Barracuda Networks is going on the attack in response to security vendor Trend Micro’s assertion that it violated one of Trend Micro’s patents.
At the center of the controversy is a Trend Micro patent the company says covers virus scanning of a server, such as a gateway or appliance, before data is received by a client computer. But while Trend Micro officials say they are only defending their turf, Barracuda Networks is casting the situation as an attack on open-source software.
Dean Drako, CEO of Barracuda, claims his company is being attacked for its use of ClamAV, an open-source network anti-virus project purchased last year by Sourcefire. After Trend Micro officials sent Barracuda letters about the matter in late 2006, Barracuda decided to take the matter to U.S. federal court and filed for a declarative judgment to settle the matter. Then, in December, Trend Micro countered by filing a complaint with the U.S. International Trade Commission.
“In their ITC filing they accused us of importing the ClamAV software and that [that] is infringing software. … In the federal case, their claim is that we manufacture [and] sell a product that infringes on their patent,” Drako said. “In their explanation … they specifically refer to ClamAV as the source of the infringement, and call out the subroutines-they actually went through the source code of ClamAv and found the specific subroutines which they claim infringe on their patent.”
But officials at Trend Micro say it’s not that simple.
“The case is about commercial Barracuda products, not about open source,” a Trend Micro spokesperson said. “At issue in this patent infringement case is how certain Barracuda products implement anti-virus scanning at the Internet gateway. Panda is also a respondent in the ITC action and uses a proprietary scan engine, not ClamAV. Similarly, Fortinet did not use ClamAV and was found to have infringed the -600 patent [in 2005]. The application for the ‘600 patent was originally filed in 1995, before ClamAV was available.”
Drako claims Trend Micro wants to have exclusive control of gateway anti-virus scanning, and if the Tokyo-based security company is successful, it will restrict gateway scanning of FTP, HTTP and e-mail data and viruses. He said Trend Micro’s patent is invalid due to prior art, and neither his company’s products or ClamAV infringes it.
“If Trend Micro is successful in enforcing a patent against free and open-source software, that has tremendous ramifications on the entire open-source community with respect to the development of free and open-source software,” Drako said. “The next step might be for other companies who have unjust or frivolous … patents to start and try to collect royalties or past license fees from anyone using the open-source software.”
The ITC voted to investigate Trend Micro’s claim last month. Officials at Trend Micro said the resolution of the case will not effect the development of open-source projects. “Open source is not at the heart of any issue in dispute, and we cannot see how this case will have a negative effect on open-source development,” the Trend Micro spokesman said. “Our claim is that Barracuda is infringing a known and time-tested patent relating to a method of scanning for viruses at the Internet gateway/server of businesses. The ITC investigation is focused on how Barracuda implements certain functionality in certain of its products.”