otter
·11· Anderson Richard L. aaa-ia
‘·1e» i . Corroon LLP Eggggg
y at Law
1313 North Market Street [email protected]
RO. Box 95l 302 984-6027 Direct Phone
Wilmington, DE l9899—0951 302 658-1192 Fax
302 984-6000
www.potterandersoi1.com
April 29, 2008
VIA ELECTRONIC FILING
The Honorable Sue L. Robinson
J. Caleb Boggs Federal Building
844 N. King Street
i Wilmington, DE 1980l
E Re: SRI International, Inc. v. Internet Security Systems , et al.
p C.A. No. 04-1199-SLR
Dear Judge Robinson:
4 Defendant Internet Security Systems, lnc. ("ISS") submits this letter to join in
. Symantec’s request that the Court rule as a matter of law on the issue of whether the asserted
claims ofthe ‘203 and ‘6l5 patents would have been obvious in view of the Emerald 1997
reference in combination with its internally—cited reference Intensive Activity 1991. ISS agrees
that this narrow issue is particularly ripe for summary judgment in view ofthe Federal Circuit’s
decision affirming that the Emerald 1997 reference anticipates the ‘2l 2 patent and in view of the
E Supreme Court’s recent KSR decision.
. Additionally, ISS urges the Court to rule on a single anticipation issue that was not
addressed by the Court’s prior summary judgment rulings. In particular, ISS requests that the
Court rule on the issue of whether the asserted claims ofthe ‘338 patent are anticipated by the
JiNa0 reference. (SQ Di. 297 at pp. 36-39). ISS does not believe that any supplemental
g briefing on that issue is necessary but would be happy to participate in a brief hearing or
argument if the Court would find it helpful. If the Court rules in favor of defendants on this
anticipation argument and the obviousness argument raised by Symantec and joined by ISS in
this letter, the entire case will be resolved in defendants’ favor.
E There are no genuine issues of material fact concerning this anticipation issue. SRI has
admitted that the JiNcz0 reference discloses building long—term and short-term statistical profiles
p and comparing those profiles to determine if the difference indicates suspicious network activity
(g D.l. 339 at pp. 25-29). SRl’s only argument is that those protiles are built from "audit data"
rather than from "network packets" as recited in the ‘338 claims. (ld.) This conclusory
_ argument is insufficient to raise a genuine issue of material fact. The Court has broadly
I construed the terms ‘°networl<" and "packet," as well as the limitation "building at least one long-
term and at least one sl1ort—term statistical prohle from at least one measure of network pacl
from "networl< pacl
Case 1 :04-cv-01199-SLR Document 501 Filed O4/29/2008 Page 2 of 2
The Honorable Sue L. Robinson
April 29, 2008
Page 2
In the early stage, intrusion detection system [sic] were designed around the
analysis of a single host’s audit trail. With the proliferation of computer
networks, many of the intrusion detection systems began to extend the techniques
to networks of computers. Most of the current network intrusion detection efforts
have taken on one ofthe following two approaches. One approach is to collect
data from separate hosts on a network for processing by a centralized intrusion
detection system [2][3]. The other approach is to target network trajyic at the
Q service and protocol levels [6] [7]. Our effort is close to the second approach with
Q a few exceptions. First we are interested in protecting network infrastructure and
particularly focus on routing and management capabilities. Therefore, the target
of analysis is mainly on specific protocol traffic instead of general traffic data.
(D,}. 301, Ex. J). SRl’s own expert conceded that the .liNao monitor analyzes network packets.
(D1. 301, Ex. V at pp. 210212). Accordingly, sumnrary judgment of invalidity is appropriate.
See eg., Liebel—Flarsheim Co. v. Medraot Inc., 481 F.3d 1371, l38l~83 (Fed. Cir. 2007)
(affinning summary judgment of anticipation as a matter of law); Celeritas Technologies, Ltd v.
Rockwell Int’l Corp., 150 F.3d 1354, 1360-61 (Fed. Cir. 1998) (hoiding district court erred by
not granting a motion for J MOL of anticipation).
As stated above, summary judgment on these two issues —— obviousness of the ‘203 and
i ‘615 claims and anticipation of the ‘338 claims —— would resolve all remaining claims in the case,
rendering a trial unnecessary.
Respectfully, o
1 /s/ Richard L. Horwitz
[ Richard L. Horwitz
fmsb
862134 /29434
cc: Clerk ofthe Court (via hand delivery)
Counsel of Record (via electronic mail)
United States Free Forms
Canada Free Forms
United Kingdom Free Forms
Australia Free Forms