Symantec is a global leader of security, storage and systems management solutions to help businesses and consumers secure and manage their information. We conduct our business in three geographic regions: Americas, which includes United States, Canada, and Latin America; EMEA, which includes Europe, the Middle East and Africa; and Asia Pacific Japan (“APJ”).
Our delivery network includes direct, inside, and channel sales resources that support our ecosystem of more than 40,000 partners worldwide, as well as various relationships with original equipment manufacturers (“OEMs”), Internet service providers (“ISPs”), and retail and online stores. We provide customers worldwide with software and services that protect, manage and control information risks related to security, backup and recovery, storage, compliance, and systems management.
Founded in 1982, Symantec has operations in more than 40 countries and our principal executive offices are located at 20330 Stevens Creek Blvd., Cupertino, California 95014. Our telephone number at that location is (408) 517-8000. Our home page on the Internet is www.symantec.com. Other than the information expressly set forth in this annual report, the information contained, or referred to, on our website is not part of this annual report.
Symantec’s strategy is to provide software and services to secure and manage the connected, information-driven world of our customers against more risks at more points, more completely and efficiently than any other company. We help individuals, small businesses, and global organizations ensure that their information, technology infrastructures and related processes are protected, managed easily and controlled automatically, independent of devices, platforms or locations.
We operate primarily in three diversified markets within the software sector: security, storage and systems management. The security market includes mission-critical products that protect consumers and enterprises from threats to electronic information, endpoint devices, and computer networks. Over the past year, we have seen a continued rise in the volume of security threats. Whereas attackers used to mass-distribute a threat to thousands or millions of targeted machines, today’s attackers often send individually crafted attacks to each victim. Attackers are also targeting users with social-engineering attacks, such as phishing websites that steal financial information, passwords and other personal data. The Internet has become the primary conduit for attack activity with hackers funneling threats through legitimate websites, placing a much larger percentage of the population at risk than in the past. Security continues to be a top priority for enterprises as information security is increasingly linked to regulatory compliance.
The storage software market includes products that manage, archive, backup, and recover business-critical data. Key drivers of demand in this market include the increasing volume of information that organizations of all sizes must manage, which is doubling every two years, the need for data to be protected and accessible at all times, and the need for a growing number of critical applications to be continuously available. Other factors driving demand in this market include the increasing pressure on companies to lower storage and server management costs while simultaneously increasing the utilization, availability levels, and performance of their existing information technology (“IT”) infrastructure.
The systems management market includes products that control the IT environment by streamlining efforts associated with deploying, managing, patching and remediating enterprise client and server assets. The drivers for demand in this market include customers’ desire to automate management tasks, to ensure business productivity and to reduce IT costs and complexity.
We believe that the security, storage and systems management software markets are converging as customers increasingly require our help in mitigating their risk profiles and managing their storage solutions in order to secure and manage their most valuable asset — their information. As the tools and processes from these formerly discrete domains become more integrated, we have taken a more proactive and policy-driven approach to protecting and managing information throughout its lifetime.
Business Developments and Highlights
During fiscal 2009, we took the following actions to support our business:
• We launched several new products and integrated new features into our products. Some of the new offerings in our enterprise business include: advanced electronic discovery and data de-duplication capabilities in our industry leading archiving platform; increased ability to discover, monitor and protect confidential information wherever it is stored or used through our data loss prevention solution; end-to-end coverage for the IT compliance lifecycle, including policy management, technical and procedural controls assessment in our compliance solution; support for VMware and Microsoft® Hyper-V in our backup and recovery solution; offering better visibility into IT assets, simplified day-to-day manageability and improved end-user productivity in our systems management solutions; and workspace management in our endpoint virtualization solution. In our consumer business, we delivered more than 300 performance improvements to our 2009 security products while providing even stronger protection against web-based attacks and other security threats. In addition, we expanded our consumer portfolio to include new web-based offerings for back-up and family safety, and we launched a remote PC Help service.
• We completed six acquisitions during fiscal 2009. We expanded our portfolio in the emerging and high growth areas of Software-as-a-Service (“SaaS”) and endpoint virtualization. In the SaaS space, we acquired MessageLabs Group Limited (“MessageLabs”). We also invested in our Consumer business by acquiring PC Tools Pty Ltd. (“PC Tools”) and SwapDrive, Inc. (“SwapDrive”). The PC Tools and SwapDrive acquisitions add new products, enhance our product portfolio with additional features and capabilities as well as help us acquire new customers.
• We reduced our cost structure in order to better align expenses with our revenue expectations. Some of the actions we took were: outsourcing certain IT and back-office finance functions; tightly managing our headcount costs; consolidating real-estate facilities; and reducing travel and entertainment expenses and other discretionary items.
• We made the following key changes to our executive management team: we announced John Thompson’s retirement as Chief Executive Officer and announced the appointment of Enrique Salem as President and Chief Executive Officer, each effective April 4, 2009, the first day of our fiscal 2010. As of that date, Enrique Salem also joined our Board of Directors and John Thompson remains the Chairman of the Board.
• We repurchased 42 million shares of our common stock for an aggregate amount of $700 million.
Operating Segments and Products
Our operating segments are significant strategic business units that offer different products and services, distinguished by customer needs. During fiscal 2009, we had five operating segments: Consumer, Security and Compliance, Storage and Server Management, Services, and Other.
Our Consumer segment provides suites and services that include Internet security, PC tuneup, and backup for individual users and home offices. Our Nortontm brand of consumer security software products provides protection for Windows®, Macintosh®, Windows-Mobile®, and Symbiantm platforms.
New customer acquisition is driven by increased threats, the need for identity protection, the growth of online transactions and the rapid increase of consumer data, such as photos, music libraries and video. Our award-winning Norton 2009 releases set a new standard for speed and performance. We continue to acquire customers through a diversified channel strategy that places our products where customers want to buy, including most of the top OEMs and through our number one position in retail. With the acquisition of PC Tools, Symantec reaches more segments, such as emerging markets, price sensitive consumers and new e-commerce channels.
Norton retains and leverages its strong existing customer base through auto-renewal subscriptions, migrating customers from point products to multi-product suites such as Norton Internet Security and Norton 360 and selling them additional products or services such as NortonLive services or the new Norton Online Backup. Through Norton 360, various partnerships and online channels, we are the market leader for online backup. Symantec hosts over 30 petabytes of consumers’ data and we have more than 7 million customers.
Symantec continued improving its consumer customer experience, satisfaction and loyalty during fiscal 2009. Our primary consumer products are: Norton 360tm, Norton Internet Securitytm, and Norton AntiVirus.
Security and Compliance
Our Security and Compliance segment helps our customers standardize, automate and reduce the costs of day-to-day security activities in order to secure and manage their information.
Our primary solutions in this segment address the following areas:
Enterprise security customer demand is driven by the quickly evolving threat environment, compliance regulations, and the need to keep confidential information from exposure outside the organization. Our solutions are built on market-leading policy management, data loss prevention, endpoint security, antispam, and content filtering technologies, allowing IT professionals to proactively mitigate information security risks and policy violations. We also help customers define, control, and govern their IT policies from a central location. This enables customers to protect critical assets and reduce business risk. Products include Symantec Endpoint Protection, Symantec Data Loss Prevention, Control Compliance Suite and Symantec Brightmail Gateway.
Our Endpoint Management business consisting of our systems management products is driven by the need for automated asset management, patch management and remediation. Our solutions offer better visibility into IT assets, simplified day-to-day manageability and improved end-user productivity, helping customers realize cost savings and value from their existing IT investments. Another key demand driver is endpoint virtualization, which frees up critical information from the myriad of operating system functions and devices so it can be secured and managed. Our products include the Altiris Client Management Suite, Altiris Server Management Suite, Altiris Total Management Suite, and Symantec Endpoint Virtualization Suite.
Growth in our archiving business is driven by increased e-discovery requirements and the growth of unstructured data such as email and instant messaging (“IM”). Symantec Enterprise Vaulttm optimizes storage by reducing expensive long-term storage of this data in an easy to access format.
Storage and Server Management
Our Storage and Server Management segment focuses on providing enterprise customers with storage management, high availability, and backup and recovery solutions across heterogeneous storage and server platforms. These solutions enable companies to standardize on a single layer of infrastructure software that works on every major distributed operating system and supports every major storage device, database, and application.
Our primary storage and server management solutions address the following areas:
Storage Management and High Availability
Our Storage Management and High Availability business is driven by our customers’ need to reduce overall storage costs through improved utilization of existing systems and virtualization. The business is also driven by customer migration to x86 based servers, which provides a reliance on management and availability tools to manage complexity and provide business continuity. Our products help customers simplify their data centers by
standardizing storage management across their environment for more efficient use of their existing storage investment. They also enable enterprises to manage large storage environments and ensure the availability of critical applications. Products include Veritas Storage Foundationtm, Veritas CommandCentral Storage, and Veritastm Cluster Server.
Backup and Recovery
Growth in the backup and recovery business is driven by migration from tape to disk-based backup, support for virtualization, de-duplication, and continuous data protection. The transition of NetBackup to a platform-based architecture enables our customers to take advantage of these drivers. Products include Veritas NetBackuptm, Veritas NetBackup PureDisktm, Symantec Backup Exectm, and Symantec Backup Exec System Recovery.
Symantec Global Services help customers address information security, availability, storage, and compliance challenges at the endpoint and in complex, multi-vendor data center environments. Our Services segment delivers Consulting, Education and Business Critical Services that help our customers maximize the value of their investment in our products and solutions. Managed Services and SaaS offerings provide customers the additional choice of on-demand services to meet their IT requirements.
Consulting, Education and Business Critical Services
Symantec Consulting provides advisory, product enablement and residency services to enable customers to assess, design, transform and operate their infrastructure, leveraging Symantec products and solutions. Education Services provides a full range of programs, including technical training and security awareness training, to help customers optimize their Symantec solutions. Business Critical Services, our highest level of support, provides personalized, proactive support from technical experts for enterprises that require secure, uninterrupted access to their data and applications.
Managed Services and SaaS
Symantec Managed Services and SaaS offerings enable customers to place resource-intensive IT operations under the management of experienced Symantec specialists in order to optimize existing resources and focus on strategic IT projects. This helps customers by reducing IT complexity, managing IT risk, and lowering the cost of operations. Recently acquired SaaS offerings from MessageLabs, combined with our Symantec Protection Network backup and recovery offerings provide our customers the flexibility to manage their business using online services or hybrid onsite and in-the-cloud solutions. These services include Symantec Managed Security Services, Symantec Managed Backup and MessageLabs Email Security Solutions.
Financial Information by Segment and Geographic Region
For information regarding our revenue by segment, revenue by geographical area, and long-lived assets by geographical area, see Note 12 of the Notes to Consolidated Financial Statements in this annual report. For information regarding the amount and percentage of our revenue contributed in each of our segments and our financial information, including information about geographic areas in which we operate, see Item 7, Management’s Discussion and Analysis of Financial Condition and Results of Operations and Note 12 of the Notes to Consolidated Financial Statements in this annual report. For information regarding risks associated with our international operations, see Item 1A, Risk Factors.
Sales and Go-To-Market Strategy
We sell our consumer products and services to individuals and home offices globally through a multi-tiered network of distribution partners and through e-commerce channels. Our products are available to customers through distributors, retailers, direct marketers, Internet-based resellers, OEMs, system builders, and ISPs.
Sales in the Consumer business through our electronic distribution channel, which includes sales derived from OEMs, subscriptions, upgrades, online sales, and renewals, grew by $143 million in fiscal 2009 over fiscal 2008. During fiscal 2009, approximately 79 percent of revenue in the Consumer segment came from our electronic channels.
We sell and market our products and related services to enterprise customers through our direct sales force of more than 3,500 and through a variety of indirect sales channels, which include value-added resellers, large account resellers, distributors, and system integrators. We also sell our products through authorized distributors in more than 40 countries and OEM partners who incorporate our technologies into their products, bundle our products with their offerings, or serve as authorized resellers of our products. Our sales efforts are primarily targeted to senior executives and IT department personnel responsible for managing a company’s IT initiatives.
During fiscal 2009, we added a SaaS delivery model offering a pay-as-you-go model that meets the needs of enterprise and small and medium business with evolving storage and security requirements.
Marketing and Advertising
Our marketing expenditure relates primarily to advertising and promotion, which includes demand generation and brand recognition of our consumer and enterprise products. Our advertising and promotion efforts include, but are not limited to, electronic and print advertising, trade shows, collateral production, and all forms of direct marketing. We also invest in cooperative marketing campaigns with distributors, resellers, retailers, OEMs, and industry partners.
We invest in various retention marketing and customer loyalty programs to help drive renewals and encourage customer advocacy and referrals. We also provide focused vertical marketing programs in targeted industries and countries.
We typically offer two types of rebate programs within most countries: volume incentive rebates to channel partners and promotional rebates to distributors and end-users. Distributors and resellers earn volume incentive rebates primarily based upon product sales to end-users. We also offer rebates to individual users who purchase products through various resale channels. We regularly offer upgrade rebates to consumers purchasing a new version of a product. Both volume incentive rebates and end-user rebates are accrued as an offset to revenue.
Symantec has centralized support facilities throughout the world that provide rapid, around-the-clock response, and are staffed by technical product experts knowledgeable in the operating environments in which our products are deployed. Our technical support experts assist customers with product implementation and usage, issue resolution and countermeasures, and threat detection.
Symantec provides customers various levels of enterprise support offerings. Our enterprise security support program offers annual maintenance support contracts, including content, upgrades, and technical support. Our standard technical support includes: unlimited hotline service delivered by telephone, fax, email, and over the Internet; immediate patches for severe problems; periodic software updates; and access to our technical knowledge base and frequently asked questions.
Our Consumer product support program provides self-help online services, phone, chat, email support and fee-based premium support and diagnostic services to consumers worldwide. Customers that subscribe to LiveUpdate receive automatic downloads of the latest virus definitions, application bug fixes, and patches for most of our consumer products.
In fiscal 2009, 2008 and 2007, one reseller, Digital River accounted for 10%, 11% and 12%, respectively, of our total net revenues. Digital River represented the only customer that accounted for 10 percent or more of revenues in fiscal 2009. In fiscal 2008 and 2007, one distributor, Ingram Micro accounted for 10% and 11%, respectively, of our total net revenues. Our distributor arrangements with Ingram Micro consist of several non-exclusive, independently negotiated agreements with its subsidiaries, each of which cover different countries or regions. Each of these agreements is separately negotiated and is independent of any other contract (such as a master distribution agreement), and these agreements are not based on the same form of contract. None of these contracts were individually responsible for over 10 percent of our total net revenues in fiscal 2008 and 2007.
Research and Development
Research and development expenses, exclusive of in-process research and development associated with acquisitions, were $880 million, $894 million and $867 million in fiscal 2009, 2008 and 2007, respectively, representing approximately 14%, 15% and 17% of revenue in the respective periods. We believe that technical leadership is essential to our success and we expect to continue to commit substantial resources to research and development.
Symantec embraces a global R&D strategy to drive organic innovation across the company. Engineers throughout the company pursue advanced projects and work with our engineering centers, research labs, global services teams, and new business incubator to translate R&D into next-generation security, storage and systems management technologies. Symantec focuses on short, medium, and long-term applied research, develops new products in emerging areas, participates in government-funded research projects, and partners with universities to conduct research to support Symantec’s vision. Symantec holds more than 600 global patents.
Our Security Response experts, located at research centers throughout the world, are focused on collecting and analyzing the latest malware threats, ranging from network security threats and vulnerabilities to viruses and worms. All this data is collected through the Symantec Global Intelligence Network, which provides insight into emerging trends in attacks, malicious code activity, phishing, spam, and other threats. This hands-on expertise is further leveraged in developing new technologies and approaches to protecting customers’ information and systems.
Our strategic technology acquisitions are designed to enhance the features and functionality of our existing products, and extend our product leadership, as well as to expand into emerging businesses such as SaaS and endpoint virtualization. We consider time to market, synergies with existing products, and potential market share gains when evaluating acquisitions of technologies, product lines, or companies. We may acquire and/or dispose of other technologies, products and companies in the future.
As of April 3, 2009, we employed more than 17,400 people worldwide, approximately 48 percent of whom reside in the U.S. Approximately 6,300 employees work in sales and marketing; 5,600 in research and development; 4,000 in support and services; and 1,500 in management, manufacturing, and administration.