Officials from Barracuda Networks this week decried a patent complaint filed last year by Trend Micro that demands the firewall vendor remove virus-detection technologies -- developed using ClamAV open source code -- from its products.
The patent suit, filed against Spanish vendor Panda Software as well, could mean that millions of users of the ClamAV open source product could be potentially sued by Trend Micro, according to Dean Drako, Barracuda president and chief executive officer.
“Trend Micro's actions illustrate that ClamAV and other open source projects remain vulnerable to commercial patent holders attempting to unjustly hinder the free and open source community,” he said. “Trend Micro appears to be seeking an interpretation of [U.S. Patent No. 5,623,600] such that it would have exclusive control of gateway anti-virus scanning. Scanning for viruses at the gateway is an obvious and common technique that is utilized by most businesses worldwide.”
The U.S. International Trade Commission voted last month to investigate virus- and worm-removal technologies used in Panda and Barracuda solutions.
The inquiry was spurred by a complaint filed last November by Trend claiming that Barracuda and Panda violated section 337 of the Tariff Act of 1930 by transporting technologies into the United States that infringe a patent owned by Trend.
The case has been referred to ITC Administrative Law Judge Carl Charneski. An ITC spokesman said last week that one year is a reasonable timeframe for a ruling to be made. The ITC will set a target date for completing the investigation early next month.
Barracuda had filed for a declaratory judgment last March to invalidate Trend's patent.
Carolyn Bostick, Trend vice president and general counsel, told SCMagazineUS.com on Monday that the use of open source technologies was not the reason her company filed the ITC complaint.
“The issue is not open source. If you take a look at the patent, it refers to a process for scanning and removing malware,” she said.
A Panda representative could not be reached for comment.
Sourcefire, a Columbia, Md.-based network security vendor, acquired ClamAV in August of last year.
Trend Micro sued Fortinet, a unified threat management vendor, in 2004, alleging that the company had infringed on one of its patents in its network security software.
Fortinet settled with Trend nearly two years later for an undisclosed amount, ending legal proceedings in federal court, the ITC and a U.S. circuit court appeal of an earlier commission ruling.
Bostick said the Fortinet case sets a precedent for Trend's suit against Barracuda.
Barracuda, however, claimed that the ITC is the wrong venue for Trend to file such a complaint.
“Trend Micro's claim with the ITC is unfounded since the ITC generally oversees import issues,” said Drako.
54.7% of surveyed managers said at least one of their corporate subsidiaries were involved in a cyberattack chain launched against their company. SC Media spoke with experts from the research firm and cyber company that launched the study.