Bulletin
Investor Alert

May 6, 2022, 4:45 p.m. EDT

10-Q: FORTINET, INC.

new
Watchlist Relevance
LEARN MORE

Want to see how this story relates to your watchlist?

Just add items to create a watchlist now:

or Cancel Already have a watchlist? Log In

(EDGAR Online via COMTEX) -- ITEM 2. Management's Discussion and Analysis of Financial Condition and Results of Operations

In addition to historical information, this Quarterly Report on Form 10-Q contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities and Exchange Act of 1934, as amended (the "Exchange Act"). These statements include, among other things, statements concerning our expectations regarding:

the effects of supply chain constraints and the global chip and component shortages and other factors affecting our manufacturing capacity, delivery, cost and inventory management;

the duration and impact of the COVID-19 pandemic, including various COVID-19 variants, and the implementation of "return to office" plans;

effects of the war in Ukraine, related macroeconomic effects and the impact of our decision to suspend operations in Russia;

effects of increased inflation in certain geographies;

continued growth and market share gains;

variability in sales in certain product categories from year to year and between quarters;

expected impact of sales of certain products and services;

the impact of macro-economic, geopolitical factors and other disruption on our manufacturing or sales, including the impact of the COVID-19 pandemic and other public health issues and natural disasters;

the proportion of our revenue that consists of product and service revenue, and the mix of billings between products and services, and the duration of service contracts;

the impact of our product innovation strategy;

the effects of government regulation, tariffs and other policies;

drivers of long-term growth and operating leverage, such as sales productivity and capacity, functionality and value in our subscription service offerings;

growing our sales to businesses, service providers and government organizations, our ability to execute these sales and the complexity of selling to all segments (including the increased competition and unpredictability of timing associated with sales to larger enterprises), the impact of sales to these organizations on our long-term growth, expansion and operating results, and the effectiveness of our sales organization;

our ability to hire properly qualified and effective sales, support and engineering employees;

risks and expectations related to acquisitions and equity interests in private and public companies, including integration issues related to product plans and the acquired technology, and risks of negative impact by such acquisitions and equity investments on our financial results;

trends in revenue, cost of revenue and gross margin;

trends in our operating expenses, including sales and marketing expense, research and development expense, general and administrative expense, and expectations regarding these expenses;

expectations that our operating expense will increase in absolute dollars during 2022;

expectations that proceeds from the exercise of stock options in future years will be adversely impacted by the increased mix of restricted stock units versus stock options granted;

Table of Contents

expectations regarding spending related to real estate acquisitions and development, data center investments, as well as other capital expenditures and to the impact on free cash flow;

estimates of a range of 2022 spending on capital expenditures;

competition in our markets;

statements regarding expected outcomes and liabilities in litigation;

our intentions regarding share repurchases and the sufficiency of our existing cash, cash equivalents and investments to meet our cash needs, including our debt servicing requirements, for at least the next 12 months;

other statements regarding our future operations, financial condition and prospects and business strategies; and

adoption and impact of new accounting standards.

These forward-looking statements are subject to certain risks and uncertainties that could cause our actual results to differ materially from those reflected in the forward-looking statements. Factors that could cause or contribute to such differences include, but are not limited to, those discussed in this Quarterly Report on Form 10-Q and, in particular, the risks discussed under the heading "Risk Factors" in Part II, Item 1A of this Quarterly Report on Form 10-Q and those discussed in other documents we file with the Securities and Exchange Commission (the "SEC"). We undertake no obligation, and specifically disclaim any obligation, to revise or publicly release the results of any revision to these and any other forward-looking statements. Given these risks and uncertainties, readers are cautioned not to place undue reliance on such forward-looking statements.

Business Overview

Fortinet is a global leader in cybersecurity solutions provided to a wide variety of organizations, including enterprises, communication service providers and security service providers, government organizations and small businesses. Our cybersecurity solutions are designed to provide broad visibility and segmentation of the digital attack surface through our integrated cybersecurity platform products and services providing a mesh architecture, which feature automated protection, detection and response along with consolidated visibility across both Fortinet developed solutions and a broad ecosystem of third-party solutions and technologies. Our cybersecurity platform portfolio leverages a common operating system or integration to this operating system across our product offerings and helps organizations better secure their environments and reduce their security and network complexities. The Fortinet operating system has an open architecture designed to integrate Fortinet solutions with third-party solutions in a single ecosystem, enabling automated detection and response across the attack surface.

Our product offerings consist of our Core Platform (previously referred to as FortiGate network security physical and virtual products) and our Platform Extension (previously referred to as non-FortiGate physical and virtual, software and cloud-hosted products). In addition to high performing security and networking features, we offer a rich set of cloud-delivered security services that can be added to Platform Extension products and customized to the organization's use cases.

Our cloud- and hosted- Platform Extension products and services include sandboxing, endpoint detection and response ("EDR"), email security, web application and API security and cloud networking security as well as management and analytics.

Our FortiGuard security services are enabled by FortiGuard Labs, which provides threat research and artificial intelligence capabilities from a cloud network to deliver coordinated protection for the ever-expanding attack surface through Core Platform appliance and virtual machine as well as all Platform Extension products that are registered by the end-customer.

Our FortiCare services provide both technical support and professional services to help our customers deploy, maintain, and operationalize Fortinet's Core Platform and Platform Extension products and services.

Our proprietary Security Processing Units ("SPUs") are Application-Specific Integrated Circuits that are implemented in our physical Core Platform appliances and are designed to enhance the security processing capabilities implemented in

Our FortiOS operating system provides the foundation for the operation of all Core Platform and Platform Extension products, whether physical, virtual, private- or public-cloud based. FortiOS directs the operations of processors and SPUs and provides system management functions. We make regular updates to FortiOS available through our FortiCare support services.

Networking functionality and security capabilities are integrated into the FortiOS operating system to run both the Core Platform and Platform Extension capabilities of Fortinet's cybersecurity mesh architecture. This approach to security combines discrete security solutions together into an integrated operating system which provides centralized management, visibility, automation and intelligence sharing to simplify operations and respond rapidly to threats.

The focus areas of our business consist of:

Secure Networking-Our Security-Driven Networking solutions enables the convergence of networking and security across all edges to provide next-generation firewall ("NGFW"), software-defined wide area network ("SD-WAN"), LAN Edge (Wi-Fi and switch) and secure access service edge ("SASE"). We derive a majority of product sales from our Core Platform network security appliances. Core Platform network security appliances include a broad set of built-in security and networking features and functionalities, including firewall, next-generation firewall, secure web gateway, secure sockets layer ("SSL") inspection, software-defined wide area network ("SD-WAN"), Intrusion Prevention system ("IPS"), sandboxing, data leak prevention, virtual private network ("VPN"), switch and wireless controller and wide area network ("WAN") edge. Our network security appliances are managed by our FortiOS network operating system, which provides the foundation for Core Platform security functions. We enhance the performance of our network security appliances from branch to data center by designing and implementing Security Processing Units ("SPUs") technology within our appliances, enabling us to add security and network functionality with minimal impact to network throughput performance. Along with our secure Wi-Fi access points and switches, Fortinet helps organizations secure their networks across campuses, branches and work-from-home deployments.

Zero Trust Access-Fortinet's Platform Extension products and services extend beyond the network to create a cybersecurity mesh architecture to cover other attack vectors. Our Zero Trust Access solutions enable customers to know and control who and what is on their network, in addition to providing security for work from anywhere ("WFA"). Zero Trust Access solutions include FortiNAC, FortiAuthenticator, FortiClient and FortiToken. Additionally, the proliferation of operational technology ("OT") and internet of things ("IoT") devices has generated new opportunities for us to grow our business. Our network access control solutions provide visibility, control and automated event responses in order to secure OT and IoT devices.

Cloud Security-We help customers connect securely to and across their individual, hybrid cloud, multi-cloud and virtualized data center environments by offering security through our virtual firewall and other software products and through integrated capabilities with major cloud platforms. Our public and private cloud security solutions, including virtual appliances and hosted solutions, bring our Platform Extension products and services into and across cloud environments, delivering security that follows their applications and data. Our Secure SD-WAN for Multi-Cloud solution automates deployment of an overlay network across different cloud networks and offers visibility, control and centralized management that integrates functionality across multiple cloud environments. Our Cloud Security portfolio also secures applications, including email and web. Fortinet cloud security offerings are available for deployment in major public and private cloud environments, including Alibaba Cloud, Amazon Web Services, Google Cloud, IBM Cloud, Microsoft Azure, Oracle Cloud and VMWare Cloud. We also offer managed IPS and web application firewall ("WAF") rules delivered by FortiGuard Labs as an overlay service to native security offerings offered by Amazon Web Services.

Security Operations-We develop and provide a range of products and services that enable the security operations center ("SOC") teams to identify, investigate and remediate potential incidents in which cybercriminals bypass prevention-oriented controls. Given the breadth of the attack surface to monitor, as well as the volume and sophistication of cyber threats, artificial intelligence is a key part of these offerings, which include: FortiGuard and other security subscription services, modern endpoint security with EDR, a range of breach-protection technologies plus our security information and event management ("SIEM") and security orchestration, automation and response ("SOAR"), all of which can be applied across the entire set of Platform Extension products and services. These solutions automatically deliver security intelligence and insights that enable organizations to protect against and respond to threats faster through integration with Fortinet and third-party controls.

Table of Contents

Support and Professional Services-Fortinet offers technical support, FortiOS updates and extended product warranty through our FortiCare support services. In addition to our technical support services, we offer a range of advanced services, including premium support, professional services and expedited warranty replacement. Our professional service offerings include resident engineers and professional service consultants for implementations or trainings.

Financial Highlights

Total revenue was $954.8 million during the three months ended March 31, 2022, an increase of 34%, compared to $710.3 million in the same period last year. Product revenue was $371.0 million during the three months ended March 31, 2022, an increase of 54%, compared to $240.7 million in the same period last year. Service revenue was $583.8 million during the three months ended March 31, 2022, an increase of 24%, compared to $469.6 million in the same period last year.

Total gross profit was $701.0 million during the three months ended March 31, 2022, an increase of 27%, compared to $553.7 million in the same period last year.

Cash, cash equivalents, short-term and long-term investments and marketable equity securities were $2.50 billion as of March 31, 2022.

During the three months ended March 31, 2022, we repurchased 2.3 million shares of common stock under our Share Repurchase Program (the "Repurchase Program"), for a total purchase price of $691.2 million.

Deferred revenue was $3.66 billion as of March 31, 2022, an increase of $205.0 million, or 6%, from December 31, 2021. Short-term deferred revenue was $1.89 billion as of March 31, 2022, an increase of $115.9 million, or 7%, from December 31, 2021.

We generated cash flows from operating activities of $396.1 million during the three months ended March 31, 2022, an increase of $80.2 million, or 25%, compared to the same period last year.

Total bookings were $1.28 billion during the three months ended March 31, 2022, an increase of 50% compared to $851.6 million in the same period last year. We define bookings as the total value of all orders received during the period.

Backlog was $278.3 million as of March 31, 2022, an increase of $116.4 million compared to $161.9 million as of December 31, 2021. Backlog represents orders received but not fulfilled and excludes backlog related to Alaxala's products and services of $48.7 million.

On a geographic basis, revenue continues to be diversified, which remains a key strength of our business. During the three months ended March 31, 2022, the Americas region, the Europe, Middle East and Africa ("EMEA") region and the Asia Pacific ("APAC") region contributed 40%, 36% and 24% of our total revenue, respectively, and increased by 32%, 25% and 57% compared to the same periods last year, respectively.

Our revenue growth was driven by strong product revenue performance. Product revenue grew 54% during the three months ended March 31, 2022, compared to the same period last year. Product revenue growth was consistent with an elevated cyber threat landscape. Core Platform products accounted for more than half of the product revenue growth during the three months ended March 31, 2022. While Secure SD-WAN contributed to product revenue growth, the main driver was the strong demand for the wide range of other operating system capabilities embedded in the Core Platform products. We experienced strong product revenue growth across many of our Platform Extension products, including our OT solutions, secure access products and software licenses. The impact of the increase in backlog was seen in Core Platform and Platform Extension products. Service revenue growth of 24% during the three months ended March 31, 2022, compared to the same period last

Our billings were diversified on a geographic basis. During the three months ended March 31, 2022, approximately 50% of our billings in the aggregate were from over 100 countries that each individually contributed less than 3% of our billings.

Operating margin decreased by 1.3 percentage points during the three months ended March 31, 2022 compared to the same period last year. Headcount increased to 10,860 employees and contractors as of March 31, 2022, a 7% increase compared to 10,195 as of December 31, 2021.

COVID-19 Pandemic Update

The United States and the global community we serve are facing unprecedented challenges posed by the COVID-19 pandemic, including the various COVID-19 variants. In response to the pandemic, we undertook a number of actions to protect our employees, including restricting travel and directing many of our employees to work from home. In certain geographies, we have started to transition back to an in-person working mode, allowing increasing numbers of employees to work from our offices with reasonable precautions and, in all cases, subject to abiding by local legal restrictions. We intend to continue to monitor and abide by local employee health and safety protocols and other regulations as applicable to each local office.

While the broader implications of the COVID-19 pandemic on our employees and overall financial performance continue to evolve, we have seen certain impacts on our business and operations, results of operations, financial condition, cash flows, liquidity and capital and financial resources as of and during the three months ended March 31, 2022. Conversely, some aspects of our business do not appear to have been significantly affected. During the three months ended March 31, 2022, we have observed the following:

We have seen continued supply chain challenges, including chip and other component shortages and increased costs for certain chips and other components and shipping, and we do not have enough inventory to promptly meet all demand for all products.

In many countries, our employees' ability to travel has been reduced. Certain in-person sales and marketing events or meetings that would normally have been held were canceled, postponed or converted into virtual events. However, as certain country's restrictions start to ease, we have started to see an increase in expenses related to travel and marketing events. Although we cannot predict if or when such expenses will return to pre-pandemic levels, as of March 31, 2022, we have started to see an increase in such expenses as compared to the same period last year.

In order to mitigate supply chain disruption and other supply chain risks and in anticipation of future demand, we increased our commitments with certain suppliers to secure capacity, and are meeting regularly with our contract manufacturers and component suppliers to manage future commitments, address component shortages and monitor delivery. We have also transitioned primarily to air shipping to avoid port congestion and extended ocean freight time.

Going forward, the situation remains uncertain, rapidly changing and hard to predict, and the COVID-19 pandemic may have a material negative impact on our future periods. If we experience component, shipping or inventory challenges, it will negatively impact billings and product revenue in the current quarter and FortiGuard and FortiCare service revenues in subsequent quarters, as we sell annual and multi-year service contracts that are recognized ratably over the contractual service term. In addition, the broader implications of the pandemic on our business and operations and our financial results, including the extent to which the effects of the pandemic will impact future results and growth in the cybersecurity industry, remain uncertain. The extent of the impact of the COVID-19 pandemic on our operational and financial performance will depend on ongoing developments, including the duration and spread of the virus and its variants, the impact on our end-customers' spending, the volume of sales and length of our sales cycles, the impact on our partners, suppliers, and employees, actions that may be taken by governmental authorities and other factors identified in Part II, Item 1A "Risk Factors" in this Form 10-Q. Given the dynamic nature of these circumstances, the full impact of the COVID-19 pandemic on our business and operations, results of operations, financial condition, cash flows, liquidity and capital and financial resources cannot be reasonably estimated at this time.

Recent Events

Due to the war in Ukraine and the resulting sanctions and other actions against Russia and Belarus, there has been uncertainty and disruption in the global economy. At the beginning of the war in Ukraine in late February 2022, we experienced

Although the Russian war against Ukraine did not have a material adverse impact on our revenue or other financial results for the three months ended March 31, 2022, at this time we are unable to fully assess the aggregate impact it will have on our business in future periods due to various uncertainties, which include, but are not limited to, the duration of the war, its effect on the economy, its impact to the businesses of our customers and distributors, actions that may be taken by governmental authorities related to the war, and other factors identified in Part II, Item 1A, "Risk Factors" in this Quarterly Report, including the risk factor titled "The war in Ukraine and our suspension of operations in Russia have affected and may continue to affect our business."

Business Model

We typically sell our security solutions to distributors that sell to networking security focused resellers and to service providers and managed security service providers ("MSSPs"), who, in turn, sell to end-customers or use our products and services to provide hosted solutions to other enterprises. At times, we also sell directly to large service providers and major systems integrators. Our end-customers are located in over 100 countries and include small, medium and large enterprises and government organizations across a wide range of industries, including education, financial services, government, healthcare, manufacturing, retail, technology and telecommunications. An end-customer deployment may involve as few as one or as many as thousands of Core Platform as well as Platform Extension products, depending on the end-customer's size and security requirements.

We also offer our products hosted in our own data centers and through major cloud providers, and have recognized revenue on a usage basis from Alibaba Cloud, Amazon Web Services, Google Cloud, IBM Cloud, Microsoft Azure and Oracle Cloud. We have also recognized revenue from customers who deploy our products in a bring-your-own-license ("BYOL") arrangement in private clouds or at cloud providers. In a BYOL arrangement, a customer purchases a software license from us through our channel partners and deploys the software in a cloud provider's environment. Similarly, customers may purchase such a license from us and deploy it in third-party clouds or in their private cloud.

Our customers purchase our hardware products and software licenses, as well as our FortiGuard and other security subscription and FortiCare technical support services. We generally invoice at the time of our sale for the total price of the products and security and technical support services. Standard payment terms are generally no more than 60 days, though we continue to offer extended payment terms to certain distributors.

Key Metrics

We monitor several key metrics, including the key financial metrics set forth below, in order to help us evaluate growth trends, establish budgets, measure the effectiveness of our sales and marketing efforts, and assess operational efficiencies. The following table summarizes revenue, deferred revenue, billings (non-GAAP), net cash provided by operating activities, and free cash flow (non-GAAP). We discuss revenue below under "Results of Operations," and we discuss net cash provided by operating activities below under "-Liquidity and Capital Resources." Deferred revenue, billings (non-GAAP), and free cash flow (non-GAAP) are discussed immediately below the following table:







                                                             Three Months Ended Or As Of
                                                         March 31, 2022           March 31, 2021
                                                                    (in millions)
        Revenue                                     $        954.8               $         710.3
        Deferred revenue                            $      3,657.9               $       2,745.6
        Billings (non-GAAP)                         $      1,159.8               $         850.6
        Net cash provided by operating activities   $        396.1               $         315.9
        Free cash flow (non-GAAP)                   $        273.5               $         263.8
        


Deferred revenue. Our deferred revenue consists of amounts that have been invoiced but that have not yet been recognized as revenue. The majority of our deferred revenue balance consists of the unrecognized portion of service revenue . . .

May 06, 2022

COMTEX_406804728/2041/2022-05-06T16:45:11

Is there a problem with this press release? Contact the source provider Comtex at editorial@comtex.com. You can also contact MarketWatch Customer Service via our Customer Center.

(c) 1995-2022 Cybernet Data Systems, Inc. All Rights Reserved

This Story has 0 Comments
Be the first to comment

Story Conversation

Commenting FAQs »

Partner Center

Link to MarketWatch's Slice.