PACSEC3 v. Fastly: Firewall Patent Case Transferred to S.D.N.Y.

Introduction

A patent infringement lawsuit targeting Fastly, one of the leading edge cloud platform providers, has been rerouted before it could gain traction in a traditionally plaintiff-friendly Texas venue. In PACSEC3, LLC v. Fastly (Case No. 4:25-cv-03969), the United States District Court for the Southern District of Texas ordered the case transferred to the Southern District of New York — by agreement of the parties — just 180 days after filing. At the center of the dispute: U.S. Patent No. 7,523,497 B2, covering a firewall system designed to defend against data packet flood attacks, more commonly known as DDoS (Distributed Denial of Service) attacks.

For patent attorneys, IP professionals, and R&D leaders operating in the cybersecurity and content delivery network (CDN) space, this case offers meaningful signals about venue strategy, assertion tactics by non-practicing entities (NPEs), and the growing intersection of legacy network security patents with modern cloud infrastructure. The case was closed on February 17, 2026, with the substantive merits yet to be decided in its new forum.

Case Overview

The Parties

The Patent at Issue

The asserted patent, U.S. Patent No. 7,523,497 B2 (Application No. US 10/841,064), claims a firewall system of defense against data packet flood attacks. In plain terms, the patent covers mechanisms to identify, filter, or block abnormal volumes of network traffic — a foundational element of modern DDoS protection systems. Granted under pre-AIA law, this patent represents an earlier generation of network defense architecture that plaintiffs increasingly assert against contemporary cloud and CDN platforms.

• • US 7,523,497 B2 — Firewall system of defense against data packet flood attacks

The Accused Product

The accused product category is identified as a “Firewall System of defense to a data packet flood attack” — broadly mapping to Fastly’s edge security and traffic management capabilities, including its DDoS mitigation and web application firewall (WAF) offerings.

Legal Representation

• • Plaintiff Counsel: William P. Ramey III, Ramey LLP
• • Defendant Counsel: William M. Logan, Winston & Strawn LLP (Chicago)

Winston & Strawn’s involvement signals that Fastly engaged sophisticated, nationally recognized IP defense counsel from the outset — a common posture when defendants anticipate challenging venue or seeking transfer.

Litigation Timeline & Procedural History

PACSEC3 filed its complaint in the Southern District of Texas on August 21, 2025, before Chief Judge George C. Hanks, Jr. The choice of the Southern District of Texas — particularly Houston — reflects a broader NPE strategy of selecting venues perceived as efficient and geographically favorable for patent plaintiffs.

However, within six months and by agreement of both parties, the case was transferred to the Southern District of New York pursuant to 28 U.S.C. § 1404(a), the federal venue transfer statute permitting transfer to any district where the case might have been originally brought, in the interest of convenience and justice. The 180-day duration in Texas reflects a pre-trial procedural phase with no substantive rulings on the merits, claim construction, or validity.

The agreed transfer suggests that both parties recognized S.D.N.Y. as the appropriate forum — likely due to Fastly’s operational connections to New York, the location of relevant witnesses or documents, or a negotiated strategic repositioning.

The Verdict & Legal Analysis

Outcome

This case was transferred, not resolved on the merits. The Southern District of Texas entered a transfer order on February 17, 2026, closing the case in that district. No damages were awarded, no injunction was issued, and no findings of validity or infringement were made in the Texas proceeding. The substantive litigation is expected to continue before the Southern District of New York.

Verdict Cause Analysis: Why the Transfer Matters

The transfer under 28 U.S.C. § 1404(a) — executed by agreement rather than contested motion — is a significant procedural development. Under the In re Volkswagen standard and the Federal Circuit’s evolving § 1404(a) jurisprudence, courts in the Fifth Circuit weigh private and public interest factors including witness convenience, location of evidence, and local court interest.

The parties’ mutual agreement to transfer is notable. Contested venue transfers in patent cases can take months to litigate; here, both sides apparently reached a swift consensus. This may reflect:

1. Fastly’s principal place of business connections to New York and S.D.N.Y. jurisdiction;
2. PACSEC3’s willingness to accept transfer rather than face a contested § 1404(a) motion it might lose;
3. Efficiency considerations — S.D.N.Y. may offer a faster or more predictable path to substantive resolution.

Legal Significance

The DDoS patent infringement landscape has become increasingly active as NPEs assert network security patents — many issued between 2000–2010 — against modern cloud infrastructure operators. US 7,523,497 B2 represents this category: a patent covering packet flood defense concepts that predate contemporary CDN architectures but whose claims may nonetheless read on modern implementations.

For claim construction purposes, the critical question in proceedings before S.D.N.Y. will be how terms like “firewall system,” “data packet flood,” and “defense” are construed relative to Fastly’s actual technical architecture. Overly broad claim construction could capture widespread industry practices; narrow construction could immunize Fastly’s implementation entirely.

IPR (Inter Partes Review) risk is also a relevant consideration. Pre-AIA patents like the ‘497 patent are subject to IPR petitions before the USPTO Patent Trial and Appeal Board (PTAB). Fastly’s defense team at Winston & Strawn may evaluate whether a PTAB challenge — based on prior art obviousness or anticipation grounds — offers a more efficient path to invalidation than district court litigation.

Strategic Takeaways

For Patent Holders: Venue selection remains a powerful tool, but the rise of agreed transfers signals that defendants are increasingly successful at redirecting cases away from plaintiff-preferred forums. Asserting patents in venues with strong factual connections to the defendant is strategically sounder.

For Accused Infringers: Early engagement with opposing counsel to negotiate transfer — rather than litigating venue motions — can save significant cost and reposition the case in a more favorable jurisdiction. Fastly’s approach here reflects mature patent litigation defense strategy.

For R&D Teams: Companies deploying DDoS mitigation, edge firewalls, or packet filtering technologies should conduct Freedom to Operate (FTO) analyses against pre-AIA network security patents. The ‘497 patent family and similar assets remain active assertion risks.

Industry & Competitive Implications

The PACSEC3 v. Fastly case reflects a continuing pattern of NPE assertion against CDN and cloud security providers. As DDoS attacks have grown in sophistication and frequency, the commercial value of network security infrastructure has expanded — and with it, the attractiveness of legacy patent portfolios to assertion entities.

For Fastly and its industry peers — including Cloudflare, Akamai, and Amazon CloudFront — this litigation underscores the patent risk inherent in packet-level security features. Even well-established, widely deployed technologies like WAFs and DDoS scrubbing services remain vulnerable to assertion under patents issued during the early 2000s network security era.

From a licensing and settlement perspective, NPE cases involving transferred venues often resolve through negotiated licenses before substantive merits briefing. The agreed transfer may itself be a precursor to settlement discussions in a neutral forum. IP professionals tracking licensing trends in the network security sector should monitor S.D.N.Y. docket activity for any subsequent consent judgment or stipulated dismissal.