CONSTRUCTION STANDARDS
`
`“It is a ‘bedrock principle’ of patent law that ‘the claims of a patent define the invention to
`
`which the patentee is entitled the right to exclude.’” Phillips v. AWH Corp., 415 F.3d 1303, 1312 (Fed.
`
`Cir. 2005) (en banc) (internal citation omitted). The specification “‘is always highly relevant to the
`
`claim construction analysis. Usually, it is dispositive; it is the single best guide to the meaning of a
`
`disputed term.’” Id. at 1315 (internal citation omitted). The prosecution history also supplies intrinsic
`
`evidence if it is in evidence. Id. at 1317. “Differences among the claim terms can also assist in
`
`understanding a term’s meaning … For example, when a dependent claim adds a limitation to an
`
`independent claim, it is presumed that the independent claim does not include the limitation.” Alcatel
`
`United States Res., Inc. v. Microsoft Corp., 2008 U.S. Dist. LEXIS 49615, at *5 (E.D. Tex. Jun. 27,
`
`2008). “Technical dictionaries and treatises may help a court understand the underlying technology
`
`and the manner in which one skilled in the art might use claim terms, but technical dictionaries and
`
`treatises may provide definitions that are too broad or may not be indicative of how the term is used in
`
`the patent.” Id. at *7. Generally, extrinsic evidence is “less reliable than the patent and its prosecution
`
`history in determining how to read claim terms.” Id.
`III.
`
`BACKGROUND OF THE TECHNOLOGY
`
`The field of the three VirnetX patents in suit is secure computer network communications,
`
`more specifically, communications in a virtual private network (VPN). As will be seen, the three
`
`VirnetX patents are directed to aspects of using a domain name service (DNS) or secure domain name
`
`service (SDNS) to set up and use VPNs.
`
`
`
`Page 6 of 53
`
`

`
`Case 6:07-cv-00080-LED Document 194 Filed 12/30/08 Page 7 of 53 PageID #: 8615
`
`
`A.
`
`VirnetX’s U.S. Patent No. 6,502,135 (the “’135 Patent”)
`
`The ’135 patent improves security in computer networks through a novel method and system of
`
`creating VPNs. Networks, such as VPNs, can carry all kinds of traffic between computers using
`
`various applications and protocols. A VPN, in particular, allows computers in a network to
`
`communicate privately by encrypting their communications on paths between them that may be
`
`insecure, e.g., over underlying public networks, such as the Internet, that may be subject to nefarious
`
`listeners. See ’135 patent (Exhibit 1 hereto) at 1:16-45; 37:40-49.
`
`There were several problems with the prior art. One category of prior art required a user to
`
`manually set up the VPN, such as by providing encryption information, e.g., keys required to encrypt
`
`and decrypt the messages. Ex. 4 (Jones Decl.) ¶22; Ex. 5 (Williamson rough Depo. Tr.) at 46-47.
`
`However, manually created VPNs were neither flexible nor easy to use. For example, business
`
`travelers trying to remotely connect to their corporate networks through VPNs had difficulty setting up
`
`and using VPNs. See ’135 patent at 2:52-63.
`
`The ’135 patent improves security by making it easier for users to use VPNs without the user
`
`having to manually create the VPN, and ensuring VPNs are created when they are needed, without
`
`compromising security, e.g., for business travelers who need to establish VPNs with their corporate
`
`networks over the Internet. See id. at 5:8-12; 11:39-43. The ’135 patent claims a method and system of
`
`“transparently creating a virtual private network (VPN).” See ’135 patent claims 1 and 10. In other
`
`words, a user need not be involved in creating the VPN. See id. at 39:22-29. The inventions
`
`transparently create the VPN by initiating or setting up the VPN in response to a DNS request. Id. at
`
`6:1-3; 32:33-35; 37:17-21; 37:63-38:2. Put another way, a DNS request triggers a VPN. Id. A DNS
`
`request contains a domain name, one example of which is “Yahoo.com.” Id. at 37:22-29; 37:45. A
`
`DNS request is to be sent to a DNS, which is a service that receives requests for computer network
`
`addresses (machine-understandable numerical addresses) corresponding to domain names, and which
`
`provides responses. See ’135 patent at 37:22-29; 37:45; 38:23-42. As claimed in claims 1 and 10, the
`
`invention can examine the DNS request and determine whether to create the VPN for the user based on
`
`-2-
`
`Page 7 of 53
`
`

`
`Case 6:07-cv-00080-LED Document 194 Filed 12/30/08 Page 8 of 53 PageID #: 8616
`
`
`the DNS request. In system claim 10, in response to the DNS request, a DNS proxy server requests a
`
`VPN for the user and a gatekeeper computer allocates the resources for the VPN.
`B.
`
`VirnetX’s U.S. Patent No. 6,839,759 (the “’759 Patent”)
`
`The ’759 patent stems from a continuation-in-part of the ’135 patent and provides further
`
`improvements in security in computer networks through another novel method and apparatus of
`
`controlling who can establish VPN links using DNS without a user entering cryptographic information,
`
`such as encryption keys. See ’759 patent (Exhibit 2 hereto) Title; claims 1 and 16; 6:37-51; see also id.
`
`6:21-36. The prior art failed to differentiate between requestors in deciding whether to set up a VPN.
`
`Id. at 40:24-37. This was a significant drawback in the prior art. Id. The invention overcomes the
`
`problems of the prior art. The invention provides a DNS that provides VPN resources based on the
`
`requestor’s (or user’s) identity. Id. at 40:37-44. If the requestor does not have sufficient security
`
`privileges to communicate in a VPN, the VPN will not be enabled. Id. at 40:48-55; 41:23-28; 41:51-
`
`64; 41:65-42:2; 42:19-38; Fig. 27.
`C.
`
`VirnetX’s U.S. Patent No. 7,188,180 (the “’180 Patent”)
`
`The ’180 patent (which shares the same specification as the ’759 patent) provides further
`
`improvements in security in computer networks through another novel method and apparatus of using a
`
`secure domain name service (SDNS) to provide secure computer network addresses corresponding to
`
`secure domain names and enable a VPN communication. See ’180 patent (Exhibit 3 hereto) Title;
`
`claims 1, 17 and 33; 6:22-37; 7:19-42. The prior art did not provide for such a SDNS. Id. at 6:22-36.
`
`In an embodiment of the invention, secure domain name requests (for secure computer network
`
`addresses) are handled by a SDNS. Id. at 51:28-45; 53:26-40. The SDNS has a registry of secure
`
`domain names. Figure 35 shows an embodiment of registering a secure domain name with a SDNS.
`
`Id. at 53:26-54:6. Id. at 52:22-26; 52:41-46. The SDNS provides additional security. It is capable of
`
`providing trustworthy responses, e.g., by replying to the secure domain name request with the secure
`
`computer network address using a VPN link. Id. at Id. at 52:4-22; 52:37-40; 52:51-54; Fig. 34.
`
`-3-
`
`Page 8 of 53
`
`

`
`Case 6:07-cv-00080-LED Document 194
`
`Filed 12/30/08 Page 9 of 53 PagelD #: 8617
`
`IV.
`
`VlRNETX’S PROPOSED CONSTRUCIIONS FOR THE ’l35 PATENT CLAIM
`
`TERMS AND PHRASES SHOULD BE ADOPTED.
`
`Method claim 1 contains seven of the eight disputed claim terms and phrases in the ’ 135 patent,
`
`in bold and underlining below‘
`
`1. A method of transparently creating a virtual private network QELE) between a
`client computer and a target computer, comprising the steps of:
`
`(1) generating from the client computer a Domain Name Service (DNS) request that
`requests an IP address corresponding to a domain name associated with the target
`computer;
`
`(2) determining whether the 1 request transmitted in step (1) is requesting
`access to a secure web site; and
`
`(3) in response to determining that the DNS request in step (2) is requesting access to a
`secure target web site, automatically initiating the VPN between the client computer
`and the target computer.
`
`System claim 10, the other independent claim in the patent, contains six of the eight disputed claim
`
`terms and phrases (including the additional term “DNS proxy server”), in bold and underlining below:
`
`10. A system that transparently creates a virtual private network gym; between a
`client computer and a secure target computer, comprising:
`
`a _]_)_l;l§ proxy server that receives a request from the client computer to look 11p an IP
`address for a domain name, wherein the DNS proxy server returns the IP address for
`me requested domain name if it is determined that access to a non-secure web site has
`been requested, and wherein the DNS proxy server generates a request to create the
`VPN between the client computer and the secure target computer if it is determined that
`access to a secure web site has been requested; and
`
`a gatekeeper computer that allocates resources for the VPN between the client
`computer and the secure web computer in response to the request by the DNS proxy
`server.
`
`A.
`
`virtual private network g 2 PM
`
`VirnetX’s Proposed Construction
`
`Microsoft’s Proposed Construction
`
`a network implemented by encapsulating an
`a network of computers capable ofprivately
`encrypted IP packet within another IP packet
`communicating with each other by encrypting
`(that is, tunneling) over a shared networking
`traffic on insecure commrmication paths between
`the computers, and which is capable of expanding mfiastmcture
`to include additional computers and
`
`commrmication s aths
`
`lDrsput'edtermsandphrasesareonlyh1ghl'ightedonceintheclarms' herein".
`
`.4-
`
`Page 9 of 53
`
`Page 9 of 53
`
`

`
`Case 6:07-cv-00080-LED Document 194 Filed 12/30/08 Page 10 of 53 PageID #: 8618
`
`
`The dispute about the construction of the claim term “virtual private network (VPN)” is
`
`whether the intrinsic evidence explicitly defining the term should control the construction, as proposed
`
`by VirnetX, or whether Microsoft’s restrictive construction, limiting VPNs to a particular protocol and
`
`specific packet format (encapsulation of one IP packet within another) trumps the explicit (and
`
`industry-accepted) definition provided in the intrinsic evidence. VirnetX’s intrinsic evidence definition
`
`should be adopted.
`VirnetX’s Proposed Construction. The claim language itself is of limited assistance in
`
`defining the term VPN since the claim language does not tell us what a VPN is. The first part of
`
`VirnetX’s proposed construction is “a network of computers capable of privately communicating with
`
`each other by encrypting traffic on insecure paths between the computers.” The intrinsic evidence
`
`contains an explicit definition of a VPN that supports VirnetX’s construction. The specification refers
`
`to the “FreeS/WAN” project as the conventional scheme of creating a “VPN.” ’135 patent at 37:50-62.
`
`The prosecution history file prominently includes a FreeS/WAN glossary of terms defining a VPN.
`
`See Acumed LLC v. Stryker Corp., 483 F.3d 800, 815 (Fed. Cir. 2007) (intrinsic evidence includes
`
`references cited during prosecution). The FreeS/WAN glossary defines a VPN as follows:
`
`Ex. 6 at 24. As can be seen, the definition of a VPN includes encrypting traffic on insecure paths (or
`
`connections) between computers in the network, allowing the computers to privately communicate
`
`with each other. The VPN provides security by encrypting traffic communicated between computers in
`
`the VPN, and “[m]any encryption methods are known and usable in this context.” ’135 patent at 1:38-
`
`45; 37:63-38:2; see also id. at 38:13-22; 38:43-52; 39:7-20; 39:21-25; 39:42-60. Moreover, consistent
`
`with the FreeS/WAN glossary definition of a VPN, Figure 24 in the specification shows that there can
`
`be multiple paths in the VPN (rather than just one path).
`
`-5-
`
`Page 10 of 53
`
`

`
`Case 6:07-cv-00080-LED Document 194 Filed 12/30/08 Page 11 of 53 PageID #: 8619
`
`
`Id. at 36:25-32 (links L1, L2 and L3 may be VPN links); Fig. 24. This intrinsic evidence supports this
`
`part of VirnetX’s construction that a VPN is “a network of computers capable of privately
`
`communicating with each other by encrypting traffic on insecure paths between the computers.”
`
`The intrinsic evidence also supports the second part of VirnetX’s proposed construction of a
`
`VPN as “capable of expanding to include additional computers and communication paths.” The
`
`intrinsic evidence establishes that a VPN, as a network, must include the capability of expansion, also
`
`known as scalability. The specification describes an embodiment of a VPN as including more than two
`
`computers or nodes. ’135 patent at 23:11-20; 29:30-64. In addition, the cited art (the Risley ’158
`
`patent) describes and depicts a “typical network” as including more than two computers. Ex. 7 at 5:62;
`
`Fig. 2C. The Risley ’158 patent was relied upon by the Examiner in support of a rejection, which was
`
`overcome based on the ’135 patented invention’s use of a DNS request to trigger a VPN. Ex. 8; Ex. 9
`
`at 6 (“Neither Risley nor Boden teach or suggest triggering the creation of a VPN in response to a DNS
`
`request.”). Another cited reference describes a VPN as expandable, noting that “new locations” can be
`
`“easily added to the network.” Ex. 10 at VNET 00221857. Thus, while the patent describes VPNs
`
`between a client and target computer, this connection must be scalable to add additional computers
`
`(nodes).
`
`The extrinsic evidence is consistent. A VPN emulates the scalability of a WAN. See Ex. 11 at
`
`4 (“[A] VPN is simply defined as the ‘emulation of a Wide Area Network (WAN) facility using IP
`
`facilities’ (including the public Internet, or private IP backbones).”) (emphasis added); Ex. 12 at 168
`(“The key issue that separates WAN technologies from LAN technologies is scalability – a WAN must
`
`be able to grow as needed to connect many sites spread across large geographic distances, with many
`
`computers at each site.”).
`
`-6-
`
`Page 11 of 53
`
`

`
`Case 6:07-cv-00080-LED Document 194 Filed 12/30/08 Page 12 of 53 PageID #: 8620
`
`
`Microsoft’s Proposed Construction. Microsoft’s construction is unnecessarily narrow and
`
`conflicts with the intrinsic evidence definition as well as examples in the specification. It requires
`
`encapsulation of an IP packet within another IP packet, and thus excludes networks other than over the
`
`Internet, and other packets. The specification, however, describes VPNs which are implemented
`
`without such encapsulation, and in networks other than the Internet, such as Ethernet. ’135 patent at
`
`23:11-36. As the other intrinsic evidence indicates, encapsulation of a packet within another IP packet
`
`is possible, but not required. Ex. 7 at 7:44-49 (“Encryption and decryption may also automatically be
`
`executed on certain data packets, with the criteria defined by the system administrator. Along with this
`it may be desirable to encapsulate a packet and give it a new header with a new IP address …”)
`
`(emphasis added). Consistent with the intrinsic evidence, Microsoft’s dictionary definition of a VPN
`
`does not include any of the encapsulating or tunneling limitations it seeks to impose on VirnetX. Ex.
`
`13 at 278 (“Nodes on a public network such as that Internet that communicate among themselves using
`
`encryption technology so that their messages as safe from being intercepted and understood by
`
`unauthorized users as if the nodes were connected by private lines”).
`Microsoft makes a convoluted argument that the VPN must be based in the IP layer.2 Joint
`Claim Construction Statement (“JCC”) Exh. E ¶¶31-34. The purported basis for this argument is that
`
`“[t]he patents-in-suit distinguish between VPNs [allegedly at the networking layer] and so-called
`
`‘virtual private connections’ [allegedly at the application layer].” Id. ¶ 31. The described virtual
`
`private connection, upon which Microsoft’s argument hinges, does not even use encryption. ’180
`
`patent at 54:24-29; 55:2-14; 55:37-46; Fig. 37. Even Microsoft agrees that a VPN must employ some
`
`type of encryption, so the layer at which an unencrypted virtual private connection is implemented is
`
`irrelevant to the definition of a VPN. Moreover, it is notable that the citations on which Microsoft
`
`relies for this alleged distinction are only in the ’759 and ’180 patents, and not the earlier-filed ’135
`
`patent. The term “virtual private network” or “VPN” is found first and foremost in the ’135 patent.
`
`
`2 Microsoft’s motivation for seeking to unduly limit the virtual private network (VPN) in the claims to “encapsulating,”
`“tunneling” and encrypting at the IP networking layer is to try to exclude VPNs using technologies like Secure Socket Layer
`(SSL) or Transport Layer Security (TLS), used by Microsoft’s accused products. JCC Exh. E ¶31.
`-7-
`
`Page 12 of 53
`
`

`
`Case 6:07-cv-00080-LED Document 194 Filed 12/30/08 Page 13 of 53 PageID #: 8621
`
`
`The common denominator of the patents in suit is the FreeS/WAN glossary definition of a VPN on
`
`which VirnetX relies, which has none of Microsoft’s encapsulating or tunneling limitations.
`
`Additionally, Microsoft’s reliance on the ’135 patent’s description of IPSEC, as well as address
`
`hopping, is misplaced. In fact, the specification distinguishes the only implementation of IPSEC
`
`described, the conventional prior art FreeS/WAN scheme of creating a VPN. ’135 patent at 37:22-62.
`
`In any event, the FreeS/WAN glossary defines a “VPN” as proposed by VirnetX. Moreover, the
`
`specification describes “address hopping,” the preferred embodiment (id. at 38:1-6), as implemented in
`
`networks not limited to the Internet, such as Ethernet networks, so encapsulation of an IP packet within
`
`another IP packet at the Internet network layer is not the only kind of VPNs described by the
`
`specification. Id. at 19:25-36; 19:37-47; 20:62-66; 21:41-49; 29:30-64; 38:2-6; 38:33-35. The VPN
`
`packets in the preferred embodiment are not limited to IP packets with IP headers, and other packets
`
`and headers can be used to implement the VPN, such as MAC addresses. Id. at 9:43-49; 10:59-62;
`
`18:31-37; 18:42-44; 19:47-20:3; 20:32-66; 21:3-29; 22:40-44; 23:11-20; 23:45-59; 29:30-64; 43:29-39.
`
`The preferred embodiment VPNs can thus be implemented in layers other than the IP network layer.
`
`Id. at 10:63-66; 19:37-47; Fig. 12A. A construction like Microsoft’s that excludes an embodiment,
`
`without any kind of lexicography, disclaimer or disavowal, is not correct. See Verizon Servs. Corp.. v.
`
`Vonage Holdings Corp., 503 F.3d 1295, 1305 (Fed. Cir. 2007) (“We normally do not interpret claim
`
`terms in a way that excludes disclosed examples in the specification.”); Oatey Co. v. IPS Corp., 514
`
`F.3d 1271, 1276 (Fed. Cir. 2008) (same).
`
`In addition, to the extent extrinsic sources are considered, it should be noted that Microsoft co-
`
`authored a standard on VPNs (known as PPTP) which were not limited to tunneling by encapsulating
`
`an IP packet within another IP packet. Ex. 29 at 4 (describing IPX and Appletalk). Indeed, the word
`
`“tunneling” in the art is more general and is used to describe other kinds of packets encapsulated in
`
`other packets; i.e., not all VPNs are IP based. Ex. 4 (Jones Dec.) ¶21. See also Ex. 11 (“A Framework
`for IP Based Virtual Private Networks”) (emphasis added).
`
`In any event, the word “tunneling” in Microsoft’s construction is not instructive and could be
`
`confusing for the jury.
`
`-8-
`
`Page 13 of 53
`
`

`
`Case 6:07-cv-00080—LED Document 194
`
`Filed 12/30/08 Page 14 of 53 PagelD #: 8622
`
`VirnetX’s proposed construction includes every aspect of what it means to have a VPN, as
`
`defined in the intrinsic evidence. Microsofi’s definition, however, includes lmwarranted limitations.
`
`VirnetX’s proposed construction is the correct construction.
`
`B.
`
`transparently creating |creates| a virtual private network 1 2 gm
`
`V'IrnetX’s Proposed Construction
`
`Microsoft’s Proposed Construction
`
`such creation”
`
`a user need not be involved in creating a virtual
`private network (VPN)
`
`no construction necessary because the
`preamble is not a limitation.
`In the alternative, to the extent the court
`determines a construction is necessary, it is
`“creating a virtual private network (VPN)
`without the client or target computer
`involved in -
`-
`'
`
`The dispute about the construction of the claim phrase is whether the “transparently .. .” phrase
`
`is a limitation of the claim and whether the intrinsic evidence defines the word “transparently” as not
`
`requiring user involvement as proposed by VirnetX, or whether the word “transparently” requires no
`
`construction, as proposed by Microsoft. The ’l35 patent defines the word “transparently” as VirnetX
`
`proposes, and this meaning is a critical aspect that gives life and meaning to the claimed invention
`
`But, even if the “transparently ...” phrase is not a limitation, it should be construed as VirnetX
`
`proposes to help the jmy and avoid any confusion.
`
`VrnetX’s Proposed Construction.
`
`The claim language itself makes it clear that
`
`the
`
`“transparently ...” phrase is part of the invention. Claims 1 and 10 are directed to creating a VPN
`
`between a client computer and target computer, as seen in both the preamble and body of the claims.
`
`Antecedent basis for the terms VPN, client computer and target computer are found in the preamble.
`
`See Electra Sci. Indus. v. Dynamic Details, Inc., 307 F.3d 1343, 1348 (Fed. Cir. 2002); Pimejv Bowes,
`
`Inc. v. Hewlett-Packard C0,, 182 F.3d 1298, 1305-06 (Fed Cir. 1999) (preamble limiting because it is
`
`“intimately meshed with the ensuing language in the claim” even though not all preamble terms are
`
`recited in the body of the claim) (internal citations omitted). Further, the claim language shows that a
`
`user need not be involved in creating the VPN.
`
`In claim 1, the VPN is created in response to a DNS
`
`Page 14 of 53
`
`Page 14 of 53
`
`

`
`Case 6:07-cv-00080-LED Document 194 Filed 12/30/08 Page 15 of 53 PageID #: 8623
`
`
`request. In claim 10, a DNS proxy server requests creation of the VPN, and a gatekeeper computer
`
`allocates resources for the VPN.
`
`The Abstract, the Summary of the Invention and the Detailed Description describe the
`
`invention in terms of transparently creating a VPN in response to a domain name inquiry (or query), a
`
`DNS request. ’135 patent at Abstract; 6:1-3; 7:18-23; 32:33-35; 37:17-21; Figs. 26, 27. In an act of
`
`lexicography, the specification then specifically defines the word “transparently” to the user as “the
`
`user need not be involved in creating the secure link.” Id. at 39:21-29. Instead of a user being involved
`
`in created a secure link in a VPN, “transparent VPN creation” is “based on a DNS look-up function.”
`
`Id. at 7:22-23. The prosecution history then consistently distinguishes the prior art as not creating a
`
`VPN in response to a DNS request. Ex. 9 at 3-6.
`Microsoft’s Proposed Construction. Microsoft’s argument that the phrase “transparently …”
`
`is not a part of the invention ignores all of the intrinsic evidence above. But, even if the Court agrees
`
`that the phrase is not a limitation of the claim, the Court should construe the phrase to help the jury.
`
`Without construction by the Court, the jury could be confused and think that the word “transparently”
`
`means that something can be “seen through,” such as a window.
`
`Microsoft proposes the following alternative definition: “creating a virtual private network
`
`(VPN) without the client or target computer involved in requesting such creation.” This limitation has
`
`no support in the intrinsic or extrinsic evidence and is wrong for at least two reasons. First, Microsoft’s
`
`proposed limitation does not relate to the user, contrary to the specification’s description that the word
`
`“transparently” means the user need not be involved in creating the VPN. ’135 patent at 39:21-29.
`
`Second, there is nothing in the claim language that says the client or target computer cannot be
`
`involved in creating the VPN. On the contrary, the client

This document is available on Docket Alarm but you must sign up to view it.


Or .

Accessing this document will incur an additional charge of $.

After purchase, you can access this document again without charge.

Accept $ Charge
throbber

Still Working On It

This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.

Give it another minute or two to complete, and then try the refresh button.

throbber

A few More Minutes ... Still Working

It can take up to 5 minutes for us to download a document if the court servers are running slowly.

Thank you for your continued patience.

This document could not be displayed.

We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.

Your account does not support viewing this document.

You need a Paid Account to view this document. Click here to change your account type.

Your account does not support viewing this document.

Set your membership status to view this document.

With a Docket Alarm membership, you'll get a whole lot more, including:

  • Up-to-date information for this case.
  • Email alerts whenever there is an update.
  • Full text search for other cases.
  • Get email alerts whenever a new case matches your search.

Become a Member

One Moment Please

The filing “” is large (MB) and is being downloaded.

Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.

Your document is on its way!

If you do not receive the document in five minutes, contact support at support@docketalarm.com.

Sealed Document

We are unable to display this document, it may be under a court ordered seal.

If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.


Access Government Site

We are redirecting you
to a mobile optimized page.





Document Unreadable or Corrupt

Refresh this Document
Go to the Docket

We are unable to display this document.

Refresh this Document
Go to the Docket