UNITED STATES PATENT AND TRADEMARK OFFICE
`
`———————
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`———————
`
`CISCO SYSTEMS, INC.,
`Petitioner
`
`U.S. Patent No. 8,458,784
`
`_____________________
`
`DECLARATION OF DR. HENRY HOUH,
`UNDER 37 C.F.R. § 1.68 IN SUPPORT OF PETITION FOR
`INTER PARTES REVIEW
`
`1
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 1 of 75
`
`

`

`Houh Declaration
`
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`TABLE OF CONTENTS
`Introduction ...................................................................................................... 4 
`I. 
`Qualifications and Professional Experience .................................................... 5 
`II. 
`III.  Level of Ordinary Skill in the Art ................................................................. 11 
`IV.  Relevant Legal Standards .............................................................................. 12 
`V. 
`Background .................................................................................................... 13 
`VI.  Overview of the ’784 Patent .......................................................................... 15 
`VII.  Claim Construction ........................................................................................ 17 
`VIII.  Identification of how the Claims are Unpatentable ....................................... 17 
`A.  Ground 1: Claims 1-3 and 16-17 are obvious under 35 U.S.C.
`§ 103(a) in view of Carter and Maria. ................................................. 18 
`1. 
`Summary of Carter ........................................................ 18 
`2. 
`Summary of Maria ......................................................... 21 
`3. 
`Reasons to Combine Carter and Maria .......................... 23 
`4. 
`Claim 1 ........................................................................... 29 
`5. 
`Claim 2 ........................................................................... 47 
`6. 
`Claim 3 ........................................................................... 48 
`7. 
`Claim 16 ......................................................................... 50 
`8. 
`Claim 17 ......................................................................... 51 
`Ground 2: Claims 4-9 and 11-12 are obvious under 35 U.S.C.
`§ 103(a) in view of Carter, Maria, and Salim. .................................... 52 
`1. 
`Summary of Salim ......................................................... 52 
`2. 
`Reasons to Combine Salim with Carter and Maria ....... 53 
`3. 
`Claim 4 ........................................................................... 54 
`
`B. 
`
`
`
`
`2
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 2 of 75
`
`

`

`Houh Declaration
`
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`C. 
`
`Claim 5 ........................................................................... 58 
`4. 
`Claim 6 ........................................................................... 59 
`5. 
`Claim 7 ........................................................................... 60 
`6. 
`Claim 8 ........................................................................... 61 
`7. 
`Claim 9 ........................................................................... 62 
`8. 
`Claim 11 ......................................................................... 63 
`9. 
`Claim 12 ......................................................................... 64 
`10. 
`Ground 3: Claims 13-15 are obvious under 35 U.S.C. § 103(a)
`in view of Carter, Maria, Salim, and Loschke. ................................... 64 
`1. 
`Summary of Loschke ..................................................... 64 
`2. 
`Reasons to Combine Loschke with Carter, Maria, and
`Salim .............................................................................. 66 
`Claim 13 ......................................................................... 69 
`3. 
`Claim 14 ......................................................................... 71 
`4. 
`Claim 15 ......................................................................... 73 
`5. 
`IX.  Conclusion ..................................................................................................... 75 
`
`
`
`
`
`
`3
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 3 of 75
`
`

`

`Houh Declaration
`
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`I, Henry Houh, do hereby declare as follows:
`
`I.
`
`INTRODUCTION
`1.
`
`I am making this declaration at the request of Cisco Systems, Inc. in
`
`the matter of the Inter Partes Review of U.S. Patent No. 8,458,784 (“the ’784
`
`Patent”) to Krumel et al.
`
`2.
`
`I am being compensated for my work in this matter at my standard
`
`hourly rate. I am also being reimbursed for reasonable and customary expenses
`
`associated with my work and testimony in this investigation. My compensation is
`
`not contingent on the outcome of this matter or the specifics of my testimony.
`
`3.
`
`I have been asked to provide my opinions regarding whether claims 1-
`
`9 and 11-17 (“the Challenged Claims”) of the ’784 Patent are unpatentable as they
`
`would have been obvious to a person having ordinary skill in the art (“POSITA”)
`
`at the time of the alleged invention, in light of the prior art. It is my opinion that all
`
`of the limitations of the challenged claims would have been obvious to a POSITA.
`
`4.
`
`a.
`
`b.
`
`c.
`
`d.
`
`1002;
`
`
`
`
`In the preparation of this declaration, I have studied:
`
`the ’784 Patent, Ex. 1001;
`
`the prosecution history of the ’784 Patent (“’784 File History”), Ex.
`
`U.S. Patent No. 5,386,470 to Carter et al. (“Carter”), Ex.1005;
`
`U.S. Patent No. 6,092,110 to Maria et al. (“Maria”), Ex.1006; and
`
`4
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 4 of 75
`
`

`

`Houh Declaration
`
`
`Inter Partes Review of U.S. 8,458,784
`
`e.
`
`5.
`
`U.S. Patent No. 6,628,653 to Salim et al. (“Salim”), Ex.1007.
`
`In forming the opinions expressed below, I have considered:
`
`the documents listed above;
`
`the relevant legal standards, including the standard for obviousness,
`
`and any additional authoritative documents as cited in the body of this
`
`declaration; and
`
`my own knowledge and experience based upon my work in the field
`
`of networking as described below, as well as the following materials.
`
`a.
`
`b.
`
`c.
`
`d.
`
`e.
`
`f.
`
`6.
`
`U.S. Patent No. 6,556,574 to Pearce et al. (“Pearce”), Ex.1008;
`
`U.S. Patent No. 6,728,885 to Taylor et al. (“Taylor”), Ex.1009;
`
`U.S. Patent No. 6,219,706 to Fan et al. (“Fan”), Ex.1013;
`
`U.S. Patent No. 5,956,336 to Loschke et al. (“Loschke”), Ex.1015;
`
`Interconnections: Bridges and Routers, Radia Perlman, Ex.1018
`
`Building Internet Firewalls, Elizabeth Zwicky, Ex.1019.
`
`Unless otherwise noted, all emphasis in any quoted material has been
`
`added.
`
`II. QUALIFICATIONS AND PROFESSIONAL EXPERIENCE
`7. My complete qualifications and professional experience are described
`
`in my Curriculum Vitae, a copy of which can be found in Exhibit 1004. The
`
`following is a brief summary of my relevant qualifications and professional
`
`
`
`
`5
`
`
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 5 of 75
`
`

`

`Houh Declaration
`
`experience.
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`8.
`
`I received a Ph.D. in Electrical Engineering and Computer Science
`
`from the Massachusetts Institute of Technology (“MIT”) in 1998. Beforehand, I
`
`received a Master of Science degree in Electrical Engineering and Computer
`
`Science in 1991, a Bachelor of Science degree in Electrical Engineering and
`
`Computer Science in 1989, and a Bachelor of Science degree in Physics in 1990,
`
`all from MIT.
`
`9.
`
`I am currently self-employed as an independent technical consultant. I
`
`am also president of a company that provides supplemental science, technology,
`
`engineering, and mathematics (“STEM”) education to children of all ages.
`
`10.
`
`I first entered telecommunications in 1987 when I worked as a
`
`summer intern at AT&T Bell Laboratories as part of a five-year dual degree
`
`program at MIT. I continued to work at AT&T Bell Laboratories as part of this
`
`MIT program. While at MIT, I was a teaching assistant (“TA”) in the Electrical
`
`Engineering and Computer Science Department’s core Computer Architectures
`
`course. I first was a TA as a senior for a role typically reserved for graduate
`
`students. I later became head TA. The course covered various topics in computer
`
`architectures. As a TA, I helped write homework assignments, lab assignments,
`
`and exams. I also taught in the recitation sections.
`
`11. Later, as part of my doctoral research at MIT from 1991-1998, I was a
`
`
`
`
`6
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 6 of 75
`
`

`

`Houh Declaration
`
`research assistant in the Telemedia Network Systems (“TNS”) group at the
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`Laboratory for Computer Science. The TNS group built a high-speed gigabit
`
`network and created applications that ran over the network. Example applications
`
`included ones for remote video capture, processing, and display of video on
`
`computer terminals. In addition to working on the design of core network
`
`components, designing and building the high-speed links, and designing and
`
`writing the device drivers for the interface cards, I also set up the group’s web
`
`server.
`
`12.
`
`I also helped to build the web pages that initiated the above-
`
`mentioned video sessions via a web interface. Vice President Al Gore visited our
`
`group in 1996 and received a demonstration of—and remotely drove—a radio-
`
`controlled toy car with a wireless video camera mounted on it that was built by our
`
`group. This toy car device received commands transmitted over a network from a
`
`remote computer, and video data from the toy car was transmitted wirelessly then
`
`over a computer network back to the user controller. On occasion, we allowed
`
`users visiting our web site to drive the toy car from their remote computer while
`
`they watched the video on their computer. The video stream was encoded by TNS-
`
`designed hardware, streamed over the TNS-designed network, and displayed using
`
`TNS-designed software.
`
`13.
`
`I defended and submitted my Ph.D. thesis, titled “Designing Networks
`
`
`
`
`7
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 7 of 75
`
`

`

`Houh Declaration
`
`for Tomorrow’s Traffic,” in January 1998. As part of my thesis research, I
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`analyzed local area and wide area flows to show a more efficient method for
`
`routing packets in a network, based on traffic patterns at the time.
`
`14. From 1997 to 1999, I was a Senior Scientist and Engineer at NBX
`
`Corporation, a start-up that made business telephone systems for streaming
`
`packetized audio over data networks instead of using traditional telephone lines.
`
`NBX was later acquired by 3Com Corporation and the phone system is still used
`
`today by numerous businesses.
`
`15. As part of my work at NBX, I designed the core audio reconstruction
`
`algorithms for the telephones, as well as the packet transmission algorithms. I also
`
`designed and validated the core packet transport protocol used by the phone
`
`system. The protocol was used for all signaling in the phone system, including for
`
`the setup of conference calls.
`
`16. The NBX system also featured a computer interface for initiating
`
`phone calls, which could also initiate conference calls. The NBX system also
`
`supported the Telephony Application Programming Interface (“TAPI”) that
`
`allowed other computer programs to integrate with our system telephony features.
`
`We obtained U.S. Patent No. 6,697,963, entitled “Telecommunication method for
`
`ensuring on-time delivery of packets containing time-sensitive data,” as part of this
`
`work.
`
`
`
`
`8
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 8 of 75
`
`

`

`Houh Declaration
`
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`17. From 1999-2004, I was employed by Empirix or its predecessor
`
`company, Teradyne. Empirix was a leader in test tools for telecommunications
`
`protocols and systems, providing functional testing tools as well as load testing
`
`tools. From 2000-2001, I conceived and built a test platform for testing Voice-
`
`over-IP (VoIP). The first application on this new test platform was a cloud
`
`emulator for simulating the effects of transmitting VoIP over a busy network.
`
`18.
`
`In 2006, as part of my role at BBN Technologies, I helped found
`
`PodZinger Inc., now known as RAMP Inc. PodZinger utilized BBN’s speech
`
`recognition algorithms to search through the spoken words in audio and video
`
`segments. While I was Vice President of Operations and Technology, PodZinger
`
`followed its initial prototype with a full streaming audio and video search solution.
`
`I also created a social networking web site, which BBN sold to a venture-funded
`
`startup company. In the process of creating the web site, I designed and specified
`
`the authentication and authorization protocols.
`
`19.
`
`I have been awarded several United States patents, and I have several
`
`patent applications pending including the following examples:
`
` U.S. Patent No. 7,975,296, “Automated security threat testing of
`
`web pages”;
`
` U.S. Patent No. 7,877,736, “Computer language interpretation and
`
`optimization for server testing”;
`
`
`
`
`9
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 9 of 75
`
`

`

`Houh Declaration
`
`
`Inter Partes Review of U.S. 8,458,784
`
`
` U.S. Patent No. 7,801,910, “Method and apparatus for timed tagging
`
`of media content”;
`
` U.S. Patent 7,590,542, “Method of Generating Test Scripts Using a
`
`Voice-Capable Markup Language”;
`
` U.S. Patent No. 6,967,963, “Telecommunication method for
`
`ensuring on-time delivery of packets containing time-sensitive
`
`data”;
`
` U.S. Patent Application Publication No. 20070106685, “Method
`
`and apparatus for updating speech recognition databases and
`
`reindexing audio and video content using the same”;
`
` U.S. Patent Application Publication No. 20070106693, “Methods
`
`and apparatus for providing virtual media channels based on media
`
`search”;
`
` U.S. Patent Application Publication No. 20070106760, “Methods
`
`and apparatus for dynamic presentation of advertising, factual, and
`
`informational content using enhanced metadata in search-driven
`
`media applications”;
`
` U.S. Patent Application Publication No. 20070112837, “Method
`
`and apparatus for timed tagging of media content”;
`
`
`
`
`10
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 10 of 75
`
`

`

`Houh Declaration
`
`
`Inter Partes Review of U.S. 8,458,784
`
`
` U.S. Patent Application Publication No. 20070118873, “Methods
`
`and apparatus for merging media content”; and
`
` U.S. Patent Application Publication No. 20090222442, “User-
`
`directed navigation of multimedia search results”.
`
`III. LEVEL OF ORDINARY SKILL IN THE ART
`20.
`
`I understand there are multiple factors relevant to determining the
`
`level of ordinary skill in the pertinent art, including (1) the levels of education and
`
`experience of persons working in the field at the time of the invention; (2) the
`
`sophistication of the technology; (3) the types of problems encountered in the field;
`
`and (4) the prior art solutions to those problems.
`
`21. A person of ordinary skill in the art (“POSITA”) in the field of the
`
`’784 Patent, as of its earliest possible filing date of July 7, 2000, would have been
`
`someone knowledgeable and familiar with the networking arts that are pertinent to
`
`the ’784 Patent. A POSITA would have been familiar with the field of network
`
`protocols and network security, during the early 2000s. That person would have a
`
`master’s degree in electrical engineering, or equivalent training, and approximately
`
`two years of experience working in the field of data networking, data networking
`
`protocols, and network security. Lack of work experience can be remedied by
`
`additional education, and vice versa.
`
`22. For purposes of this Declaration, in general, and unless otherwise
`
`
`
`
`11
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 11 of 75
`
`

`

`Houh Declaration
`
`noted, my statements and opinions, such as those regarding my experience and the
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`understanding of a POSITA generally (and specifically related to the references I
`
`consulted herein), reflect the knowledge that existed in the field as of the priority
`
`date of the ’784 Patent. Unless otherwise stated, when I provide my understanding
`
`and analysis below, it is consistent with the level of a POSITA prior to the priority
`
`date of the ’784 Patent.
`
`IV. RELEVANT LEGAL STANDARDS
`23.
`
`I am not an attorney. In preparing and expressing my opinions and
`
`considering the subject matter of the ’784 Patent, I am relying on certain basic
`
`legal principles that counsel have explained to me. These principles are discussed
`
`below.
`
`24.
`
`I understand that prior art to the ’784 Patent includes patents and
`
`printed publications in the relevant art that predate the priority date of the alleged
`
`invention recited in the ’784 Patent. For purposes of this Declaration, I am
`
`applying July 7, 2000 as the earliest possible priority date of the ’784 Patent.
`
`25.
`
`I have been informed that a claimed invention is unpatentable under
`
`35 U.S.C. § 103 if the differences between the invention and the prior art are such
`
`that the subject matter as a whole would have been obvious at the time the
`
`invention was made to a person having ordinary skill in the art to which the subject
`
`matter pertains. I have also been informed by counsel that the obviousness analysis
`
`
`
`
`12
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 12 of 75
`
`

`

`Houh Declaration
`
`takes into account factual inquiries including the level of ordinary skill in the art,
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`the scope and content of the prior art, and the differences between the prior art and
`
`the claimed subject matter.
`
`26.
`
`I have been informed by counsel that the Supreme Court has
`
`recognized several rationales for combining references or modifying a reference to
`
`show obviousness of claimed subject matter. Some of these rationales include the
`
`following: (a) combining prior art elements according to known methods to yield
`
`predictable results; (b) simple substitution of one known element for another to
`
`obtain predictable results; (c) use of a known technique to improve a similar device
`
`(method, or product) in the same way; (d) applying a known technique to a known
`
`device (method, or product) ready for improvement to yield predictable results; (e)
`
`choosing from a finite number of identified, predictable solutions, with a
`
`reasonable expectation of success; and (f) some teaching, suggestion, or motivation
`
`in the prior art that would have led one of ordinary skill to modify the prior art
`
`reference or to combine prior art reference teachings to arrive at the claimed
`
`invention.
`
`V. BACKGROUND
`27. Data is generally transmitted in packets. Data packets may be in
`
`variety of forms including “ATM (Asynchronous transfer Mode) cells, frame relay
`
`frames, ethernet frames, T1 data units, and IP packets.” Salim, 6:17-19. A data
`
`
`
`
`13
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 13 of 75
`
`

`

`Houh Declaration
`
`packet includes a header and a payload. The payload includes the data that is being
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`transmitted, and the header includes information about the packet. This
`
`information may include source address, destination address, and other metadata
`
`for the packet.
`
`28. The header may also include protocol information. Most packet data
`
`transmission networks use multiple layers of hierarchical protocols (often referred
`
`to as within the OSI model). “Starting with the raw data from a top level
`
`application, each protocol adds its own header information to that added previously
`
`by preceding (higher) protocols.” Salim, 1:17-20. “In the course of transmission
`
`through the network, the packet may pass through and be routed, forwarded
`
`switched or processed according to information stored in various parts of the
`
`packet header, depending on which level of the various levels of protocols, is being
`
`used.” Salim, 1:20-25. Computer networks are often described in terms of the
`
`Open Systems Interconnection (OSI) model and the Transmission Control
`
`Protocol/Internet Protocol (TCP/IP). See Pearce, 2:13-26, 3:38-50; Perlman, 1,
`
`201.
`
`29. For security purposes, it was common to filter data packets to prevent
`
`unauthorized access to the network or to prevent undesirable content from being
`
`accessed. See Fan, 1:8-52; Zwicky, 3-5 For example, it was known to filter data
`
`packets to prevent eavesdropping. See Carter, 1:48-51. In a further example, “data
`
`
`
`
`14
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 14 of 75
`
`

`

`Houh Declaration
`
`packet filters are currently available which filter out data packets from certain
`
`Inter Partes Review of U.S. 8,458,784
`
`Internet sites.” Maria, 1:19-21.
`
`30. As will be explained in more detail below, the ’784 Patent describes
`
`and claims no more than commonly known packet filtering concepts.
`
`VI. OVERVIEW OF THE ’784 PATENT
`31. The ’784 Patent generally relates to “Methods and systems for
`
`firewall/data protection that filters data packets in real time and without packet
`
`buffering.” Ex.1001, abstract. The ’784 Patent describes passing packets between
`
`“two PHY interfaces, one for the Internet or other external network connection,
`
`and one (or more) for the internal network.” Ex.1001, 5:57-60. The packets pass
`
`through a repeater core 16, which “functions as an Ethernet repeater (as defined by
`
`the network protocols of the IEEE standard 802.3) and serves to receive packets
`
`from external PHY 14, reshape the electrical signals thereof, and transmit the
`
`packets to internal PHY 18, which is coupled to internal network 20.” Ex.1001,
`
`5:66-6:3. “While the packet is being received, reshaped, and transmitted between
`
`PHYs 14 and 18, however, it is simultaneously being evaluated in parallel with
`
`filtering rules to determine if it should be allowed to pass as a valid packet.”
`
`Ex.1001, 6:4-7.
`
`32. With application of the filtering rules, “by the time that the entire
`
`packet reaches repeater core 16… the packet will either be allowed to pass as a
`
`
`
`
`15
`
`
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 15 of 75
`
`

`

`Houh Declaration
`
`valid packet or will be failed and junked as a suspect (or otherwise invalidated)
`
`Inter Partes Review of U.S. 8,458,784
`
`packet.” Ex.1001, 6:39-43. “Junking is defined as changing bits or truncating data,
`
`depending on the type of link, in a manner such that the packet is corrupted or
`
`otherwise will be detected by the receiving computers as invalid or unacceptable,
`
`etc.” Ex.1001, 5:3-7. Fig. 2 is shown below.
`
`Ex.1001, Fig. 2
`
`33. As I will explain below, the concept of a repeater that corrupts data in
`
`
`
`
`16
`
`
`
`
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 16 of 75
`
`

`

`Houh Declaration
`
`packets that do not meet filtering criteria was well known at the time the ’784
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`Patent was filed.
`
`VII. CLAIM CONSTRUCTION
`34.
`
`It is my understanding that in order to properly evaluate the ’784
`
`Patent, the terms of the claims must first be interpreted. It is my understanding that
`
`for the purposes of this inter partes review, the claims are to be construed under
`
`the so-called Phillips standard, under which claim terms are given their ordinary
`
`and customary meaning as would be understood by one of ordinary skill in the art
`
`in light of the specification and prosecution history, unless the inventor has set
`
`forth a special meaning for a term. Counsel has explained to me that none of the
`
`claim terms are believed to require express construction.
`
`VIII. IDENTIFICATION OF HOW THE CLAIMS ARE UNPATENTABLE
`35.
`
`I have been asked to provide my opinion as to whether the Challenged
`
`Claims of the ’784 Patent would have been obvious in view of the prior art. The
`
`discussion below provides a detailed analysis of how the prior art references
`
`identified below teach the limitations of the Challenged Claims of the ’784 Patent.
`
`36. As part of my analysis, I have considered the scope and content of the
`
`prior art and any differences between the alleged invention and the prior art. I
`
`describe in detail below the scope and content of the prior art, as well as any
`
`differences between the alleged invention and the prior art, on an element-by-
`
`
`
`
`17
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 17 of 75
`
`

`

`Houh Declaration
`
`element basis for each Challenged Claims of the ’784 Patent.
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`37. As described in detail below, the alleged invention of the Challenged
`
`Claims would have been obvious in view of the teachings of the identified prior art
`
`references as well as the knowledge of a POSITA.
`
`A. Ground 1: Claims 1-3 and 16-17 are obvious under 35 U.S.C.
`§ 103(a) in view of Carter and Maria.
`1.
`Summary of Carter
`38. Like the ’784 Patent, Carter describes a “repeater” that has “means for
`
`storing access rules for the items of equipment connected to it.” Carter, abstract.
`
`Carter’s repeater “reads a portion of each frame, which may be all or part of the
`
`destination address segment and/or of the source address segment and/or of the
`
`control segment of each incoming data frame, or it could be a frame or protocol
`
`identifier incorporated in opening bytes of the data segment.” Id. Carter’s repeater
`
`then filters the frames by comparing “the data that it reads with the stored access
`
`rules to determine whether the frame is permitted or not.” Id. If a packet is not
`
`permitted based on the access rules, then “the repeater modifies the frame which it
`
`is in the course of re-transmitting, for example by overwriting it with meaningless
`
`digits.” Id.
`
`39. Carter provides, in Fig. 2, a “block diagram of those parts of a
`
`multiport repeater that are relevant to the understanding of the present invention.”
`
`Carter, 3:67-4:2.
`
`
`
`
`18
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 18 of 75
`
`

`

`Houh Declaration
`
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`filtering circuitry
`
`input
`MUX
`
`output MUX
`
`Carter, Fig. 2 (annotated)
`
`
`40. Carter’s device receives frames “on any one of ports 1 to 4 passing via
`
`respective port interface units 5.” Carter, 4:23-25. Incoming data from a frame is
`
`passed through an input MUX 6, through selection MUX 7, and placed in a first
`
`in/first out memory 8. See Carter, 4:23-30. Simultaneously, the packet is passed
`
`through filtering circuitry: “[T]he incoming signal is also passed via a shift register
`
`13 which extracts the destination address and the source address in parallel form to
`
`
`
`
`19
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 19 of 75
`
`

`

`Houh Declaration
`
`latches 14 and 15 which are switched by counters 16 enabled by the start of frame
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`signal from detector 9.” Carter, 4:40-45.
`
`41. The source address and the destination address are then “passed to
`
`comparators 17 and compared with the access rules previously stored in a database
`
`18.” Carter, 4:45-47. “If the comparators indicate that the frame is not in
`
`accordance with the rules contained in the database, then a signal is output via a
`
`delay 19 (serving to ensure that the source address will never be corrupted) to the
`
`multiplexer 7.” Carter, 4:54-58. This causes the multiplexer 7 “to transmit, for the
`
`remainder of the length of the frame, a meaningless sequence of digits (such as all
`
`1's, all 0's, a cyclically repeated sequence or a pseudo-random sequence) available
`
`to it from a sequence generator 20 instead of the incoming signal.” Carter, 4:58-62.
`
`In other words, “Data may be modified, when required, by corrupting it, as by
`
`overwriting a series of binary digits selected from all 1's, all 0's, cyclically repeated
`
`sequences and pseudo-random sequences.” Carter, 3:17-20.
`
`42. Whether data has been modified based on the comparison made by
`
`comparators 17, or not, it is transmitted through output multiplexer 11 to all ports:
`
`“Provided there are then at least 3 bits of data in the memory 8, the multiplexer 11
`
`is switched to begin reading out the data stored in the memory, and in the ordinary
`
`way will continue to do so until the complete frame has been received into and
`
`then read from the memory 8.” Carter, 4:34-39. Accordingly, Carter shows that it
`
`
`
`
`20
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 20 of 75
`
`

`

`Houh Declaration
`
`was well known to use a repeater to filter frames as they are being received and
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`transmitted, as well as to corrupt the frames when they do not meet filtering
`
`criteria.
`
`2.
`Summary of Maria
`43. Like Carter and the ’784 Patent, Maria relates to data packet filtering.
`
`See Maria, abstract. Maria describes a “dedicated data packet filtering processor”
`
`that looks “at the source IP address of each received data packet to determine if the
`
`source IP address matches one of the stored source IP addresses.” Maria, 2:34-36.
`
`Maria’s packet filter will then “either discard or forward the data packet depending
`
`on the processor configuration.” Maria, 2:37-39. Maria’s packet filter is shown
`
`below in Fig. 1.
`
`
`
`
`21
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 21 of 75
`
`

`

`Houh Declaration
`
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`
`
`Maria, Fig. 1
`
`
`
`44. Maria states that the packet filter “may be used in conjunction with a
`
`local area network and many end users (such as in a commercial or business
`
`environment), or a single end user computer (such as in a home environment).
`
`Further, the filtering processor may be connected to the Internet.” Maria 2:40-45.
`
`As shown in Fig. 1, the packet filtering processor 14 is placed between an external
`
`network (such as the Internet on the other side of router 12) and a local network 16
`
`or local computer:
`
`
`
`
`22
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 22 of 75
`
`

`

`Houh Declaration
`
`
`Inter Partes Review of U.S. 8,458,784
`
`The placement of packet filter processor 14 in a network is also variable
`depending on where a network designer would desire to control the in-
`flow or out-flow of packets between networks or network devices. In
`this embodiment of the invention, packet filter processor 14 is
`positioned at the only entry and exit point of either network 10 or 16,
`thereby controlling which packets enter either network. It can be
`appreciated, however, that packet filter processor 14 could be placed on
`an individual network device, such as a personal computer, thereby
`controlling the flow of packets only to the personal computer, or in any
`other strategic point within a network.
`
`Maria, 3:18-30.
`
`45. Maria also teaches that “[p]acket filter processor 14 has a restrictive
`
`mode and a permissive mode.” Maria, 6:20-21. “Restrictive mode refers to a
`
`condition where a select number of packets are to be passed, and all others
`
`blocked.” Maria, 6:21-23. “If processor 14 has been set to restrictive mode, and
`
`there is not a match at step 56, then the packet is dropped at step 64.” Maria, 6:37-
`
`39. Accordingly, Maria teaches a default-deny rule where if a packet cannot be
`
`determined as valid, it is dropped.
`
`3.
`Reasons to Combine Carter and Maria
`46. Carter provides evidence that it was well known to corrupt packets as
`
`they passed through a filtering device. Maria provides evidence that it was well
`
`known to provide filtering functionality between an internal network and an
`
`
`
`
`23
`
`
`
`
`
`Ex.1003
`CISCO SYSTEMS, INC. / Page 23 of 75
`
`

`

`Houh Declaration
`
`external network such as the Internet. Maria also provides evidence that it was
`
`Inter Partes Review of U.S. 8,458,784
`
`
`
`known to use a default-deny rule for packets not matching the filtering criteria.
`
`These features were known by POSITAs to be ubiquitous in the field of computer
`
`networking. For the reasons described below, a POSITA would have found it
`
`obvious to combine these concepts.
`
`a)
`Using Carter’s packet filter between an internal
`network and an external network.
`47. Carter teaches a packet filtering device. See Carter, abstract. As
`
`explained above at VIII.A.3, Carter’s repeater modifies frames as they are being
`
`received and transmitted. See Carter, abstract. This low-latency feature allows the
`
`repeater to comply with “delay limits imposed by the network specifications.”
`
`Carter, 1:45-46. Carter’s repeater also offers a variety of filtering criteria, including
`
`source address, destination address, control segment (e.g., frame length), and
`
`protocol identifier. See Carter, 2:6-8.
`
`48. Carter also describes that its device is not “exclusively” for Ethernet
`
`networks. See Carter, 1:26-32. A POSITA would have t