Seeking Alpha
We cover over 5K calls/quarter
Profile| Send Message|
( followers)  

Sourcefire (NASDAQ:FIRE)

Q4 2012 Earnings Call

February 21, 2013 5:00 pm ET

Executives

Staci Mortenson - Managing Director of Technology Software and Information Technology Services

Martin F. Roesch - Founder, Interim Chief Executive Officer, Chief Technology Officer and Director

Todd P. Headley - Chief Financial Officer, Principal Accounting Officer, Treasurer and Assistant Secretary

Thomas M. McDonough - President and Chief Operating Officer

Analysts

Jonathan Ho - William Blair & Company L.L.C., Research Division

Brent Thill - UBS Investment Bank, Research Division

Keith Weiss - Morgan Stanley, Research Division

Rob D. Owens - Pacific Crest Securities, Inc., Research Division

Scott Zeller - Needham & Company, LLC, Research Division

Michael Turits - Raymond James & Associates, Inc., Research Division

Aaron Schwartz - Jefferies & Company, Inc., Research Division

Gray Powell - Wells Fargo Securities, LLC, Research Division

Walter H. Pritchard - Citigroup Inc, Research Division

Daniel T. Cummins - B. Riley & Co., LLC, Research Division

Tal Liani - BofA Merrill Lynch, Research Division

Operator

Good day, ladies and gentlemen, and welcome to the Sourcefire Q4 2012 Earnings Call. [Operator Instructions] As a reminder, this conference call is being recorded. I would now turn the call over to your host, Staci Mortenson. Please go ahead.

Staci Mortenson

Thank you. This is Staci Mortenson, Sourcefire's Investor Relations representative. I want to thank you for joining our fourth quarter and full year 2012 earnings conference call. Joining me today on this call is Marty Roesch, Interim Chief Executive Officer; Todd Headley, Chief Financial Officer; and Tom McDonough, Chief Operating Officer.

Before we begin, I must remind you that statements made in this conference call and in our public filings, releases and websites, which are not historical facts may be considered to be forward-looking statements that involve risks and uncertainties and are subject to change at any time. We caution investors that any forward-looking statements made by us are management’s beliefs based on currently available information and should not be taken as a guarantee of future results or performance, which may differ materially as a result of a variety of factors discussed in our earnings release that was issued today and our Form 10-K and most recent Form 10-Q filed with the Securities and Exchange Commission.

We disclaim any obligation to update any of these forward-looking statements or to announce publicly the results of any revisions to any of the forward-looking statements to reflect future events or developments. There is a more complete information regarding forward-looking statements, risks and uncertainties in the company’s filings with the SEC available on our website, www.sourcefire.com.

In addition, we may discuss non-GAAP financial information on the call. This information is reconciled to comparable GAAP financial information in the earnings release. The full earnings release can be found on our website. An online replay of this call will be available on the Investor Relations section of our website for at least 90 days.

With that, I will turn the call over to Marty Roesch, Sourcefire’s Interim CEO.

Martin F. Roesch

Thanks, Staci, and good afternoon, everyone. Welcome to our fourth quarter and full year 2012 earnings call. Fourth quarter was an exceptionally strong ending to a record-breaking year for Sourcefire. Our Agile Security vision continues to cut through the confusion that exists in the security market today and delivers meaningful solutions that protect our customers' networks from sophisticated and growing threats. Our success during the quarter and full year 2012 was driven by several key factors, all grounded in our threat-centric approach, which enables us to address cybersecurity issues wherever they exist, whether on a network, endpoints, mobile devices, or virtual environments. We also benefited from increased distribution capabilities, more time and territory for our sales teams and partners, and new customer wins coupled with expanding commitments from existing customers.

Before handing the call out to our CFO, Todd Headley, who will provide more detailed and financial information, including our guidance for the first quarter and our initial thoughts on the full year 2013, I want to talk to you about 3 specific items: first, a brief overview of our financial results for the fourth quarter and full year 2012; second, a more in-depth look at our threat-centric approach and why we believe it will drive long-term sustainable growth; and finally, our key strategic initiatives for 2013.

Okay, first, the financial results. Revenue for the fourth quarter of 2012 came in at a record $67.4 million, an increase of 27% over the year-ago period, and we generated adjusted net income of $8.9 million or $0.29 per diluted share. For the full year 2012, total revenue was $223.1 million, an increase of 35% over 2011, while adjusted net income was $24.9 million or $0.81 per diluted share. These are outstanding results and a product of our broad-based growth across all our geographies and lines of business.

We continued building additional global sales capacity by adding more than 150 net new partners during the calendar year for an annual increase of nearly 30%. While we will continue to track the addition of new partners to our programs, our primary focus will be on the quality and enablement of these partners. And we believe there is significant room to expand productivity.

During the fourth quarter, significant training activity resulted in more partners being certified on our solutions than in any previous quarter since we've started our global channel program. Channel-influenced deals were 56% during the quarter, reflecting the seasonal rebound from the third quarter. We saw more partners adding pipeline and actively driving deals through registrations, demonstrations and competitive bakeoffs. Q4 continued our positive trend of landing big deals as we closed 25 transactions over $0.5 million, including several 7-figured deals. Overall, our customers continue making larger commitments to Sourcefire, both on their initial purchase and through subsequent expansion across their network infrastructure. For example, for deals in excess of $500,000 for 2012, the growth value associated with those deals were 37% higher than in 2011. Our new customers are often enterprises that already have some IPS in their infrastructure, but realize that to be better protected, they need to expand their deployments. They look to Sourcefire because of our FirePOWER platform and our continued commitment to innovation.

In the fourth quarter, we introduced our network-based Advanced Malware Protection solution that runs on FirePOWER. FirePOWER provides customers with the leading-edge platform to enable the network security, next-generation IPS, Next-Generation Firewall and now, Advanced Malware Protection. At the end of 2012, the FirePOWER platform on a unit count basis represented less than 30% of our installed base. We continue to see very strong adoption of the platform and yet, we are still in the early innings of what we believe is a very large opportunity and a significant driver for our long-term growth.

Now I'd like to spend a couple of extra minutes talking about our threat-centric approach to cybersecurity based on visibility and control, why it truly differentiates us in the market and how it will continue to drive our future success. Today, the reality is that despite a company's best efforts, attackers often know more about a target's network and its defenses than the company does. And hackers are using that to their advantage with increasing success. One only has to read the weekly headlines on the latest compromise or the details of the Verizon data breech investigation report to understand the impact. Today's networks have been extended to include endpoints, mobile devices, virtual desktops and data centers, greatly increasing the number of attack factors that companies must protect. Every time a new device or application is introduced to this extended network, it creates new opportunities for attackers. There are no silver bullets in security, period. The traditional defenses such as firewalls and antivirus are useful tools for implementing policies, access controls and risk mitigation. While this has the effect of reducing the available attack surface and is generally good for overall security, it does not and will not actually stop today's sophisticated and targeted attacks.

Why are attackers successful? Fundamentally, attackers understand the nature of traditional security technologies and the defense in-depth strategy of wearing several products in hopes that one will catch an attack if the others miss it. They also understand the gaps between them and the complacent nature of many organizations they target. Attackers relentlessly drive their assaults home, using tools and methods that evades traditional defenses, and once inside, embed themselves deeply into the extended networks to achieve their goals and maintain their presence.

What companies need to do is start rationalizing their security architecture and organizational structure to enable effective defense against the actual threats they face. Defenders need to understand the situation from the attackers' perspective and focus on preparing their defenses for the full spectrum of attack scenarios they may face. Sourcefire expresses this threat-centric approach to securing the extended network as an attack continuum, the before, during and after phases of an attack.

Let's walk through these 3 stages of the attack continuum to better understand it.

So first there is the before stage. Organizations need to start by gaining full awareness and wider visibility of their extended IT environments. If they don't understand what assets they're protecting, they will be unprepared to properly configure and deploy their security technologies to defend themselves adequately. Once the environment is understood, access controls and policy enforcement mechanisms are deployed in an attempt to raise the bar for a prospective attacker. Access controls and policy enforcement work to some extent, but not against sophisticated attackers bent on compromising targeted networks. Visibility is the foundation for context-aware security and a fundamental requirement if information superiority is to be achieved over an attacker. We disrupted the market with our awareness technologies that enable our customers to see more of their IT environment in real time. When you see more, you can control more and protect more.

Second, the during phase. Traditional security technologies can only detect an attack at a point in time, more specifically at the precise moment the threat is presented to them. If the security technology detects and blocks it, you're okay. However, if it's missed, and given the nature of today's attacks, it is likely at some point that it will be missed, that layer of security is effectively blind to whatever the threat does next. Sourcefire's Next-Generation IPS, Next-Generation Firewall and Advanced Malware Protection solutions provide a security infrastructure based on a foundation of visibility and awareness by performing automated real-time discovery across the extended network. This involves the security infrastructure from one operating only at a point in time to one operating using continuous analysis and automated decision-making.

Third, the after phase. In this phase, an attack has been successful. A compromise has occurred. This is really the phase nobody likes to talk about. At Sourcefire, we don't ignore the fact that a company can find itself in this phase. Again, the headlines show that this happens more than anyone cares to admit. To mitigate the damage from a successful attack, you need retrospective security. Retrospective security uses continuous analysis, advanced techniques and big data infrastructure to detect advanced malware. Through retrospective analysis, you can identify the scope of compromise, contain an outbreak and ultimately remediate the threat. Retrospective security is Sourcefire's latest innovation and we are delivering the most comprehensive solution in the industry today. Our threat-centric approach to cybersecurity allows defenders to address the full attack continuum across all vectors and respond at any time, all the time, in real time. Key to this approach is broad visibility of the extended network and continuous analysis of malware and attacker activities. This is a new model of security that allows defenders to be far more effective even if an attacker breaks in, and Sourcefire is again at the forefront of the industry.

Let me share a recent real world experience with you regarding a customer in the utility industry who has deployed our Next-Generation IPS, as well as our Advanced Malware Protection solution. Based on our awareness technologies, they identified that they were the target of a malicious attack. Our solutions detected, scoped, contained and remediated the threat off their network within 40 minutes of it first being seen, thereby preventing a serious compromise. That threat that was identified was the latest Java 0-day, and our customer discovered it 2 days before it was publicly disclosed. That is the power of Agile Security.

So as you can tell, 2012 was a very successful year. Looking towards 2013, as is a tradition here at Sourcefire, we align the company around our goals and objectives for the coming year by using a catchy phrase or acronym. This year, we are returning to our Snort roots with P-I-G or Pig. The P stands for people. While it may sound simple, we truly run our company knowing that at the end of the day, it is about the people and the firemen principles we embrace that hold everyone accountable for our actions. We have built and will continue to build an organization of people who relish solving complex and evolving security problems.

The I stands for innovation. Yes, we have used this word in the past to focus our energies and activities, but innovation is what security is all about. It reminds one of the most -- remains one of the most significant undertakings in which we continually engage and challenge each other.

And lastly, the G stands for growth. We have built and will continue to build this company for long-term revenue growth. We have a huge market opportunity in front of us and our plans require strategic investments across all areas as we become a truly multinational security company. Todd will provide more detail in a moment, but I want to state that at Sourcefire, we strongly believe it would be a missed opportunity not to incrementally accelerate investments to drive significant top line growth. And we continue to see the opportunity to double the top line every 3 years. I'm more convinced than ever that Sourcefire is positioned to continue to make significant gains in the overall security market. With that, I will turn the call over to our CFO, Todd Headley.

Todd P. Headley

Thank you, Marty. I would like to highlight our Q4 and 2012 results for you, talk about some trends in the business and end with our guidance for Q1 and some preliminary thoughts on 2013. On the revenue front, we had a record quarter and year. Total revenue of $67.4 million, reported in the fourth quarter of 2012 represents a 27% increase over the fourth quarter of 2011. And the $223.1 million for all of 2012 beat 2011's figure by 35%. We believe these revenue growth achievements are the result of our investments paying off, global demand for our best-in-class solutions, the continued successful execution of our go-to-market strategy and our customers making increasingly larger commitments to us because of the fidelity of the FirePOWER platform.

Our International business continued its strong momentum with Q4 revenue up $26.4 million or 92% growth versus the year-ago period. In Q4, we saw particular strength in Europe, including a large 7-figure deal. For the full year of 2012, revenues increased to $74.4 million or 77% over 2011, and as a percentage of total revenue, International was 33% for the year, up from 25% in 2011.

As we have indicated in the past, we believe that International remains a largely untapped opportunity, and longer-term has the potential to generate half of Sourcefire's revenue.

Our Federal Government business reported revenue of $10 million in the quarter, up 41% over the year-ago period. For the full year 2012, our Fed business achieved $44.7 million in revenue, an increase of 28% over 2011. These are very strong results supporting our view of a more stabilized federal spending environment in 2012. We also believe these results clearly indicate that we remain well positioned as a trusted cybersecurity adviser.

For 2013, the headlines and new stories show that there's more uncertainty than 2012 due to the fiscal cliff, sequestration and the fact that the annual budget has not yet been passed. On the flip side, we've also heard some positive commentary regarding the Executive Order with a focus on cybersecurity. And there is every indication cybersecurity remains a top priority for the Fed. Taking all this into consideration, we believe we can grow our Fed business in 2013, albeit modestly. We acknowledge that quarter-to-quarter the business could be lumpy, as the government figures out how to enact all the proposed changes.

U.S. Commercial revenue was $30.9 million in the fourth quarter of 2012 compared to $32.4 million in the year-ago period. The U.S. Commercial business continues to be our most significant, and this slight quarter-over-quarter decline has everything to do with the more difficult compare from a year ago that saw us record 46% growth. For the full year, U.S. Commercial reported revenue of $104 million, an increase of 17% over 2011. We remain very confident in the growth opportunity for this business as we expand our go-to-market reach through partners and increase the adoption of our newer solutions and the FirePOWER platform.

Okay. Let's turn to gross margins. Product gross margin for the fourth quarter of 2012 was 70%, which compares to 72% in the year-ago quarter. For the full year 2012, we achieved a 70% product gross margin versus 71% in 2011. As we discussed throughout 2012, product margin figures have lowered versus previous years due to the cost of the FirePOWER platform and the Advanced Malware Protection infrastructure. In any quarter, this margin can also be highly influenced by product mix. We anticipate that for 2013, our product margins will likely vary between 69% and 71%.

Services gross margin in the fourth quarter of 2012 was 87%, which compares to 86% in the year-ago quarter. For 2012, services gross margin was 87%, which is identical to that realized for all of 2011. For 2013, as our customer and partner base continues to expand, we will invest in more resources for our technical support and services teams to ensure we are providing the world-class support expected from Sourcefire.

Historically, our services margin has varied between 86% and 88%, and we see this staying in range for 2013.

Total Q4 blended gross margin was 76% compared with 77% in the year-ago quarter. For the full year 2012, blended gross margin was 77% compared to 78% for 2011. We continue to believe that the 76% to 77% level for blended gross margins should be considered our new normal.

Now let's move on to our operating costs. Please note that this is a GAAP figure and thus, includes noncash, stock-based compensation charges. Total operating expenses for the fourth quarter were $47.9 million or an increase of 40% over the year-ago quarter. For the full year 2012, operating expenses were $161.7 million, or an increase of 33% over the full year of 2011. Note that we incurred a $3.7 million stock-based compensation charge for the retirement of our then CEO back in October of 2012. Excluding this figure, the Q4 and 2012 increases dropped to 29% and 30%, respectively. For 2012, we ended the year with 599 employees, an increase of 33% for the year. And we are already off to a fast hiring pace in 2013 with over 40 net new employees joining our ranks. We continue to invest in product development to drive meaningful innovation in our go-to-market organization and activities, and also in G&A to support our growing International operations.

Now let's touch on operating margins, net income and EPS. In the press release we issued this afternoon, figures are included in both GAAP and adjusted or non-GAAP form. I want to highlight some of the adjusted figures, which we believe are meaningful indicators of trends in our business.

Adjusted operating margin for the fourth quarter of 2012 was 20.4% versus 22.1% in the year-ago quarter. For the full year of 2012, our adjusted operating margin was 17.2% versus 15.5% for 2011. As we have stated in the past, we are most focused on driving significant and sustainable revenue growth, while we look to balance that upside with investments back into the growth of the business. This is what you should expect from us going forward.

Adjusted net income for the fourth quarter of 2012 was $8.9 million or $0.29 per diluted share compared to $7.6 million or $0.25 per diluted share for the year-ago quarter. For the full year of 2012, we realized adjusted net income of $24.9 million or $0.81 per diluted share, which outpaced the figure from 2011 of $16.8 million or $0.57 per diluted share.

Turning to taxes. For the full year 2012, we had an effective tax GAAP rate of 46%. However, as a result of our tax-based net operating loss carryforward, we did not pay federal income taxes, though we paid out a little less than $1 million for state and foreign taxes. The R&E credit was restored in January of 2013 with effect back to 2012. Thus, in 2013, we expect to realize the benefit of this R&E credit for both 2013 -- 2012 and 2013 in the combined amount of $2 million to $2.5 million. Based on our 2013 projections, which include this R&E credit, and given the amount of our net operating loss carryforward for tax purposes, we do not anticipate being a cash payer for federal tax purposes in 2013.

As we scale our International operations in 2013 and beyond, we'll benefit from the tax structure implemented last summer. Through this structure, we ultimately hope to drive our longer-term effective tax rate below 30%. Until that time and based on our best estimates for 2013, we believe our overall effective GAAP tax rate will approximate 35%, though it will vary quarter-to-quarter.

Thus for 2013, we will continue to normalize our adjusted quarterly results to reflect an overall assumed tax rate of 35%. Our balance sheet continues to strengthen with our highest levels of accounts receivable and deferred revenue. And as of December 31, 2012, cash, cash equivalents and investments totaled $204 million.

Let's turn to guidance. For the first quarter of 2013, we expect revenue in the range of $56 million to $58 million, net income per diluted share in the range of $0.01 to $0.03, and on an adjusted basis, net income per diluted share in the range of $0.11 to $0.13. Our adjusted net income per share of diluted share reflects the significant investment in headcount we have made throughout 2012 and already in 2013, as well as the investments in sales, marketing and distribution to drive our top line growth.

In addition, Sourcefire's expectation of adjusted net income per diluted share excludes stock-based compensation expense for the first quarter in the range of $6.4 million to $6.6 million, and the amortization of acquired intangibles of approximately $350,000. And it assumes a normalized tax rate of 35%. I'd also like to share some thoughts on our business and the general market to provide you a perspective of what we believe lies ahead for 2013.

Cybersecurity is a significant and growing issue for many companies and agencies. The cybersecurity problem is getting more complex, not less. Sourcefire has a rich, decade-long history of delivering innovation and gaining trust from our customers and partners. The adoption of our trusted solutions has driven significant revenue growth, and we expect this to continue. For 2013, we believe we can grow revenue at least 25%. Within this, we expect a blended growth rate of our International and U.S. Commercial businesses to be above this level, while the Fed business growth feels more like low-single digits at this stage. And as we've noted, we expect to accelerate investments to continue to fuel innovation, capture new markets, expand our customer base and increase our market share across the vast opportunity we see ahead of us. As a result, we expect the full year 2013 adjusted operating margin to be flat compared to 2012. When we look at this on a year-over-year basis compared to 2012, we expect 2013 margins to be slightly lower in the first half of the year and slightly higher over the back half of the year.

Overall, our business is very strong and we remain optimistic about our market position as we enter 2013. With that, operator, we would like to open up the call for questions.

Question-and-Answer Session

Operator

[Operator Instructions] Our first question comes from Jonathan Ho from William Blair.

Jonathan Ho - William Blair & Company L.L.C., Research Division

Just wanted to understand a little bit relative to your expectations for International growth and perhaps how we should be thinking about that. I know you gave sort of the blended viewpoint. Just wanted to see your thoughts there in terms of that International piece and how you could see that in '13.

Martin F. Roesch

Thanks, Jonathan. I'll hand that one over to Tom McDonough.

Thomas M. McDonough

Yes, Jonathan, we had a great year, International, obviously, and there are a number of reasons for it. Obviously, we've made major investments internationally over the course of the years. Europe was particularly strong. We've gotten more people and time and territory than we've ever had before. The number of partners, their productivity's going up. We're gaining traction in more large accounts. So we're really getting into our own over there and we're building momentum, and we expect that to continue. And hopefully, within the next year or so, we'll achieve our very publicly stated goal of having our 50-50 revenue split between the U.S. and International.

Jonathan Ho - William Blair & Company L.L.C., Research Division

Got it. And just taking a look at sort of the Federal Government business. Can you talk about, maybe, expectations around seasonality? I mean, will this be shape up sort of like 2011, where it's a little bit slower in the first half and picks up in the second half? Just wanted to get your thoughts around that.

Thomas M. McDonough

Yes, sure. This is Tom again, I'll take that one. First of all, we had a great year in the federal space as you can see by our results. And frankly, we believe that we're extremely well positioned in the Fed. And the reason is, is because we're built in to a number of large programs, an example of that is the joint information environment where the DoD is consolidating a bunch of their networks into a single network. And we're built into the stack in that particular project. And this huge project is going to take place over the course of the next few years. So just the fact that we're built into these programs is very strong for us, and we're continuing to build our pipeline. We've had no indications of cancellation. We believe that cybersecurity will continue to be a top priority. And frankly, our only concern really is the lumpiness because of the Continuing Resolution and the sequestration. So overall, long-term, we continue to be very bullish on our Federal business.

Operator

Our next question comes from Brent Thill from UBS.

Brent Thill - UBS Investment Bank, Research Division

Todd, to come out of the gate at 25% revenue growth for the year at a minimum, obviously, there's not too many companies that are saying that right now. Maybe if you can just give us a sense. Obviously, your business is strong, but give us a sense of what underpins that confidence. And I had a quick follow-up for Marty.

Todd P. Headley

Sure. There are a couple of elements there, Brent. If you take a look at growth over the last 3 years, it was 26%, 27% and 35%. So we've been on kind of this trajectory, and we wanted to acknowledge that. The other thing that we've talked about pretty frequently in the past, that this is the kind of business where we believe we can double the top line every 3 years, and it takes slightly north of 25% growth per year to get there. So again, historically, we've been able to achieve that. When you look at the markets that we're serving, and they're clearly 3x, 4x, maybe even 5x larger than the ones that we've traditionally served, we believe there's opportunity to grow. And again, Tom has pointed out, the growth in International given the time and territory there. So we thought it was more appropriate this year to be a little bit more acknowledging in terms of the growth rate.

Brent Thill - UBS Investment Bank, Research Division

Okay. And just a quick follow-up for Marty. There's been a lot of noise on the whole advanced malware space, obviously some of the privates and publics are making more noise here. Can you give just us a sense of your view what -- how you're differentiating this and maybe some of the early traction you're seeing so far? I know it's fairly new.

Martin F. Roesch

Well, the differentiation around it is really based on how we're kind of considering the problem. So we're not just treating it as kind of a new way of doing malware detection and things like that. What we're really doing is building an infrastructure. Sourcefire is big on this concept of visibility and control. And if you look at our AMP technologies, that's exactly what they do. They build up this base of visibility, which reports back to our big data back-end, where we keep all this information permanently, effectively. That allows us to find attacks not just by recognizing the attack directly by picking up the malware, but also looking at indications of compromise and being able to do retrospective security work. When we figure something out at a point in time, we can go back and we can see exactly what happened. And this is a huge problem that just about everybody has right now, which is identifying, when you've figured out you've been hacked, figuring out where it came from, how it got in, who got infected first, how far it's spread and what other tools were deployed around your environment. The AMP technology that we've built answers those questions and does so very effectively. That case that we brought out with the utility is really a shining example of exactly how effective this technology can be. It's unheard of to go from getting popped by a 0-day to being clean in 40 minutes. And these guys, that's exactly what happened.

Operator

Our next question comes from Keith Weiss from Morgan Stanley.

Keith Weiss - Morgan Stanley, Research Division

I was wondering if we could dig into the Q1 guidance a little bit. You definitely came out with a strong guidance, sustaining strong growth into Q1 and ahead of consensus expectations. I was wondering if you could give us a little bit more color on sort of what you're seeing in terms of pipeline and maybe a little bit more in terms of your assumptions on 2 realms. One, what you're thinking about in terms of contribution from new products like FireAMP? And then on the other side, what type of impacts are you thinking about in terms of potential impacts from sequestration? To what degree is that factored into your outlook for Q1 in particular?

Thomas M. McDonough

Yes, Keith, this is Tom, I'll take that one. So I guess the basic thing that I'd like to say is I believe, and I believe our management team here believes, that we're really capacity-constrained, we're not opportunity-constrained. Our pipeline continues to grow at a good rate. Last year, we closed a record number of Fortune 1000 and Global 2000 accounts. The enterprise is our sweet spot, and just the ASP on our business has gone up significantly over the course of the last year, in part because we're closing these large opportunities in large enterprises. As far as sequestration goes, it's -- March 1 is only a few days away and we're talking about $1.2 trillion in cuts, and that's just a phenomenally large number. But based on what I said earlier, I think we're really well positioned with the Feds. Cybersecurity is not going to go away. It's a top priority and granted, there's some uncertainty around what the agencies are going to spend, but we believe in the long run, we're going to continue to do well with the Feds.

Todd P. Headley

And to kind of follow up Keith, this is Todd, our pipelines overall are larger than they have ever been. And the quality and the qualification of that pipeline is better than it's been. And so that leads to transactions. No customer gets concerned about when our quarter end is. They want to buy the right solution at the right price at the time that makes sense for them. But because we have this significant growing pipeline with qualified opportunities, we can turn the dials and pull the levers to get to the figures where we're guiding. And that's kind of how it works behind the curtain here. In terms of sequestration, clearly, that's going to cause some level of lumpiness, much like the Continuing Resolutions did back in 2011. But we think when all the dust settles and the smoke clears that, again, we'll increase our revenue from the Fed for all of calendar year 2013, when it's all said and done. And with regard to the Advanced Malware Protection business, that's a business that's building. And with examples like Marty provided with the utility company, we think there'll be broader adoption and uptake. But again, that's more of a back half of the year and end of 2014 driver. It is on a subscription basis. The key for us, I think, continues to be FirePOWER. It is the best-in-class platform for our solutions. And when you take a look at the competition, we're beating them both in terms of the capability of the overall solution, the amount of threats that we're detecting and that it performs at advertised rates. And as Marty pointed out, less than 30% of our own install base is running FirePOWER today. So we think there's broad opportunity within the install base, plus with regard to competitive replacement opportunities, it's the perfect platform that's getting a high degree of input into these RFPs and RFQs that we're seeing. So we think we're well-positioned.

Keith Weiss - Morgan Stanley, Research Division

Got it. And perhaps if I could sneak in one follow-up on -- in sort of in that vein. Marty mentioned this figure about the gross value of deals over 500K being up 37% year-on-year. So although the number of deals that are 500K was flat or down a little, so it'd be a much bigger value, can you give us a little bit of color on what constitutes those deals. Like what's beefing up those deals, if you will? What's enabling you to drive the ASPs on the large deals much higher? Is it just that FirePOWER platform or was there -- what constitutes, what goes into those invoices?

Thomas M. McDonough

Yes, I'll take that one, Keith, this is Tom. It's a couple of things, right? It's new customers that are buying our products for the first time, and in many cases, they're doing tech refreshes. They're large enterprise accounts. Another consideration there is the fact that within our install base, we see customers spending 3, 4, 5, 6x off of their initial purchase, and we're seeing more and more of that. And you combine it with FirePOWER and all the capabilities that we bring to the table today, and that's really what's increasing our ASP and the 37% that Marty talked about.

Martin F. Roesch

I think one other point that I'll just bring up is that one of the reasons you're seeing this is because the top end performance of our FirePOWER platform is so far ahead of the rest of the industry for what it does at the performance points we sell it at. There's -- people recognize this and it's actually very impactful.

Operator

Our next question comes from Rob Owens from Pacific Crest Securities.

Rob D. Owens - Pacific Crest Securities, Inc., Research Division

Todd, I just want to drill down into the guidance a little bit more. And I think at the midpoint of the range, revenue guidance is 23% for Q1. And you talked about being comfortable with 25% for the year. I know the high end's a little north of 25%. Just curious, is there anything seasonally that the way the year plays out that it might be a little bit lower in the first half or just a little bit more conservatism on your part? You did mention the strong pipeline entering Q1 here.

Todd P. Headley

Yes. I don't think there's anything that unusual. Again, it really gets down to the quality of our pipeline, which we said is increasing and the overall size is growing. It's just a matter of what closes by the end of the quarter and can ship out and be recognized as revenue, and what may get deferred by a week or a month just given the basic economic environment. And then certainly, with regard to the Fed business, no one knows exactly what's going to happen on March 1 here. So I think it's just our normal view of those things that we don't control that goes into that. But we feel comfortable with the ability to deliver that regardless of where the transactions ultimately come from.

Rob D. Owens - Pacific Crest Securities, Inc., Research Division

Great. And then second, maybe more of an update on your Next-Gen Firewall business. I thought the Q3 call did more to highlight a lot of wins in this space. Just talk about what you saw competitively in Q4 and some of your successes there.

Thomas M. McDonough

Yes, Rob, I'll take that one. This is Tom. We had another very good quarter with the Next-Generation Firewall. We actually doubled the size of that business over Q3 in terms of dollars and the number of customers who adopted it. So we're really pleased with it and the pipeline continues to grow, we have a large number of opportunities in the pipe for 2013. And so we're getting more and more bullish on the Next-Generation Firewall and its capabilities.

Rob D. Owens - Pacific Crest Securities, Inc., Research Division

When you're winning, what is differentiating or what's driving that?

Martin F. Roesch

This is Marty. The thing that's really driving that, we believe, is our threat-centric vision for security. We talk to customers and the problem they have isn't, geez, I need more access controls. It's, geez, I need to keep these hackers out of my environment or find the ones who are in there and get them back out. So being able to do that with the level of fidelity that we can bring to the table at the performance points that we can do it is really driving interest in our product lines.

Operator

Our next question come comes from Scott Zeller from Needham & Company.

Scott Zeller - Needham & Company, LLC, Research Division

Wanted to see if I heard correctly in the prepared remarks. Was the number of partners certified in the quarter, the highest all time?

Todd P. Headley

Actually getting -- this is Todd. Actually getting certified and trained, yes, we saw an acceleration. We've made a concerted effort to focus on getting those partners more up to speed. What Tom has said on prior calls, we measure success or success is measured by time in territory. We do that for our own personnel. And we're seeing the same behavior in our partners. The longer they're in the territories they're serving and they understand the differentiation that Marty articulated really well in his remarks, the more successful they are in selling our technology. So we're really focusing in on the quality. We said it in the past and we'll say it again for this call, we think there's 2 to 3x the capacity that we could build into the existing set of partners versus just trying to go out and chase numbers and new partners, and think that the big number makes it sound important. It really is the quality.

Scott Zeller - Needham & Company, LLC, Research Division

Okay. And to follow up on that point, have you commented previously on the distribution of where those partners are? You've talked about your opportunity for International growth. How would you say the balance is of the partners coming online, where are they located?

Thomas M. McDonough

Yes, this is Tom, I'll take that one. So roughly speaking, about 1/3 are in North America, 1/3 are in EMEA and the other 1/3 is in Latin America and APAC. And the growth in partners actually is continuing at a faster rate in APAC and LatAm because those are really emerging markets for us, right? Whereas in the United States and EMEA, we're pretty well-established.

Operator

The next question comes from Michael Turits from Raymond James.

Michael Turits - Raymond James & Associates, Inc., Research Division

Todd, taking a look at the balance sheet, it looked like you guys had a pretty large deferred build this quarter. Can you talk about, was it primarily maintenance? Are you guys seeing more subscription-based products sold? And roughly, what was the split between short-term and long-term deferred?

Todd P. Headley

Sure. So definitely, our deferred revenue balance grew pretty significantly this quarter, as well as historically, the predominant portion, 90-plus percent is for deferred maintenance and support. I think what you have occurring here at the end of 2012, our customer loyalty team was able to secure a number of multiyear renewals, which we think is great when a customer makes a commitment to our platform, and then shows that commitment by signing up for multiyears of support rather than renewing each and every year where they might get an opportunity to look elsewhere. They're that comfortable with this solution. So I think that picked up measurably versus, say, the year-ago period. And when you take a look in terms of what the long-term piece is, I actually don't have the number right in front of me. But that also grew pretty significantly with regard to that multiyear. We'll be filing our 10-K next week with all of the fine details.

Michael Turits - Raymond James & Associates, Inc., Research Division

Okay. And then just a follow-up for Tom and Marty. On the Next-Gen results this quarter, were you -- did you find that you were having success in any particular verticals? I know you mentioned a telco in last quarter. Any detail in there would be helpful.

Thomas M. McDonough

Yes, this is Tom. We've had success in the telco space in particular, we've done very well there. We've done well in the government and we've done well in financial services. But again, all of those are part of the critical infrastructure, and that's really where we focus our sales efforts. So those are probably the top 3 markets where we've had the most success.

Operator

Our next question comes from Aaron Schwartz from Jefferies.

Aaron Schwartz - Jefferies & Company, Inc., Research Division

I had a follow-up question on the ASPs. You did talk about sort of the expanded deployments there. I was wondering if you could quantify sort of what an IPS sale would look like relative to a customer that did purchase the additional firewall and anti-malware. Is that sort of the big driver there? Are you actually seeing more expanded deployments of the IPS product only driving that ASP increase?

Todd P. Headley

Sure. This is Todd. So from a pricing standpoint, to go from IPS to a Next-Generation Firewall when you buy from Sourcefire, that's about a 10% uplift in the price. Again, as Marty pointed out, we feel the important component is the IPS. Obviously, that's our roots, but that's what's actually helping customers identify these threats that ultimately they want to keep off of their network. And so 100% of the time, when a customer buys a Next-Generation Firewall from Sourcefire, they're getting IPS. We know that the competition goes the other route, which is they're traditionally doing a firewall replacement and then you can add additional functionality and turn those things on with a license key, including IPS. We think IPS is a critical element in this threat-centric approach that Marty talked about, and that's why the uplift is, from our viewpoint, is a little bit small.

Aaron Schwartz - Jefferies & Company, Inc., Research Division

Okay. And then on the anti-malware side, is it just a little too early to sort of -- I think you kind of said to expect later this year into '14. So is that -- presumably, that has not really been a driver on the deal size yet?

Todd P. Headley

That's a 20% uplift.

Aaron Schwartz - Jefferies & Company, Inc., Research Division

20%, okay. Okay, and then follow-up question on deferred. On those multiyear contracts, are you collecting all of that upfront?

Todd P. Headley

Absolutely. We don't record it unless it all goes in one invoice that is going to be paid in the near term.

Aaron Schwartz - Jefferies & Company, Inc., Research Division

Okay. And then the other 10%, I guess I think you said 90% was deferred maintenance and support. So is that other 10% now subscription?

Todd P. Headley

So if we broke it down, it's a little north of 90% is the technical support, less than 5% is product and then the rest is subscription and some undelivered professional services that have been billed and paid.

Aaron Schwartz - Jefferies & Company, Inc., Research Division

Okay, terrific. And that should go onto product line, is that correct? When it's recognized?

Todd P. Headley

Correct.

Operator

Our next question comes from Gray Powell from Wells Fargo.

Gray Powell - Wells Fargo Securities, LLC, Research Division

Can you maybe just give us a little bit more color on the Next-Generation Firewall product? And then just are you seeing like more competitive wins outside your current customer base, or is it mainly from existing customers?

Martin F. Roesch

This is Marty. We've had a mix of both new and existing customers buy the Next-Generation Firewall. And every deal we do is competitive, so we don't really see greenfield opportunities very often in a space like that.

Gray Powell - Wells Fargo Securities, LLC, Research Division

Okay. And then just a follow-up, if I may. Is your marketing message changing at all? Are you still going into new accounts starting with the IPS message, or do deals now begin with the Next-Generation Firewall and FireAMP product message?

Martin F. Roesch

Well we talk about things from a threat-centric messaging standpoint and absolute [ph] security. Those really are our core messages. We believe the foundation of doing security in kind of the hostile world we live in is being able to deal with threats that are out there, which is why we typically lead with Intrusion Prevention Systems. But as we get into deals like Next-Generation Firewall and things like that, people are realizing that they need very effective threat mitigation capabilities wrapped up in that Next-Generation Firewall capability, and we're the best in the market at doing that.

Operator

You're next question comes from Walter Pritchard from Citigroup.

Walter H. Pritchard - Citigroup Inc, Research Division

Tom, I'm wondering if you can talk about just on the International side, should we expect you to open up any major new countries in 2013 in support of this type of growth that you're looking for, or is it mainly ramping territories that you're already in?

Thomas M. McDonough

Walter, this is Tom. It's a little bit of both. We -- we're just opening an office now in Israel. We're opening an office in Italy, and there's probably 2 more on the drawing board or there are that we will open this year. So we have plans to continue to expand and invest in EMEA.

Walter H. Pritchard - Citigroup Inc, Research Division

Got it. And then I may have missed at the beginning, the commentary around gross margin. It sounds like you expect them to tick down a bit, driven mostly by product. Can you just review what the driver is of expected lower product gross margins? Because I remember 18 months ago or so, you guys actually looked like you actually brought down some competitive prices and things like that.

Todd P. Headley

Yes, so this is Todd. We'll handle the services side first, and that's kind of status quo with our historical observation. And we believe that's going to hold true here in 2013. On the product side, the underlying cost of the FirePOWER platform versus the successor platform is a little bit more expensive. We do expect over time to get some cost savings, but that's probably not in 2013. Additionally, we have the cost of the Advanced Malware Protection infrastructure, which we make available to our customers. And so that infrastructure is in place, that business is building. It is not as gross margin-friendly as we expect it to be in the future. And so there is a little bit of a tick down relative to the product margin. And so what we said on the last call and we said again tonight, on a blended basis, you should look at gross margins for us in the 76 to 77 percentile range. That's what we're kind of calling our new normal. A couple of years ago, we were 1 point or 2 higher than that.

Walter H. Pritchard - Citigroup Inc, Research Division

And then just last question, Todd, on the market opportunity. If I kind of just do the math around, you get about a 10% uplift on the firewall. You're talking about the expanded market opportunity being 3 or 4x what it's in, in IPS. How are you -- I mean it seems like you're monetizing the firewall market at a much lower rate than you need to get to that 3 to 4x opportunity. What's kind of the rough math that you're using to get to that expanded TAM?

Todd P. Headley

Well, I'll give you a perspective rather than math because it's how we approach the market. So if you take a look at the enterprise portion of the IPS market, we're growing faster than the pace of that market, as well as all of the competitors that we see there. And it's because of the FirePOWER platform and the fidelity of our solutions. So we're still doing a number of competitive replacements. And as Marty talked about, certainly at the top end of the performance range, we're having a really positive outcome just based on the fact that there's not a lot of competition that can run at those rates. And when you take a look at the uplift with regard to firewall, we know we're leveraging our way into that market. We think there's a lot of confusion out there. You obviously have a core firewall market and there are varying numbers that have been put out there by various analysts in terms of how much of that is being taken down in the Next-Generation Firewall form factor. And that's the market that we play in. We don't have a firewall running on a hardware platform, and we're going after that firewall replacement business. We're in the Next-Generation Firewall business. And as that market emerges and gets defined and the confusion dissipates, we expect to get a larger and larger take over the next couple of years. But there's certainly plenty of business in the IPS enterprise market for us to grow at pretty sustained rates. And we haven't even talked about the Advanced Malware Protection opportunity, and in terms of that, I haven't seen any numbers in terms of sizing that market that we expect probably sometime this year that'll actually get sized, and we'll be playing in there as well.

Operator

Our next question comes from Shaul Eyal from Oppenheimer.

Unknown Analyst

This is Jake Shulman [ph] for Shaul. Just a question about competitive dynamics. What are you guys seeing out there in the market?

Martin F. Roesch

This is Marty. We see our standard competitors, so McAfee and TippingPoint, IBM ISS a little bit, Cisco, so on and so forth. We see a little bit of Palo Alto these days. We see a little bit of Fortinet and we also see Check Point once in a while. So those are kind of the core competitors that we run into. I would say the first 4 that I mentioned, we run into pretty consistently, and then the last 3 are kind of hit or miss.

Unknown Analyst

Great. And then just a quick follow-up. I know you guys mentioned hiring about 40 people so far this year. Do you guys expect that -- a little more ramp in the first half of the year as opposed to the back?

Martin F. Roesch

I think we have a plan that anticipates hiring at a pretty steady rate really. We put our plan together for the entire year, and we have been front-loading to take advantage of the opportunity that we feel is in front of us this year. So the rate might vary a little bit as the year marches on, but we are definitely planning on executing this idea of building up the capacity to go seize the opportunity in front of us.

Todd P. Headley

And we know that the #1 success item on the go-to-market front is time and territory. So we front-loaded a lot of people that are focused on getting into a territory so that they can get ramped up faster.

Operator

Our next question comes from Dan Cummins from B. Riley.

Daniel T. Cummins - B. Riley & Co., LLC, Research Division

So Todd, with respect to the deferred revenue, just trying to model cash flow for 2013. Was there anything unusual such that we shouldn't expect a big seasonal jump on the order of what we saw next -- I'm sorry, this year in 4Q? Just a general comment from you about cash flow for 2013 would be great.

Todd P. Headley

Yes. Our cash flow kind of follows a U-shape. It's highest at the beginning of the year and the end of the year. And that's because our highest product quarter is traditionally Q4 and we make those collections in Q1, and then we typically have a really positive Fed quarter in Q3 that we collect in Q4. I think we're going to follow that same seasonality. The kind of percentage growth in receivables and deferreds is kind of in line with the rates over the last couple of years. This is just the normal growth of our business, nothing unusual there.

Daniel T. Cummins - B. Riley & Co., LLC, Research Division

Okay. And were there any sort of inducements to get multiyear commitments that you could talk about?

Todd P. Headley

Nothing out of the ordinary. Again, when you're having that conversation with the customer, if they've got budget and they're willing to, you'd go ahead and close that deal everyday to get their commitment.

Operator

Our next question comes from Tal Liani from Bank of America.

Tal Liani - BofA Merrill Lynch, Research Division

I have 2 questions. First one is I want to understand just the Commercial part. It declined year-over-year, U.S. Commercial. But on the other hand, last year was a very strong year, and in your comments, you said that you believe that this U.S. Commercial will grow above the average. So I want to understand just the puts and takes, if you don't mind to go over it, what are the growing parts and what are the kind of weaker parts of this segment? And the second question is just clarification about the operating margin. In the past, you used to say that gross margin is going to be in the high 70s, and this time, you gave a more precise number, that kind of mid to high 70s. What is your long-term operating margin target that corresponds to the new gross margin target?

Todd P. Headley

So we'll handle the second question first, this is Todd. And we said this on our Q3 call as well, that we're in the 76% to 77% zip code. And we felt it was important to point that out because we had been in the high 70s, and that's what we'd said. We think we can return to the high 70s, but we have to be a larger business than we are today. We need to see a more mature Advanced Malware Protection business, which we're doing on a subscription basis so that will build. And we have virtual products that have really significant margin associated with them. So today, we're in the 76% to 77%, longer-term, we think we can go back to the high 70s. With that, I'll pitch it over to Tom to talk a little bit about U.S. Commercial.

Thomas M. McDonough

Yes. So relative to your first question, you're correct. We did have a tough compare in Q4 in last year, and frankly, it's because we saw a significant budget flush in Q4 of 2011. So that's what made it particularly tough for us in Q4. But it's a very solid business. It's obviously our biggest business. We're continuing to invest in it, we're putting more headcount into it. We're training more channel partners and we've got a particularly strong focus on the Fortune 1000 within the United States. So that combined with a pipeline that we have and continues to grow, I think we're going to do pretty well in 2013.

Operator

This ends the Q&A session. I will turn it back to Staci Mortenson.

Staci Mortenson

Okay, great. Since there are no further questions, we'd like to thank everyone for your continued interest and support of Sourcefire, and we look forward to speaking with you in the next quarter. Have a great evening.

Operator

Ladies and gentlemen, thanks for participating in today's conference. This concludes the program. You may all disconnect.

Copyright policy: All transcripts on this site are the copyright of Seeking Alpha. However, we view them as an important resource for bloggers and journalists, and are excited to contribute to the democratization of financial information on the Internet. (Until now investors have had to pay thousands of dollars in subscription fees for transcripts.) So our reproduction policy is as follows: You may quote up to 400 words of any transcript on the condition that you attribute the transcript to Seeking Alpha and either link to the original transcript or to www.SeekingAlpha.com. All other use is prohibited.

THE INFORMATION CONTAINED HERE IS A TEXTUAL REPRESENTATION OF THE APPLICABLE COMPANY'S CONFERENCE CALL, CONFERENCE PRESENTATION OR OTHER AUDIO PRESENTATION, AND WHILE EFFORTS ARE MADE TO PROVIDE AN ACCURATE TRANSCRIPTION, THERE MAY BE MATERIAL ERRORS, OMISSIONS, OR INACCURACIES IN THE REPORTING OF THE SUBSTANCE OF THE AUDIO PRESENTATIONS. IN NO WAY DOES SEEKING ALPHA ASSUME ANY RESPONSIBILITY FOR ANY INVESTMENT OR OTHER DECISIONS MADE BASED UPON THE INFORMATION PROVIDED ON THIS WEB SITE OR IN ANY TRANSCRIPT. USERS ARE ADVISED TO REVIEW THE APPLICABLE COMPANY'S AUDIO PRESENTATION ITSELF AND THE APPLICABLE COMPANY'S SEC FILINGS BEFORE MAKING ANY INVESTMENT OR OTHER DECISIONS.

If you have any additional questions about our online transcripts, please contact us at: transcripts@seekingalpha.com. Thank you!

Source: Sourcefire Management Discusses Q4 2012 Results - Earnings Call Transcript
This Transcript
All Transcripts