Please standby. Good day. And welcome to the Palo Alto Networks Fiscal First Quarter 2020 Earnings Conference Call. Today’s conference is being recorded. At this time, I’d like to turn the conference over to Mr. David Niederman, Vice President, Investor Relations. Please go ahead, sir.

Good afternoon. And thank you for joining us on today’s conference call to discuss Palo Alto Networks fiscal first quarter 2020 financial results. This call is being broadcast live over the web and can be accessed on the Investors section of our website at investors.paloaltonetworks.com. With me on today’s call are Nikesh Arora, our Chairman and Chief Executive Officer; Kathy Bonanno, our Chief Financial Officer; and Lee Klarich, our Chief Product Officer. This afternoon we issued a press release announcing our results for the fiscal first quarter ended October 31, 2019. If you would like a copy of the release, you can access it online on our website. We would like to remind you that during the course of this conference call, management will make forward-looking statements, including statements regarding our financial guidance and modeling points for the fiscal second quarter, full fiscal year 2020, and our next three years, our competitive position and the demand and marketing opportunity for our products and subscriptions, benefits and timing of new products and subscription offerings, and trends in certain financial results and operating metrics. These forward-looking statements involve a number of risks and uncertainties, some of which are beyond our control, which could cause actual results to differ materially from those anticipated by these statements. These forward-looking statements apply as of today. You should not rely on them as representing our views in the future and we undertake no obligation to update these statements after this call. For more detailed description of factors that could cause actual results to differ, please refer to our Annual Report on Form 10-K filed with the SEC on September 9, 2019, and our earnings release posted a few minutes ago, on our website and filed with the SEC on Form 8-K. Also, please note that certain financial measures we use on this call are expressed on a non-GAAP basis, and have been adjusted to exclude certain charges. For historical periods, we have provided reconciliations of these non-GAAP financial measures to GAAP financial measures in the supplemental financial information that can be found in the Investors section of our website located at investors.paloaltonetworks.com. And finally, once we have completed our formal remarks, we will be posting them to our Investor Relations website under the Quarterly Results section. We would also like to inform you that we will be attending two investor conferences next month, we will participate at the Wells Fargo TMT Summit in Las Vegas on December 3rd and at the Barclays Global Technology Media and Telecommunications Conference on December 11th in San Francisco. And with that, I will turn the call over to Nikesh.

Thank you, David. Good afternoon, and thank you everyone for joining our call. As most of you know, with this quarter, I am lapping my first Q1 at Palo Alto Networks. In my very first call, I talked about my observations on the industry and our goals of the company. About a year ago, we were great single product company focusing on integration and automation. We have made some early moves towards the aspirations of the cloud where we are beginning to build products with AI and ML, recognizing the evolving trends in technology. One year later, I couldn’t be happier with our achievements. We have made significant progress moving into a leading position in cloud security, making great strides in automation using AI and ML across our product portfolio. Our speedboats are working. We are delivering integration. This is bearing fruit and our customers seeing the benefit and betting more and more on Palo Alto Networks. A few months ago, we set out a three-year plan for the company and shared it with you during our Analyst Day in September. While I intend to share our progress during this quarter, I also want to provide a report card on how I feel we are progressing towards the longer term goals that we have set for ourselves. And perhaps, more importantly, I’d like to share where we are feeling more confident and also where we need more work. This is the first quarter we are marking ourselves against the target that we presented in September. We have published a slide that is available on our Investor Relations website that you can download to follow along with my comments. We will be targeting our progress against this plan. Let’s start with our overall billings targets and how they are tracking. We…

Thank you, Nikesh. Before I start, I’d like to note that except for revenue and billings figures, all financial figures are non-GAAP and growth rates are compared to the prior year periods, unless stated otherwise. As Nikesh indicated, we had a good start to our fiscal year and are tracking well against the targets we had outlined during our Analyst Day in September. In the first quarter, we continued to add new customers at a healthy clip and sustained momentum in our next-gen security products. Let’s look at some key customer wins. We signed an eight-figure deal with a leading casino company, spanning each of our three pillars. This engagement was positioned with their entire IT leadership team from the director level, all the way to the CIO as a comprehensive outcome-based security transformation project. The large retail customer we highlighted last quarter expanded their Palo Alto Networks footprint this quarter with a seven-figure Cortex deal. This customer purchased Cortex XDR and Data Lake setting them up for comprehensive data analysis going forward. We beat Check Point and replaced Cisco to win a substantial deal with a major European toy manufacturer, who purchased next-gen firewalls Prisma Access and Traps. This customer has selected Palo Alto Networks as their strategic security partner and in the coming years, we expect them to replace their current firewall with next-generation firewall from Palo Alto Networks, their current VPN solution will be replaced by Prisma Access and endpoint protection will be covered by Traps. These wins are excellent examples of our success in articulating our vision of security and being able to demonstrate our value proposition to customers, and I am pleased to report that wins such as these help us deliver another strong quarter financially. In Q1, total revenue grew 18% to $771.9 million.…

Thank you. [Operator Instructions] We will take our first question today from Keith Weiss with Morgan Stanley.

Excellent. Thank you guys for taking the question. Nikesh, I was hoping to drill down a little bit more into the firewall as a platform side of the equation, where it seems you guys are a little bit disappointed. It sounds like the incentives that you guys had in place last year, just sort of push more of like the new business activity or more of the pipeline building on to the next-gen cloud stuff and let you guys a little bit short on pipeline heading into the FY ‘20. One, am I thinking about that correctly in terms of kind of where you guys came up a little bit short? And two, how do you guys think when you are looking at sort of assessing the problem, how do you vet out what comes from sort of that kind of execution issue versus what might be more of a macro or competitive issue?

Thanks, Keith, for your questions. You are thinking about it right. As you know, many of our next-generation security products are very early in their life cycle. So, literally, there’s stuff like Twistlock we acquired in July, there’s stuff like Demisto, all these things haven’t even lapped one year. So we put a lot of effort towards getting our core team to both, learn, understand, build pipeline and sell and in that process we set up some good incentives for them to focus on next-generation security, because pretty much the entire conversation for my first year here was, they love the fact that you are a great firewall company, how are you guys are going to keep transforming as the firewall market transitions. And we set out, our team and me, we set out to prove to ourselves that not only can we build the products in addition to firewall, but we can make this a multi-product company. So part of that is Lee’s team did a great job in getting the products in place and thinks on the integration work I talked about. The go-to-market team is starting to make sure they can prove -- that they can sell this stuff. And we are very excited that approximately 40% of our core salespeople sold Cortex this past quarter, approximately 25% of them sold Prisma. So we are tracking to the targets we set ourselves in terms of getting our core engaged. But because of the incentives, people made their decisions that they can make more money selling Cortex and Prisma in Q4 than selling firewalls. As a consequence, we saw a huge pipeline build and a lot of deals done in Q4, the momentum carried to Q1. We recognized this coming into the year. We have right-sized these incentives, but it takes a little bit longer for the pipeline till we get back into place. I don’t think there’s a systemic issue. I don’t think it’s a market share issue. I just think it’s taking the eye off the ball and we have already put stuff into place and we wouldn’t be saying we feel confident of delivering 23% long-term, if we didn’t believe that we could actually get the team to balance their focus both on Cortex, Prisma, as well as the firewall.

Excellent. Thank you, guys.

Next we will hear from Sterling Auty with JP Morgan.

Yeah. Thanks. Hi. Maybe just following on that last question, can you help us understand that, I think, the EPS guidance for the year includes the acquisition. The revenue guidance is unchanged. So just so we get a sense of what looks like lowering the organic revenue for the year. How -- maybe the order of magnitude, how much acquisition revenue are you kind of baking into the reiterated full year revenue number?

Yeah. Look, we acquired this company called Aporeto. We are in the process of acquiring it. This is slightly earlier in the technology lifecycle of cloud security. This is a bet we are making in terms of how micro segmentation will need to be done in the future and with that bet, it’s going to take us a while to integrate this into our Prisma Cloud offering. So we are not anticipating much revenue uplift this year. So we are holding revenue flat from -- as a flat in line with guidance, without expecting any revenue impact this fiscal year from Aporeto. But we -- obviously we have to pay the cost for the company.

Okay. And then one follow-up on Prisma specifically, you talked on the other side, I think, at length through the prepared remarks. I think last quarter you talked about maybe some early Prisma wins. Can you give us just maybe a little bit more color on the traction that you saw in the quarter especially on the competitive dynamics with Prisma?

Well, look, both on Prisma Cloud and Prisma Access and I am sure you all remember Nir’s emotional explanation on Analyst Day around Prisma Access, which is the product that competes in the secure access space. We are very excited. We are seeing -- we continue to see traction. We continue to see large seven-figure deals in that space. It’s a space where we are seeing the market is going. There is a cloud transformation happening. As you start transforming your applications to the cloud, you start thinking about how to transform your network and start creating more high bandwidth secure access to all of your users and your branches. So we see the market moving there. We see our product getting stronger and more mature. As we said, we announced the availability of SD-WAN and DLP in the product, where -- which makes it a comprehensive solution in the market. So we are seeing the traction. Those deals take the same time as firewall deals take to close because customers have to go through a strategic transformation of the network. So they are not as quick as Prisma Cloud deals. On the other side, as I said, we have, I think, in record time, gone past 1,000 pure cloud security customers across Redlock, Evident, Twistlock, PureSec, which, in our mind, is one of the fastest ramps in terms of our ability to get 1,000 customers to deploy our cloud security product. And this is when we were selling them individually and we just last week integrated all of them into one SKU. So we believe that gives us more traction. So we are very excited about the traction we are seeing in the Prisma product.

Got it. Thank you.

Next we will hear from Fatima Boolani with UBS.

Good afternoon. Thank you for taking the questions. I had one for Nikesh and one for Kathy. Nikesh for you just harkening back to the Analyst Day, we did talk about contract structuring as a mechanism to allow you to introduce new functionality into the installed base. So I am wondering with regard to the expansion in the unattached portfolio and even the attached portfolio of subscriptions, I was wondering if you could share some of the details of what has changed or what is different as you start this new fiscal year around some of the newer expanded capabilities in Prisma Cloud. And certainly, this new acquisition, as well as on the DNS and SD-WAN attached side and then I will have a follow-up for Kathy, please.

Okay. Great. Thank you for the question, Fatima. I think as we discussed at the Analyst Day, we had said that we don’t want to have to sell every module of Prisma Cloud to our customers individually and we want to create a structure where they can actually buy once and use our products on a consumption basis. And effectively, this integrated platform we have rolled -- started rolling out last week, Prisma Cloud, where you have one SKU where all Redlock, Twistlock, PureSec functionalities available. If you bought Redlock SaaS version, you will be able to use container security without coming and signing a new deal. You will just use up some of your credits that you bought. If you bought Twistlock functionality, you would be able to do the same thing with Redlock or PureSec. So we have simplified our contracts and our ability to consume in this release of our product last week. We are in the process of rolling it out to all of our Prisma, sorry, all of our Twistlock and Redlock customers, which should be accomplished in the next few weeks, I hope. And those customers then will have the ability to consume the product without actually having to come and buy those individual products from us, which is -- takes away a lot of friction in the process. In terms of SD-WAN and DLP, they will be available integrated and part of Prisma Access, so you will not have to go buy different products and integrate them. This will come integrated out of the software box, if there’s some such thing, and you will be able to use it with a single cloud pane.

Fair enough. That makes a ton of sense. Kathy, for you, I was wondering if you could give us an update on just some of the tariff escalation that’s happening and that’s -- sort of how that’s impacting or financially impacting your supply chain and how we should think about those costs rolling through the model. I know, historically, you quantified some of the negative financial impact on EPS. I am wondering if there is any sort of update there, given some of the whipsawing on the trade war and tariff-related escalations we have seen? Thanks a lot.

Sure. Thanks for the question. We do manufacture our products in the U.S. However, there are certain components that we -- as we have talked about in the past, that we source from China. That’s the only place where we are able to purchase these components. And we have seen that list of products expand as the tariff situation has expanded in the U.S., as it relates to China products. So, we have felt the impact of that and we have been talking for a while about the impact to EPS. However, just at the start of this new fiscal quarter -- fiscal Q2, we did increase pricing on our firewalls and that increase in pricing is intended to offset the tariff impact. So that’s why you don’t see us outlining a specific financial impact this quarter.

That’s super clear. Thank you so much, Kathy.

Yeah.

We will now hear from Phil Winslow with Wells Fargo.

Hi. Thanks guys for taking my question. I just wanted to focus in on the next-gen firewall platform space. Kathy and Nikesh, you both have talked about the opportunity just to refresh the older models that you all sold in the past. I am wondering if you could provide us an update on -- sort of what you are seeing right now and thinking for this year relative to past years in terms of the contribution from just refresh of your base and then just one quick follow-up to that.

Yeah. Sure. We have been talking about refresh activity in a couple of different ways. One, in terms of what we see with our customers’ refreshing competitive boxes, and of course, that’s been a motion that we have been competitively trying to address since the start of the company. And as you know, there is rarely a company that we go into that doesn’t already have firewalls and so it’s always been a competitive displacement go-to-market approach for us. When we talk about our own internal refresh cycle, we continue to see our customers refreshing. However, in terms of driver of growth, we pointed out that in terms of just pure magnitude of customers, our new customer acquisition, as well as our customer expansion opportunity is a much bigger driver of our overall growth and less -- much less so refresh of our own boxes that we have sold to customers previously.

Got it. Great. And then, just a follow-up for Nikesh on the platform side of your Cortex obviously, you talked about the AI-based continuous operations platform, I think, is what you called it at the Analyst Day. What’s the feedback been from customers in terms of developing their own apps, their own functionality on top of this, as well as third parties, any sort of update there would be great.

Yeah. As I mentioned in my prepared remarks, this team outperformed the numbers by approximately 20%. So there we are seeing tremendous amount of tractions, both -- traction both on the XDR side and the Demisto side, Demisto is performing way ahead of our acquisition plan. We haven’t opened up the capability for customers to write their own applications on our platform just yet. We have some apps in the old version of the application framework. But right now we focus more on providing integration out of the box with third-party vendors, so customers don’t have to try and take that and normalize the data, which has been a bit of a shift in our strategy, but we are seeing huge traction. I think it’s fair to say that one of the times when Lee announced the ingestion of checkpoint firewall data into our product was when he got a standing ovation. It’s hard to get a standing ovation from a bunch of engineers at a conference. So they must have liked that and we are going to do the same thing with Cisco and Fortinet firewall data. So that way when a customer is trying to look at alerts across firewall and endpoint data, we can ingest any firewall data, as well as match it up with our endpoints. So we are seeing traction in Cortex across both product categories, but we have not opened up the ability for people to write their own apps just yet.

All right. Thanks guys.

Next we will hear from Karl Keirstead with Deutsche Bank.

Thank you. Maybe I will direct both to Nikesh. So Nikesh, the product revenue disappointment is coming relatively soon after a series of sales leadership changes at Palo Alto over the last six, nine months. I am just wondering if you believe that those changes might have contributed to the product performance, and in that spirit, do you mind just repeating your rationale for not replacing the Head of Sales. So first part of the question is on the sales leadership, and then I will ask my second. Thank you.

Sure. I think we are taking two random points, and try and draw a straight line. I personally don’t think there’s any correlation between the changes and our challenge on the product this quarter. If there was a challenge we would have [inaudible] across the Board, across every category, not just our firewalls. So, the fact that our teams have gone out and that’s the billings targets for Q4 and Q1, and we have had a mix shift in terms of what we have been able to sell, validate at least the period we are putting our or for the facts we are putting out around the fact the incentives contributed to it as opposed to our leadership changes. On the leadership change front, we have very strong leaders in our regions. We promoted Rick Congdon, who has been around for many years at Palo Alto Networks. He is doing a phenomenal job in Q4 to run our Americas business. We have Christian Hansen in Europe we have talked about in past earnings calls, as well as we have promoted Simon Green to one of JPAC business to manage the Pacific for us. So between those three, we feel we have strong leadership in the regions. And both our Prisma and Cortex leaders are doing really well, given the performance we have seen NGS. And we felt that we were not -- we don’t have a laser-focused leader on the firewall as a platform category. So we were able to hire Andy Elder, who is an amazing sales leader from Riverbed, who is going to run that part of our business in terms of focusing and making sure that as we deploy new products like Prisma Access or virtual firewalls, or going from four to seven subscriptions that there is a same go-to-market focus that we have had on Prisma and Cortex. And with that, sort of 3x3 matrix, we feel, I might need to say engaged in that transformation with these teams and putting another layer between him and these six people would be detrimental to our ability to go and execute. So we have decided not to replace the Head of Sales position.

Got it. Okay. That’s helpful. And then, again in the spirit of just trying to unpack what might be going on. This too might be drawing an incorrect conclusion. But is it possible Nikesh that you guys saw an accelerated hardware to software form factor shift that might have cut you a little bit by surprise and contributed to that product number, but it would obviously show up in super strong VM series billings numbers?

I wish that was the case that we have been caught unaware. So I really like to be surprised by phenomenal growth in any product category. Unfortunately, it’s just the fact that our teams had only so many dollars they could sell in Q4 and they sold a lot of them. But they sold them in the category, which was going to make them a lot of money, which is a good thing. You want your sales teams be motivated by the incentives -- realizing incentives are not working. But we have fixed the focus to make sure they have focused on both categories. So we think it’s nothing systemic. We think it happened in this quarter. And to be honest, if you look at the numbers, another $20 million of deals would have gotten us to a number, which would have made all of you happy and made us happy. But we -- that’s kind of the quantum of the change on an $897 million worth of billings. So $20 million showed up in more next-generation securities then showed up in product, which is why we are all getting unhappy about this. But hopefully, we can fix that in upcoming quarters and we can deliver to the long-term guidance of 25% CAGR.

Got it. I am sure you will. Thank you very much, Nikesh.

Thank you.

Jonathan Ho with William Blair has our next question.

Hi. Good afternoon. I just wanted to start out with maybe the Aporeto acquisition and could you maybe give us a little bit of a sense of what this adds to your overall solution set, as well as the role that micro segmentation plays in the cloud?

Sure. Look, as we said in the past is that there are tons and tons of people selling the transition to the public cloud across the various large cloud providers around the world, whether it’s Alibaba cloud sales or Oracle, Amazon or GCP or Azure, they are all trying to convince us to move to cloud. We personally have thought to having moved to the cloud for that reason, because we think that’s the right outcome of the long-term. But we don’t believe that a lot of the cloud security products exists to be able to deliver the amount and quality and capability of cyber security that exist in today’s enterprise world. And as you make that transition, as we start putting more and more mission-critical applications onto the cloud, it is going to be important to reinvent the way cyber security is delivered, made for the cloud, by the cloud, what’s the third part of that? Never mind. [Inaudible] is weaker than it should be. But anyway, so as we go down that path, we believe only 50% of the cloud security products have been invented so far. And instead of sit down and try and build them all ourselves, we have acquired Redlock and Evident, in the first instance, secure workloads, the market moved swiftly to containers. We acquired Twistlock, the market was heading to serverless. We acquired PureSec. We are also in the process of building our own modules in addition to those, which we will, obviously, as part of our product road map. And we look to the world of micro segmentation and said, micro segmentation is deployed today and the data center is not the way it needs to be deployed in the cloud because micro segmentation relies on IP addressing in the data center, which is very good for the enterprise but not really how the cloud operates. And Aporeto has a really good way. They have been working at it for the last two and a half years, three years, perfecting an approach which they have deployed in two or three very large customers at scale. We looked at it and said, look, this would be a phenomenal set of capabilities to have in our cloud security platform. We talked to the company. We liked them. We looked to the whole market, and said, this is the way we want to do this in the future. As a consequence, we acquired them and this will become part of our Prisma Cloud platform. So we don’t intend this to be a separate SKU, we expect it to be part of integrated capability as part of our Prisma Cloud platform and we hope the underlying capability they bring will allow us to create more features in the future using their backlog.

Thank you. And then just as a follow up, can you talk a little bit about maybe what you are seeing in terms of your customers from a budgeting activity standpoint for 2020 specific to Prisma Cloud and what types of trends are you seeing around that? Thank you.

Look, I haven’t been in this industry very long. But I am told by my colleagues and the way we watch this, it’s very rare to start a cybersecurity company or a product and start closing seven-figure deals in short order, and it’s fair to say, we are seeing a healthy amount of seven-figure deals in Prisma Cloud, which tells us that there is a need out there for this product, as a product market fit. And it kind of makes sense if you think about average customers are spending tens of millions of dollars in their cloud transition moving to the public cloud providers, and I have said, this in the past, if we can get 2% to 5% of that spend for cloud security, we will be in a good place. And I think we are tracking to that as we go to customers and we see them, they are spending $30 million, $50 million a year in the public cloud. We are tracking to the 2% to 5% number for those customers. And there’s a possibility that, that goes up a little bit, because there’s a whole bunch of capabilities that doesn’t exist yet. But we have not run into budget constraints in our customers, who are moving to the cloud, and saying, well, I am moving to cloud, but I don’t have the money to do cloud security.

Thank you. We will now hear from Saket Kalia with Barclays.

Hey, guys. Thanks for taking the questions here. First, maybe for you, Nikesh, just to go back to an earlier question on SD-WAN, I think, we understand the integration of that into Prisma Access. But can you just talk about your thoughts on SD-WAN as part of the firewall appliance and whether that’s something you feel is driving some customer purchase decisions right now?

It seems to have become a consideration in the purchase decision. But let’s remember there’s over 40 SD-WAN providers out there in the world and customers also choose whether they want a separate SD-WAN with more capability or an integrated SD-WAN in the firewall. But given that has become a consideration, we have launched or announced SD-WAN as part of Prisma Access and you can logically expect us to be able to deliver that across every form factor in the near future.

Got it. That’s helpful.

That’s where you were going, Saket.

Yeah. Absolutely. That was where I was going. But maybe for -- maybe for you, Kathy, just as a quick follow-up. Can you just talk about the gross margins on the recurring revenue part of the business. So much of that is that nice higher margin attached subscription and maintenance, but of course there is a nice growing piece from next-gen as well. As the latter grows, can you just talk about how that affects the gross margin profile, if at all?

Yeah. Sure. The gross margin range that we have provided in the past that we expect to operate within is 75% to 78% gross margins and we have continue to operate within that range for many, many quarters now. The services margin in particular, which we -- which you will see in our financials has been at the higher end of that range as you rightly point out. And it’s in fact actually come down a little bit over the last couple of years and that’s as a result of us building out the next-gen security products. Many of them which have hosting and data management costs and those costs are higher than the typical software type margins that you have seen on our attach subscriptions in the past. So, slightly different profile, but still operating overall service margins at the high end of that range.

Got it. Thank you.

Yeah.

Walter Pritchard with Citi has our next question.

Hi. A question for Nikesh and then one for Kathy, so on Prisma Cloud, you talked about integrating those products probably faster than most were expecting. I am wondering how you are thinking about integrating the backend management of the Prisma Cloud products, as well as other products into Panorama? What the time line looks for that and are there some customers that are waiting for that unified management to make bigger commitments to those products?

Walter, what we have noticed is that people want integration of the SD-WAN capability or DLP capability into the Prisma Access pane. So it can be integrated solution as they go deploy this in their branches and as they deploy for remote users. We are not seeing a lot of -- we don’t believe that’s the right thing to merge our cloud security pane into our firewall pane. Our cloud security pane is self-standing independent pane, which you believe is more relevant to DevSecOps than the CIO teams, then it is to the network security team. So, which is what we said we just announced the integrated -- sort of deploying the integrated platform across RedLock, Twistlock, PureSec, Evident last week and we believe that’s going to become the mainstay of the cloud security front-end. And Lee, do you want to add something?

Yeah. So just maybe continuing where Nikesh left off. So for Prisma Cloud, we do have a single unified UI for all different Prisma Cloud offerings. So for customers that are securing their applications in the cloud, they would go to one UI for that. Within Prisma Access, as we deliver additional integrated services, we have an ability to do that within Panorama to be able to, we call, plug-ins that can expand Panorama to include the additional capabilities as they come out. So, again, customer can go to one unified UI to see all those different pieces in one place.

Great. Thanks, Lee. And then, Kathy, on the acquisition, I guess, just looking up on LinkedIn, looks like the company, Aporeto, had about 65 employees. I guess, as we think about smaller kind of tuck-in M&A like this, I guess, maybe some of us would have expected, given you had a couple of hundred employees kind of organically every quarter you could kind of do this under your organic hiring plans. How should we think about that going into the future? Do we need to worry about kind of margins coming down with tuck-ins?

Well, we have talked about the impact, which is pretty modest impact $0.02 on the earnings per share for the quarter and we are investing in order to ensure that we can integrate these products and make sure that we are successful in our go-to-market efforts and so there is real expense associated with those. So the framework that we have given you is an organic framework and when we do M&A we will point out any incremental financial impact to that.

Okay. Thank you.

Our next question will come from Gur Talpaz with Stifel.

Hi, guys. This is actually Chris Speros on for Gur. For Nikesh, you noted earlier that Demisto was performing ahead of plan. Can you talk about the dynamics behind what’s driving this outperformance?

Yeah. Look, I think, the whole automation use case is resonating with our customers, where they are building Data Lakes, they are looking at their SIMs, but they are realizing they are getting a huge barrage of alerts as they deploy more and more cybersecurity solutions into either the enterprise and the cloud. And Demisto is turning out to be the versatile automation tool with the number of indications it has of all security vendors out there. So we are seeing traction. Our core team is able to explain it, sell it across the Board. As I mentioned, that approximately 30-plus percent of our core sales team is selling Cortex, which includes Demisto. So it’s really the expanded go-to-market, the expanded capabilities that the new Demisto product has. It’s really driving that, and of course, the good product market fit out there.

Great. That’s awesome and one for, Kathy, if I may. With more large Prisma deal starting to close, can you walk us through the relative economics of a Prisma deal versus a traditional appliance deal?

Yeah. Prisma Access and the functionality that it provides is typically slightly higher -- somewhat higher price than a typical firewall sales that we would see. Of course, depending upon the firewall and the number of attach subscriptions over time over a five-year period, which is the typical life cycle of a firewall, we would expect to see more revenue from the Prisma Access deal.

Great. Thank you guys.

Yeah.

Our next question will come from Patrick Colville with Arete Research.

Thank you for taking my question. Kathy, you mentioned earlier on the call that DSOs had risen five days year-on-year. I mean is the product issue anything related to the change in DSOs. I mean are those things correlated or they separate?

No. There’s really no correlation there.

Okay. Understood. And then, can I just switch over to SD-WAN, because that’s an area that we are getting a lot of incoming on both from investors and CISOs. So you have mentioned that Palo is going to release appliances with SD-WAN functionality built in. So If I understand correctly, right now the devices don’t have SD-WAN, but that’s in the roadmap, is that correct?

Yeah. That’s correct.

And I mean, can you give us a rough timeline for that or at this early stage?

Yeah. So a couple of weeks ago at our EMEA Ignite Conference, we announced SD-WAN and we plan to deliver SD-WAN across all three form factors, so hardware, virtual and Prisma Access around the mid-December time frame, so next month.

Good. Thank you for answering the questions.

Our next question will come from Brian Essex with Goldman Sachs.

Great. Good afternoon. Thank you for taking the question. Maybe a couple for Nikesh, I guess, one would be, as you target products for the developer environment. To what extent are your customers already integrated development with security and is that an evolution that still has to come?

I am going to let Lee answer that question since he’s been sitting here with not a whole lot to, he is doing the stuff.

Can you repeat the question?

Oh! You were listening. How many of the customers have integrated security into DevOps?

Oh! Look, in the cloud, there’s a whole movement towards call shift left, which is really focused on integrating the security process and functionality and posture as close to the point of development as possible. So that by the time an application is running in production in the cloud, all of the security is already there and was developed as part of the application. This was something that Twistlock and container security was very focused on.

Right.

It’s a very common practice within container development to have the shift left mentality and as we look to this going forward, we see it becoming a bigger part of cloud security practice.

Got it. That’s helpful. And maybe just a follow-up -- jump on this one who whoever wants to kind of grab it, but you have done quite a bit of M&A over the past couple of years, what percentage of your sales force would you say is fully ramped on selling the entire suite or is there still some progress that needs to happen there in terms of getting everyone kind of up to speed and fully productive?

Yeah. And as I mentioned earlier, approximately 39% of our core sales team is selling Cortex, our Cortex suite of product and approximately 25% is selling our Prisma suite of products. Of course, there is a lot of room for us to go from 40% to more and more of our sales team being able to sell these products. But having said that, many of these products have been in play only for about six months, so we have --

Right.

-- a few thousand people out there in the field and it takes a while to get them all comfortable, up to speed, being able to sell it. Not only that, we have lots of partners out there, and part of our efforts are not just to motivate and create our team, but also to make sure our partners fully understand our capabilities and are able to sell. So, yes, we can make more progress, but, again, very excited about the progress we have made so far with the new product categories.

Got it. Very helpful. Thank you very much.

Our final question will come from Michael Turits with Raymond James.

Hey, guys. Thanks. I will squeeze two in quickly. One, Nikesh, in Prisma Access, are you seeing primarily Zscaler or is it a wider field, including people like maybe Fortinet with carriers, Netskope, iboss, et cetera? And then, Kathy, how fast do you expect that you can get the product growth back to the kind of levels that we are expecting it to trend at?

So in terms of your first part of the question, Prisma Access we will be seeing out there. Prisma Access is part of a network transformation decision that the customer makes and depending on how their current network operates and what they want to make it look like going into the cloud, there can be hardware-based solutions or software based solutions. And depending on whether it’s a smaller footprint of larger data centers versus a larger footprint of smaller branches or remote users, the architectures can vary. So you can solve this problem with different architects and different products. But we -- from our stand, I can tell you that, our software-based solution, our software-based approach and our security-first approach is resonating with them because as it goes to cloud, the security is getting distributed and they want to make sure that as they start accessing mission-critical applications straight into the cloud or back to the data centers, that security is a priority. So we are seeing traction in that space. I am sure there are many other vendors out there who have different solutions, which are adapted to their product portfolio.

And in terms of product growth, we don’t guide product specifically, but you can tell from the guidance that we have given both for Q2 and for the full year looking at typical trends that we have seen in the past in terms of product as a percent of the total. You can -- I am sure back into what we are expecting for product are pretty closely.

Thanks, guys.

Yeah. So before I close, I want to thank everybody again for joining us today, and I wish you and your families a very safe and Happy Thanksgiving. And we look forward to seeing many of you in the upcoming weeks at some of our investor conferences. I also want to thank our customers, our partners and employees around the world. Have a wonderful evening.

That will conclude today’s conference call. Thank you for your participation. You may now disconnect.