Seeking Alpha
We cover over 5K calls/quarter
Profile| Send Message|
( followers)  

Fortinet, Inc. (NASDAQ:FTNT)

Morgan Stanley Technology, Media & Telecom Conference

February 25, 2013 4:55 pm ET

Executives

Ken Xie - Co-Founder, Chief Executive Officer, President and Director

Michelle Spolver - Vice President of Corporate Communications & Investor Relations

Nancy Bush - Interim Chief Financial Officer, Vice President and Worldwide Corporate Controller

Analysts

Keith Weiss - Morgan Stanley, Research Division

Keith Weiss - Morgan Stanley, Research Division

Thank you, everyone, for joining us. We're very -- my name is Keith Weiss. I'm a member of the software team here at Morgan Stanley. We're very pleased to have with us from Fortinet, both Ken Xie, CEO and Founder; Nancy Bush, CFO; and also, Michelle Spolver from Communications.

Question-and-Answer Session

Keith Weiss - Morgan Stanley, Research Division

So maybe to get it started, given that this is also the week of our stay, you guys had some product announcements this morning, particularly around better technologies for addressing Advanced Persistent Threats. Maybe, Ken, you could talk to us a little bit about what you guys announced this morning, how that integrates into your existing product portfolio, and what it's really meant to do?

Ken Xie

One thing we see, nowadays because, obviously, every year, you see the security landscape in T.V. is changing, a lot of new threats, a lot of new technology. So we are announcing this morning is really the one that we call the FortiGuard Service which, actually, more than half of the revenue come from the subscription service, 40x is the base of that. So we are announcing we're starting to offer the sandbox in the cloud. So we do have the sandbox, the smallest sandbox version in the FortiGate is the device. That's where we set our price. [ph] Now you also can have some other sandbox function into the cloud, so basically, you can have some more like thoroughly simulation behavior or simulation outcome to go to the cloud to do all that analysis. Because what we do is different than some other companies, some other things really. A lot of time our plan itself, whether the firewall technology or IPS or our control they called the flow based or kind of connection based security. So that is where it only block whatever the connection of the flow there. So the sandbox is like the oldest proxy technology, they also analyze the behavior, all the simulations, and not based on the signature, and that's where it's very effective to detect this 0-day attack. So that's where we feel the technology we have market in that because there is also a lot of testing going on who is the most effective to detect the 0-day attack. Basically, because today, every day, we see over 100,000 new wires, new malware, new intrusion all come in, so it's very difficult to always develop the signature quick enough and also -- so that's where how to detect this 0-day attack will become a key issue today. And that's where using the sandbox thing, using the behavior heuristic analysis, we feel will be huge because that's all the traditional network security companies that are falling behind. And you see some new companies that are trying to do it in this area. So we feel it is a quite important announcement we made in this morning very -- all this kind of sandboxing analysis and behavior base. And also the testing going on like in few weeks ago, so they evaluate like in -- based in Europe, it's a bp 100 test, so that they do every month. So you've added over 30 companies out of the top 30 companies. So we're the only one, we scored over 90% on the 0-day attack. Basically, they announced all the -- they get you a box, hold for like a few weeks, which they lock it down. You have no chance to operate a signature [indiscernible] composition, and then they have all the new wires installed, the new malware coming the next few weeks to test against this box. So we're the only one, we came to over 90%. That's where the technology is different. You need to put in not only the traditional like a flow base or connection base, but there also had to be more behaviors 0-day data attack base.

Keith Weiss - Morgan Stanley, Research Division

The other announcement that you guys made today had to do with the NSS Labs giving you guys a recommended rating for your next-generation firewall. I think that's interesting for a couple of points. One of the pushbacks that I hear from investors, but also a perception that I hear when I talk to resellers is that Fortinet is a UTM vendor and UTM vendor means small, midsized businesses. So the question to you would be, to what extent is something like NSS Labs giving you the recommended rating and next-generation firewall help get you over that hurdle? And what other efforts do you guys have from, let's say, a sales and marketing perspective to overcome that perception that Fortinet isn't just about small, midsized business?

Ken Xie

Yes. I kind of agree, certainly, the UTM -- first, I'm more comfortable on technology areas, sometimes we don't do a lot of marketing like that, the other companies do. So that's where you can see the market usually the low-end, the SMB, whatever, they more look at what's the value they can provide. So if you have this box can have a multiple function, a better value, a better performance, they usually are quick ones to jump off because IT guys not only need to man the security, they also need to man network and lots of other devices, storage and all the other things. And then we're also doing well in the wire high-end, the carrier service provider, some school university because they tend to be more technical. They're usually testing the box themselves instead of just listening to some other marketing or some other message there. So that's where the reason we are doing extremely well in the low end, also in extremely high end. In the middle end, we're missing some of the markets so that's one thing we started improving is really working with NSS, working with those other third party testing research firms. They try to message, make sure they can see the value in the enterprise, how we can provide a more integrated solution because today's attack is no longer a single point attack. It's no longer the virus or the spam, the intrusion, the less [ph] countries all come back together, all the planet attack. So you have to work together otherwise, you'll have multiple parts that mostly come from multiple vendor, sometimes they are not working together, so that's more difficult to defend. It's a blended attack and also very, very costly because security is also what's the best most efficient way, because if you want 100% security basically cut up the line, no connection. But then you also lost all the value there, so that's where you need to have the device in the middle, not only to offer better security, but also make sure you're not impacting other infrastructure, make sure they can provide the best value and whatever you put in the money that you invest in there. So that's a few -- the message from -- and as I said, is really starting, kind of helping us to get into the bigger deal or bigger account, which we see a lot of improvement, and that's where we have the earnings actually. The deal we have on last quarter we report last year [ph] really, that the overall million dollar, we doubled that, that bigger deal and also the deal over half million, we grew 87%. So I think that's probably the effort we put in marketing. We also do with the dedicated team. That's helping, and we are still kind of a bigger gap compared to some of our competitors in the area. So how do you improve in the marketing, how to improve in some bigger enterprise like the investment, but we kind of get the message. We try to improve them quickly, so that will be the focus for this year, more invest into this area.

Michelle Spolver

Actually, Keith, if I can add to that a bit, is that there is a lot of confusion in the marketplace about Fortinet and where we are positioned. I think a lot of that is coming from sort of misrepresentation from other vendors or opinions from analysts, so I think that we -- NSS is important to us because, one, it's a very stringent testing environment. It's a very credible third-party test lab. And it's not even us saying that our performance in TCO and security effectiveness is high, but it's our product working in a real-world enterprise environment. So I think, Ken, being an engineer, we do rely on third-party testing. I think NSS is a really important one because it's very credible and it's not us saying it. It's not another vendor saying it. And then my last point is, is to really -- for the investors that really want to look and see how we're doing in the enterprise space, is to really listen in our earnings calls when we talk about deals, one, and growth in large deals. That is like a really key -- it's a key metric. So I think it's hard to argue that we're not in the enterprise or not an enterprise customer -- or an enterprise company when we have the growth rates that we have in the enterprise.

Keith Weiss - Morgan Stanley, Research Division

Got it. Excellent. Maybe if you can move this discussion to the broader market opportunity. In the second half of 2012, you guys did see billings slow down from kind of low-30s type of growth rates to low-20s in the second half of 2012. I guess the overall question is, what drove that slowdown in the second half of the year? Was it macro related or was it more so the overall market slowing down and perhaps getting more competitive?

Ken Xie

I think the market is very healthy and I think it's a little bit more of an internal comparison because we have a 1 bigger deal, 8-digit number deal that start in like a Q3, Q4 in 2011, and then on Q1 Q2, first half of last year. So that's really has a little bit impact. But overall, I think, the market is still doing quite well. We see -- basically we are the company, even though U.S. kind of based, but we operate in all 3 regions. Each region contribute about 1/3 of our business so we do see a market keeping growing quite well, it's above average. And the European slowdown a little bit, but it's starting to recover now. And APAC, they are probably just on average and they build a lot new meaningful structure, but also we started fixing something there.

Nancy Bush

Just to add in a little bit to something Michelle alluded to earlier and then Ken, is we drive the financial model kind of from a yearly perspective but of course, you quarterize it, right, because you're a public company. But we also plan -- when you look at our product, we give out data that says heres how much was in all our 3 segments, right. Whether it was high-end enterprise, mid market or low end, and then we look to drive all of our geographies also, right. So we will look to have kind of comparable growth rates across all of those market metrics. So you may see some bumping around a little bit. And as Ken alluded to, in 2011, 2012, there was kind of a 4-quarter span where we were deploying out with a customer, so it definitely kind of drove a little bit different metrics. But kind of what we tend to do is look at the overall year and how we're going to achieve that kind of across those 6 bases, if you will.

Keith Weiss - Morgan Stanley, Research Division

Got it. That's a good segue into my next question. You gave a target for FY '13 billings growth in 19% to 20% and I think that surprised investors to the upside. I think they were pleasantly surprised about how strong that growth rate was. And of course, the follow-up question for investors is how do we know that's conservative enough? Fortinet has a good reputation for giving a conservative guidance, consistently beating and raising it. Given a still uncertain macro, given some of the slowdown in growth we saw in the second half, what do you tell investors to assure them that, that 19% to 20% billings target is that same kind of conservative target that Fortinet has given traditionally?

Ken Xie

I think we have a few things that give us that kind of forecast. Firstly, you can see the growth we have in enterprise is better market and last year grow 55%. It's starting to become a bigger sector for us in the vertical space, so we were confident based on the pipeline. So there's a lot of potential there. And also the technology, we're starting to see some new things like in Q4 we have the -- we have basically a 3 basic chip family. So this new chip, the second-generation come up in Q4, so that's what also helping contribute in the new product. And we also have other chip come out probably in the first half of this year. So that all will contribute both in the high end and the low end. So that's where based on all of this content, we have quite a confidence of our forecast there. And the other thing really in that space also we're healthy, so we see the whole thing starting to turn around, the whole economy, so that's also where we kind of -- that's also kind of -- because when we IPO-ed a little over 3 years ago, so we improved our position margin pretty much like a 7% to 10% every year. So from pretty much barely breakeven to like the last year, it's 25% of our margin. So now this year, the RMS we try to invest more into the growth so we want to hold the margin pretty much flat, and invest more money into growth. So all of this we have a few kind of a -- gave us kind of a healthy growth going forward this year.

Keith Weiss - Morgan Stanley, Research Division

Got it.

Nancy Bush

Yes. Just to kind of summarize, strong product portfolio, new updates coming in, we have strong market drivers. We have good geographic diversity rate. There are some verticals that we see that we're just beginning to see traction in, so we wanted to, as Ken mentioned, kind of go back and invest in those. So there is a very healthy growth market out there for us. And then I think there are some competitors that we continue to see that we have opportunity to go in and compete with also in a very favorable fashion. So we wanted to get kind of some of the message to people, we see a strong healthy landscape out there and are -- have the ability to compete in it.

Keith Weiss - Morgan Stanley, Research Division

Got it. And just in terms of the mechanics of the guidance, are there any change in your close rate assumptions or any of those sort of technical metrics around how you guys look at your guidance for the full year?

Nancy Bush

No. If you think about it, some portion of our revenue as we go into the quarter is coming off the balance sheet, right. So a little over 50% is from the subscription and support. And then we see a product number that we'd like to drive within the quarter, right. But nothing has really fundamentally changed in how that is playing out. I think we did go geography by geography and think about macro and market share. We factor that in, but no different process than we normally do.

Keith Weiss - Morgan Stanley, Research Division

Got it. And then maybe we can segue into the competitive environment, which you brought up. Fortinet is definitely been growing at a growth rates, if you look at sort of industry analyst data about market growth for next-generation file of why you came over the whole network security space, that's been outpacing that. So obviously, you guys have been taking market share historically. So on the competitive side, I guess the first question is, to what degree do you guys think you could sustain those market share gains on a going forward basis? Or maybe more nuanced, to what degree does your guidance assume you have to keep sustaining those market share gains?

Ken Xie

I think always the growth in market share come from if you use the different technology. Basically, if you look at the network security company, we are already the only one to develop our own basic chip and also working with the best CPU, the best in architecture. So we are basically leveraged both the chip level, system level and the software level past the infrastructure level, like the FortiGuard I mentioned earlier, to grow in all these minutes [ph], which none of our competitors have all this technology. So the chip example is really -- like we improved the performance a lot because I feel the space more move to the multifunction device. The more multifunction you put into the CPU, then the server and PC, they kind of impact each other's performance. And also there is a more like a swag, [ph] there's a lot of computation you need to put in the box there. Because network security is really different than the other like the software security. It's a piece of hardware in the middle of the wire, which a high-speed network can have to support 100 of server PC behind. So the box itself has to be fast enough and reliable enough, like whatever the traditional routing switch and whatever, so that has to be really kind of reliable quick enough, otherwise, it will slow down the whole network. So that's why they need to have a different technology and also different things to do it compared to just put a software in a standard PC or server to do that. That's the most other network security company is doing today. So that's my field of differentiation. The longer we stay here, the longer we will imagine this like at the hardware, the chip ASIC, that gave us much better performance, also is a much better platform, differentiate us more compared to just put a software in the standard PC server. So that's where you can see like today's announcement from NSS report. So NSS is the company and also with other many -- like a testing company, you can see the huge difference with the type of security offer, the performance and also the multifunction we have. So I feel the longer that the space wrapped in a multifunction device right now, the better benefit we have compared to company just leverage the software in the standard PC server. So that's how I feel. Eventually, my forecast right in the next 3 to 5 years, more than half of the network security device will have to be run multifunction. So that will give us a huge advantage because we can put the same function into the chip which can run 10x or 100x faster than you can run in a software CPU and the PC architecture there. So that's what gave us more like an advantage because we invest hundreds of million of dollar into the chip, into the hardware to make sure it's a better network platform to the other network security function there.

Keith Weiss - Morgan Stanley, Research Division

Got it. To a certain extent, I think -- I definitely agree with you on the consolidation of network security functionality, but we do see responses from your competitors. So Palo Alto Networks talks about their single pass architecture. Check Point, over the past 2 years, have rolled out new product lines at the high end, and they've added hardware acceleration modules to their product platforms. In the IPS space, Sourcefire has a new firepower platform which adds a lot more hardware capability to their underlying platform. As these firms focus more on the performance side of the equation, are you seeing them more so in your sweet spot of competitive engagements?

Ken Xie

I think they're doing their job, all these competitors trying to leverage the software architecture like -- or whether the single pass or some other advanced -- whatever the software architecture. But the issue is really, we're also working in the software side. So I don't feel that can be finished [ph] much because everyone can try to restructure the software a little bit. But then the real thing is really -- that's from my 20 years experience in the network security, and my first company just doing the software firewall exactly like they're doing today. And then I found out there's a lot of limitations, whether you can work on the CPU, the OS level. They give you a lot of limitation. Because first, the PC is stubborn. They are not designed to be the network device. And also the OS is really not designed to be running the network, all these kind of function there. So that's where my second company, NetScreen, so we try to move some function into the firewall, EPS function into the chip. So you kind of NetScreen quickly gain a lot of market share into the firewall EPS space. But that's when also have some limitation go beyond the firewall EPN [ph] because even if you try to do the other things, the intrusions, some applications, some [indiscernible] also needs some other device function there. So that's making this third platform, which is the third company I'm building today, I feel it's a much better platform to going forward because of we remove the limitation which the traditional software company has on the OS level, on the PC level, because they cannot change the OS once the architecture in the PC is there. Because, first, the PC and the OS, they are not designed to be the network platform. But network security is really the network inline device. So that's where we try to change and take advantage both on the chip level, in a system level, and also in a software level. I have to say other competitors, they are doing a good work in a software level, but their limitation are limiting the software. So that's where we are different, leverage all the whole architecture, the whole planned model, which can improve in both the performance and also the function there. So that's where that, so far, we have not see our competitor really -- because this takes a long time. For us, it takes 12 years, and we invest a $100 million to reach this stage. So that I feel going forward, we have more advantage on the function and the performance because of the investment we made in architecture.

Keith Weiss - Morgan Stanley, Research Division

Excellent. So I have a bunch more questions but I want to make sure I get some audience participation, so anyone from the audience have questions? Wow, no questions from the entire audience. So one of the areas where performance is definitely a strong advantage for you guys is to service provider space. It's been pretty consistently about 28% of your business. How do you feel about your service provider business heading into 2013? And from an investment point and your perspective, over the past couple of years you've talked a lot about some of these large deals and large design wins that you've done, how should we think about how those sort of carry momentum forward from one year to the next? Like when you win some of these large deals, and you start to build up like MSSP business, it's the first time for these service providers, what type of tailwinds could that give you into 2013?

Ken Xie

I think service providers is quite an important area for the security because they are the one who have the infrastructure. They can offer the clean pipe so they tend to do some same, like the difficult for enterprise or even for some other to get into [ph] because for a certain kind of attack they have to like leverage a lot of infrastructure, like [indiscernible] attack, all these kind of -- a service provider can do much better job to prevent all this compared to what enterprise can offer or compared to whatever the host end-user can offer. On the other side, I have to say, sometimes the service providers also need to work with the enterprise because a lot of the enterprise, they have the application. They have the security expertise. They understand what they really need there. So that's -- it kind of balances the growth. And so we have more advantage in the service provider because they tend to be more technical and they also see the device, the high-speed device working well with them. And also, I have to say, today it surprises me still the more is lost [ph] to supply [ph] after like 30 or 40 years, every like a 2 -- every 2 years when the network speed, the semiconductor speed doubles. So it's kind of a -- it's better in a bigger cloud data center service provider can play more important role there. We still see it's a much stronger growing area, but I have to say, they probably need to be more working with enterprise together and try to like solve the whole issue together.

Keith Weiss - Morgan Stanley, Research Division

Got it. Okay. And then we talked a lot about enterprise, and in Q4, you guys had a good enterprise number, I think you talked about 55% growth year-on-year in your enterprise sales. Maybe relating those enterprise sales to margin. We talked a little bit about you don't expect margins to improve very much in FY '13 because you're investing more on growth. Is there any increased distribution costs that comes from focusing more in the enterprise, more demanding sale, more direct touch sale that, in any expense, is pressuring your margins as well?

Ken Xie

We have not seen that because security is right now, so far it's not like some other semiconductor I'm getting so other [ph] new people to try kind of cut the price or whatever. The security, they still want to buy who can -- I think the product year [ph] is on the first stage. So the lifetime of the customer rather is more in a later day, how can give them better support, how can offer better security, quick update, and new technology, new function there. So that's where so far we have not seen the pressure come from like a type of this -- kind of this -- same thing when we see like in other vertical space at the service provider because this is really, if you can have some better product, they are willing to pay higher price.

Michelle Spolver

The one thing though is, we did see a bit -- from a margin perspective of impact in the services margins last year because we did beef up our service organization from the Professional Services standpoint, as well as just overall services personnel to help support our enterprise business.

Ken Xie

Yes. That's where we have a 2-part like a power margin like a 60% to 65%, that's where the product and the service component like 80% to 85%. But we are starting to invest much more. You can see the high comp growth. So when you invest much more into the service support, that's what lowered the margin because people take like 6 to 12 months to really come up to speed for all this service support.

Nancy Bush

But we do have a pretty disciplined model, right. So if you're in one of the 3 segments, we kind of do know how much we want the cost to pass it on through to be. And so on the lower end, as you might imagine, you want to have less sales and marketing costs involved in passing it through. On the enterprise because of the size of the deals, you tend to invest a little bit more, so we're pretty disciplined in that perspective. And then as you kind of go through the different geographies, there can be some cost differentials, right. So we take kind of what's the landscape, what the market share we want to take, and then how do we apply that disciplined model across the sales and marketing.

Keith Weiss - Morgan Stanley, Research Division

Got it. And then in the near term -- well, last year, you're talking more about sort of cash out spending and services support, sort of those functionalities. This year, you're talking about investing for growth more aggressively given the market opportunity. Longer term, how should investors be thinking about the long-term target margins at Fortinet? Where do you think they could go over time?

Ken Xie

I think the last year, we did about 25% -- when we IPO 3 years ago, we say 20-plus would be the margin. I think we reached that model whether too soon or not, you might have the judgment. But one side, really, now it seems the market more value to growth, because the security space is so fragmented, even the #1 player they only have like a 15% market share. So we feel once we're gaining more market share, eventually, we can more leverage than you're improving the margin there. But since right now all the game on the growth, so we are -- we are probably still want to keep the same models, so that is the [indiscernible].

Nancy Bush

Yes. We'll probably update people a little bit towards the end of the year, but I agree with Ken. If you look at what we think in terms of market share we can go after, we still continue to see investment for quite a while. And then I think, just to caution people, as you kind of move into different scales and certain geographies, sometimes you have to go back and make an investment to step up to that next level of business. But I see a lot of room to continue to invest.

Keith Weiss - Morgan Stanley, Research Division

Got it. And then maybe -- we've got a minute left, we could wrap on a big picture, long-term question. One of the themes that have been coming into the market place at least for investors has been Software Defined Networking, and there has been a lot of questions about how does that impact adjacent areas with security being one of them. How does Fortinet think about Software Defined Networking on the horizon, particularly since so much of your value proposition is that interface between the software and the hardware? How does Fortinet plan in that type of world on a go forward basis?

Ken Xie

I think that's also we feel is important we follow the change there. Because once we change different from like -- I have to say, Software Defined Networks deal more kind of change in the connection, the control layer. So we already -- like Fortinet different than my previous company, we already moved to the content application there. That's where the malware, the intrusion, the bars all the bad things in the content there, so that's already above whatever the SDN can do there. So I think is that we are part of the whole group really kind of keeping develop the SDN structure and -- plus what service provider center there. Obviously, it's a good opportunity because we believe we have the technology that can really like make kind of the flow, the trend, the change in working together with a partner, the patchwork [ph] of working there.

Keith Weiss - Morgan Stanley, Research Division

Excellent. Now unfortunately, that takes us to the end of our time today. Thank you very much for joining us. Very interesting conversation.

Ken Xie

Thank you.

Copyright policy: All transcripts on this site are the copyright of Seeking Alpha. However, we view them as an important resource for bloggers and journalists, and are excited to contribute to the democratization of financial information on the Internet. (Until now investors have had to pay thousands of dollars in subscription fees for transcripts.) So our reproduction policy is as follows: You may quote up to 400 words of any transcript on the condition that you attribute the transcript to Seeking Alpha and either link to the original transcript or to www.SeekingAlpha.com. All other use is prohibited.

THE INFORMATION CONTAINED HERE IS A TEXTUAL REPRESENTATION OF THE APPLICABLE COMPANY'S CONFERENCE CALL, CONFERENCE PRESENTATION OR OTHER AUDIO PRESENTATION, AND WHILE EFFORTS ARE MADE TO PROVIDE AN ACCURATE TRANSCRIPTION, THERE MAY BE MATERIAL ERRORS, OMISSIONS, OR INACCURACIES IN THE REPORTING OF THE SUBSTANCE OF THE AUDIO PRESENTATIONS. IN NO WAY DOES SEEKING ALPHA ASSUME ANY RESPONSIBILITY FOR ANY INVESTMENT OR OTHER DECISIONS MADE BASED UPON THE INFORMATION PROVIDED ON THIS WEB SITE OR IN ANY TRANSCRIPT. USERS ARE ADVISED TO REVIEW THE APPLICABLE COMPANY'S AUDIO PRESENTATION ITSELF AND THE APPLICABLE COMPANY'S SEC FILINGS BEFORE MAKING ANY INVESTMENT OR OTHER DECISIONS.

If you have any additional questions about our online transcripts, please contact us at: transcripts@seekingalpha.com. Thank you!

Source: Fortinet's CEO Presents at Morgan Stanley Technology, Media & Telecom Conference (Transcript)
This Transcript
All Transcripts