UNITED STATES PATENT AND TRADEMARK OFFICE
`___________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`___________________
`
`PALO ALTO NETWORKS, INC.
`Petitioner
`
`v.
`
`JUNIPER NETWORKS, INC.
`Patent Owner
`___________________
`
`CASE IPR2013-00369
`Patent 7,107,612
`___________________
`
`DECLARATION OF KEVIN C. ALMEROTH
`
`Dated: March 28, 2014
`
`Respectfully submitted,
`
`Kevin Almeroth
`
` DECLARATION OF KEVIN C. ALMEROTH
`REGARDING VALIDITY OF THE ‘612
`PATENT
`
`CONFIDENTIAL ATTORNEY EYES ONLY
`INFORMATION
`
`3004661
`
`Juniper Exhibit 2096-1
`Palo Alto v Juniper
`IPR2013-00369
`
`EX 1107 Page 1
`
`

`

`3004661
`
`- 2 -
`
` DECLARATION OF KEVIN C. ALMEROTH
`REGARDING VALIDITY OF THE ‘612
`PATENT
`
`CONFIDENTIAL ATTORNEY EYES ONLY
`INFORMATION
`
`Juniper Exhibit 2096-2
`Palo Alto v Juniper
`IPR2013-00369
`
`EX 1107 Page 2
`
`

`

`
`
`I.
`
`INTRODUCTION AND BACKGROUND
`
`1.
`I have been retained as an independent expert in this Inter Partes Review by the
`law firm of Irell & Manella LLP on behalf of Juniper Networks, Inc. (“Juniper”) to provide
`opinions and conclusions regarding the unpatentability assertions by Palo Alto Networks
`(“PAN”). Among other things, I have been asked to offer a rebuttal to the Expert Report of John
`Mitchell included as Exhibit 1004 to PAN’s petition requesting Inter Partes Review of U.S.
`Patent No. 7,107,612. I refer to this patent as “the ‘612 patent.”
`
`2.
`As discussed in further detail in this report and any supplemental reports,
`testimony, or declarations that I may provide, it is my opinion that PAN has failed to prove,
`including through the Mitchell declaration, that the challenged claims of the ‘612 patent are
`unpatentable. It is further my opinion that the challenged claims are in fact valid.
`
`3.
`This expert report, including the accompanying exhibits, sets forth my opinions,
`conclusions, and other matters on which I expect to testify.
`
`4.
`My opinions are based on information including (i) documents and other evidence
`that I have reviewed, including the patents-in-suit and related prosecution histories, deposition
`transcripts, and other discovery materials from this litigation, (ii) other materials noted in this
`report and the Mitchell declaration, and (iii) my own education, training, experience and
`knowledge.I may rely on any of these materials, experiences and knowledge, in addition to the
`evidence specifically cited as supportive examples in particular sections of this report, as
`additional support for my opinions.
`
`5.
`I may also provide testimony (i) in rebuttal to PAN’s position, including opinions
`of any PAN experts and materials they discuss or rely upon, (ii) based on any orders by the
`Board, (iii) based on documents or other discovery that PAN has not yet produced or that were
`produced too late to be considered before my report was due, or (iv) based on witness testimony
`which has not been given or was given too late to be considered before my report was due. I
`reserve the right to supplement or amend my opinions as further documentation and information
`is received.
`
`6.
`If called to testify in this matter, I may use as exhibits various documents
`produced in this matter that refer to or relate to the matters discussed in this report. In addition, I
`may supplement these materials with other documents, charts, illustrations, or diagrams to
`provide context, background or information, and may prepare summaries and demonstrative
`exhibits (such as a PowerPoint presentation or live demonstration) to assist any presentation by
`me or counsel for Juniper.
`
`7.
`I further observe that much of the Mitchell declaration is repetitive, and
`arguments and explanations regarding references are often duplicated and cross-referenced
`throughout the report. It should therefore be assumed that, where I respond to any particular
`argument from the Mitchell declaration in one place in my detailed analysis below, that same
` DECLARATION OF KEVIN C. ALMEROTH
`REGARDING VALIDITY OF THE ‘612
`PATENT
`
`CONFIDENTIAL ATTORNEY EYES ONLY
`INFORMATION
`
`- 3 -
`
`3004661
`
`
`Juniper Exhibit 2096-3
`Palo Alto v Juniper
`IPR2013-00369
`
`EX 1107 Page 3
`
`

`

`
`
`response and analysis should be understood as applicable and responsive to similar arguments
`wherever they may appear throughout the Mitchell declaration or elsewhere in PAN’s
`submissions.
`
`8.
`I reserve the right to supplement or amend this report if additional facts and
`information that affect my opinions become available.
`
`II.
`
`BACKGROUND AND QUALIFICATIONS
`
`9.
`I am currently a Professor in the Department of Computer Science at the
`University of California, Santa Barbara (“UCSB”). At UCSB, I also hold faculty appointments
`and am a founding member of the Computer Engineering (CE) Program, Media Arts and
`Technology (MAT) Program, and the Technology Management Program (TMP). I have been a
`faculty member at UCSB since July 1997.
`
`10.
`I hold three degrees from the Georgia Institute of Technology: (1) a Bachelor of
`Science degree in Information and Computer Science (with minors in Economics, Technical
`Communication, and American Literature) earned in June, 1992; (2) a Master of Science degree
`in Computer Science (with specialization in Networking and Systems) earned in June, 1994; and
`(3) a Doctor of Philosophy (Ph.D.) degree in Computer Science (Dissertation Title: Networking
`and System Support for the Efficient, Scalable Delivery of Services in Interactive Multimedia
`System, minor in Telecommunications Public Policy) earned in June, 1997.
`
`11.
`One of the major concentrations of my research to date has been the delivery of
`multimedia content and data between computing devices. In my research, I have studied large-
`scale content delivery systems, and the use of servers located in a variety of geographic locations
`to provide scalable delivery to hundreds, even thousands of users simultaneously. I have also
`studied smaller-scale content delivery systems in which content is exchanged between individual
`computers and portable devices. My work has emphasized the exchange of content more
`efficiently across computer networks, including the scalable delivery of content to many users,
`mobile computing, satellite networking, delivering content to mobile devices, and network
`support for data delivery in wireless networks.
`
`12.
`Beginning in 1992, at the time I started graduate school, the initial focus of my
`research was on the provision of interactive functions (e.g., VCR-style functions like pause,
`rewind, and fast-forward) for near video-on-demand systems in cable systems, in particular, how
`to aggregate requests for movies at a cable head-end and then how to satisfy a multitude of
`requests using one audio/video stream broadcast to multiple receivers simultaneously.
`
`13.
`In 1994, I began to research issues associated with the development and
`deployment of a one-to-many communication facility (called “multicast”) in the Internet (first
`deployed as the Multicast Backbone, a virtual overlay network supporting one-to-many
`communication). Some of my more recent research endeavors have looked at how to use the
`scalability offered by multicast to provide streaming media support for complex applications like
` DECLARATION OF KEVIN C. ALMEROTH
`REGARDING VALIDITY OF THE ‘612
`PATENT
`
`CONFIDENTIAL ATTORNEY EYES ONLY
`INFORMATION
`
`- 4 -
`
`3004661
`
`
`Juniper Exhibit 2096-4
`Palo Alto v Juniper
`IPR2013-00369
`
`EX 1107 Page 4
`
`

`

`
`
`distance learning, distributed collaboration, distributed games, and large-scale wireless
`communication.
`
`14.
`I have also studied issues concerning how users choose content, especially when
`considering the price of that content. My research has examined how dynamic content pricing
`can be used to control system load.
`
`15.
`As a parallel research theme, I began researching issues related to wireless
`devices. In particular, I was interested in showing how to provide greater communication
`capability to “lightweight devices,” i.e., small form-factor, resource-constrained (e.g., CPU,
`memory, networking, and power) devices.
`
`16.
`Protecting networks, including their operation and content, has been an
`underlying theme of my research almost since the beginning. Starting in 2000, I have also been
`involved in several projects that specifically address security, network protection, and firewalls.
`After significant background work, a team on which I was a member successfully submitted a
`$4.3M grant proposal to the Army Research Office (ARO) in the Department of Defense to
`propose and develop a high-speed intrusion detection system. Once the grant was awarded, we
`spent several years developing and meeting the milestones of the project. I have also used
`firewalls in developing techniques for the classroom to ensure that students are not distracted by
`online content.
`
`17.
`As an important component of my research program, I have been involved in the
`development of academic research into available technology in the marketplace. One aspect of
`this work is my involvement in the Internet Engineering Task Force (IETF) including many
`content delivery-related working groups like the Audio Video Transport (AVT) group, the
`MBone Deployment (MBONED) group, the Source Specific Multicast (SSM) group, the Inter-
`Domain Multicast Routing (IDMR) group, the Reliable Multicast Transport (RMT) group, the
`Protocol Independent Multicast (PIM) group, etc. I have also served as a member of the
`Multicast Directorate (MADDOGS), which oversaw the standardization of all things related to
`multicast in the IETF. Finally, I was the Chair of the Internet2 Multicast Working Group for
`seven years.
`
`18.
`I am an author or co-author of nearly 200 technical papers, published software
`systems, IETF Internet Drafts, and IETF Request for Comments (RFCs). The titles and subject
`matter of these technical papers are listed in full on my CV, attached as Ex. 2096.
`
`19. My involvement in the research community extends to leadership positions for
`several academic journals and conferences. I am the co-chair of the Steering Committee for the
`ACM Network and System Support for Digital Audio and Video (NOSSDAV) workshop and on
`the Steering Committees for the International Conference on Network Protocols (ICNP), ACM
`Sigcomm Workshop on Challenged Networks (CHANTS), and IEEE Global Internet (GI)
`Symposium. I have served or am serving on the Editorial Boards of IEEE/ACM Transactions on
`Networking, IEEE Transactions on Mobile Computing, IEEE Network, ACM Computers in
` DECLARATION OF KEVIN C. ALMEROTH
`REGARDING VALIDITY OF THE ‘612
`PATENT
`
`CONFIDENTIAL ATTORNEY EYES ONLY
`INFORMATION
`
`- 5 -
`
`3004661
`
`
`Juniper Exhibit 2096-5
`Palo Alto v Juniper
`IPR2013-00369
`
`EX 1107 Page 5
`
`

`

`
`
`Entertainment, AACE Journal of Interactive Learning Research (JILR), and ACM Computer
`Communications Review. I have co-chaired a number of conferences and workshops including
`the IEEE International Conference on Network Protocols (ICNP), IEEE Conference on Sensor,
`Mesh and Ad Hoc Communications and Networks (SECON), International Conference on
`Communication Systems and Networks (COMSNETS), IFIP/IEEE International Conference on
`Management of Multimedia Networks and Services (MMNS), the International Workshop On
`Wireless Network Measurement (WiNMee), ACM Sigcomm Workshop on Challenged
`Networks (CHANTS), the Network Group Communication (NGC) workshop, and the Global
`Internet Symposium; and I have served on the program committees for numerous conferences.
`
`20.
`Furthermore, in the courses I teach at UCSB, a significant portion of my
`curriculum covers aspects of the Internet and network communication including the physical and
`data link layers of the Open System Interconnect (OSI) protocol stack, and standardized
`protocols for communicating across a variety of physical media such as cable systems, telephone
`lines, wireless, and high-speed Local Area Networks (LANs). The courses I have taught also
`cover most major topics in Internet communication, including data communication, routing,
`multimedia encoding, and (mobile) application design. For a complete list of courses I have
`taught, see my curriculum vitae, attached as Exhibit 1 to this report.
`
`21.
`In addition, I co-founded a technology company called Santa Barbara Labs that
`was working under a sub-contract from the U.S. Air Force to develop very accurate emulation
`systems for the military’s next generation internetwork. Santa Barbara Labs’ focus was in
`developing an emulation platform to test the performance characteristics of the network
`architecture in the variety of environments in which it was expected to operate, and in particular,
`for network services including IPv6, multicast, Quality of Service (QoS), satellite-based
`communication, and security. Applications for this emulation program included communication
`of a variety of multimedia-based services.
`
`22.
`I am a Member of the Association of Computing Machinery (ACM) and a Fellow
`of the Institute of Electrical and Electronics Engineers (IEEE).
`
`23.
`Additional details about my employment history, fields of expertise, and
`publications are further included in my CV attached as Exhibit 1 to this report.
`
`III. COMPENSATION
`
`24.
`I am being compensated at a rate of $600 per hour for my time spent on this
`proceeding. I am also being reimbursed for reasonable and customary expenses associated
`therewith. No part of my compensation is dependent upon the results of this lawsuit or the
`substance of my testimony.
`
` DECLARATION OF KEVIN C. ALMEROTH
`REGARDING VALIDITY OF THE ‘612
`PATENT
`
`CONFIDENTIAL ATTORNEY EYES ONLY
`INFORMATION
`
`- 6 -
`
`3004661
`
`
`Juniper Exhibit 2096-6
`Palo Alto v Juniper
`IPR2013-00369
`
`EX 1107 Page 6
`
`

`

`
`
`IV.
`
`LEGAL STANDARDS AND BACKGROUND
`
`25.
`I have been informed of a number of legal standards that govern my analysis,
`including those discussed below. For example, a proper validity analysis includes resolving the
`level of ordinary skill in the pertinent art, determining the scope and content of the prior art, and
`ascertaining the differences between the claimed invention and the prior art. I address all of
`these factors in my report below.
`
`A.
`
`Level of Ordinary Skill in the Art
`
`26.
`I have been advised that the claims of a patent are reviewed from the point of
`view of a hypothetical person of ordinary skill in the art at the time of the filing of the patent.
`
`27.
`I understand that Dr. Mitchell has opined as follows regarding the level of
`ordinary skill of a practitioner in the relevant art: “a recent degree in a field such as computer
`science or computer networking and three or more years of experience in a field such as
`computer science or computer networking” or “5 or more years of relevant experience in the
`computer networking or computer security industry.”
`
`28.
`In my opinion, a person of ordinary skill in the art for the patent-in-suit would
`have the equivalent of a four-year degree from an accredited institution (usually denoted as a
`B.S. degree) in computer science, computer engineering or the equivalent, and experience with,
`or exposure to, computer networking or computer security. A person of ordinary skill in the art
`would also have approximately two years of professional experience with computer networking
`or computer security. Additional graduate education could substitute for professional
`experience, while significant experience in the field might substitute for formal education.
`
`29. While Dr. Mitchell’s opinion and mine differ with respect to exactly what a
`person of skill in the art is, PAN has failed to establish unpatentability under either my standard
`or the standard that Dr. Mitchell has proposed.
`
`30.
`In arriving at my opinions and conclusions in this report, I have considered the
`issues from the perspective of a hypothetical person of ordinary skill in the art.
`
`B.
`
`Validity – Anticipation and Obviousness
`
`31.
`I understand that the claims of an issued patent are presumed valid, and the party
`challenging validity bears the heavy burden of proving by a preponderance of the evidence that a
`patent fails to comply with one or more requirements of patentability. I understand that a
`“preponderance” means “more likely than not.” I understand that general and conclusory
`assertions, without underlying factual evidence, may not support a conclusion that something is
`“more likely than not.” Rather, the preponderance of the evidence standard requires that a
`reasonable finder of fact be convinced that the existence of a specific material fact is more
`probable that the non-existence of that fact. The preponderance of the evidence standard does not
` DECLARATION OF KEVIN C. ALMEROTH
`REGARDING VALIDITY OF THE ‘612
`PATENT
`
`CONFIDENTIAL ATTORNEY EYES ONLY
`INFORMATION
`
`- 7 -
`
`3004661
`
`
`Juniper Exhibit 2096-7
`Palo Alto v Juniper
`IPR2013-00369
`
`EX 1107 Page 7
`
`

`

`
`
`support speculation regarding specific facts, and is instead focused on whether the evidence more
`likely than not demonstrates the existence or non-existence of specific material facts. Here, I
`understand that PAN has argued that the asserted claims are anticipated by, or obvious in view
`of, certain prior art references.
`
`32.
`I have been informed that a reference may qualify as prior art as to the patents-in-
`suit if it was known or used by others in this country, or patented or described in a printed
`publication in this or a foreign country, before the invention by the patent holder. I have also
`been informed that a reference may qualify as prior art to the patents-in-suit if the invention was
`patented or described in a printed publication in this or a foreign country or in public use or on
`sale in this country, more than one year before the effective filing date. For a printed publication
`to qualify as prior art, I understand that PAN must demonstrate that the publication was
`disseminated or otherwise sufficiently accessible to the public.
`
`33.
`I have been informed that to anticipate a claim, a reference must teach each and
`every element of every asserted claim – differences between asserted art and the claimed
`invention, however slight, prevent anticipation. My understanding is that anticipation occurs
`only if each and every limitation of the patent claim is disclosed, either expressly or inherently,
`within the “four corners” of a single prior art reference.
`
`34.
`I have been informed that a limitation may be inherently disclosed by a reference
`only when the unstated element would have been necessarily and always present in the prior art
`device or method – inherent disclosure may not be established by probabilities or possibilities.
`
`35. Moreover, I understand that it is not sufficient to pick and choose disparate
`citations from a reference showing elements of a claim; instead, the elements must also be
`arranged in the same way as recited in the claim. For example, I have been informed that it is
`not enough that a prior art reference teaches all elements of the claim if it does not contain any
`discussion suggesting or linking the elements with each other as in the claim.
`
`36.
`For a prior art reference to anticipate a claim, I have been told that the reference,
`as viewed by a person of ordinary skill in the art of the invention, must disclose each and every
`element with sufficient clarity to enable one of ordinary skill in the art to make the invention
`without “undue experimentation.” Hence, even if a reference is a “printed publication,” I
`understand that it will not suffice as prior art if it is not “enabling.”
`
`37.
`I understand that a patent claim may be found unpatentable as obvious only if the
`patent challenger establishes by a preponderance of the evidence that, as of the priority date, the
`subject matter of the claim, considered as a whole, would have been obvious to a person having
`ordinary skill in the field of the technology (the “art”) to which the claimed subject matter
`belongs. This includes, for example, (1) identifying the particular references that, singly or in
`combination, make the patent obvious; (2) proving that those references qualify as prior art to the
`patent; (3) specifically identifying which elements of the patent claim appear in each of the
`asserted references; (4) explaining how the prior art references would be combined to create the
` DECLARATION OF KEVIN C. ALMEROTH
`REGARDING VALIDITY OF THE ‘612
`PATENT
`
`CONFIDENTIAL ATTORNEY EYES ONLY
`INFORMATION
`
`- 8 -
`
`3004661
`
`
`Juniper Exhibit 2096-8
`Palo Alto v Juniper
`IPR2013-00369
`
`EX 1107 Page 8
`
`

`

`
`
`claimed inventions, and (5) explaining why a person of ordinary skill in the relevant field would
`have combined the elements in the same manner as in the challenged patent claim.
`
`38.
`I have also been informed that the claimed invention must be considered as a
`whole in analyzing obviousness or nonobviousness. In determining the differences between the
`prior art and the claims, the question under the obviousness inquiry is not whether the differences
`themselves would have been obvious, but whether the claimed invention as a whole would have
`been obvious. Relatedly, I understand that it may be appropriate to consider whether there is
`evidence of a “teaching, suggestion, or motivation” to combine the prior art teachings in the prior
`art, the nature of the problem or the knowledge of a person having ordinary skill in the art.
`
`39.
`I understand that one indicator of nonobviousness is when prior art “teaches
`away” from combining certain known elements. For example, a prior art reference teaches away
`from the patent’s particular combination if it leads in a different direction or discourages that
`combination, recommends steps that would not likely lead to the patent’s result, or otherwise
`indicates that a seemingly inoperative device would be produced.
`
`40.
`I further understand that certain objective indicia can be important evidence
`regarding whether a patent is obvious or nonobvious, including commercial success, copying,
`and industry acceptance or praise. Evidence of such objective indicia must be considered when
`present. It is generally error to reach a conclusion on obviousness before considering the
`evidence of secondary considerations, and in then evaluating the latter solely in terms of whether
`it may fill any gaps in the initial conclusion on obviousness. On the other hand, such evidence is
`not a requirement for patentability, and the absence of such evidence is a neutral factor in the
`analysis of obviousness or nonobviousness.
`
`41.
`I also understand that, in performing a proper unpatentability analysis, an expert
`must do more than simply provide quotes from the evidentiary record along with conclusory
`allegations of unpatentability. To the contrary, an expert’s conclusions regarding unpatentability
`must be supported by actual analysis and reasoning set forth in the expert report, such that the
`theoretical and factual foundation for the expert’s conclusions can be properly evaluated.
`
`V.
`
`CLAIM CONSTRUCTION
`
`42.
`It is my understanding that the Board has not finally construed the claim terms for
`the patents-in-suit in this proceeding. I understand that the Board preliminarily addressed certain
`claim construction points in its decision to institute the IPR, on which no Juniper expert was
`permitted testimony. I further understand that the parties have exchanged constructions in a
`litigation that also addresses the ‘612 patent.
`
`43.
`I further understand that the parties agreed that, for purposes of the ‘612 patent
`claims, “rules” exist across multiple sessions. See Draft Joint Claim Construction Statement
`transmitted from Juniper to PAN on March 27, 2013. It is my understanding that terms should
`be given their broadest reasonable construction in an IPR. Under this standard, the terms should
` DECLARATION OF KEVIN C. ALMEROTH
`REGARDING VALIDITY OF THE ‘612
`PATENT
`
`CONFIDENTIAL ATTORNEY EYES ONLY
`INFORMATION
`
`- 9 -
`
`3004661
`
`
`Juniper Exhibit 2096-9
`Palo Alto v Juniper
`IPR2013-00369
`
`EX 1107 Page 9
`
`

`

`
`
`be given their ordinary and customary meaning to one of ordinary skill in the art at the time of
`invention, unless the patent teaches of a different meaning within the specification.
`
`A.
`
`“Rule”
`
`44.
`As used in the ‘612 patent, a rule must persist across multiple sessions. I
`understand that all experts who have opined on this term agree that a “rule” in the context of the
`claims of the ‘612 patent must exist across multiple sessions. I also agree with this construction
`for the reasons noted below.
`
`45.
`As noted by the Board, the ‘612 patent describes a rule as a “control policy for
`filtering incoming and outgoing information packets.” However, this is not the only feature of
`the claimed rules described by the specification. The ‘612 patent specification, prosecution
`history, and claims themselves require that rules must exist across multiple sessions. The ‘612
`patent sets forth a broad understanding of what constitutes a “rule.” The context of the term as
`used in the claims makes clear the purpose of “rules” in the invention: they are “for controlling
`access to and from a network device for incoming and outgoing data packets.” ‘612 patent at
`7:48-51 (claim 1). This means that rules contemplate actions to be applied against packets, as in
`a set of entries for blocking packets from particular source IP addresses. Id. at 5:55-59 (system
`“allows some packets . . . and denies or drops others” based on rules with “matching criteria”
`such as “source and destination IP address”); see also 2:61-65; Markman Order (describing rules
`as involving “actions to be applied against packets”). The ‘612 patent does not require that
`“rules” be formatted in any particular way or stored in any particular type of data structure.
`
`46.
`The ‘612 patent does impose one important constraint with respect to this claim
`term: “rules” are consistently distinguished from other data pertaining solely to a single
`particular session (i.e., a set of related packets corresponding to a “current application or
`service”). ‘612 patent at 5:20. Indeed, the ‘612 patent repeatedly identifies an important
`difference between the use of “rules” as opposed to session-specific data: “[T]he firewall engine
`may first check a stored look-up table with criteria relating to ongoing current applications or
`services, before searching the rules.” Id. at 5:14-16; see also id. at 5:51-42 (“current application”
`data consulted “instead of a rule search”).
`
`47.
`The ‘612 patent provides an example of how this architecture works, in the
`context of an FTP session. Session data will be consulted instead of rules if a packet received “is
`an FTP packet for an FTP [session] that is ongoing.” Id. at 5:21-22. In other words, this approach
`set forth in the ‘612 patent contemplates that treatment of packets in any single, ongoing FTP
`session will be handled using session data instead of rules. In this manner, the ‘612 patent
`architecture makes it possible for “packets in the current application [FTP]” to be handled using
`the efficient mechanism of a session table lookup “instead of a rule search.” Id. at 5:51-42. The
`architecture described in the ‘612 patent involves the use of a set of rules in conjunction with a
`separate data structure referred to as a “flow table” or “session table.” ‘612 patent at 5:14-60.
`Such a table can keep track of data “corresponding to each current application or service” using
`
`3004661
`
`
`- 10 -
`
` DECLARATION OF KEVIN C. ALMEROTH
`REGARDING VALIDITY OF THE ‘612
`PATENT
`
`CONFIDENTIAL ATTORNEY EYES ONLY
`INFORMATION
`
`Juniper Exhibit 2096-10
`Palo Alto v Juniper
`IPR2013-00369
`
`EX 1107 Page 10
`
`

`

`
`
`(for example) a common “IP address, port and protocol” for a related group of packets. ‘612
`patent at 5:19-20, 5:37-42. The “current application” could be packets pertaining to a single web
`session for an e-commerce transaction, a single flow of streaming music or video media, or some
`other type of network session. ‘612 patent at 5:19-20, 5:37-42. Once information relating to
`processing of a session has been written to a flow table for the first packet of that session, the
`firewall may simply “look up” that information when it receives subsequent packets in the same
`session. ‘612 patent at 5:37-42. This allows for faster processing of subsequent packets in the
`same session, as the flow table may be used “instead of a rule search.” ‘612 patent at 5:37-42.
`Thus, one defining feature of entries in a flow or session table (and contrasted with rules) is that
`they exist for only a single session. In other words, while flow tables entries may come and go as
`new sessions begin and end, the effective lifetimes for rules are not tied to particular sessions,
`but rather persist across multiple sessions.
`
`48.
`I note that PAN’s expert Dr. Mitchell likewise confirmed the same understanding
`of the term “rules.” In deposition testimony from the Concurrent Litigation, Dr. Mitchell
`confirmed his understanding that “a rule is something that exists across multiple sessions,”
`Mitchell Deposition at 210:2-211:6, and even pointed to the same portions of the ‘612 patent
`specification as supporting the “across multiple sessions” aspect of the claim term “rules.”
`
`49.
`The District Court in the Concurrent Litigation made similar observations
`regarding the term “rules” in its Markman Order. The Court noted first that the parties had
`agreed that a “rule” must exist “across multiple sessions.” Markman Order at 23. The Court
`then went on to find that “rules” as contemplated in the ‘612 patent were distinct from a look-up
`table data structure, which is used “to describe flow tables” in the ‘612 patent. See id. at 23 &
`n.16. In other words, unlike an entry in a flow table or session table, which is deleted following
`the end of the session, “rules” in the ‘612 patent are designed to persist across multiple sessions.
`
`50.
`In light of the foregoing, the broadest reasonable construction of “rules” in this
`proceeding should include the fundamental concept that rules “exist across multiple sessions.”
`For example, if the Board maintains the other aspects of “rules” mentioned in its Institution
`Decision, the complete construction should be: “control policy that exists across multiple
`sessions for filtering incoming and outgoing information packets.”
`
`VI.
`
`TECHNOLOGY BACKGROUND
`
`51.
`If asked at trial or at any hearing, I may provide a tutorial regarding technological
`topics that may be helpful as background. By way of example, these topics could include
`computer networking principles and standards (such as TCP/IP), fundamentals regarding packet-
`based communications, development and operation of private and public networks (including the
`Internet), the development and operation of network security products (such as firewalls and
`intrusion detection systems), computer programming languages, systems, and methods,
`principles of electronics such as circuits and integrated circuits, industry practices regarding
`network threats and security, among other topics.
`
`3004661
`
`
`- 11 -
`
` DECLARATION OF KEVIN C. ALMEROTH
`REGARDING VALIDITY OF THE ‘612
`PATENT
`
`CONFIDENTIAL ATTORNEY EYES ONLY
`INFORMATION
`
`Juniper Exhibit 2096-11
`Palo Alto v Juniper
`IPR2013-00369
`
`EX 1107 Page 11
`
`

`

`
`
`52.
`To assist in my testimony, I may rely on sources with which those of ordinary
`skill in the art would be familiar, including treatises, patents, standards documents (e.g., RFCs),
`and other publicly available documents, as well as my personal knowledge, background, and
`personal experience in the field.
`
`53.
`I have also reviewed certain demonstrative exhibits that were used by the parties
`during litigation. These documents further informed my opinions expressed in this declaration.
`
`54.
`Additionally, I have worked with others to help prepare some additional
`demonstrative exhibits to help explain and illustrate certain concepts in this report. These
`demonstrative exhibits are attached as Exhibit 2093.
`
`55.
`As basic background, one of the most widely used computer networks is the
`Internet. The Internet has been around for several decades. Many trace the origins of the Internet
`to the Arpanet (the Advanced Research Projects Agency Network), which dates back to the late
`1960s. While the origins of the Internet were humble, it has grown into a massive, highly
`sophisticated network for highly complex and highly varied forms