Allot Ltd. (ALLT) Q3 2021 Earnings Report, Transcript and Summary

Ladies and gentlemen, thank you for standing by. Welcome to Allot's Third Quarter 2021 Results Conference call. All participants are present in a listen-only mode. [Operator Instructions] As a reminder, this conference is being recorded. You should have all received by now the company's press release. If you have not received it, please contact Allot's Investor Relations team at GK Investor & Public Relations at 1 (212) 378-8040 or view it in the News section of the website at www.allot.com. I would now like to hand over the call to Mr. Kenny Green of GK Investor Relations. Mr. Green, would you like to begin, please?

Thank you, operator. Welcome to Allot's third quarter 2021 conference call. I would like to welcome all of you to the conference call and I would like to thank Allot management for hosting this call. With us on the line today are Mr. Erez Antebi, President and CEO; and Mr. Ziv Leitman, CFO. Erez will provide an opening statement and summarize the key highlights of the quarter. We will then open the call for the question-and-answer session, and both Erez and Ziv will be available to answer your questions. You can all find the financial highlights and metrics including those we typically discuss on the conference call in today's earnings press release. Before we start, I'd like to point out of the safe harbor statement. This conference call may contain projections or other forward-looking statements regarding future events and the future performance of the company. These statements are only predictions and Allot cannot guarantee that they will, in fact, occur. Allot does not assume any obligation to update that information. Actual events or results may differ materially from those projected, including as a result of impacts due to the COVID-19 pandemic, changing market trends, delays in the launch of services by Allot customers, reduced demand and the competitive nature of the security systems industry, as well as other risks identified in the documents filed by the company with the Securities and Exchange Commission. And with that, I would now like to hand the call over to Erez. Erez, please go ahead.

Thank you, Kenny. I'd like to welcome all of you to our conference call, and thank you for joining us today. Our third quarter was another quarter of solid growth. Revenues grew 10% year-over-year for the third quarter and reached $38.2 million. In the third quarter, we also achieved non-GAAP operating profit of $0.3 million compared to a loss of $1 million in the third quarter of 2020. This is our 15th straight quarter of revenue growth year-over-year, and I am very pleased with the results we achieved during the third quarter. Also during the third quarter, we succeeded in signing several recurring security revenue deals for several of our Allot Secure product lines. In addition, we recently signed a security as a service deal with DISH in the U.S. to deliver cybersecurity to their 5G customers. I am very pleased with these results, and I believe it shows we are successfully executing on our plan. Our business is expanding across our product lines and markets, and we are increasing our market share, especially in the cybersecurity business as I will describe in more detail. As we see our opportunities grow, we continue to invest in order to capitalize on a significant number of opportunities that we are identifying. I'd like to start by discussing our visibility in control business, addressed by our Allot Smart product line. Revenue from this business is continuing to grow well for us in 2021. The main use cases we see today in CSPs are in traffic management, congestion management, quality of user experience, especially for video, policy and charging control and digital enforcement. During the third quarter of 2021, we were awarded several deals with operators requiring traffic management in addition to quite a few expansions of existing customers. In a deal we won in APAC, we will be replacing a direct competitors' product that is installed. In addition to replacing the existing DPI solution with our Allot Smart product, that operator also signed a deal with us to launch security as a service, using Allot Secure to its customer base. We are discussing multiple other opportunities with other CSPs currently using our competitors' product and are working on expanding deals that we won before. As governments look to fight crime and terrorism, we see growing interest globally to be able to block illegal activities, such as drug trafficking, child pornography, or terrorism. We are seeing growing interest in our products in this area as well. Our enterprise business is continuing to grow, reaching revenue of $6.6 million in the third quarter. The deal we signed in the beginning of 2020 was Broadcom, position Allot as a replacement for their Packeteer product, which is end of life is contributing a significant portion of this growth. We expect continued double-digit growth of the enterprise business in the remainder of this year. I wanted to say a few words on the 5G market and what we believe it holds in store for Allot Smart product line. Many operators worldwide are deploying 5G networks. Most of these are using 5G frequencies and radios, but continuing to use a 4G core. However, a growing number of operators are deploying a 5G core. Many of them plan to deploy this core in a cloud environment, AT&T, Verizon, DISH and Rakuten are examples of operator who chose in whole or in part to deploy their core in the cloud environment. We believe the growth in traffic volumes that is expected in 5G networks, together with the need for high-quality control of the traffic creates an opportunity for Allot Smart in this growing market segment. Not all clouds are the same. Some work with AWS, some with Azure and sound like Rakuten use their own version. We are in the process of deploying our products and networks contracted with, such as DISH and Rakuten and are investing what is required to adapt our products to the various containerized cloud native environment to take advantage of this growing market opportunity. To summarize, I believe the demand for Allot Smart product line, including congestion management, traffic management, analytics, digital enforcement, and enterprise use cases will remain healthy with growth in the main use cases I described. I want to turn our attention to what we see in our cybersecurity business and how the market is continuing to change favorably. As I've said in previous calls, Allot is transforming into a cybersecurity company. And this is where we see most of our future growth coming from. There is a revolution happening in the consumer cybersecurity market. Responsibility on securing the consumer, the family, small business lies today with the individual. Each person is responsible to protect himself or herself, and their families and small businesses. To do this, they need to find a security app, buy it, downloaded and installed on every one of their devices. Problem is that regardless how good or bad a security app is, more than 90% of consumers don't do what I just described and are left unprotected. This means that the current solution with endpoint security app is not accessible enough to most people. End users, consumers and SMBs are looking for a simple zero touch "cybersecurity service". They prefer a simple security surface and not have to do anything technical, like downloading an app to each device and configuring it. Over the last few months, we increasingly engaged with tens of CSPs and are working closely with the customers that sign security as a service deals with us. We have learned a lot more about this market and its dynamics and recognize that there are quite a few challenges in translation of signed contracts into short-term revenues. These challenges include technical issues, delays in the CSPs commercial launches and CSPs initial go-to market strategies. As we look at the market, we clearly see that the direction and momentum are very positive. We see that the number of engagements, the level of engagements, the total addressable market size of our pipeline, the Allot win rate and the acceptance and scope of service by consumers and SMBs are all improving and getting stronger. We see evidence of all of these in the rate and size of the deals we signed. Today, I want to share with you our main observation from customer engagements, the dynamics of the market and the lessons we learned and why our views of the market are very bullish. We have signed to date 18 security as a service deals, seven of which have launched the service. We were expecting three more CSPs to launch their services during the past few months, but these launches were further -- were delayed further. Although, two of them are currently expected to be launched towards the end of this calendar year. Our team is working closely with the customers, and we see there is a strong appetite by the CSPs to launch, but there are also challenges and delays. The reasons for launch delays in this -- in these CSPs and the expected launch of additional CSPs vary. But I believe they are a combination of four main reasons. One, COVID related. This includes many CSP employees working from home and resulting delays in implementations and ability to launch new services in general. Two, CSP related IT delays that are not connected to security as a service. IT teams in CSPs many times have complex large projects that are also highly dependent on third-party companies. We are working with quite a few CSPs to have ongoing unrelated IT projects, creating a large load on already committed resources and the need to integrate security as a service with their OSS/BSS systems is delaying pending completion of their other IT projects. Three, delays due to the difficulties in integrating our HomeSecure and BusinessSecure agent on the router. I want to elaborate on this point of a bit. Our HomeSecure product requires installing our security agent on the CSP router. As we are now working on deploying our first HomeSecure networks, we find that CSPs walk to launch the service with a larger variety of routers than we originally expected, which we need to integrate with before launch. While we form partnerships with some leading router manufacturers, not all router manufacturers are equally forthcoming and their willingness to share technical information required for the integration. As we progress, we are integrating more routers from more manufacturers, as well as automating and shortening the integration time and effort. For now, it is taking more times than we originally expected, but we fully expect to enable faster HomeSecure launches in the future. Four, CSP integration and training efforts. Prior to launch the operator needs to design and modify their IT systems to deal with the new service and work with Allot to integrate our system into their OSS/BSS systems. This work involves various departments within the CSP and despite CSP management intention to do this quickly, this may be delayed due to various other internal priorities. In addition, there are several other factors that are unfortunately contributing to delay in Allot generating security as a service revenues. One, CSPs are launching or planning to launch security services with long free service period, up to three months as they are used to launching other VAS, or value-added services solutions such as Netflix or Spotify. I believe that as CSPs launch and see for themselves, the high attach rate and the lower turn rate, these free periods will shorten. However, for now they are causing a delay of revenues to Allot. Two, many operators prefer a gradual limited rollout that allows them to test the message and message and refine it. For example, one operator launched initially only for existing customers, but it's not offering the service to new customers. While another operator plans to focus on new customers and not offer it to the existing base. As the service progress, we expect most operators to expand the reach and offer security service to all customers and fully exploit the revenue potential and customers' high satisfaction. But for now, this introduces delays in our revenues. Three, different operators launch with different go-to-market service plans. Some start aggressively by bundling the security service into the plan, while others start with try and buy campaigns requiring the customer to take action twice before paying for the service. Some operators sell the service in stores, while others choose to start with only digital means. We are spending significant efforts with marketing departments and executives within the operators to persuade them to go for more aggressive go-to-market plans that result in higher revenues for both of us. I can share with you that one of the operators who already launched the service started with a digital only channel, which did not yield good results. After joint work with us, we convinced them to offer this service for sales in stores and customer adoption grew very significantly. So, the CSP management is looking now at the security service as a strategic solution to increase ARPU. These factors together result in a delay of approximately six months in Allot recognizing return security revenues compared to our previous guidance. The divergence between high -- sorry -- the divergence between how operators launch and market their new services, the relatively small sample of operators that actually launched the service. And what we saw was the more mature Vodafone launches led us to a more optimistic projection on the timeline between signing the deal and actually recognizing revenue, meaning getting paying customers. During the past few months, we spent considerable efforts with all the operators we signed with or expect to sign with, to get a better and much more detailed understanding of their service launch dates, their internal prerequisite, initial target segments, length of free service and go-to-market plans. While many of these parameters are still undecided and may still change, we feel we have today a better understanding of what is expected to happen. And as a result, we are able to build a more accurate, bottom-up security as a service revenue model. On our side, we learned to insist during contract for much more concrete and aggressive go-to-market commitments from the CSP. It prolongs the negotiations, but helps to make a better launch and reach better penetration in the short and medium term. As we meet CSPs worldwide, we are continuing to see growing interest in launching security service to consumers and SMBs. Our pipeline is continuing to grow, as we continue to sign additional deals with CSPs. To date, we have signed security as a service deals with 18 different operators, 11 of which have not yet launched the service. Nine of these operators have signed with us deals to launch services with more than one product of Allot Secure to different segments of their customer base. Of the signed customers, one is a group level agreement with the intent to deploy in several of the group operators and seven others are with operators that belong to a group with opportunity to expand the service to other operators in that group. In addition, we were awarded six additional deals with CSPs for which we are currently in contract negotiations and expect to sign within the next few months. As we look at CSP interest worldwide and security service, I am very encouraged with our prospects, despite the delay in revenues I discussed earlier, and this for several reasons. One, our pipeline is bigger than ever. A growing number of CSPs understand the need to launch security services to their customers, and as a result, we see continued growth in number of RFPs and number of operators we are in direct engagement with. To me, this indicates growth of the network based security market. Two, adoption rates of consumers and SMBs. When the service is launched with good go-to-market approach, adoption rates are very high as we discussed in previous calls. Not only is the adoption rate high, but customers stay with the service even when they can opt out. The lifetime operators calculated for a consumer is around three years. Three, a growing number of CSP CMOs, or Chief Marketing Officers, understand that security needs to be part of the brand promise and are building it into their core offering. Some CSP still look at security services as a VAS, a value-added service, but a growing number of vein as a core service. One CSP Chief Marketing Officer I spoke with only a few weeks ago, explained to me that he sees security as part of his core offering. And he wants all his customers eventually to be protected. Another SVP Products from the North American mobile operator I met with, plans on offering it free of charge to all his premium customers, but that operator will pay a lot of course, to incentivize consumers to move to higher tier plans. A European based fixed and mobile operator was operations in several countries, with whom we have signed already, looks at security services as their differentiation from the competition. Viewing security as a core service rather than a VAS leads to more aggressive go-to-market and higher penetration rates. Four, the North American market is very interested now in network based security services. As I mentioned in previous calls, several North American operators are actively looking to launch such a service. In April, we announced that we signed an agreement with DISH in the U.S. to protect their new 5G network, and that we expect to sign the agreement where DISH will provide security services to their customers on the 5G network when it launches. As I mentioned before, we recently signed a security as a service deal with DISH to protect their customers and the agreement includes multiple products of the Allot Secure family. In addition, I can share we are in advanced discussions with two additional North American operators, one for a security service to their entire customer base and another for their SMB customers. Five, we have a high win ratio. During the past year by our account, we won most of the deals that we were awarded for CSP network-based security to consumers. To me, this shows our market leadership and the strengths of our offering. We are winning due to our unique combination of several elements; A, a comprehensive 360 product offering that enables unified security across mobile and fixed access across all devices and against many threats; B, our commercial partnership model, where we share the risk and reward with the operators; C, our value add sharing best marketing and sales practices helping them position and launch the service; and D, our track record that can be shared proving that when launched correctly, adoption rates and revenues are very high. As I mentioned earlier, seven of the operators we signed with have launched the service already. We expect additional two to launch before the end of this calendar year, accounting for what we know of the launch timing of the deals we signed and of those we were awarded. And in addition, what we are told by other CSPs, we have not yet won, but we are currently engaged with, we expect an additional 12 to 18 CSPs to launch security services based on Allot products during 2022. Network based security services are relatively new type of service for CSPs. As we signed with more operators and moved to the detailed planning phase before launch, and as we follow changes in adoption rates post launch, we learn more about what affects the results and how to better forecast and predict the process. We also learn how to influence things in early days to yield faster and better results. The MAR indicator, which we have put forward as an indication for future revenues, is not good enough to forecast revenues, especially in the short-term. It doesn't take into account the high variance on launch timing and marketing strategies, especially over a small base of launched operators. There are many variances, some of which we were aware of, like the difference between prepaid and postpaid customers and some we learned to appreciate more recently. I will mention several of them. Different countries have different regulatory requirements that affect adoption. For example, in some countries, postpaid customers have contract terms of a finite period, such as no more than three years. This means that every year, at least one-third of the customer base need to renew their mobile contracts and are, therefore, in touch with the operator. This is a great time to sell security and leads to high adoption rates. In other countries, service plans are indefinite, and churn is relatively low compared to other geographies. This results in fewer opportunities to engage with the customer. So even while takeup rates are high, adoption rises more slowly. As we take in these and other understandings, we try to see how we can better forecast our revenues. While in the past, we had to make predictions using a top-down approach with MAR as a guideline to revenue potential. We now understand better the differences between operators, and we can base our predictions on a bottom-up approach, analyzing each customer separately. Of course, over time, over a large customer base, over many operators and with our influence on the go-to-market strategies, averages will work, and I believe our assessment of 25% penetration rate of the target customer base can be achieved. We, therefore, think the MAR metric we used till now to try and indicate short-term future revenues is too simplistic. And I think we should provide additional metrics to help investors track our progress. We will continue to provide information on MAR. We will also continue to track the number of signed deals and the number of launched services. In addition, we will report every quarter the ARR achieved based on the last month of the quarter. We define the ARR or annual recurring revenue, run rate as the monthly recurring security revenues we achieved during the last months of the quarter multiplied by 12. We will also provide guidance on what we expect the ARR at the end of the year to be. I do want to remind you that while our main growth engine is in recurring security revenue deals, we do have security revenues from some CapEx deals like Vodafone and from security products protecting the network itself, such as DDoS and 5G NetProtect. As I explained before, we are now expecting a delay of approximately two quarters in the amount of security as a service revenue versus the previous projection. In view of this, our expectations for recurring security as a service revenue are revised to the following: $4.1 million to $4.3 million for full year 2021; $10 million to $15 million for full year 2022; $20 million to $30 million for the 12 months of July 2022 to June 2023. In addition, I want to provide you past information and expectations on our ARR. In December 2019, our ARR was $0.5 million. In December 2020, our ARR was $2.7 million. In September 2021, our ARR was $4.6 million. We expect our ARR in December 2021 to be between $5 million to $6 million. We expect our ARR in December 2022 to be between $20 million to $30 million. While the MAR metric is not accurate enough to predict short-term revenues, I believe it does provide the ability to indicate longer term revenue potential, and we will continue to provide it. We expect to meet and exceed the $180 million MAR target for 2021 and an additional $180 million MAR for 2022. I would now like to summarize the overall picture and the key messages. In the Allot Smart product line, we see a strong pipeline, multiple use cases, such as congestion management, digital enforcement and the enterprise business are growing. Overall, we see a solid demand for Allot Smart. The security area is where we see our long-term growth. We are very encouraged by the pipeline growth we see and by the consumer and SMB takeup rates as they sign up for the service. Overall, while we would have preferred not to have the six-month delay in achieving our recurring revenue targets, I believe the network based cybersecurity market is emerging as a high growth market. We are winning most deals, and I am confident of our future success and the direction we are pursuing. We know better how to work with CSPs to achieve high penetration rates, and I am very optimistic on our recurring revenue outlook. Looking at our backlog. The market demand, as we see it now, the pipeline of deals that we are working on and accounting for the delays in security as a service recurring revenue, we expect 2021 revenues to be between $145 million to $146 million. We are currently working on our budget and annual operating plan for 2022. I thought it important to share with you our guidance for recurring security revenues in advance. While other elements of the guidance, we will be able to share in the next earnings call once we finish our budget. It is worth noting at this time that the combination of additional positions we need to take advantage of opportunities such as those I mentioned in 5G, the exchange and -- sorry -- the change in exchange rates and the general high demand for technical people worldwide are creating pressure on our expenses for 2022. Now I would like to open the call for questions and answers, and Ziv and myself will be available to take your questions. Operator?

Thank you. Ladies and gentlemen, at this time, we will begin the question-and-answer session. [Operator Instructions] The first question is from Alex Henderson of Needham & Company. Please go ahead.

Thank you very much. That was a ton of information. I'm not sure I observed all of it. The thing is transcripts, some of these things. There are a couple of pieces I just wanted to clarify. The first one was, I thought you said 18 signed deals and 17 launched. But then later, I thought you said 11 not launched. So, I'm a little confused. So, can you clarify how many of the 18 have actually launched?

18 signed deal, seven launched 11 not launched.

I see. I somehow put an extra digit on that. In terms of the shekel, obviously, a major hit to all Israeli companies, not just you guys. It's at an all-time high, I believe, looking at the chart of it and has spiked quite sharply over the last couple of months. Can you give us some sense of what the impact of that is, A, in the December quarter, but kind of annualized for 2022, just based on the current exchange rate and talk a little bit about whether you're doing any hedging or not that might change the timing of that realization to your costs?

So I would say that every 10% change in the exchange rate -- when the shekel is stronger, it's a few millions of dollars is, let's say, more than $5 million and less than $10 million. We do some hedging. But again, please take into account this when we -- let's take an example. If we hedge right now, the dollar against the shekel, so we get an exchange rate like the full rate is lower than spot rates. So, it's like we are recognizing already part of the parts. And most of the [technical difficulty] next year. And in Q4, as you said, we did some hedging and the change in the exchange rate occurred during the quarter. Next year, we will get the full effect. So, we can expect that the OpEx will be higher next year, also because of the exchange rate.

The questioner is seem to disconnect -- has disconnected. The next question is from Eric Martinuzzi of Lake Street. Please go ahead.

Yeah. I wanted to take a swipe at 2022. I know you're going through your planning process now, and we'll get additional color. But just at a high level, if we're facing out -- if I'm backing out roughly $12.5 million of SECaaS revenue from our old 2022 model. That puts you into kind of a mid to high single digits growth trajectory based on my own model. Does that square with what you're thinking at a high level? So as we said, we didn't prepare our plan for next year.

And as we said in the past, we think that the smart product, the market of the DPI for a multiyear period will grow single digit. And as we said, it might be that in a specific year, it will go more. In another area, it can go less. It can be even flat. Or this would be even slightly decrease. So, again, generally speaking, for instance, your assumption for next year was, if I recall correctly, 167 or 165. I don't recall the number. And now of the SECaaS revenues will be lower by $12.5 million. So not unreasonable to assume that the previous forecast should be reduced by that amount, i.e. $12.5 million.

Okay. And then, it does seem like a dramatic recasting, and I understand the layering effect of when things get pushed out by six months, it's -- you're missing out on all of those incremental dollars with each carrier. But is there -- how about the level of conservatism in the new forecast? Obviously, you guys -- you had a certain expectation. You've now got another year under your belt on the SECaaS. Is this a more conservative forecast?

I think it's -- I'm not sure if I would say more conservative, but I think the main difference is that our previous forecast because we had much fewer contracts, and we had less detailed data on each and every customer. We did the forecast that basically top-down, right? We took the MAR model, we tried to do some averages, and we figured out, okay, this is probably where we're going to get to. Now what we're doing is we're -- the forecast we're giving now is really built bottom-up when we made our assessment and having spent a lot of work with each of these operators, okay, and understanding what's their launch date, what's the go-to-market plan, to which portion of the customer base, are they going to launch this initially, et cetera, et cetera, et cetera. And we try to forecast what we thought was reasonable bottom-up based on that. And I think that's the main difference.

Okay. No, I appreciate that. It's a reality based versus theory based. So, in my experience, reality wins versus theory. And then, I also appreciate the ARR color. I want to make sure you gave five data points. And if you don't mind, I'd like to go through those and make sure I have these correct. December 2019 ARR on the SECaaS $0.5 million; December 2020, $2.7 million; September 2021, $4.6 million; December 2021, $5 million to $6 million; December 2022 expectation of $20 million to $30 million. Is that correct?

This is correct. And you also have those numbers in the PR.

Okay. All right. And then lastly, the -- you talked about the DPI side of the house. There -- I know you guys are primarily software, but I have had experienced this earnings season with companies that are primarily software being impacted by hardware issues because their software gets deployed on hardware with limited availability. Have you seen any supply chain issues, hardware availability issues impacting your ability to meet your DPI expectations? Or do you anticipate that?

Like you mentioned, we are a software company, but we do many times have to provide as part of the deal that we do with operators. We also have to provide servers, routers, et cetera, that we procure from off-the-shelf from companies like Dell, HP, Lenovo, what have you, a variety of others. So, in that sense, we have -- we are seeing the same issues that everybody else is seeing, where shortage of chips causes supply chain issues with getting routers and service, that we need to buy. What we did do is we quite early on in the process, we did buy into inventory and make longer term commitments in order to guarantee delivery -- timely delivery of what we need to provide our customers, and we did that based on forecast. So, as of now, I think we're doing okay on this. These things may have some -- depending on how long these shortages will last, may be more challenging next year. But right now, I think we're handling it okay.

Understand. Thanks for taking my questions.

We will continue and go back to Alex Henderson for more questions. Alex, please go ahead.

Yeah. Thanks. I don't know what happened there. Just sort of disappeared off the call. Anyway, I wanted to talk a little bit about a couple of the comments you made. One was, you said you had the biggest ever pipeline. Can you talk about to what degree that's the case. I mean, if you were to go back to, say 2020, end of the year and look at the pipeline there versus the -- what you think it will look like by the end of 2021. Can you characterize that as up 30%, up 5%? What magnitude of pipelining expansion can you identify?

I can't really put a number on it without going and doing a pretty costive exercise. But I would say that we're seeing many more deals, okay? It's not that we're seeing like one or two deals or it's minor. You can -- if you like, you can -- I would look at the number that I gave you as an interesting indication. We said that we signed over the past two, three years. To date, we've signed a total of 18 different deals, but only the seven have launched. And I also said that I'm expecting that we will launch anywhere from -- what was the number? I think it was -- yeah, 12 to 18 new launches next year. So, you can see that the number that what we're seeing is a significant growth in the number of deals that are out there.

Yeah. And that was actually going to be one of my next questions. So that would imply, if you have seven that have already launched out of 18 that you've signed, that 11 are in process to launch, you're giving indications of 12 to 18 additionals, which would suggest less than a full year to launch the more -- or roughly a full year to launch them, which seems a little shorter than previous history. Am I doing the math right on that? It sounds like you're actually expecting some improvement in the time to launch going forward to get to those numbers, particularly at the high end.

I wouldn't read the averages all that accurately. I would say that some of these deals are still going to take more than a year to launch and some may be shorter. And I think that on average, I would stick to the one year to launch from signature. But it's an average with relatively wide variability.

And also, Alex, we take into account that when we say launch, it doesn't mean the operator is launching the service for his entire installed base. They might launch a service only to a small segment of the installed base. And then after a few months, few quarters, had another segment and so on. Not in one shot, launching to the entire installed base.

So, the initial TAM may be smaller than the total MAR?

Yes.

Going back to the Allot Smart line, clearly, you've been gaining share versus your competition. Certainly, you've gained some business in the enterprise due to the Broadcom deal. Those dynamics are getting a little long in tooth in terms of their contribution. Do you expect those benefits to start to decelerate as we get -- go through 2022 and get back to sort of a more normalized market environment? And then, conversely, I mean, it seems like the security business is clearly taking off with the $180 million mark comment for next year. But is that also starting to pull-through Smart business?

Okay. I'm not sure I fully understood your first question. If I understood it correct correctly, should we expect continued growth on the Allot Smart business? Or did I not understand it?

Well, the dynamics that we're helping you grow at a higher rate than the market, share gains in the enterprise piece, those are fairly mature dynamic. The competition mergers happened quite a while ago, the distribution changes happened quite a while ago. I would think that, that's starting to fall out as a driver of growth in the traditional smart business. Similarly, the enterprise opportunity with Broadcom, that's -- I would think you'd hit most of the low-hanging fruit on that. That should be a diminishing element. So, I would think the baseline on that should be trending towards a flatter environment than historical -- than the most recent numbers suggest. And then the second -- but the second part of that is, is the security business as a lead edge entree, creating an opportunity for you to win Smart business at customers that may not have been your customer in the past, but want the security capabilities.

So regarding the first question, as I said before, it's not unreasonable to assume that the next year the DPI market will be flat for us. As we said before, in the previous year, we took a lot of market share from our main competitor. It doesn't mean that we will be able to do it next year as well. So, still, on a multiyear period, we will see single digit growth of the Smart business, but perhaps next year, it will be flat.

And on the second -- on the security, first of all, we do security as a service deals with operators that have our competitors DPI system as well, right? That's -- we're not -- we don't demand them to buy our DPI system in order to do a security as a service deal with us. However, the fact that they're working with us. I gave the example on this call of our customer in APAC that signed basically two separate deals with us, one for DPI and one for security as a service where we are replacing -- in the DPI we're replacing a competitor's product. Obviously, the fact that we are engaging with the customer, we're talking to them, et cetera, on either side, helps us to do the other thing as well, because they get comfortable with us, they know us and so on. But the deals are as such unrelated, and it's not that having one necessarily or gives us a huge advantage on the other.

And please remember the [indiscernible], CSP is different. While DPI, we send to the network guys, the security as a service, we serve the marketing guy. So in a small CSP, maybe there is a bigger advantage of selling both. In a big CSP -- in a large CSP, total different department or division.

Okay. One last question. The router -- home router security piece, seems like it's becoming a feature on a lot of the routers. For instance, the boys over at NETGEAR have built it into their portfolio as a part of -- parcel of their offering. They give it away free for the first, I don't know, the six months or a year depending on which router you buy and they sell it for pretty inexpensive price, and it's already installed on your router when you buy it and tie into their launch and maintenance software. They are the number one player in the router market. And to that extent -- or home router market, to that extent, does that represent the barrier to you on that product?

Not that we've seen so far. I think there's a huge number of operators. They work with -- obviously, with a whole wide variety of routers. And what we're seeing is that the operators understand and want to launch this as part of their security offering, because when the operator owns the router, it's basically the edge of the network located on the end users, either consumer or small business premises. So, it's the operator who decides what services that the customer gets or doesn't get and what's put on the router or what's not put on the router. And we haven't seen that as a limiting factor at this time. It actually looks pretty good.

Great. Thank you.

Thank you.

The next question is from Marc Silk of Silk Investment Advisers. Please go ahead.

Thank you for taking my questions. So, on the seven that have launched on the recurring revenue, have there been any changes to the strategy? Because I'm going back to like -- you -- they know that you've worked with Vodafone, so you have knowledge about how to get more penetration. Just want to know if in those seven right now, have they changed any of the strategies or using your know how more into the past?

Yes, not all, but some, yes. I gave an example in this call with one of the operators that launched this, started by just putting it out with digital means, okay? You have to go to their website or whatever and -- or the customers would get an SMS, but it was not being launched in stores. It was not bundled into any of their packages and so on, and penetration levels were really low. And we worked with them. We show them how and why we think it should be done differently. And we convinced them to launch it in the stores, and they tried it in some of their stores, they saw really a great result. Even their salespeople told them, hey, this is really easy to sell, and this is great. We want to sell more of this. And they are now expanding it to all their stores and call centers and so on. So yes, that's -- I think that's an excellent example of an operator that started one way, work with us, and we help change the way they do the launch. And we brought them value there, and we think where both of us are now enjoying the rewards of that.

So, on the 11 oncoming ones, do they all have their own strategy? Or can you give us a percentage of the people that are kind of working with you that are listening to you to say, listen, we know what works, we know what doesn't work, we can guide you. So, kind of like how many of those are open to -- that way, they don't have these bumps in the road, obviously, that's kind of what I'm getting at, on the 11 that haven't launched yet.

It's -- I don't know to give you a percentage. I think it's fair to say that all of them are engaged with us and talking to us and hearing what we have to say -- not just hearing, sorry, listening to what we have to say. But ultimately, will all of them be convinced, will allow them to do what we think is best, probably not. It's not -- and it's not going to be homogeneous. It's not going to be like half like this or half like that. It's going to be dependent on personalities, on what their other offerings are and so on. I can't really give you a percentage. I do think that what we're doing with providing the marketing know how guide and support is meaningful. And it's meaningful to quite a few of them immediately. So, I think there's tremendous value there. I think it does -- it will affect our future numbers, but I don't know to give you a percentage of how many will make a decision based on what we -- a different decision based on what we told them.

Okay. That's fair. And then my last question is, so -- obviously, you're coming up with the -- you're pushing out the $25 million, let's say, six months, which I get it because there's things that are out of your control. A few quarters ago, you filed the shelf registration for up to $250 million. And obviously, you have plenty of cash on the balance sheet. So, my probably statement more than a question is that I think most of the shareholders would probably hope that you get to that level that we can see that your $25-million plus is not going to be a problem and then if you want to raise money down the line, I think I would -- I think we would get the best bank for your dollar, meaning the share price will be a lot higher if you do obtain those goals that you had before you decide to raise more money. And I don't mind that because you get more investors involved. But again, I think it makes very -- it makes common sense that you now -- because you kind of disappointed a little bit that you need to really produce those numbers. And then if you decide to raise money, I would wait because someone can get more bang for the buck. And good luck on your going forward.

Thank you, Marc.

You are welcome.

The next question is from Roy Wallace of Outerbridge Capital. Roy, are you on the line?

I just wanted to ask on the -- yes. Can you hear me?

Yes. Yes.

Yes. We hear you loud and clear.

Hello?

Yes, we can hear you.

Fantastic. So, I wanted to ask specifically I think there's a delay. My apologies. So, I wanted to ask specifically on the North American side of the business. And I think, Erez, you commented that during advanced discussions with two operators, one on the consumer side and one on the SMB side. So, I just want to make sure I had that correct. And then ask if one of those deals, specifically the consumer one, could be for one of the big three mobile carriers?

I can't comment on who those operators are. But you got the first part of the statement correct. But I'm not going to comment on who that is or who that could be.

Understood. And then, on the 5G NetProtect side of the business, yeah, I think that was not sort of is highlighted as deeply on the call. Could you just talk a little bit more about how that opportunity is shaping up for you going into 2022?

Yeah. I think it's -- I talked a little bit about 5G in the context of DPI. And you're right I didn't mention much of 5G NetProtect. What we're seeing is that I think that the value that we're seeing in 5G NetProtect is significant. We said that we announced that we had sold to DISH as they're building out their network in the U.S. and we mentioned that we sold it to another operator in APAC. I think that we are seeing additional opportunities for this. But I will repeat the comment I made on how -- on how 5G networks are being rolled out. About a year ago, we thought that there were going to be more 5G networks rolled out with a 5G core. 5G NetProtect works with a 5G core. We're seeing that right now still the vast majority of operators that are investing in 5G are really investing in 5G frequencies and 5G radio, but are continuing to use the 4G core. So, the rollout of a really full standalone 5G network and so on -- or not the rollout of such networks, I should say, it's taking more time than we had thought, but I think that the value that we bring there with 5G NetProtect is a very large opportunity for us.

Okay. And then on the new launches that are yet to come versus the operators that have already launched for Allot Secure, what's the relative scale of opportunity from those that have launched so far versus those that have not yet launched? And if I think about it from a subscriber base standpoint or a MAR base.

Yeah. It's a mix. There are some that are small. There are some that are larger. I don't think I could give any indication on a change one way or another.

It's not more than one-third of the total.

Got it. And then as far as the metrics that you're giving now, which are very helpful, especially the ARR metric. Is that something that you're going to continue to provide on a quarterly basis?

Yes, we will provide every quarter on the ARR at the end of that quarter.

Okay. Great. Well, thank you very much and good luck.

Thank you.

The next question is from Jeff Bernstein of Cowen. Please go ahead.

Hi, guys. I just wanted to ask some competitive environment questions, both on SECaaS and on the 5G NetProtect side. So, I guess on SECaaS, from what you can read out there, Cyan AG has been the main competitor. They have a DNS based kind of a lightweight product. I think you guys now have that capability for very small carriers. They want Orange. I think that was the one big carrier. They want it took them about three years to roll it out. I'm not even sure if it's totally rolled out yet and some small carriers. Is there someone -- I think the U.S. cable guys were using somebody Cerberus or trying to -- can you build out? Is there more competitors out there than there were before? Is your prior enterprise competitor now trying to compete here? What's the status of the competitive environment in SECaaS?

Okay. In SECaaS, I will mention again that we're in a unique position where we are really the only technology company that's providing the whole range of products for different network based security solutions. So -- and we have different -- and as a result, we have different competitors in different parts of our portfolio. On the -- on our network secure -- our in-line network secure, which is which is what we rolled out, for example, in both funds and so on. This is something where we don't see a direct competitive product. We do see DNS security is -- we do receive DNS security companies that are rolling it out and that are putting security on the DNS line. Cyan is actually not our main competitor there. I think our main competitors are Infoblox and the Akamai, because they are the two main DNS providers to the CSPs, to the operators in the world. Cyan is maybe making a lot more noise than they are. But in terms of what we see in the market, it's really -- it's logical for an operator to look at their DNS provider to provide security on DNS or to look at us, Cyan is not really that strong competitor, and we see them in very few deals. On the router security side, companies that are providing security agents on the routers, we see totally different competitors. We see their competitors that typically came from the endpoint solutions and have migrated their offerings to include router security. So, I'd include their McAfee, F-Secure Avast was in that area and decided to call out of the router security field. And we're seeing some companies that are focusing just on router security, such as, for example, CUJO which is -- which had done very, very well in the U.S. So that's sort of high level view on the competition.

Terrific. That's great. And then on the 5G side, you've got containerized cloud architected product. Is there anybody else there who has virtualized their product is the main competitor, Sandvine, Procera? Or is there someone else that you come up against there?

Sandvine and Procera are competing with us on DPI as such. They are not providing any network level protection. So where an operator is looking to do DPI then I would expect that Sandvine and Procera -- well, Sandvine, right, they're emerged. Sandvine is definitely developing a containerized cloud-native solution to compete on 5G networks for DPI. But for 5G NetProtect, this is a product that is at its core, but think of it as the DDoS protection -- protecting the network. Sandvine does not have a DDoS offering. So with that product, we are competing with the traditional DDoS security companies that were selling DDoS security to operators in the 4G world. These would be companies like Netscout Arbor, Radware, those are the companies we're competing with there. And they're obviously leading up. Just like us, they also see the same environment there, moving their products also to containerized cloud-native environment as well.

Got you. That’s great. Thanks.

The next question is from Shawn Boyd of Next Mark Capital. Please go ahead.

Good morning. Can you hear me okay?

Yes.

Yeah. Great. Just one for me. I'd like to go to the new -- commentary regarding ARR. And I'm trying to tie that back to deals. It's very important, I think, to understand this company and to understand the layering that happens as these deals come on. So, can you give us any color as to the ARR guidance at the end of the year? Maybe starting with the September number and then the guidance that you've got for December 2021 and then the guidance further December 2022, what number of launches you are kind of including there and you're assuming occur and maybe what level of adoption or penetration? Thank you very much.

So, as we said, we have seven operators launched in service and this is the basis for the September ARR, and let's assume that it's also the basis for the December ARR, okay? But again, I will repeat what I said before. When we say launch, it doesn't mean launch to the entire installed base of the sales provider. They can start only -- as explained, they can start only with the people who are coming physically to the stores. They can start only with a new customer. They can start also with premium customers and so on. But the total number of customers that are -- that they for calculating the ARR in seven. And the penetration rate for most of them is rather low since they just started the process. And most of them launched just to start the segment of the total installed base. So, the potential is still there. We think it's a very high potential.

Okay. And just stepping out to your ARR guidance of $20 million to $30 million for December 2022, we should assume that's based on the seven that we have now, plus the 12 to 18 to come. So 19 to 25 separate operators? Or should we factor in some attrition? Just trying to think about that $25 million or midpoint there, how many different contracts are supporting that.

We should probably -- it's definitely based on the fact that we expect to launch the additional 12 plus operators next year. But some of them may launch -- or some of them we expect to launch for -- towards the end of the year and some of them will launch with free periods. So even though we launched, we still won't see revenues. So, we definitely expect for end of 2022 to have the ARR based on a larger number of operators, but it's not going to be all of them that launch in 2022 that will contribute to the ARR at the end of the year.

Got it. Okay. Thank you and best of luck, gentlemen.

Thank you.

Thank you. There are no further questions at this time. Mr. Antebi, would you like to make your concluding statement?

Yes. I want to thank you all for joining the call and for your support. I look forward to meeting you in the next -- or those of you who would like over the next few days or later on over Zoom. And hopefully, we'll be able to, with say, hopefully, COVID calming down a bit, maybe we'll be able to start face-to-face meetings not too late -- not too far into the future. So, thank you very much for joining us, and we look forward to talking to you in the next quarterly call. Thanks.

Thank you. This concludes the Allot third quarter 2021 results conference call. Thank you for your participation. You may go ahead and disconnect.