Network Security

Palo Alto Networks latest security giant accused of patent infringement

Centripetal Networks filed a lawsuit this month accusing Palo Alto of violating 12 separate patents for systems or policies designed to enhance network security. Seen here, an aerial view of Palo Alto's Santa Clara campus. (Palo Alto)

A company is suing Palo Alto Networks for patent infringement, alleging that proprietary technologies were demonstrated to the cybersecurity giant, who then used in a number of its major security products and systems.

The episode highlights the peril that some companies face in the preliminary stage of business discussions, before any formal agreements are reached and in some cases after sensitive intellectual property is shared.

The lawsuit, filed March 12 in the Eastern District Court of Virginia by Centripetal Networks, accuses Palo Alto of violating 12 separate patents for systems or policies designed to enhance network security.

It is worth noting that Centripetal has pursued – and won – patent cases against other industry titans in the past for incorporating its security innovations. Last October a judge ordered Cisco Systems to pay $1.9 billion in damages, ruling the company copied at least four of Centripetal's patented software and network security designs in their switches, routers and firewalls. The court denied Cisco a new trial earlier this week. Centripetal also filed successful patent cases against Keysight Technologies and Ixia.

In this latest complaint, the company's lawyers say intellectual property from the 12 patents was taken and used in numerous Palo Alto Networks security products, including its next-generation firewall, its network security management tool Panorama, its artificial intelligence security operations platform Cortex, its analysis software MineMeld and its DNS security service. Many of the innovations deal with specific methods for filtering network traffic data and rule-based network threat detection.

Most of the established details of the case thus far come from documents filed by the accuser, Centripetal. Palo Alto Network’s lawyers have yet to file a response to the complaint in court, and a company spokesperson told SC Media they do not comment on pending litigation.

Centripetal's lawyers claim that in 2016, its CEO and founder held several meetings and telephone calls with Palo Alto executives to discuss a threat intelligence partnership. Those meetings included technical overviews of Centripetal’s patented technologies, along with a non-disclosure agreement between the two parties.

“Upon executing the [agreement], Centripetal disclosed details about its proprietary patented technology and confidential details about…how Centripetal’s technical solution works, why it works, why it is effective and its strategic business strategies in the marketplace for its technical solution.”

They claim that after those details were disclosed, executives at Palo Alto Networks relayed that they were not interested in following up on the partnership opportunity. A year later, the two companies were in talks about a potential investment from Palo Alto Networks. That led to a technical meeting between Centripetal and the creator and lead developer of Minemeld to discuss potential ways to integrate their products. This also included a non-disclosure agreement between the two parties, and the Minemeld team requested and received additional technical documentation on the company’s network security technologies following the meetings.

Lawyers for Centripetal allege that Palo Alto Networks “engaged in willful infringement and egregious behavior warranting enhanced damages” by “purposefully and voluntarily plac[ing] one or more of their infringing products and/or services…into the stream of commerce,” causing irreparable harm and financial loss.

Centripetal argues that despite these and other interactions, Palo Alto made no effort to design their products in a way that would avoid infringing of their patents and exhibited “knowledge and/or willful blindness” of the company’s patented innovations. They’re asking the court for enhanced damages and an injunction preventing Palo Alto Networks from further infringing on their intellectual property.

Palo Alto Networks reported strong earnings over the past year, with CEO Nikesh Arora specifically praising the company’s AI, SASE, firewall and next generation security service business lines in recent quarterly financial reports.

Thomas Zych, a partner at Thompson Hines with a background giving counsel to companies on cybersecurity and technology legal matters, told SC Media that in the early portions of partnership exchanges, some executives are overly confident about the prospects of a business deal in a way that can make them careless about what they disclose.

Having good discipline and being aware and measured about what a company is prepared to disclose is often a key consideration. Playing it by ear or thinking "let's just see what happens" is often not advisable.

"You always have to think about 'how would this look in hindsight?' At the beginning everyone is optimistic, you’re courting each other and there’s a lot of expansiveness in the discussions," said Zych. "It all comes down to good discipline and planning for the process and really being measured as to how you do it."

He also said the concerns go both ways: a company may already be working on a similar technology at the time they're meeting another business. Non-disclosure agreements are a starting place, but otherwise boilerplate language – like the definition of confidential information – can be a flashpoint leading to differing interpretations if not accurately scoped. A business may also want to consider screening out any employees who work on developing similar products or may be in a position to do so in the future.

"You're going to want to limit it to those that are absolutely necessary, you want to segregate people out who are otherwise involved in your product development," said Zych. "There's a temptation to go to them and ask 'Jeez, what does this look like?' And you're now potentially infecting them with knowledge of what the competitor's doing that's under a NDA, so really think very carefully at each stage who needs to be involved and who needs to see the information."

Derek B. Johnson

Derek is a senior editor and reporter at SC Media, where he has spent the past three years providing award-winning coverage of cybersecurity news across the public and private sectors. Prior to that, he was a senior reporter covering cybersecurity policy at Federal Computer Week. Derek has a bachelor’s degree in print journalism from Hofstra University in New York and a master’s degree in public policy from George Mason University in Virginia.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.