Welcome everyone to our Q4 and full year 2020 financial results video conference. At this time, all participants are in listen only mode during the formal presentation, which will be followed by a question and answer session.
Joining me remotely today on the call are Gil Schwed, Founder and CEO along with our CFO and COO, Tal Payne. As a reminder, the video conference is live on our website and recorded for replay. To access the live conference and replay information, please visit the company's Web site@checkpoint.com. For your convenience, the replay will be available on our website. If you'd like to reach us after the call, please contact Investor Relations by email atkipp@checkpoint.com.
Before we begin with management's presentation, I'd like to highlight the Following during the course of this presentation, Check Point's representatives may make certain forward looking statements. These forward looking statements Within the meaning of Section 27A of the Securities and Exchange Act of 1933 and Section 21E of the Securities and Exchange Act of 19 34 include, but are not limited to, statements related to Check Point's expectations regarding business, financial performance and customers introduction of new products, programs, success of those products and programs the environment for security threats and trends in the market our strategy focus areas and demand for solutions the impact of COVID-nineteen on our business, including our product development, sales, marketing efforts and our financial conditions and results of operations the impact of COVID-nineteen seen on our customer suppliers, business partners and the macroeconomic environment as a whole, our business and financial outlook, including our guidance for Q1 and full year 2021. Because these statements pertain to future events, they are subject to risks and uncertainty. Actual results could differ materially from Check Current expectations believe factors that could cause or contribute to such differences are contained in Check Point's earnings release issued on February 3, 2021, which is available on our website, and other factors and risks, including those discussed in Check Point's latest Annual Report on Form 20 F filed with the SEC.
Check Point assumes no obligation to update information concerning Ed's expectations or belief, Except as required by law, in our press release, which has been posted on our website, we present GAAP and non GAAP results, along with a reconciliation of such results, as well as the reasons for our presentation of non GAAP information. Now it's my pleasure to turn the call over to Tao Paine for a review of our financial results.
Thank you. Good morning and good afternoon to everyone joining us on the call today. I'm pleased to begin the review of the Q4 and the full year. Revenues for the Q4 increased by 4% year over year, reaching $564,000,000 And our non GAAP EPS grew by 7% to $2.17 both above the midpoint of our guidance. Before I proceed further into the numbers, let me remind you that our GAAP financial results include stock based compensation charges, amortization of acquired intangible assets and acquisition related expenses as well as the related tax effect.
Keep in mind, as applicable, non GAAP information is presented excluding these items. Now let's take a look at the financial highlights for the quarter. Revenues for the quarter reached $564,000,000 $14,000,000 above the midpoint of Our guidance, products and security subscription revenues were $340,000,000 a 6% increase year over year. Our subscription revenues continue to be strong with 10% growth year over year, reaching $180,000,000 Software updated maintenance revenues increased to $224,000,000 We've seen strength in our strategic areas. Our CloudGuard family had great results with high double digit growth.
Infinity continued the momentum with significant transactions in different verticals and impressive growth in the business we do with these customers. During the year, we launched the vast majority of our Quantum Appliances series. The family was well received in the market and we finished the year with over 90% transition. Deferred revenues reached $1,482,000,000 a growth of $95,000,000 7% growth Year over year, short term deferred revenues increased by 10%. Revenue distribution by geography for The fee for the quarter was as follows: 43% of revenues came from Americas 45% of revenues came from Europe, Middle East and Africa and the remaining 12% came from Asia Pacific.
We delivered strong gross profit of 89% and non GAAP Operating margin of 51%, similar to last year. Our financial income for the quarter was $14,000,000 As a reminder, interest rates in the U. S. Shortly dropped earlier this year, hence the reduction in the financial income versus last year. Naturally, this reduction is also part of the cash flow.
Effective non GAAP tax rates for the quarter was 0% as we expected. This quarter, similar to last year, our tax expenses include tax benefits from lapse of statutory limitations on certain provisions. GAAP net income was $271,000,000 a $1.95 per diluted share. Non GAAP net income was $301,000,000 or $2.17 per diluted share, an increase of 7% from Q4 of 2019 and 0 point 0 $8 above the mid of our guidance. The accelerated growth is related to the continued reduction in our diluted outstanding shares.
Our cash balances as of December 31 Reached $4,000,000,000 again. Operating cash flow for the quarter increased by 19% to $293,000,000 with strong collection As a reminder, we hedge our balance sheet against currency fluctuation. The hedge effect our cash flow with a minimal effect on the P and L as intended. During the quarter, the dollar weakened against the Israeli shekel, resulting in a hedge income of $26,000,000 in our cash flow compared to $2,000,000 last year. In addition, during the Q4 of last year, we completed the acquisition of Protego and Simplify.
Net of hedge and acquisition related costs, our operating cash flow increased by 4% year over year. During the quarter, we continued the purchase of our shares. We purchased 2,700,000 shares for $323,000,000 at an average price of $119 Now let's take a look at the financial results for the full year. Our revenues for the year reached $2,065,000,000 an increase of 4% year over year, dollars 50,000,000 above the midpoint of our original Subscription revenues continue to be the main growth drivers with Infinity and CloudGuard solution leading the growth. Infinity deals continue to gain momentum crossing the $100,000,000 booking bar.
Annual contract value of Infinity customers show Significant growth of 10ths or even 100ths of percentage as customers adopt the full Infinity threat protection solution. This is great news. CloudGuard solution already reached more than 3,000 customers. Both CloudGuard YaaS and CloudGuard SaaS are growing fast with a strong double digit. Non GAAP operating margin for the year was strong 50% as we had higher level of revenues on the one hand and about $40,000,000 less expenses as a result of COVID-nineteen impact on the other hand.
During the year, the dollar weakened against many currencies around the world. The effect on our results in 2020 was minimal as we recovered effectively by our hedge. The dollar continued to weaken after the year end as you could all see. Based on the current rates, the effect is expected to be an increase of our operating expenses for next year of about $25,000,000 Our financial income in 2020 reduced to $67,000,000 from $81,000,000 last year as a result of the reduction in the yield on our portfolio as we discussed. We expect again to see the continued drop of $1,000,000 to $2,000,000 a quarter with a total financial income for next year or for this year 2021 of $42,000,000 Effective non GAAP tax rate for the year was 13%, in line with our expectation.
For 2021, assuming no regulatory changes, we expect the tax rate for the year to be similar 12%, 13%. Quarterly tax rate for next year from Q1 to Q3 17% like Same like this year and around 0% around Q4 as a result of the lapse of statute limitation that's also expected to happen in Q4 next year. GAAP net income for the year was $847,000,000 or $5.93 $0.96 per diluted share. Non GAAP net income for the year was $963,000,000 or $6.78 per diluted The EPS was $0.13 above the high end of the original guidance for the year and is reflecting an increase of 11%. Cash flow from operation increased by 4% to $1,152,000,000 During the year, the company repurchased approximately 11,400,000 shares at the cost of $1,300,000,000 at an average price of $114 For 2021, based on the current buyback rates and the current share price, We expect our average diluted number of shares to be around $136,000,000 for the year sorry, dollars 136,000,000 shares for the year, starting at BRL138 1,000,000 in Q1 and moving down to BRL134 1,000,000 by Q4.
Now I'll turn the call over to Gil for his comments.
Thank you, Tal, and happy belated New Year for all of you joining us on the call today. I hope that you and your family are safe and healthy. I'm glad to report the results for 2020. What a year it was. As you've heard from Tal, we delivered good numbers for the Q4 and for the entire year.
But more important is what we achieved throughout the year. Despite the pandemic, we launched an entirely new product line for our core network security business, the Quantum family, And the results were quite positive from negative product growth in 2019 to positive 1 in 2020. Our cloud business delivered double digit growth in 2020, a trend that intensified in the second half of the year. Finally, our Infinity solution will deliver the industry only preventative architecture for cybersecurity across the Higher spectrum of attack vectors, network cloud and endpoint more than doubled its number of customers and contract value. We've augmented all our product families with plenty of technologies, serverless protection for cloud, IoT and autonomous threat prevention on the network, EDR capabilities for the endpoint and our new Infinity SOC security research and management tool, just to name few key technologies that are now part of our products in Infinity architecture.
The importance of cyber And the Internet has risen significantly over the last year. The network became the lifeline of our lives and businesses, And I believe I've said it before, but our industry can be proud, we kept the world running. The world faced big increases in traffic and with that, it also faced a huge increase in cyber attack. I can go on and on and describe our achievements in 2020, but I'd like to focus more on talking about the state of cybersecurity and our plans for 2021. I've been speaking about the 5th generation or Gen 5 cyber attacks the past couple of years.
2020 demonstrated that it is not a theory or a projection, but the Gen 5 attacks are here, Sophisticated multi vector attack that are polymorphing disguise themselves very well, start the attack in one place and a few steps later deep in the enterprise. This was the hallmark of many of the attacks in 2020, Including the Emotet bot that was one of the most popular launchpad for attacks last year, the Emotet network was taken down in a sophisticated operation involving the law enforcement agencies from 8 countries, great achievement for cyber law enforcement, but also an important signal for all of us. Emotet has been active since 2014. We saw it in 1 out of 5 enterprises in the world. We can't allow attacks to go on for 7 years.
We have to defend against it ourselves, which we do. Check Point's advanced threat prevention uniquely designed to prevent these attacks on patient 0 even when the malware is polymorphic and appears differently on each attack. In the middle of 2020, we coined the term cyber pandemic, which was underscored by the World Economic Forum, emphasizing the world is indeed facing a cyber pandemic. In December 2020, the Sunburst attack demonstrated the impact that the Gen 5 cyber pandemic can cause, an attack that was seen in over 18,000 organization, including the top U. S.
Government agencies and the world's largest companies. Sunburst started with an attack vector that is almost impossible to detect embedded into the SolarWinds software, but once executed, it's made its way into multiple systems in the network and presented major challenges cloud environments that were the most vulnerable to the sunburst attack, a true gen 5 attack. This nightmare and worst Case scenarios of executive and seesaws have now become a terrible reality. Most leaders in 2020 characterized last year as one stuck in survival mode. Everyone needed to operate in environments they've never experienced, Face level of uncertainty the world has never seen before and challenges the world has never faced in this modern era.
Looking at the state of cybersecurity, it is time to move from survival mode into revival mode. It's a new world and we have the opportunity to protect it. We're starting 2021 with a strong focused and ambitious strategy to make our customers secure in this new area of Gen5 cyber attack. A strategy that relies on the technologies we've developed over many years, a strategy that will make achieving the required level of security much simpler than ever before. We have over 80 products and technologies today.
In 2021, we are going to provide them under 3 key families with unified management and control tool for the entire environment. Let me describe briefly these 3 families. First, let me start with the U. S. Family to our portfolio.
Work from anywhere has become the new norm. Over 70% of businesses believe that it will become a major part of operations post corona. Seesaw that prioritize securing the work from anywhere as Top priority for the next 2 years, a very new phenomenon in cyber. We're going to tackle this challenge head on and provide the best solution for Veth, Secure connectivity from anywhere and secure work environment on any device, company managed, personnel and mobile. It involves unifying over 7 different security categories from endpoint to clientless remote access.
We believe no single vendor except Check Point is always technologies to date. It presents a great opportunity for us and for our customers. The second pillar will be a continued focus on cloud security. We intend to continue and are driving to make the CloudGuard family the most comprehensive cloud security solution in the industry. In 2021, we are going to augment it with the next generation of web application firewall, one that is powered by what we call contextual AI, where the system deployment and learning phase can be reduced from 48 days on legacy systems to 48 hours with our automated technology.
Our new application security capabilities will secure multiple cloud workloads, APIs, web application as well as hosted and on premise web servers, a $1,500,000,000 market potential that will augment our The 3rd pillar is our Quantum family, a comprehensive set of solutions for network security. In 2021, our Quantum family will include all network security technologies for all sizes of networks, From nanosecurity on IoT devices to terabit security on major networks. Today, we introduced The Quantum Spark Appliances, creating a full set of solution for branch offices and small businesses, this family will utilize an intuitive web based installation Technologies making it what we believe to be the most comprehensive network security solution in the industry. So our 3 pillars are going to be quite simple: Securing the users wherever they are, CloudGuard for the cloud and Quantum for the network. Simple, isn't it?
But one more thing, These 3 families are going to enjoy a single management suite called the new suite will be called Infinity Vision. It includes the ability to manage the entire portfolio with a single portal. Some users will prefer to run parts of it on premise, but the fully enabled cloud based management is going to be provided. Infinity Vision will also include our SOC and XDR tools, Many of them will be delivered in 2021 and will provide sophisticated intelligence tools. All are going to enjoy unified policies, Monitoring tools and most important, the threat cloud service that will relay the attack information across the world and across all attack vectors and turn security information into actionable prevention.
Overall, I believe that the revolution of our product portfolio is going to provide the world what it needs: Unified Strong Cybersecurity. On the business front, we're going to augment these technologies and innovation with increased investment in Our sales and R and D organization, we started the year with our sales kickoff meetings. For the first time, we held them virtually. We received excellent scores from our employees and partners on the event and more important on the clarity of the vision and the market fit of the solutions. Today, we're finishing the last event.
We started 2 weeks ago with our APAC sales kickoff, continued with the American sales kickoff And just now finishing our European sales kickoff meeting. At the end of the month, we are going to hold our first virtual Checkpoint Experian's customer conference and we expect record attendance at the coming CPX. I believe that we're entering a new world in 2021, A world represents new cyber challenges and new opportunities for everyone, new opportunities for the way we work, the way we live and opportunities to secure this world. This is a good transition to our 2021 projection. As you know my regular caveat, it's hard to predict the future, especially with the challenges we're implementing to our Technology, business and the pandemic around the world.
The level of uncertainty in our world remains high, but we will do my best to share with you Our guiding principle, bear in mind that many things can change. With that in mind, our revenues for 2021 are expected to be in the range of $2,080,100,000 to $2,180,100,000 for the entire year. As for earnings, in 2021, we plan to invest more in our business. I believe that the new opportunities ahead of us warrant more investments than what we did last year. Keep in mind that the level of expenses in 2020 was extraordinary low as a result of The cancellation of almost all physical activities.
This had a positive impact on our earnings in 2020 of approximately €0.25 We expect partial return of these expenses in 2021. On top of that, just like Talsell, the dollar is weakened and has A big effect on us is more than 50% of our expenses are not in U. S. Dollar, about $0.16 impacts as of today. And interest have gone down, which reduced our interest income, also about 16% impact.
The total impact of these three factors is approximately $0.52 So we are starting 2021 with minus $0.52 to our annual EPS, mostly by the way in the latter part of the year. So based on these assumptions, our non GAAP earnings per share is expected to be in the range of $6.45 to $6.85 GAAP EPS is expected to be approximately $0.90 lower. For the Q1, we expect revenues in the range of $485,000,000 to $515,000,000 and non GAAP EPS in the range of $1.45 to $1.55 GAAP EPS is expected to be approximately $0.22 less for the Q1. Thank you for being with us today, and we'd love to hear your questions.
Thank you, Gil. Before we begin with the Q and A session, due to constraints and then consideration of other participants, please limit yourself to one question. If you run into technical difficulty, please type your question into the chat. Our first question today is going to come from Adam Tindle from Raymond James, followed by Fatima Boolani from UBS Equities. Adam?
Okay. Thanks, Kipp. I just wanted to start with the near term and long term repercussions of Sunburst and maybe Tal could start on the near term. Could you maybe talk about the cadence of Q4? Did you see any acceleration in conjunction with this?
It looks like you're guiding revenue above seasonal in Q1 based on what I can So just wondering if maybe there's some first thing that you're seeing to give you confidence in that above seasonal? And then maybe Gil can tackle the long term. Just speak to the repercussions for security architecture changes and does this open opportunity for M and A for Check Point or do you think you can attack it with your existing portfolio? Thank you.
Gilen, you need to
Go ahead.
Yes. So I wouldn't say I saw something specific relating to that. Q1 guidance is based A lot of it is mathematical in the sense that some of it's coming from the deferred revenues. So we know already how much we have in hand, both in the subscription and in the support. And product is the area where you have the range where you can be higher or lower depends on what will show up in the product revenue.
So it's not relating really to Any increased demand or decreased demand we see in the market. We expect it to be in line with our expectation.
And again, for the strategic impact for that, first, I think it highlighted the fact that VisaTech sophisticated, this guidance went very well, True Gen 5 attack like we've described and this is real, this is something we have to face. Is it going to have a direct impact on our revenues? I hope it will because I think we're the only ones that can actually address that. Companies were like frozen with what should we do, Companies invested tons of energy just investigating what happened 6 months before trying to realize if they were Tax, by the way, I think it's very hard to know. Sunburst was an attack that most companies cannot know if they were affected by it.
It Got in, did what it did and in many organization it just deleted itself and left almost no traces. But and again, I think the secret against it is not to know that you were hacked and your secrets were stolen 6 months ago. The key is to prevent it and make sure that whatever gets inside doesn't proliferate, doesn't cause damage, and that's all about prevention. I think we're doing that. We're doing that quite effectively, and I think we can face these attacks.
And I think our challenge remains to Show customers the huge difference in deploying our technology and deploying our solution compared to everything else that I know in the market
Okay. Maybe I'll repeat the guidance since I'm not sure everyone heard it. So for the Q1, $485,000,000 to $515,000,000 and non GAAP EPS in the range of 1 point $0.45 to $1.55 GAAP EPS, dollars 0.22 below and for the year, dollars 2,080,000,000 To $2,180,000,000 and the EPS, non GAAP, dollars 6.45 To $6.85 GAAP EPS expected to be $0.90, dollars 0.90 lower. Thank you, Tal. So the
high end of revenue guidance 5.15 not 5.50?
4.85 To 515, yes.
I heard 550. Okay, that's helpful. Thank you.
Sure.
All right. Our next question is going to come from Fatima Boolani followed by Brad Zelnick at Credit Suisse.
Good morning. Thank you for taking the questions. Gil, maybe to start with you very quickly. You were very explicit that 2021 is going to be characterized by Investments in R and D and sales and marketing. And so as I think about the new product families and the vision you have around your new product families, Can you talk to us around how that's going to impact your go to market efforts, specifically around any Changes to incentives, compensation structures, to your direct sales force and how this is going to move down the pipe with some of your channel partners as you build and continue to build your channel partner relationships?
And I have a quick follow-up for Tal, please.
Sure. So first, in terms of For go to market, I mean, the general structure remains the same and we have a big and good sales organization That doesn't need the major changes, need some small ones. We do have 2 overlays, one that will focus On the CloudGuard technology and another overlay that supports the sales with regards to the new user centric security, we haven't Formerly launch the name for that, but you'll see that in couple of weeks. And I think that's going to be a very, very focused approach. So now if before, again, if I'm a sales guy or if I'm a customer and I need a solution, Check Point probably has that solution amongst the 280 different technologies.
Now it's extremely simple. If you want cloud, CloudGuard is the solution. If you want something about remote connectivity end user, Harmony is the solution. And that will work both in positioning it, in getting the technologies in it and by the way also in the ability to sell it because Some of these solutions are going to be much simpler to purchase, like one price for the entire suite and not having to deal with tons of different Queues and the sizing for the different elements. And of course, if you need a network solution, it's part of the quantum family that still remains.
And by the way, has a huge potential in it for the main markets. So I think from a go to market, this is a very good strategy. Add to that Infinity that enables customer get the full architecture. And again, Infinity is still small, but it's growing fast. And again, I think Tal mentioned double the number of customers, double the contract value last year.
So I mean, it's hitting on all the right things, still a way to go, still a few years before All these three components will become the huge part of the business, but I think we are now seeing that it's, I mean, when we analyze our internal measures and everything in 2020 and in 2021, we're going to be very important for the growth. And if they will be successful, we will see Their impact on the overall business. So I think overall it has good impact. By the way, I think everything that I've said now is not just for our sales force, it's for the cost, It's for the partners, it's for everyone. Again, if you're a partner, you have a cloud issue, you don't know all the different few 100 vendors, dozens of solution, CloudGuard is a good solution.
Quantum is a good solution. And I mean, for connectivity and end user, Good family for that. So I think it will make things much simpler for everyone. For the customer, again, I got feedback from customers that Now it's simple for me. Now I understand that I need that solution.
Tal, just very quickly for you. How should we see these efforts consolidating around these 3 product families show up in the financials. If you can give us Just some finer points on how the revenue segmentation and growth trends within the revenue segmentation should trend over 2021.
Sorry, it shouldn't really change. And remember, things happen Not the next day, right? But the same thing, when you talk about the appliances, you're going to see it in the product line. When you talk about the subscription, it doesn't matter if it's So subscription that relates to the remote access or if it's subscription that relates to NGTP or NGFW or Sun All of them are subscriptions. So all of them will be in the subscription line and support is support.
Infinity is the only one not the only one, but the major one When you do a transaction of Infinity, it's actually split between the entire lines. Some of it going to products, some of it going Support and some of it to subscription. And a major part of it, probably more than 50% going to the subscription line Because it encapsulates everything that Checkpoint has to offer, hence, majority of it going through subscription line.
Appreciate it.
Thank you so much.
Thank you, Fatima. Our next question comes from Brad Zelnick at Credit Suisse followed by Sterling Auty at JP Morgan. And please try to keep to the one question at a time going forward. Thank you.
Great. Thank you so much, Kipp. Nice to see everybody and congrats on a Really strong Q4. Gil, as we think about Sunburst and the future of other supply chain attacks, at the end of the day, Don't they all rely on lateral movement across the network? And if so, do you think this accelerates a broader shift to 0 Trust security models?
And can you maybe speak about not only how Check Point succeeds in a 0 Trust world, but also the extent to which it might be a headwind to the core business?
I think first you're absolutely right. VisaTax underscore the importance of network segmentation of 0 Trust of All the network security capabilities at the end are the main capabilities to stop an attack. We know that there is no way to I mean, We are in a world that things can get in, in some way. What we need to do is to stop them and contain them that they are there. And network security is the most effective one.
We can't get to every workload in the world and every application in the world. We are trying by the way. We have plenty of technology and plenty of market space to secure many workloads and we are doing that. But at the end of the day, the main one is these network security capabilities that See the attack and stop it right there and contain it. And I think that should provide us with an opportunity And more opportunity to our network security portfolio.
Okay. Thank you. That's it for me.
All right. Our next question is with Sterling Auty at JPMorgan followed by Joel Fishbein from Truist Securities.
Yes, thanks. Hi, guys. Wanted to return back to the go to market discussion. Wondering the success that you've seen in the Americas channel in particular in 2020. Was there anything that you did differently or any learnings that you can now take and apply To both Europe and Asia?
I think we've seen good traction and good cooperation with channels in America, but I think it's the other way around. Asia and especially Europe are working better with the channel. And I think in America, we can learn from the cooperation that we have in Europe. I think it's now unified under our Head of Worldwide Channels, Frank, you may have seen some exposure to him. And I think we are trying to learn, again, 1st, every region and every place can learn from others.
But I think Europe is the place when we have the best Cooperation with the channel, the best joint go to market. There's a lot of cooperation that we do can do and do much more in the U. S. In getting to new customers and so on. And I think it's a little bit more challenging actually in the U.
S. Than in other places. Thank you.
Our next call is going to be with Philip Winslow from Wells Fargo followed by Ben Bollin at Cleveland Research.
Thanks for taking my question. The question for Gil, When you compare a Sunburst to let's say prior attacks like NotPetya, some of the things we saw at Target years ago, what do you think the implications or what's different This time in your mind versus prior attacks that similarly were widespread or in some cases very focused on specific companies. What's different this what do you think the ramifications are?
I think first, with each attack, you learn new techniques and the level of creativity that the attackers there is unbelievable. I'm saying All the time, I'm meeting with our researchers and seeing the vulnerabilities that they find in applications, in infrastructure and everything, It is truly unbelievable. Maybe one day we should do a seminar for you guys to show you some of the what the researcher find. I meet with them every week or 2. Every time I'm getting shocked from the level of vulnerabilities that they find and the attacks that are being found.
I think what's unique about Sunburst It's the fact that it was super, super professional. It hide itself very, very well. I mean, it was really hard to detect that. I think, by the way, we will never know the extent of the damage and the information that was stolen because we really saw that it got in, Took a lot of stuff. I mean, many or some organizations it stayed in, many organizations it simply erased itself and left almost no traces.
With our researchers and our all our incident response team, all the teams that we have a very good security professional, Helps many customers, analyzed many environments and almost left no traces. And on the other hand, by the way, took something that was an internal attack. It's actually started from within the core network of the company with SolarWinds and so on And took Active Directory certificates and took cloud certificates and used them to penetrate the cloud from the outside. So the cloud actually in many cases remained vulnerable because by the way the cloud in many cases is not shielded as well with gateways and firewall like the Core of the network like the data center inside the network. So SolarWinds to that extent is we will Sunburst will remain An attack that I think we'll hear a lot more about it in the future as more and more research will get public.
So far, I think the world, not The world in general knows doesn't know enough about that and who's behind it and what we've done. And I think that's the unique part. It was an attack that was Seems like it stays sponsored with all that sophistication and especially with the fact that They left no traces and no information was leaked or disclosed, but found itself into the wrong hands for sure.
I think we all would want to hear from your researchers on a webinar. I like that idea.
Sure. So we'll schedule that.
All right. Thank you, Philip? Our next question is coming from Ben Bollin followed by Shaul Eyal of Oppenheimer.
Good afternoon. Good morning. Thank you for taking the question. Could you tell us a little bit about Maybe the mix of revenue and or billings attributable to cloud and SaaS subscriptions In 4Q or for the year and how this has developed over time. Then as you get more of that Revenue mix over time, take us through the impact on support and maintenance revenue?
Thank you.
I'm not sure I understand what you mean when you say the mix. Can you elaborate a bit?
So if you look at Infinity, Dome9, could you take us through how much revenue you're generating from those products and how that's developed and then where that's going?
Okay. So it's still not very big, but I'll just give you a sense. Cloud, When you say Dome9 is part of the CloudGuard solution, so you have mainly CloudGuard YAS, which is Dome9 in our YAS solution And you have a CloudGuard SaaS, when I put it all together, the CloudGuard, it's over 10% of the Subscription line already. So it's already quite material, but not material enough to pull on the number up enough. But that's a good trend because if it's growing in a double digit and a fast double digit, it's over 50% growth, then over time it will become Bigger and bigger and we will see that pulling all the numbers up.
So cloud is a great success. When you talk about and majority of it, If not all of it is in the subscription line. I think very small portion might be in product, but I think majority by far is in the subscription. When you talk about Infinity, it's smaller, maybe about half just for a high level size In the revenues already, which means already also becoming a significant low tens of 1,000,000 in the revenues. So it's no longer $1,000,000 $2,000,000 $3,000,000 it's already getting to a few low tens of 1,000,000 and that's again growing also quite fast.
I gave an example that when we signed an Infinity Total Protection transaction, the annual contract value of the customer can grow in tens of percent or it can grow in 100 of percent, It can grow in tens of percent or it can grow in 100 of percent, depends what was his starting point. If he had very few solutions of Checkpoint Now he gets everything, it can grow in 100 of percentage. And if it's already was a customer that was very well covered, then it can grow maybe in tens of percent. But that's a wonderful opportunity. That dollars are showing up in 3 different lines because remember it provides to the customer everything we have.
So he gets in that bucket product, the budget for the year, he gets all the subscription solutions of Checkpoint and he gets the support for the appliances. So that actually appears in all of the lines, although still majority of it, probably over 50% is in the subscription
Thanks, Ben. Our next question is from Shaul Eyal at Oppenheimer. Followed by Gray Powell at BTIG. Thank you. Hi.
Good afternoon, guys. Gil, Quick question on your threat intelligence capabilities, are these homegrown solutions or are you partnering with some other companies, maybe some emerging startups in Israel, outside of Israel, just curious how do you approach threat intelligence?
So first in intelligence, you need to collect it from many, many sources and that's something we learn. So our threat intelligence technology is our own. We have amazing capabilities for research, but we are also cooperating and subscribing to many, many other services. I mean, some of it is cooperation, which is quite good. We're even, by the way, part of an organization that shares threat intelligence with our competitors, CTA, which is an organization That's an industry wide organization between us and our direct competitors.
We are subscribing to many other threat feeds from other companies. And we are cooperating with few startups that are providing threat intelligence, even though I'm not sure that we have A direct link or a direct subscription to Verifid. But still the majority of the technology and most of Our findings there is our own technology. We have, by the way, plenty of sensors around the world that find plenty of things. That's the nice thing about it.
Example, when we analyze files that are being sent all around the world and when we find a malicious file, immediately the File signature or the file characteristics that arise from that is added to the FreshCloud for all customers and that happens in real time. So if we find one file in my mailbox, suddenly millions of Check Point customers are being protected in the same second. And not only that, by the way, it's not just Knowing that this specific file is insecure, and by the way, this is the unique thing about ThreatCloud. In our solution, One endpoint will find the signature, the same endpoints, other endpoints might stop that file. Here, the file won't be downloaded on the web, the file won't Pass through the network, we will have the ability to identify that everywhere.
But on top of that, we will Track from these files many other what's called IOCs. So for example, if that malware communicates with Command and control server somewhere over the Internet, we can take down that command and control or stop the communication to that command and control for all customers worldwide. And I think that's the And I think that's the unique thing about our threat cloud and what's behind the lock of our threat intelligence.
Thank you.
Thank you, Shaul. Our next The question is going to come from Gray Powell at BTIG followed by Rob Owens of Piper Sandler.
Okay, great. Thanks for taking the question. This might sound like I'm getting a little bit into the weeds here, but I'm actually looking for more of a high level answer. If I just kind of run through the numbers, if I take current billings and I back out product revenue as sort of a proxy for annual subscription or annual recurring billings. The growth there really accelerated nicely in Q4.
It was actually the best performance we've seen from Check Point in about 3 years. So can you just talk about the drivers there, either in terms of attach subscription Or on the cloud side and just the overall sustainability of that trend.
Are you basically calculating your implied booking?
Yes.
Okay. Just wanted to make sure I understand. So you're right, the implied booking was high. I think in the short term, it was 10 Percent and the total implied was about 8%, so it's very high. We did have very good booking.
We did have a very good implied booking. We had a good quarter. You know that because we're transitioning into cloud and to Infinity, then it takes time to see that translating into the P and L and into the revenues. So probably number one reason is that fact. We got a lot of Infinity and the cloud transaction and subscription in general.
I gave a hint about the Infinity of a $100,000,000 booking. It's quite significant. So hopefully, it will continue this trend of these drivers. If you remember, we defined the growth when we talked about what we need to do in order to grow over time. We said it will take a while, but the 3 main pillars are Cloud, Infinity and now we're talking also about remote access hopefully that will start next year with the new plan that Gil presented.
So this is In line with our efforts to focus on those growth areas.
Got it. Okay. Thank you very much.
That's all
right. Thank you, guys. As we contemplate kind of this shift towards more the remote user and potentially more user centric models. Does this potentially change the pricing dynamic for Check Point moving forward and then have TAM implications moving forward? Thanks.
I think we definitely grow the addressable market. I specifically didn't talk about the spread side because all the sizes about remote access and endpoint security Our giant markets are not attempting to take on all these markets and replace all these solutions there. We are focusing on the new world of Connecting the mobile workforce of connecting work from everywhere, work from anywhere, the way we want to call it And securing that, again, I think it's many, many different categories. And I think what we found when we analyze the market trend is, A, This market that wasn't the top priority for customers shifted from mid or low priority into the top priority on customer mindset And we have all the technologies. It's unbelievable.
I mean, when we looked at our portfolio, we found out that we have, let's say, more than a dozen solutions that address all the elements. So now we need Take them, put them together. There's still a work that we need to do. I'm not trying to say that it's trivial. It's not.
But I think We have what no other company has. Just remember, by the way, we completed another acquisition in that field in I think it was September or October, The acquisition of Allot, so we were very, very active on that. And now we it all came together and say, no, it doesn't need to be A dozen different solution, one point solution for every one point problem, but a unified one. And I think it can change the whole thing, the pricing dynamics, The simplicity, everything around that because we will make it very, very simple to acquire and to implement And mainly to get the security level.
Thanks, Rob.
Thank you.
Appreciate it. Our next caller is Michael Turits with KeyBanc followed by Saket Kalia from Barclays.
Thanks, Kipp. So congrats, Scott, Tal and Gil and everybody. So I just want to ask about product, which as you pointed out was really strong this year and turning coming back to a positive. Was there a lag in people's abilities to refresh firewalls last year. And does that start to come back?
And if so, why wouldn't that provide a little bit more visibility into Q1 and potential for upside to revenue given strong billings this quarter.
1st, in terms of the product business, in many cases, we supply the products right away. So actually where we have the deferred revenues and the Predictability is more on all the average subscription line products. We are usually very fast to supply them even within the last few days of the quarter. As for last year, on one hand, we saw some demand, some increased demand For example, in April, we in March, we saw companies that pushing big order not I mean, for these specific customers, big orders to increase capacity on the network. On the other hand, customers generally last year tried to avoid getting into the data center because we were all Working from home and we didn't want to touch anything physical unless it's absolutely necessary.
So I think last year was characterized by somewhat of a Slow down of everything that's physical. Despite that, I think we turned from negative into positive, which means that it has potential. My belief, by the way, is that The market for network security and gateways and firewall has a huge potential. That's the main point when we the most effective point to block This new cyber pandemic attacks, we really need that.
Thanks, Michael. Our next question is going to come from Saket Kalia from Barclays followed by our last question from Brian Essex of Goldman Sachs. Go ahead Saket.
Hey, great. Can you hear me okay, Kipp?
Yes.
Okay, excellent. Thanks for taking my question here guys and fitting me in. Paul, maybe the question is for you. That was a nice little hint that you provided just on IPP bookings, I think, crossing $100,000,000 this year. The question is, Can you just talk about how big they were last year?
And also touch on what's prompting customers to opt for ITP when buying network security versus buying that under sort of the traditional pricing model. Does that make sense?
The first question I got yes, can you hear me? Yes. The first question I got, it's grown significantly over 100%. I don't remember the exact number, but it was a significant growth. And the second part of the question, what was that?
The second question is, what do you think is prompting customers to go for ITP pricing versus buying firewalls sort of in the traditional model?
So I think first to start before the pricing, it first starts with the need. So when the Customers understand what was Gil relating to that as the world become complex and many customers need to adopt more and more solutions, It becomes very complement to implement separate spread solutions for many different vendors in many different places with different Management capabilities and so on. So it first comes with the need of increasing your security while trying to keep it maybe I would say as simple as you can in a complicated world. The pricing is complementary to that where it says you don't need now to negotiate with us 20 or 50 or 60 different features Pricing, 1 of them based on user, 1 of them based on gateway, 1 of them based on throughput, 1 percentage of The enterprise installed base and so on. Here you get one simple pricing.
Tell me how many users you have. Your price will be X numbers of dollars multiplied, very simple and you can basically go and install in your pace hopefully fast everything you need in the organization. So I would think as the CTO, as the CISO and as the CFO, everyone will prefer that both from financial perspective and from simplicity perspective.
Very helpful. Thanks.
Thanks Saket. And our last question is coming from Brian Essex from Goldman Sachs. Let's see if he's there he is.
Gil, all right. Thank you for I really appreciate it. Gil, I just have a question for you. I wanted to hit on the competitive dynamics you're seeing in the market, particularly given the product cycles that you've had, you RE, now REV1, you've got Maestro, Quantum, Infinity. How much of that growth is in the installed base and where do you see share coming Is this a dynamic where we have just an installed base of existing customers that you can help them where you can help them migrate to the next generation of threat prevention?
Or do you see meaningful uptick from incremental customers on the platform and where might those be coming from? Is it are we seeing, for example, shared ownership from larger legacy vendors like Cisco or Juniper or Are these kind of head to head competitive new wins in the next gen market? Just a little bit of color, right, kind of around the competitive dynamics.
Sure. So first, my priority has been for the last few years about getting new customers, not just new. Now still the majority of our business, the vast majority Coming from our installed base, both because that's I mean, these are the people that we're fresh, these are the people that like us. Also, we have a lot of enterprises that are maybe, by the way, Small customers now and are growing and becoming more major. Still we have amazing set of competitive wins And that's not just by the way against the older vendors in the marketplace, but also against some of the other vendors in our market And we have a lot of nice wins, a lot of competitive wins when the customers actually evaluate the product, actually think that They come up with a lot of technologies and being innovative and being cool, but at the end, they don't prevent the attacks.
Look at their instruction manual. They'll tell you if you got infected by a freight, We will give you an alert after it happened, after it's in and we recommend that you disconnect the network. It's taken from the instruction manual of our Top competitor. By the way, I'm seeing that some of it by the way is How the world understands the solution? Most of the solutions today in the marketplace are not deployed with the Full capability the full threat prevention capabilities on and with the full prevention on, which means that if we go to a customer and implement a product the right way, The product has brings 10 times more value.
It also, by the way, maybe a little bit more complicated, Maybe a little bit more challenging to operate because it does the work. I mean, we replaced competitive product in scum customers. Customer complained that it was complicated, that it wasn't as fast. Then we looked what they've done with the competitive products and they basically done nothing. It's like going with it's like going to a hospital with a serious heart condition in one place you're being Operated and get all the treatment.
In the other end, we give you an aspirin and hope that it helps. So in many cases, When people use our competitors' products, they don't use them to the extent they even need to use them. Not just the capabilities, it's how we use them. So I think overall, we've seen all of that. We had very, very nice competitive wins in the last quarter.
Some of the biggest names, by the way, We've seen it in healthcare. We've seen it in hospital. We've seen it with companies that manufacture the COVID-nineteen vaccines. So we've seen very, very nice competitive wins when we took over competitors and replaced them with solutions that actually provide prevention.
All right. That's super helpful. Thank you.
Thanks, Brian. Thank you all for joining us today. That's going to conclude our call. We'll look forward to speaking to you throughout the quarter. And with that, I'll allow you guys to disconnect and have a great day.
Bye bye.
Thank you very much.
Thank you, guys.