Radware Ltd. (RDWR) Q1 2017 Earnings Report, Transcript and Summary

Good morning. My name is Scott, and I will be your conference operator today. At this time, I’d like to welcome everyone to the Radware Q1 2017 Earnings Conference Call. All lines have been placed on mute to prevent any background noise. After the speakers’ remarks, there will be question-and-answer session. [Operator Instructions] Thank you. Anat Earon-Heilborn, VP Investor Relations, you may begin your conference.

Thank you, Scott. Good morning, everyone, and welcome to Radware’s First Quarter 2017 Earnings Conference Call. Joining today are Roy Zisapel, President and Chief Executive Officer; and Doron Abramovitch, Chief Financial Officer. A copy of today’s press release and financial statements as well as the investor kit for the first quarter are available on the Investor Relations section of our website. During today’s call, we may make projections or other forward-looking statements regarding future events or the future financial performance of the Company. We wish to caution you that these statements are just predictions and we undertake no obligation to update these predictions. Actual events or results may differ materially, including but not limited to general business conditions and our ability to address changes in our industry, changes in demand for products, the timing and the amount of orders and other risks detailed from time-to-time in Radware’s filings. We refer you to the documents the Company files from time-to-time with the SEC, specifically the Company’s last Form 20-F filed on April 21, 2016. Please note that in May, management will participate in the Jefferies Technology Conference in Miami and in the Oppenheimer Israeli Conference in Tel Aviv. In June, management will participate in the Jefferies Teck Trek in Tel Aviv and the Citi Small & Mid Cap Conference in New York. With that, I will turn the call to Doron Abramovitch.

Thank you, Anat. Good morning, everyone, and thank you for joining us on the call today. We are pleased to report that the positive momentum underlying our business in the second half of 2016 continued into the first quarter of 2017 for which we report today solid results. In Q1, we continue to benefit from the very strong growth in our subscription and cloud business. Strong bookings led to a book-to-bill ratio that was significantly larger than 1 for the third consecutive quarter and to a strong increase in our total deferred revenues balance. Let me remind you that the total deferred revenues takes into account the deferred revenues on the balance sheet and in addition bookings we invoiced, but didn’t collect and are therefore not on the balance sheet. Moving on to discuss our income statements. Q1 revenues were $48.9 million, up 1% from Q1 last year. Looking at a geographic breakdown, revenues from the Americas were $18.3 million, representing 37% of total revenues; revenues from EMEA were $14.6 million or 30% of the total; and revenues from Asia-Pacific were $16 million, accounting for the remaining 33%. I will now move to discussing expenses and profits using non-GAAP figures. For a detailed GAAP to non-GAAP reconciliation, please refer to the financial tables accompanying our press release or the investor kit posted on our website. Non-GAAP gross margin was 82.2% in Q1 2017, compared to 82.7% in Q1 last year. Our operating expenses were $40.7 million, compared with $39 million in Q1 2016. The main differences from last year derived from our investment in sales and marketing, the consolidation of Seculert and the stronger Israeli Shekel. Non-GAAP net income in Q1 2017 was $700,000 or $0.02 per share diluted, compared with net income of $2.3 million or $0.05 per share diluted in Q1 2016. As we had expected the acquisition of Seculert had a diluted impact of approximately $0.02 on Q1 2017 non-GAAP EPS. Moving on to our balance sheet and cash flow. As of March 31, 2017, we had approximately $316 million in cash and financial investments. Cash generated from operation was $6.3 million in Q1, compared with $8.8 million in Q1 last year leaving our operating cash flow for the last 12 months at $36 million. We expect Q2 cash generation to be stronger than in Q1. We are pleased that the transition of the business model had little to no impact on our cash generation and related metrics. In addition to the stability of operating cash flow, our collection is not affected and we are able to maintain a low DSO ratio, which was 39 days. We ended Q1 with approximately $128 million of total deferred revenues, up 30% from the Q1 2016 balance of $98 million. The transition of our business model continues to positively impact our visibility and allows us to start the next quarter with higher known revenues than we had in previous quarters. The average duration of the total deferred revenues balance maintain a similar level as in the past several quarters. As of March 2017, the average duration was 1.79 years compared to 1.75 years for March 2016. Therefore, in the coming 12 months, we will recognize the revenues approximately $78 million out of the total balance of $128 million, compared with $66 million that we recognized out of the total deferred revenues a year ago. In line with our capital allocation policy, which includes both acquisitions and share repurchases, we announce today a new share buyback plan. Like our previous plans this is a one year $40 million plan. Headcount at the end of March 2017 was 990 employees. Last, our outlook for the second quarter 2017. We expect revenues to be between $49 million and $51 million. Non-GAAP gross margin is expected to be approximately 82% and non-GAAP operating expenses are expected to be approximately $41 million. We expect non-GAAP effective tax rate to be 16% and non-GAAP EPS including the diluted impact of Seculert to be between $0.02 and $0.04. I will now turn the call over to Roy.

Thank you, Doron, and good morning, everyone. We are very pleased with our results for the first quarter of 2017 and with the business trends underlying these results. As Doron noted, strong bookings led once again to a significant increase in our total deferred revenue balance and to an increase in the year-over-year growth rates of our total deferred balance to 30% in March 2017 as compared to March 2016. This increase results primarily from the success of our subscription business where bookings more than doubled from Q1 last year. Strong market acceptance of our product subscription and cloud offering demonstrates that our customers highly value its added benefits. These benefits include state-of-the-art cloud security offerings, broader and stronger application protection that can address the increasingly complex delivery environment as well as fully managed services that can address the security skill shortage our customer face in the market. Meeting our customer needs with subscription offering in turn creates a consistent and predictable revenue stream for the company. The deferred revenue balance now represents more than 2.5 times our quarterly revenues. This is a record level for this ratio that indicates the positive impact on feasibility that this transition in our business model provides. The first element of our strategy is to focus on the integration of our application delivery and security solutions. Customers are more progressively more interested in this integration given the increasingly complex application ecosystem, delivery infrastructure requirements and security sets. These challenges create a growing need for solution that together perform seamlessly. For example, in Q1, a customer in the electronic data processing sector decided to displace its incumbent ADC vendor with Radware subsequent their appreciation of the security integration and automation benefit across our complete solution. The existing and longstanding security customer is opening a new datacenter with expensive application delivery, security and agility requirements. Although they had already purchased equipment from their existing ADC vendor, they decided to return the equipment back and proceed with a complete Radware architecture. The customer was impressed with the level of integration between application delivery and application and datacenter security and without the various components sharing formation and feed off each other. That together with superior automation and orchestration capability presented the customers with tremendous value for the next generation datacenter. The second element of our strategy is to continue to innovate new solutions and services. The core element of our innovation focusing our investment not only in development of new solutions, but in pure research. A couple of weeks ago, our researchers revealed the existence of a malware that permanently destroys unsecured IoT devices. Such permanent denial-of-service attacks are preformed remotely using commands that could ultimately corrupt storage, break connectivity and render the device non-functional. We named the malware Bricker Bot and its discovery received much attention with security professional circles, in the business and IT trade press and was referenced in notable hacker blogs. In addition, the ICS-CERT, a part of U.S. Department of Homeland Security issued an alert to provide early notice of the Bricker Bot threat. Such cutting edge research and discoveries demonstrate our domain expertise and further enhance our position in the cyber security vendor landscape. On the product side, the most significant new product launch in Q1 was the expansion of our cloud services suite with DDoS protection for application that reside on Amazon Web Services. This new fully managed service is designed for organizations that run part of their applications in private cloud datacenter and part of them on public cloud, an increasingly adopted IT architecture. Such organizations don’t want to compromise on the level of security for applications residing in the public cloud and require one facility solution for the entire infrastructure. Our unique solution automatically protects application wherever they reside providing best-in-class consistent security policies in single pane of glass. Our expanded solution offering also allows us to cross-sell additional solutions to our customer base. An example is the deal we announced last week. An existing customer with a significant install base of our application delivery and cyber security devices enhanced its relationship with Radware by signing a three-year multi-million subscription deal for several application delivery and security modules on top of their existing devices. We believe that our sizable customer base, which includes thousands of organizations from verticals such as telecom, financial services, government, technology and others provide significant opportunities to expand our subscription business. The third element of our strategy is to increase our market footprint for service provides and CDN providers, OEMs and alliances, system integrators and resellers as well as internal resources. In this context, I would like to highlight two developments. The first is that in early March, Cisco made our DDoS module available on its next-generation firewall, the FTD, which stands for Firepower Threat Defense, the availabilities on both the FTD 1400 and 9300 series. While we have already seen initial sales of Radware DDoS module on Cisco firewall that shipped with older software version, the ASA, the FTD is the focus of the Cisco security sales force going forward in order for them to capture share in the next-generation firewall market. Obviously, we see that as a great opportunity to increase our footprint as a differentiating add-on to the FTD. The second development relates to our CDN customer base, which include as we have discussed in the past some of the world’s top CDN providers. As such, we were pleased to announce in mid-February that one of the CDN providers extended its relationship with Radware by signing in late-2016 a three-year multimillion dollar deal that includes subscription to our attack litigation updates as well as maintenance of its other device install base. We view this relationship with leading CDN providers similarly to our OEM relationships as strong testimonials to our technology leadership. In summary, we are very pleased with the continued momentum that underlies our business and with our strong opening for 2017. Booking in the quarter were strong in absolute terms and in particular relative to the first quarter in past years, which was typically a less active quarter. This is reflected in a book-to-bill ratio that is larger than 1 and which is historically uncommon for us in Q1. Coupled with the positive business environments and early successes we have seen so far in Q2, we are confident that we are on track to execute on our plan for 2017. We continue to develop our solution offering and at the same time benefit from an interestingly mature and experienced cloud and subscription business operations. The superiority of our technology is repeatedly proven by our ability to detect and mitigate attacks that our competition does not. We therefore continue to invest in expanding our access to opportunities to demonstrate our technology by implementing marketing programs and fine-tuning our go-to-market initiatives. We are excited about the multiple opportunities ahead of us and believe we are in strong position to leverage them for long-term growth and profitability. I will now open the call for Q&A.

[Operator Instructions] Your first question comes from the line of Mark Kelleher with D.A. Davidson. Your line is open.

Great. Thanks for taking the questions. Congrats on a good quarter. I was wondering if there is a way you could maybe give some insight into the security contribution been very strong, how is that versus you ADC business? Can you give us any feel on that?

Yes, as we’ve discussed in previous quarter that we are not looking on these as two separate business lines and we are – it’s not the way we are interacting with our customers or developing our portfolio. We are really looking on an optimistic offer for application security and delivery, the next-generation datacenters. So we are really looking now on a complete architecture links between the modules, signaling, et cetera. So we are not breaking our view that way. However, if I’m looking across all the products that we sell in Radware, not specifically splitting into ADC and security per se, in booking we’ve seen very strong growth in Q1 across the whole product line we have.

Okay. And how about Cisco, were they meaningful in the quarter?

They are not yet meaningful from revenue contribution, but they are definitely ramping up. As I’ve mentioned I think in March, we’re now released on all the next-gen firewall business and I think it became – if you visited Cisco Live in Europe or the Fareast this first quarter, I think that – this release, this next-generation firewall became the center piece of their security strategy and as a result we are seeing a very strong increase in activity. So we believe there is great potential for the Cisco relationship.

Okay, great, thanks.

Your next question comes from the line Alex Henderson with Needham & Company. Your line is open.

Thanks. So I didn’t catch a headcount number, I was wondering if you could please give us that data point?

It’s – 990 employees.

Thanks. And, so, you are talking about the suggested deferred number and I don’t see an actual calculation for it on your website. Do you have that actual data for the year-over-year number and the quarter-to-quarter number for what the adjusted deferred is?

Yeah, so this quarter it’s $128 million deferred, in Q1 2016 it was $98 million and this is a 30% growth that I have mentioned. Last quarter Q4 2016 it was...

But that’s the same as what’s on the balance sheet, I thought you guys did an adjustment to it.

No, no, Alex, on the balance sheet it’s less. It’s – you can see it’s two different numbers. The balance sheet right now represent approximately $90 million in Q1 and $80 million last year. So it’s still growing, but the number that we are referring and it’s part of our investor kit, it is already on the site, you will find the $128 million, which is the total deferred revenues. The number is in the balance sheet.

Okay. I will go back and take a look at it. I must have misread it when I did it. Can you talk a little bit about the implication and the impact of the F5 product launches that happened in the back half of the year and now have full quarter of impact in the March quarter? Was that an impact? Did that cause any of the decline in the U.S. results particularly given your U.S. results are more biased to cloud, you did well in the cloud piece? And how do you – how should we think about that relevance in – they also announced a DDoS protector like product over the course of the quarter, can you talk a little bit about if you are comparative on that? Thanks.

Okay. So, we didn’t see any impact from the F5 new platform releases. We believe we are very well positioned versus them and we didn’t see competitive influence on us at least on the first quarter. You mentioned also the U.S. and the decline in revenues. As you’ve mentioned, the U.S. is much more geared into cloud and cloud services and security and I will not read anything into the revenue trend. Bookings was extremely strong in the Americas and it’s actually a big engine behind the growth of our total deferred and cloud subscription business which is very good in that business. And the last point you’ve mentioned is about F5 launching a DDoS product. As far as we can tell, again we don’t have all the details, but from what we know and understand it’s a reworked version of the same Big-IP packaged in a more, I’d say, customer friendly manner and marketed as a DDoS appliance. But again going back to the core differentiation, we have a huge advantage in the way we detect attack based on our algorithmic behavioral analysis. We have a very significant advantage in the way we mitigate attacks because our algorithms are self generating, the finger prints to block based on that, that’s unique in the whole industry and we have a complete set of escalating automatically challenges, again, unique in the industry. And last but not least, there is a full degree of automation on top of our solution that’s also unique. So I think our gaps in the security was the signaling with the breadth of detection, with the strength of mitigation and above all, the use of real math algorithms, no thresholds, no signatures, mathematical algorithms that are state-of-the-art that proves day-in and day-out that we are superior. And as I’ve mentioned simply detect the attacks that other don’t.

Okay. One other question, if you were to look at just the ADC market, what would you say the year-over-year change in that business, in that market as a whole, was – is it now clearly a declining market or is it still flat? What would you – how would you parameterize that?

I think if you look overall including cloud applications that maybe done by AWS and et cetera, I think, it’s still a growing market. If you look on ADC appliance business, I think it maybe flattish, but if you look on the segments we are targeting now, which are the ADC – the secure ADC area that is in conjunction with security, I think that’s a growing market.

So, I were to eliminate the load balancing and other ADC applications that are built into AWS and Microsoft Azure, is the distinction you’re giving between that client, is that correct way to look at it?

So, I think, total market growing, appliance minus Azure and AWS maybe single digit or flat and secure ADC, which is within that larger more flattish market I think is going strong.

Okay. I will give the floor. Thank you.

Your next question comes from the line of Michael Kim with Imperial Capital. Your line is open.

Hi, guys. Could you talk a little bit about the integration, early integration of Seculert, how you are seeing that technology – those technology that aid analytics and machine learning now added to your capabilities and when we might be able to see either a distinct add-on module or how you might see that strengthen the value proposition for the overall solution?

Okay. So we believe Seculert will add another layer of detection and mitigation to our capabilities by providing, as we’ve mentioned, cloud-based big data machine learning layer on top of our solutions. We are in development phase, I believe we were going to see the first fruits of that early next year, but we definitely think that will take our solution to the next level and open another dimension with datacenter security.

And just in terms of financials, I’m not sure if I caught up, but what is the expectation for dilution in second quarter and is it your – do you continue to see that as accretive next year?

We talked about it this last quarter and we mentioned that the first one and second one will be $0.02 dilutive each quarter. We believe that 2018 will be accretive. Basically we expect next quarter, the guidance that we gave, which is including the Seculert impact is – we will consider that $0.02 per share dilutive from the Seculert activities.

Got it. And then lastly, I think about a year ago you talked about more than 10% of bookings coming from subscription sales, cloud and product subscriptions. Has that number moved to sort of 15% or 20%, can you provide an update on the contribution from subscriptions?

So, without putting specific figure, we’ve achieved our goal already as we’ve placed it and now of course we are looking on higher goals. I’m not comfortable yet sharing the exact number, but as you understand it’s growing very strongly and we achieved our previous mark.

Okay, great. Thank you very much.

Your next question comes from the line of Joseph Wolf with Barclays. Your line is open.

Hi, it’s Erica for Joseph. Just to follow-up a little bit on the Americas business, I know Alex asked a little bit earlier, but I guess just because that’s sort of the lowest level we’ve seen over the last couple of years and kind of given that transition into the services model, I guess we would have thought that there will be maybe less volatility around that, so I know you mentioned that bookings were very strong, does that mean that we should infer that the first quarter is just kind of a little bit of a hiccup there, can you just give us anymore color about that?

Yes, so, I think, from a revenue recognition, it’s a hiccup. From the business we are seeing continued strength there and while the transition there to subscription and to cloud security is the highest impact to the revenues, but we feel very, very good on the performance of the Americas in Q1.

Okay. My other questions were actually already asked and answered. Thank you.

Your next question comes from the line of Catharine Trebnick with Dougherty. Your line is open.

Thank you for taking my question. Mine is on virtual ADCs and SSLi. Have you – what is your thoughts on how well the virtual ADC traction is going? Are you seeing uplift in that – in your product line? And then the second part question, there’s been a lot of introductory with standalone SSL platforms and I haven’t heard you guys really talk about of really working in that area and could use some color on that.

Yes, so we continue to see a move to virtual ADCs whether they are sold as software only or multiple instances on our appliances, we are seeing that very well. The other point that you’ve mentioned, we call this area SSL [indiscernible] terminology and SSL inspection is available on our Alteon product line. It’s actually one of the secure applications we are pushing. We have great reference and I think key patents in this area. We are – definitely it’s one of our target areas. I think one of the top worldwide banks in the world is actually using us across all their datacenter. I think it’s the largest SSL inspection implementation in the world. So that’s definitely a very active market for us.

And then just to follow-on, could you quantify very good virtual ADC, I mean is that any percentage of sales, is it seem to be more popular, you are seeing more traction in that now than a year ago, just a little bit more detail. Thanks.

I don’t have the break for the revenue split. However we started with vADCs or virtual ADCs I think almost five years and we see continued increase in the number of instances people deploy. Those as I mentioned can be either the spindle on software instances or sharing on the appliances. [Indiscernible] platforms and our capabilities we constantly push this number higher in response to customer demand for that. So it’s definitely something that people are doing more and more and they are moving to instance per application or vADC per app versus the previous situation, legacy ADC, that they used one device and sharing it across application.

Okay. And I will let you go after this one, Roy. The last one is any price difference between a platform and a virtual instance because you do need to put them in front of – like you said per application, so it seems to me maybe the revenue for a platform for this might be the same, but could you clarify that or give me more clarity on that. Thank you.

So, a software only virtual ADC is selling for same, I’d say, price as you scale with the number of instances you are getting some break, but all in all it’s the same price. On the platform, there is initial price for the platform, but the cost per instance is then significantly lower obviously. I would say the breakeven point would sit around somewhere between 5 to 10 instances. Above that a platform with multiple instances will become more cost effective than separate software instances.

All right, thank you very much for your time Roy. I appreciate the color.

Thank you.

Your next question comes from the line of Ittai Kidron with Oppenheimer. Your line is open.

Thanks and congrats guys on a good quarter. Doron, I just wanted to make sure I understand the very long lasting weakness in enterprise, is that just a reflection of you are selling more to managed service provides that use your cloud services or is there something going on, there is like seven quarters in a row of year-over-year decline.

Maybe I will take it, Ittai. We are focused obviously more on the cloud solutions and so on. I think the enterprise is the one suffering most from this trend, carriers and cloud providers continue to buy equipment or products and as a result, I don’t think we are seeing the same trend of delaying or deferring revenues in the enterprise that’s where most of the subscription and cloud subscription specifically are going to and I think that’s the core thing you are seeing there. So while as we said our bookings is growing and growing strongly, the revenue recognition on the carrier is almost intact versus what we used to do in past years while enterprises really where the business transition is happening.

Got it. And can you talk about – going back to the Cisco situation, I mean, if I’m not mistaken already last summer, around the August, September timeframe, they started selling your solutions effectively in the market and this is after you’ve been engaged with [indiscernible] a year before that, I’m just wondering why does it take that long to ramp that relationship and when do you think it will be a more important part of your business?

Okay. So I tried to make it – to bring more color to it in my prepared remarks. So in the summer of last year, they’ve released starting even in Q1 and then in the summer they released the ASA, the legacy firewall software on top of the new hardware platforms with our DDoS module. So in that point, it was not yet the next generation firewall. They released the next-generation I think in the second half, December timeframe and added some to that in the March timeframe. And now in this March release, they made also the DDoS available on the next-gen firewall. So the next-gen firewall is very new in the market from Cisco. Why does it take so much time to release, I think, you need to refer that question to Cisco and therefore the strategy what to when I think they started with the hardware refresh and then they now have a full-blown next-gen firewall product. And as of March 10, I think we are now available on all the relevant OEM platforms that we were designed for. I think the relaxation starts now, I believe with regular sales cycles, 6 months to 9 months, that’s where we need to see the ramp-up. However, already we are seeing very strong and growing every quarter level of activity. So we remain very, very optimistic and that’s also the signals we are getting from Cisco about the potential here.

Got it. Helpful. And then lastly, on your billings, especially the uncollected one, I guess, was there anything – was there anyone customer that had a very big contribution in there, is there like a 10% contribution in there that kind of made this number move up quite substantially or it was widely distributed, how do I think about that?

The total deferred balance, I don’t think we have a single customers that’s 10%, no.

I’m talking about the uncollected.

The…

No, no, we don’t have any guidance.

Okay. Very good. All right. Good luck, guys.

Thank you.

That was our final question for today. I will turn the call back over to the presenters.

Thank you very much for attending and have a great day.