Legislation & Litigation , Network Detection & Response , Network Firewalls, Network Access Control

Cisco's $2.6 Billion Network Security Patent Infringement

Judge Says Cisco's Own Documents Showed It Infringed on 4 Centripetal Networks Patents
Cisco's $2.6 Billion Network Security Patent Infringement
Photo: Cisco Networks

How did one of the world's largest and most successful networking companies end up having to pay damages of more than $2.6 billion?

See Also: Live Webinar | Seeking Success by Adopting a SASE Architecture: en el idioma Español

The short answer: Patent infringement.

The longer answer: A competing firm accused Cisco of stealing its network protection system and was able to use Cisco's own technical documentation and internal communications to prove its case in court.

On Monday, after a 22-day bench trial in the U.S. District Court for the Eastern District of Virginia, a judge ruled that Cisco Systems, based in San Jose, California, had infringed on four patents held by threat intelligence vendor Centripetal Networks, based in Herndon, Virginia.

Cisco had signed a nondisclosure agreement with Centripetal after seeing a demonstration, which led to meetings that laid out precisely how the technology worked. The NDA stipulated that Cisco could only use the technology as part of a partnership.

In his 178-page opinion, U.S. District Judge Henry Morgan Jr. wrote: "The fact that Cisco released products with Centripetal's functionality within a year of these meetings goes beyond mere coincidence."

The judge also noted that the case was brought to trial as quickly as possible. "With the rapidly developing technology in the field, the court found it would not be in the public interest to delay the trial until the unknown time when courtrooms would open for traditional civil trials," he wrote.

The trial was first scheduled for April. Then, because of restrictions due to COVID-19, it was rescheduled to May 8 and held via Zoom, which was a first for a federal court case. Cisco had moved to have the trial conducted using its own Webex videoconferencing platform, but the court rejected that request.

Damages Owed: Up to $3.2 Billion

In his opinion, Morgan wrote that "Cisco did not advance any objectively reasonable defenses at trial" regarding the alleged patent infringement.

"The infringing functionality was added to their accused products post June 20, 2017, and resulted in a dramatic increase in sales which Cisco touted in both technical and marketing documents," he said.

As a result of the patent infringement, Morgan awarded actual damages of $785.8 million but multiplied that by a factor of 2.5 because Cisco's infringement had been "willful and egregious," equating to an award of $1.9 billion, plus $13.7 million in interest on the original amount, all "payable in a lump sum due on the judgment date."

In addition, the court imposed a 10% royalty on sales of the accused Cisco products "and their successors" for three years, followed by 5% for another three years. The judge said this must lead to a royalty payment of between $167.7 million and $300 million for the first three years and between $83.9 million and $150 million for the second three-year period.

Cisco apportioned revenue used to calculate the penalties imposed on Cisco by the court. (Source: Court documents)

In total, Cisco will owe Centripetal $2.6 billion to $3.2 billion.

Centripetal is "thrilled" with the ruling, COO Jonathan Rogers told Bloomberg, adding that "it's been a long time coming and was very hard fought."

Responding to the judge's decision, Centripetal attorney Paul Andre of Kramer Levin said in a statement: "With this judgment, the court rejected the primitive doctrine that might makes right. This is a significant win for all small, innovative companies."

Cisco has vowed to appeal the ruling before the Federal Circuit Court of Appeals. "We are disappointed with the trial court's decision given the substantial evidence of non-infringement, invalidity and that Cisco's innovations predate the patents by many years," a Cisco spokeswoman tells Information Security Media Group. "We look forward to the Federal Circuit's review on appeal."

Cisco declined to comment on the timing of any appeal. But the allowed time for such an appeal typically is 30 days.

Infringed: 4 Patents

The lawsuit Centripetal filed against Cisco on March 29, 2018, accused it of violating five of its U.S. patents.

Centripetal CEO Stephen Rogers met with a Cisco employee, Pavan Reddy, in 2015, resulting in another meeting at which Centripetal demonstrated its technology to Cisco, after which the two companies signed a nondisclosure agreement in January 2016 "requiring Cisco to keep Centripetal's confidential, proprietary or non-public information 'strictly confidential' and 'not use any Information in any manner ... other than solely in connection with its consideration of' a possible partnership," the judge wrote. He noted that Centripetal had demonstrated that Cisco's behavior resembled that of a company that was keen to acquire the technology.

In his ruling, Morgan found that four of the five patents had been infringed:

  • 9,203,806: Rule swapping in a packet network;
  • 9,560,176: Correlating packets in communications networks;
  • 9,686,193: Filtering network data transfers;
  • 9,917,856: Rule-based network-threat detection for encrypted communications.

Infringing Technology

Specific infringing Cisco technology singled out in the trial included:

  • Switches: 9000 series of Catalyst switches;
  • Routers: 1000 series Aggregation Services Router and 1000/4000 series Integrated Services Router;
  • Digital Network Architecture: DNA network management devices that create rules and policies for Cisco's switches and routers;
  • Stealthwatch: Collects security analytics to predict network threats;
  • Cisco firewalls: Five products containing packet filtering functionality, including the Adaptive Security Appliance (ASA) with Firepower, as well as four series of firewalls: the 1000, 2100, 4100 and 9300;
  • Identity Services Engine: Device that applies network-based security regardless of a user's location;
  • Encrypted Traffic Analytics: Deals with "the ability to track and analyze encrypted traffic in the network without decrypting said traffic," according to court documents; first announced by Cisco in June 2017;
  • Firepower Management Center: Configures and manages firewall devices on the network.

The judge's finding that Cisco willfully infringed on four patents won't bankrupt the company even if its appeal fails. As of July 31, the technology giant had $29.4 billion in cash reserves.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.