`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`__________________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`__________________________
`
`NETSKOPE, INC.,
`Petitioner,
`v.
`FORTINET, INC.,
`Patent Owner.
`__________________________
`
`PTAB Case No. IPR2023-00459
`Patent No. 10,084,825
`__________________________
`
`DECLARATION OF MICHAEL FRANZ IN SUPPORT OF PETITION FOR
`INTER PARTES REVIEW OF U.S. PATENT NO. 10,084,825
`
`
`
`
`
`
`Netskope Exhibit 1002
`
`

`

`
`
`
`I. 
`
`TABLE OF CONTENTS
`
`II. 
`
`INTRODUCTION .......................................................................................... 1 
`A.  Qualifications ....................................................................................... 2 
`1. 
`Education ................................................................................... 2 
`2.  Work Experience ........................................................................ 2 
`3. 
`Publications ................................................................................ 6 
`4. 
`Curriculum Vitae ........................................................................ 7 
`B.  Materials Reviewed .............................................................................. 7 
`C. 
`Level of Ordinary Skill in the Art ........................................................ 8 
`D. 
`Summary of Opinions .......................................................................... 9 
`OVERVIEW OF THE TECHNOLOGY ...................................................... 10 
`A. 
`Priority Date of the Claims ................................................................. 10 
`B. 
`Overview of Relevant Technology When the ’825 Patent Was
`Filed .................................................................................................... 11 
`1. 
`Coordinated Work Existed Long Before Computers ............... 11 
`2. 
`Networked Computers Have Coordinated Their Work for
`Decades .................................................................................... 13 
`Computing “Appliances” ......................................................... 22 
`3. 
`The ’825 Patent .................................................................................. 23 
`C. 
`The Challenged Claims ...................................................................... 28 
`D. 
`Claim Construction ............................................................................ 28 
`E. 
`III.  UNPATENTABILITY OF THE ’825 PATENT CLAIMS ......................... 28 
`A. 
`Standards for Invalidity ...................................................................... 28 
`1. 
`Obviousness ............................................................................. 28 
`Ground I: Chandra renders claims 1-5, 12, 15, 16, 21, 22, and
`27 obvious. ......................................................................................... 30 
`1. 
`Claim 1 ..................................................................................... 33 
`2. 
`Claim 2 ..................................................................................... 48 
`3. 
`Claim 3 ..................................................................................... 50 
`
`B. 
`
`-i-
`
`Netskope Exhibit 1002
`
`

`

`
`
`C. 
`
`Claim 4 ..................................................................................... 51 
`4. 
`Claim 5 ..................................................................................... 53 
`5. 
`Claim 12 ................................................................................... 53 
`6. 
`Claim 15 ................................................................................... 54 
`7. 
`Claim 16 ................................................................................... 55 
`8. 
`Claim 21 ................................................................................... 55 
`9. 
`10.  Claim 22 ................................................................................... 56 
`11.  Claim 27 ................................................................................... 56 
`Ground 2: Chandra and Buruganahalli render claims 6, 7, 17,
`18, 23, 24, 28, and 29 obvious. .......................................................... 57 
`1.  Motivation to Combine ............................................................ 60 
`2. 
`Claim 6, 17, 23, and 28 ............................................................ 61 
`3. 
`Claims 7, 18, 24, and 29 .......................................................... 68 
`D.  Ground 3: Chandra and Kumar render claims 10 and 11
`obvious. .............................................................................................. 70 
`1.  Motivation to Combine ............................................................ 72 
`2. 
`Claim 10 ................................................................................... 72 
`3. 
`Claim 11 ................................................................................... 75 
`Ground 4: Chandra and Chandra-2 render claims 13, 14, 19, 20,
`25, 26, 30, and 31 obvious. ................................................................ 76 
`1. 
`Claims 13, 19, 25, 30 ............................................................... 76 
`2. 
`Claims 14, 20, 26, 31 ............................................................... 77 
`Ground 5: Keohane renders claims 1-5, 10-12, 15, 16, 21, 22,
`and 27 obvious. ................................................................................... 78 
`1. 
`Claim 1 ..................................................................................... 82 
`2. 
`Claim 2 ..................................................................................... 94 
`3. 
`Claim 3 ..................................................................................... 97 
`4. 
`Claim 4 ..................................................................................... 99 
`5. 
`Claim 5 ................................................................................... 101 
`6. 
`Claim 10 ................................................................................. 102 
`
`E. 
`
`F. 
`
`-ii-
`
`Netskope Exhibit 1002
`
`

`

`
`
`Claim 11 ................................................................................. 104 
`7. 
`Claim 12 ................................................................................. 104 
`8. 
`Claim 15 ................................................................................. 105 
`9. 
`10.  Claim 16 ................................................................................. 106 
`11.  Claim 21 ................................................................................. 107 
`12.  Claim 22 ................................................................................. 107 
`13.  Claim 27 ................................................................................. 108 
`G.  Ground 6: Keohane and Buruganahalli render claims 6, 7, 17,
`18, 23, 24, 28, and 29 obvious. ........................................................ 108 
`1.  Motivations to combine ......................................................... 108 
`2. 
`Claims 6, 17, 23, and 28 ........................................................ 109 
`3. 
`Claims 7, 18, 24, and 29 ........................................................ 112 
`H.  Ground 7: Keohane and Kumar render claims 10 obvious. ............. 115 
`1.  Motivation to Combine .......................................................... 115 
`2. 
`Claim 10 ................................................................................. 115 
`Ground 8: Keohane and Chandra-2 render claims 13, 14, 19,
`20, 25, 26, 30, and 31 obvious. ........................................................ 117 
`1. 
`Claims 13, 19, 25, 30 ............................................................. 117 
`2. 
`Claims 14, 20, 26, 31 ............................................................. 118 
`IV.  CONCLUSION ........................................................................................... 119 
`
`
`
`
`I. 
`
`-iii-
`
`Netskope Exhibit 1002
`
`

`

`
`
`
`
`Appendix A
`
`Appendix B 
`
`Appendix C
`
`Appendix D 
`
`
`
`LIST OF APPENDICES
`
`Curriculum Vitae of Michael Franz, Ph.D.
`
`National Security Agency/Central Security Service Information
`Assurance Directorate - Mobile Access Capability Package
`(June 19, 2015) 
`
`National Security Agency/Central Security Service Information
`Assurance Directorate - Multi-site Connectivity Capability
`Package (May 4, 2016)
`
`Litigation Summary of Michael Franz, Ph.D. 
`
`
`-iv-
`
`Netskope Exhibit 1002
`
`

`

`
`
`I.
`
`INTRODUCTION
`I, Michael Franz, have been retained by Petitioner Netskope, Inc.
`
`1.
`
`(“Petitioner”) to investigate and opine on certain issues relating to United States
`
`Patent No. 10,084,825 (“the ’825 patent”) (Ex. 1001) in their Petition for Inter
`
`Partes Review of that patent. The Petition requests that the Patent Trial and Appeal
`
`Board (“PTAB” or “Board”) review and cancel claims 1-7 and 10-31 of the ’825
`
`patent. I have analyzed the claims of the ’825 patent in numerical order.
`
`2.
`
`The opinions set forth in this declaration are based on my personal
`
`knowledge, my professional judgment, and my analysis of the materials and
`
`information referenced in this declaration and its exhibits.
`
`3.
`
`I am being compensated for consulting services, including time spent
`
`testifying at any hearing that may be held, at my standard consulting rate of $750
`
`per hour. I am also reimbursed for reasonable and customary expenses associated
`
`with my work in this case. I receive no other forms of compensation related to this
`
`case. My compensation does not depend on the outcome of this inter partes review
`
`or the co-pending district court litigation and inter partes reviews, and I have no
`
`other financial interest in this inter partes review.
`
`4.
`
`5.
`
`I understand that the ’825 patent has been assigned to Fortinet, Inc.
`
`This declaration is based on the information currently available to me.
`
`To the extent that additional information becomes available, I reserve the right to
`
`-1-
`
`Netskope Exhibit 1002
`
`

`

`
`
`continue my investigation and study, which may include a review of documents and
`
`information that may be produced, as well as testimony from depositions that have
`
`not yet been taken.
`
`A. Qualifications
`1.
`Education
`I completed my undergraduate studies with a Diplomingenieur from the
`
`6.
`
`Swiss Federal Institute of Technology in Zurich (“ETH Zurich”) in 1989. In 1994,
`
`I obtained my Doctorate of Technical Sciences from ETH Zurich. My dissertation
`
`was entitled “Code-Generation On-the-Fly: A Key to Portable Software.”
`
`2. Work Experience
`I am a tenured Full Professor of Computer Science in the Donald Bren
`
`7.
`
`School of Information and Computer Sciences at the University of California, Irvine
`
`(“UCI”). I am also, by courtesy, a Full Professor of Electrical Engineering and
`
`Computer Science in the Henry Samueli School of Engineering at UCI. In 2016, the
`
`University awarded me the title of distinction of “Chancellor’s Professor” and in
`
`2022, I was further elevated to “Distinguished Professor,” the highest campus-level
`
`title of distinction at my university.
`
`8.
`
`I have served as a visiting professor at ETH Zurich, the University of
`
`Klagenfurt in Austria, the Technical University of Brunswick, and the University of
`
`Ulm in Germany.
`
`2
`
`Netskope Exhibit 1002
`
`

`

`
`
`9.
`
`I have been elevated to Fellow of the Institute of Electrical and
`
`Electronics Engineers (IEEE), the global engineering society. Fellow is the highest
`
`of three grades of membership that are awarded based on merit. In every year, IEEE
`
`limits the number of new Fellows to one tenth of one percent of the membership,
`
`which currently stands at about 400,000 members.
`
`10.
`
`I have also been elevated to Fellow of the Association for Computing
`
`Machinery (ACM), the global professional society for computer scientists. Fellow
`
`is the highest of ACM’s four grades of membership. ACM’s rules for Fellows are
`
`even more restrictive than IEEE’s, limiting the total number of Fellows in absolute
`
`terms to 1% of the membership, which currently stands at about 100,000 members.
`
`In recent years, ACM has typically elevated no more than 50 individuals to Fellow
`
`status in a single year; in 2015, the year I was advanced, there were 42 new Fellows.
`
`11.
`
`I have also been elevated to Fellow of the American Association for the
`
`Advancement of Science (AAAS), the world's largest general scientific society, with
`
`over 120,000 members.
`
`12. Lastly, I am a member of the inaugural cohort of Fellows of the
`
`International Federation for Information Processing (IFIP), the global organization
`
`for researchers and professionals working in the field of computing. Established in
`
`1960 under the auspices of UNESCO, IFIP is recognized by the United Nations and
`
`links some 50 national and international societies and academies of science with a
`
`3
`
`Netskope Exhibit 1002
`
`

`

`
`
`total membership of over half a million professionals. IFIP is an international, non-
`
`governmental organization that operates on a non-profit basis.
`
`13.
`
`In April of 2021, the Association for Computing Machinery (ACM)
`
`named me the recipient of the ACM Charles P. “Chuck” Thacker Breakthrough in
`
`Computing Award. This is the third highest award across all of computer science
`
`given by a professional society, behind only the Turing Award (“the Nobel Prize of
`
`Computing”) and the ACM Prize in Computing (for early to mid-career
`
`contributions).
`
`14. Furthermore, I am a recipient of the IEEE Computer Society’s
`
`Technical Achievement Award. At most 5 of these awards are given annually by
`
`the IEEE Computer Society, the largest of the IEEE’s technical societies with a
`
`current membership of more than 60,000 members. I am also a recipient of the
`
`Humboldt Research Award, also known as the “Humboldt Prize.” The award, given
`
`by the Alexander von Humboldt Foundation of Germany and funded by the German
`
`federal government, recognizes renowned researchers outside of Germany whose
`
`“fundamental discoveries, new theories or insights have had a significant impact on
`
`their own discipline and who are expected to continue producing cutting-edge
`
`achievements in the future.” It is the highest award given by the Foundation to
`
`researchers based outside of Germany.
`
`4
`
`Netskope Exhibit 1002
`
`

`

`
`
`15.
`
`I have led pioneering research on both the security and the performance
`
`aspects of downloadable code in client-server settings such as what we today call
`
`“Web 2.0.” Two of my six awarded U.S. Patents concern themselves with security
`
`aspects of such programs downloaded over a network, one concerns itself with
`
`performance aspects of such code, while two further patents concern themselves
`
`with detecting and preventing malware attacks in general.
`
`16. My research has had a real and lasting impact on a great many people.
`
`I am the co-inventor (with one of my former Ph.D. students) of the “Trace Tree”
`
`compilation technique, for which the United States Patent and Trademark Office has
`
`awarded U.S. Patent No. 8,769,511. I collaborated with the non-profit Mozilla
`
`Foundation to incorporate this technique into the Firefox web browser, where it
`
`became the basis of the “TraceMonkey” JavaScript engine, eventually used by
`
`several hundred million people every day.
`
`17. Over the course of my career so far, I have been the Principal
`
`Investigator on several high-profile research projects with a total budget of well over
`
`$20M. My expertise in software systems with distinct emphases on the security and
`
`performance of client-server and mobile computing has been sought out repeatedly
`
`by the Federal Government, and I have been participating in many high-level
`
`invitation-only meetings on Critical Infrastructure Protection and on Cyber Security
`
`organized by the National Intelligence Community, the Department of Defense, the
`
`5
`
`Netskope Exhibit 1002
`
`

`

`
`
`Department of Homeland Security, and the Department of Energy. The
`
`overwhelming majority of the federally-funded projects that I have worked on over
`
`the course of my career have been related to computer security.
`
`18. Before I reached the maximum allowed number of consecutive terms
`
`on the editorial board, I was an Associate Editor of one the flagship journals of the
`
`IEEE, the IEEE Transactions on Dependable and Secure Computing (TDSC). I have
`
`also served on the editorial boards of two further peer-reviewed scholarly journals
`
`focusing on software engineering, Software  Practice and Experience (SPE) and
`
`Computer Science  Research and Development (CSRD). I have served on the
`
`program committees of most major academic conferences that are related to the
`
`various themes of my research. I have served as the primary advisor to 35 completed
`
`Ph.Ds. and currently serve as the primary advisor on several further dissertations in
`
`progress.
`
`3.
`Publications
`In addition to my dissertation, I co-authored “Automated Software
`
`19.
`
`Diversity,” released in 2015.
`
`20.
`
`I have published 36 reviewed journal and magazine articles since 1993,
`
`and well over 100 conference and workshop papers.
`
`21.
`
`I am an inventor on six issued U.S. patents.
`
`6
`
`Netskope Exhibit 1002
`
`

`

`
`
`4.
`Curriculum Vitae
`22. A copy of my curriculum vitae is attached as Appendix A to this
`
`declaration.
`
`B. Materials Reviewed
`23. My opinions expressed in this declaration are based on documents and
`
`materials identified in this declaration, including the ’825 patent and its prosecution
`
`history, the prior art references and background materials discussed in this
`
`declaration, and the other references specifically identified in this declaration. I have
`
`considered these materials in their entirety, even if only portions are discussed here.
`
`The following is an exemplary list of materials on which I based my opinions.
`
`Ex. 1001
`
`U.S. Patent No. 10,084,825 to Xu (“the ’825 patent”)
`
`Ex. 1003
`
`File History of U.S. Patent No. 10,084,825
`
`Ex. 1004
`
`U.S. Patent Application Publication 2007/0204018 A1 (“Chandra”)
`
`Ex. 1005
`
`Ex. 1006
`
`Ex. 1007
`
`Ex. 1008
`
`U.S. Patent Application Publication 2014/0282843 A1
`(“Buruganahalli”)
`U.S. Patent Application Publication 2009/0144818 A1 (“Kumar”)
`
`U.S. Patent Application Publication 2017/0093917 A1 (“Chandra-
`2”)
`U.S. Patent Application Publication 2008/0134332 A1 (“Keohane”)
`
`Ex. 1009
`
`Microsoft Computer Dictionary Fifth Edition (2002)
`
`Ex. 1010
`
`U.S. Patent Publication 2006/0156401 A1 (“Newstadt”)
`
`Ex. 1011
`
`U.S. Patent Publication 2007/0237147 A1 (“Quinn”)
`
`7
`
`Netskope Exhibit 1002
`
`

`

`
`
`
`
`Appendix B
`
`Appendix C
`
`National Security Agency/Central Security Service Information
`Assurance Directorate - Mobile Access Capability Package (June
`19, 2015)
`National Security Agency/Central Security Service Information
`Assurance Directorate - Multi-site Connectivity Capability Package
`(May 4, 2016)
`
`24.
`
`I have also relied on my own experience and expertise in computer
`
`systems and computer systems security.
`
`C. Level of Ordinary Skill in the Art
`25.
`I am not an attorney and offer no legal opinions. I have been informed
`
`about certain aspects of the law for purposes of my analyses and opinions.
`
`26.
`
`I understand that in analyzing questions of invalidity and infringement,
`
`the perspective of a person having ordinary skill in the art (“POSITA”) is often
`
`implicated, and the Court may need assistance in determining that level of skill.
`
`27.
`
`I understand that the claims and written description of a patent must be
`
`understood from the perspective of a POSITA. I have been informed that the
`
`following factors may affect the level of skill of a POSITA: (1) the educational level
`
`of the inventor; (2) the type of problems encountered in the art; (3) the prior-art
`
`solutions to those problems; (4) the pace of innovation; (5) the sophistication of the
`
`technology; and (6) the educational level of active workers in the field. A person of
`
`ordinary skill in the art is also a person of ordinary creativity in the art.
`
`8
`
`Netskope Exhibit 1002
`
`

`

`
`
`28. Based on my experience in network security system design and network
`
`workflow coordination, as well as my reading of the ’825 patent, it is my opinion
`
`that a person of ordinary skill with respect to the subject matter of the ’825 patent at
`
`the time of the alleged priority date of the ’825 patent in May 2017 would have had
`
`at least a B.S. degree in computer science, computer engineering, or electrical
`
`engineering (or equivalent experience) and would have had at least two years or
`
`more of practical experience with computer networking and computer security. This
`
`definition is flexible and additional educational experience in computer science
`
`could make up for less work experience and vice versa.
`
`29.
`
`I am at least a person of ordinary skill in the art and was so on the date
`
`to which the ’825 patent claims priority. As shown by my qualifications and my
`
`curriculum vitae attached as Appendix A, I am aware of the knowledge and skill
`
`possessed by a person of ordinary skill in the art at the time of the priority date of
`
`the ’825 Patent. In performing my analysis, I have applied the standard set forth
`
`above.
`
`D.
`30.
`
`Summary of Opinions
`I have reviewed and analyzed the ’825 Patent.
`
`31. Based on my review and analysis, it is my opinion that claims 1-7 and
`
`10-31 of the ’825 Patent are invalid based on the following grounds:
`
`Ground Basis Reference(s)
`1
`§ 103
`Chandra
`
`Challenged Claims
`1-5, 12, 15, 16, 21, 22, 27
`
`9
`
`Netskope Exhibit 1002
`
`

`

`
`
`
`
`2
`3
`4
`5
`6
`7
`8
`
`Chandra + Buruganahalli
`§ 103
`Chandra + Kumar
`§ 103
`Chandra + Chandra-2
`§ 103
`§ 103 Keohane
`§ 103 Keohane + Buruganahalli
`§ 103 Keohane + Kumar
`§ 103 Keohane + Chandra-2
`
`6, 7, 17, 18, 23, 24, 28, 29
`10, 11
`13, 14, 19, 20, 25, 26, 30, 31
`1-5, 10-12, 15, 16, 21, 22, 27
`6, 7, 17, 18, 23, 24, 28, 29
`10
`13, 14, 19, 20, 25, 26, 30, 31
`
`II. OVERVIEW OF THE TECHNOLOGY
`A.
`Priority Date of the Claims
`32.
`I have been informed that a U.S. patent application may claim the
`
`benefit of the filing date of an earlier patent application if the earlier patent
`
`application disclosed each limitation of the invention claimed in the later-filed U.S.
`
`patent application. I have also been informed that priority is determined on a claim-
`
`by-claim basis so that certain claims of a patent may be entitled to the priority date
`
`of an earlier-filed patent application even if other claims of the same patent are not
`
`entitled to that priority date.
`
`33.
`
`I have also been informed that a patented claim is invalid if the claimed
`
`invention was patented, described in a printed publication, or in public use, on sale,
`
`or otherwise available to the public before the effective filing date of the claimed
`
`invention, or the claimed invention was described in an issued patent or a published
`
`patent application that was effectively filed before the effective filing date of the
`
`claimed invention.
`
`34.
`
`I understand that the ’825 patent claims a priority date of May 8, 2017.
`
`10
`
`Netskope Exhibit 1002
`
`

`

`
`
`B. Overview of Relevant Technology When the ’825 Patent Was
`Filed
`1.
`Coordinated Work Existed Long Before Computers
`35. The concept of coordinating workflow via “routing slips” on which
`
`different parties “signed off” their task items as the routing slip was passed from one
`
`such party to the next is very old. As an example, the picture below (from the
`
`National Archives, dated August 1943) shows a routing slip used for distributing an
`
`ordnance pamphlet to members of the United States Pacific Fleet.
`
`11
`
`Netskope Exhibit 1002
`
`

`

`
`
`
`36. As can be seen in the example, there were different parties that each
`
`needed to perform a specific task on the payload that was being routed. The specific
`
`tasks that different parties performed were not explicit from the routing slip (above),
`
`but such tasks would have been separately specified in advance in the form of, e.g.,
`
`workplace manuals, for many organizations. Each party of the organization would
`
`12
`
`Netskope Exhibit 1002
`
`

`

`
`
`have a clear understanding of not just its own tasks, but also the tasks that other
`
`parties were performing.
`
`37. After completing their respective tasks, parties attached their unique
`
`signature certifying their fulfillment of their specific tasks and passed the complete
`
`packet (routing slip and payload) to the next party. Besides the previously specified
`
`standardized tasks, the routing slip also provided for the signed attestations of
`
`additional tasks performed (e.g., “copy filed in conf. cabinet”). At any time, a
`
`recipient of the routing slip could verify (by checking the signature) which other
`
`recipient(s) had already performed their tasks and would know what the respective
`
`tasks assigned to other recipient consisted of. Based on the assumption that each
`
`previous party had actually performed all of the tasks assigned to them, a recipient
`
`could then elect to skip the tasks already performed, or could possibly repeat them.
`
`2.
`
`Networked Computers Have Coordinated Their Work for
`Decades
`38. The ’825 patent describes mechanisms that replicate these well-known
`
`concepts in the context of computer networks.
`
`39. By
`
`the early 2000’s, most businesses and medium
`
`to
`
`large
`
`organizations were deploying computer networks and the general public had become
`
`aware of the threat of computer viruses, worms, and other malware. An outright
`
`computer security industry had emerged, offering a wide array of computer security
`
`products, both hardware and software. A company or organization would often
`
`13
`
`Netskope Exhibit 1002
`
`

`

`
`
`purchase an array of different solutions from different vendors to build and secure
`
`their network; for example, a company might purchase firewalls and routers in
`
`addition to virus/malware detection and mitigation products. Consequently, such
`
`networks might contain a hodgepodge of products potentially performing partially
`
`overlapping tasks.1
`
`40. To address this problem, a slew of developments were made to improve
`
`device coordination. For example, below are four examples of patent literature
`
`dating long before the ’825 patent that show how POSITAs were attuned to the
`
`problem of uncoordinated devices and to solving that problem by having each device
`
`in a sequence indicate (by adding additional signaling information, which the
`
`different prior solutions variously refer to as “tagging the network traffic” and
`
`“adding signature headers”) what action(s) it had performed so that downstream
`
`devices could determine which action(s) they still needed to perform.
`
`A. U.S. Patent Publication 2006/0156401 A1 (“Newstadt”), filed
`
`January 12, 2005
`
`14
`
`
`
` See U.S. Patent No. 8,000,329, 1:26-60.
`
` 1
`
`Netskope Exhibit 1002
`
`

`

`
`
`210
`
`
`TAG THE NETWORK TRAFFIC
`
`
` ACQUIRE THE NETWORK'S
`TO INDICATE SECURITY
`SECURITY POLICY
`
`TECHNOLOGIES APPLIED IN
`STEP 230
`
`220
`DETERMINE SECURITY
`
`
`TECHNOLOGIES TO BE APPLIED
`
`
`TO NETWORK TRAFFIC
`
`
`TRANSMIT THE NETWORK
`TRAFFIC TO THE NEXT
`NETWORKDEVICE
`
`
`
`
`
`
`
`
`
`
`DETERMINE SECURITY
`
`
`225
`TECHNOLOGIES THAT HAVE
`
`
`BEEN APPLIED TO NETWORK
`TRAFFIC
`
` BASED ON THE RESULTS FROM
`
`230
`STEPS 220 AND 225, APPLY
`
`SECURITY TECHNOLOGIES
`THAT ARE AVAILABLE TO THE
`NETWORK DEVICE TO THE
`
`Fig. 2
`
`
`
`15
`15
`
`Netskope Exhibit 1002
`
`Netskope Exhibit 1002
`
`

`

`
`
`
`B. U.S. Patent Publication No. 2008/134332 A1 (“Keohane”), filed
`
`December 4, 2006
`
`16
`
`Netskope Exhibit 1002
`
`

`

`
`
`
`C. U.S. Patent Publication 2007/0204018 A1 (“Chandra”), filed
`
`February 24, 2006
`
`17
`
`Netskope Exhibit 1002
`
`

`

`
`
`D. U.S. Patent Publication 2007/0237147 A1 (“Quinn”), filed April
`
`
`
`7, 2006
`
`18
`
`Netskope Exhibit 1002
`
`

`

`
`
`
`41. One known method for coordinating actions was to use information in
`
`packets. In particular, as people of ordinary skill in the art (and even many laypeople)
`
`would know, computer network packets typically are composed of a “header” and a
`
`“payload”. A header contains the network routing information as well as space for
`
`19
`
`Netskope Exhibit 1002
`
`

`

`
`
`additional information (such as “flags” and other fields). A payload contains the
`
`data content of the network packet.
`
`42. The widely used TCP header format provides for a variable number of
`
`“option” bytes that can be added to a TCP packet header. These “option” bytes
`
`provide a simple mechanism for future extensibility of the format without losing
`
`backward compatibility with devices that are not aware of the extension. For
`
`example, such an extension might add extra data (such as additional flags and other
`
`fields) to TCP packets for a specific purpose. Downstream network devices that are
`
`unaware of the semantics of such option bytes are able to simply skip over them and
`
`hence remain backward compatible with the previous standard, while suitably
`
`programmed downstream network devices can decode the content of the option
`
`bytes and act on the extra information. Hence, option bytes provide a convenient
`
`channel to communicate additional information in a network to downstream devices
`
`without having to modify the payload and without losing backward-compatibility
`
`with devices that are unaware of these extensions.
`
`43. The ability to use headers for coordinating actions was well-known
`
`over a decade before the ’825 patent. For example, Newstadt, filed in 2005,
`
`disclosed placing a security marker in a packet header. The security marker could
`
`include a list of security technologies that had been applied to the network traffic.
`
`Alternatively, it could include a list of security technologies that had not been
`
`20
`
`Netskope Exhibit 1002
`
`

`

`
`
`applied to the network traffic. The security marker could be authenticated using a
`
`public key signature scheme. The information in the header could be used by
`
`downstream devices to determine which security technologies had not yet been
`
`applied to the network traffic and which operations they still needed to perform.2
`
`44. As another example, Quinn, filed in 2006, disclosed using packet
`
`headers to specify the actions to be performed on a packet as it progressed through
`
`network appliances and updating the packet header as it progressed through the
`
`different modules.3
`
`45.
`
`In the context of these well-known techniques, the ’825 patent describes
`
`just another application of using this conventional mechanism for encoding “flags”
`
`in the packet header:
`
`The flag may be preferably added to the Internet Protocol
`(IP) options field of the original network packet, although
`other fields, such as type of service (TOS) field, may also
`be used. The member node may extract the flag that is set
`by the other member node from these fields of the
`incoming packet.
`(’825 patent, 6:59-64.) “Flag” and “member node,” in turn, correspond directly to
`
`information that were expressed on a traditional paper routing slip as in the 1943
`
`example (above), in which “member node” corresponds to a party on the paper
`
`21
`
`
`
` 2
`
` Newstadt, ¶¶ 29-34.
`3 Quinn, ¶¶ 39-50.
`
`Netskope Exhibit 1002
`
`

`

`
`
`routing slip and “flag” corresponds to the task and human signature associated with
`
`that party.
`
`46. For example, the ’825 patent states:
`
`At block 304, the member node may determine what
`network security operations have been performed on the
`incoming packet by the member nodes at previous hops.
`In one example, the member node may assume that all
`security operations that the member nodes at previous
`hops are capable of executing have been performed when
`a flag associated with a member node is present within the
`incoming packet. In another example, the flag is added to
`each packet to indicate that one or more security
`operations have been executed by the flagging member
`node and other member nodes along the transmission path
`do not need to execute the same operation again.
`
`(’825 patent, 7:33-45.) This mechanism is no different at all from the workflow
`
`coordination
`
`typically accomplished
`
`through routing slips by paper-based
`
`organizations eighty years ago. It describes exactly the division of labor that forms
`
`the core management principle of any competent organization. In my opinion, there
`
`is no innovative concept here at all.
`
`3.
`Computing “Appliances”
`47. The early 2000’s also saw the emergence into widespread use of the
`
`term “appliance computing” and the related concept of an “appliance” (such as
`
`“computing appliance,” “network appliance,” “security appliance,” “