Symantec Files Patent Suit Against Zscaler

Symantec on Monday filed a patent infringement lawsuit against cloud-based security firm Zscaler, accusing the company of violating seven of Symantec’s patents within Zscaler products.

Filed in the U.S. Federal District Court for the District of Delaware, the patents in question cover a variety of network security technologies including web security, data loss prevention, threat prevention, access control and antivirus techniques. 

The complaint accuses Zscaler of gaining momentum in the marketplace “through unlawful use of the technology claimed in the Patents-in-Suit.” 

Founded in 2008 by CEO Jay Chaudhry, Zscaler offers cloud-based security solutions used by more than 15 million users across more than 5,000 enterprises and government organizations worldwide.

“Symantec and Zscaler are direct competitors in the network security space, and Zscaler’s infringement of the Patents-in-Suit is causing Symantec irreparable harm,” the complaint states.

“We have an obligation to our customers and our shareholders to defend our intellectual property when we believe it has been infringed, and the lawsuit filed against Zscaler is intended to stop them from copying our pioneering technologies in network security,” Scott Taylor, Symantec’s Executive Vice President, General Counsel and Secretary, said in a statement.

Symantec currently maintains a portfolio of more than 2,000 United States patents, and the company is taking the legal route in order to protect its intellectual property and product strategy. 

Symantec did not approach Zscaler on the patent matter before filing suit, as Zscaler says it first became of aware of the complaint after Symantec’s announcement on Monday. 

“We learned of Symantec’s lawsuit from their press release issued earlier this afternoon and are in the very early stages of assessing their claims,” Robert Schlossman, Chief Legal Officer at Zscaler, told SecurityWeek. “While we are unable to comment on the merits of their claims at this time, we defend ourselves vigorously against lawsuits of this nature.”

After completing the sale of its Veritas information management (IM) business early this year, Symantec has become a pure-play cybersecurity company, and the company is now looking to expands its position in the enterprise market.

Earlier this year, Symantec acquired Blue Coat Systems for roughly $4.65 billion in cash, and has made several product announcements, including its new Symantec Endpoint Protection Cloud (SEPC) security solution designed to marry old and new endpoint technologies in a single easy-to-use product. Additionally, Symantec last month announced the single largest upgrade to its flagship Symantec Endpoint Protection: SEP14. 

The complaint seeks an award of three times the amount found by the jury or assessed by the Court of damages “adequate to compensate Symantec for Zscaler’s infringement of the Patents-in-Suit, including both pre- and post- judgment interest and costs as fixed by the Court,” along with a corresponding award of attorney fees incurred in connection with the litigation.

In more detail, Symantec says that the Zscaler Enforcement Node or “ZEN” component infringes one or more of the Patents-in-Suit, as described here:

• U.S. Patent No. 6,279,113, titled “Dynamic Signature Inspection-Based Network Intrusion Detection,” issued by the United States Patent and Trademark Office (“USPTO”) on August 21, 2001.

• U.S. Patent No. 7,203,959, titled “Stream Scanning Through Network Proxy Servers,” was issued by the USPTO on April 10, 2007. 

• U.S. Patent No. 7,246,227, titled “Efficient Scanning of Stream Based Data,” was issued by the USPTO on July 17, 2007. 

• U.S. Patent No. 7,392,543, titled “Signature Extraction System and Method,” issued by the USPTO on June 24, 2008. 

• U.S. Patent No. 7,735,116 (“the ’116 Patent”), titled “System and Method for Unified Threat Management With a Relational Rules Methodology,” issued by the USPTO on June 8, 2010. 

• U.S. Patent No. 8,181,036, titled “Extrusion Detection of Obfuscated Content,” issued by the USPTO on May 15, 2012. 

• U.S. Patent No. 8,661,498, titled “Secure and Scalable Detection of Preselected Data Embedded In Electronically Transmitted Messages,” issued by the USPTO on February 25, 2014. 

Symantec also said that it continues to investigate and will file further claims if additional infringements are identified.