There was a story in the news recently where one prominent network security vendor was accusing another vendor...
of infringing on its patents regarding firewall technology. Our organization is considering purchasing the allegedly infringing product, but we don't want to have the product be discontinued or significantly changed down the road. Is this a legitimate concern?
Ask a question
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)
I assume you’re referring to the ongoing patent dispute between Juniper Networks Inc. and Palo Alto Networks Inc. over next-gen firewall technology. The intellectual property issues in question here are likely to remain entangled in the courts for quite some time, so I wouldn’t wait for them to be resolved before making your decision.
Almost every technology vendor out there has some sort of ongoing patent litigation and, more likely than not, they are on both sides of those lawsuits. Except in unusual circumstances, such as a small vendor with its core technology threatened, I would not let the gathering patent storm clouds influence your vendor decision in any major way. Some lawsuits gain widespread publicity because prominent individuals or vendors are involved, but most disputes of this nature proceed under the radar until they reach a quiet resolution.
In this particular case, there is little risk that Juniper’s accusations will drive Palo Alto Networks out of business. Firewalls are Palo Alto’s “bread and butter”, and it is not going to exit that market without putting up the fight of its life. The most likely scenario is that the two companies will reach a settlement that involves some one-time payment or a licensing of the technology. These are issues that may affect stockholders’ perceptions of the firm, but should not affect them from a security professional’s point of view. Even in the worst-case scenario, where Palo Alto is somehow forced out of business or into an acquisition, there is too large of a deployed base out there for the product to be completely abandoned. Juniper, or some other vendor, would probably assume support responsibilities for the line.
To be clear, the worst-case scenario described above is highly unlikely. Since this particular legal battle isn't slated to go to trial until early 2014, barring a settlement, it will remain in the headlines for a while. That said, while it's worth noting when it's time to make a purchasing decision, it shouldn't be a determining factor either way.
Dig Deeper on Security Industry Market Trends, Predictions and Forecasts
Related Q&A from Mike Chapple
Encrypting data going to the cloud is a security best practice, but does it add extra challenges for regulators that might need to access the data? ...continue reading
Merchants that sell at off-site venues need to take extra care to follow PCI compliance standards. Expert Mike Chapple discusses how organizations ...continue reading
The FTC's order for PCI DSS compliance assessments is odd since PCI isn't a government regulation. Expert Mike Chapple explains the motivation ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.