There was a story in the news recently where one prominent network security vendor was accusing another vendor of infringing on its patents regarding firewall technology. Our organization is considering purchasing the allegedly infringing product, but we don't want to have the product be discontinued or significantly changed down the road. Is this a legitimate concern?
Ask a question
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)
I assume you’re referring to the ongoing patent dispute between Juniper Networks Inc. and Palo Alto Networks Inc. over next-gen firewall technology. The intellectual property issues in question here are likely to remain entangled in the courts for quite some time, so I wouldn’t wait for them to be resolved before making your decision.
Almost every technology vendor out there has some sort of ongoing patent litigation and, more likely than not, they are on both sides of those lawsuits. Except in unusual circumstances, such as a small vendor with its core technology threatened, I would not let the gathering patent storm clouds influence your vendor decision in any major way. Some lawsuits gain widespread publicity because prominent individuals or vendors are involved, but most disputes of this nature proceed under the radar until they reach a quiet resolution.
In this particular case, there is little risk that Juniper’s accusations will drive Palo Alto Networks out of business. Firewalls are Palo Alto’s “bread and butter”, and it is not going to exit that market without putting up the fight of its life. The most likely scenario is that the two companies will reach a settlement that involves some one-time payment or a licensing of the technology. These are issues that may affect stockholders’ perceptions of the firm, but should not affect them from a security professional’s point of view. Even in the worst-case scenario, where Palo Alto is somehow forced out of business or into an acquisition, there is too large of a deployed base out there for the product to be completely abandoned. Juniper, or some other vendor, would probably assume support responsibilities for the line.
To be clear, the worst-case scenario described above is highly unlikely. Since this particular legal battle isn't slated to go to trial until early 2014, barring a settlement, it will remain in the headlines for a while. That said, while it's worth noting when it's time to make a purchasing decision, it shouldn't be a determining factor either way.
Dig deeper on Security Industry Market Trends, Predictions and Forecasts
Related Q&A from Mike Chapple, Enterprise Compliance
Should companies obtain U.S. security clearance to join the Enhanced Cybersecurity Services program? Mike Chapple offers his perspective.continue reading
Does a Web application security assessment termed 'compliance ready' seem too good to be true? Learn its role in an enterprise compliance program.continue reading
Learn how hiring the right PCI DSS-compliant service providers, especially payment services providers, can reduce your compliance burden.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.