Please welcome vice president of investor relations, David Niederman.
Hello. Thanks for coming. We really appreciate it. Afternoon. I'm David Neiderman, I'm Vice President, Investor Relations at Palo Alto Networks.
Thanks for joining us today to discuss our fiscal fourth quarter full year 2019 results. This meeting is being broadcast live over the web and can be accessed on our Investor Relations section of our website, investors. Palsolnetworks.com. Earlier this afternoon, we issued a press release announcing our results for our fiscal fourth quarter and full year ended July 31, 2019,
We also provided a script
of certain fiscal 4th quarter and full year 2019 financial results and operating metrics along with applicable reconciliations as exhibits to a current report on Form Eight K filed with the SEC earlier this afternoon. Copies of these materials can also be found on the Investors section of our website. I'd like to remind you that management will be making forward looking statements, including statements regarding our near and long term financial guidance and strategy, as well as modeling points, for Q1 'twenty and full year fiscal 2020. Please kindly take a moment to review the Safe Harbor language provided with enhanced materials Also, please note that certain financial measures we use on this call are expressed on a non GAAP basis and have been adjusted to exclude certain charges. For historical periods, we provided reconciliations of these non GAAP financial measures to GAAP financial measures and the supplemental financial information that can be found.
The end of the presentation and in the Investors section of our website located at investors. Palthernetworks.com. On stage with us today will be Nikesh Alora, our Chairman and Chief Executive Officer, Kathy Bnano, our Chief Financial Officer, Lee Klarich, our Chief Product Officer, and Newseth, our Chief Technology Officer. We will have a Q and A form at the end of the financial presentation, And with that, I'll turn it over Kathy.
Hi, everyone. Thank you so much for coming today. Oh, look. That's battering of applause. How nice.
I appreciate that. Thank you. Thank you all very, very much for coming today. We appreciate your interest in Palo Alto Networks. We have a lot to cover today, and so I'm just gonna get right into it.
I'm gonna start by providing a quick overview of our fiscal Q4, results for the fiscal year 2019 and full year results. Nikesh will then come up, and he'll walk you through our strategy and our operating framework for the next 3 years. And then Lee Klarich and Nir Zook will take you through our product strategy and always turn to cover forward looking guidance at the end. So let's turn now to fiscal fourth quarter 2019, which capped off another great year for Palo Alto Networks. In the quarter, we quarterly billings crossed the $1,000,000,000 mark, a first in the company's history, and our performance improvement in core tech or as we refer to them collectively as next gen security was especially strong.
Our net Gen Security billings were approximately $192,000,000 in the quarter. This represents a 7 $68,000,000 annual run rate to approximately and accelerated our growth to approximately 180% year over year. For the full fiscal $924,000,000. If we adjust for the cash charges associated with our headquarters in Santa Clara, and the retirement of our 2019 convertible debt. Free cash flow for the year was $1,100,000,000 at a margin of 36 0.7%.
So let's turn now to some of those product highlights for the quarter. In Q4, we completed the acquisitions of Twistlock and PureSec, and we are actively integrating them into our Prisma cloud offering. We also released significant updates to Prisma Access, including providing over 100 network onboarding locations around the globe, and providing clean pipes for service providers, along with several other unique capabilities in that release. In addition, we released trapped 6.1, which included expanded support for Mac OS and Linux, further strengthening our endpoint and XDR offerings. And we received FedRAMP certification for wildfire cloud, a huge milestone towards shifting government wildfire usage towards the cloud.
And as you probably just saw, Earlier this afternoon, we announced our intent to acquire XyngBox, an enterprise IoT security company. As Nikesh will discuss a bit later, this acquisition is yet another example of our ongoing strategy to consolidate new technologies into our next generation firewall platform, making it easier for customers to protect their complex enterprise environment. In addition to product releases, we had several notable wins during the quarter. We displaced Symantec and Zscaler at a Fortune 50 U. S.
Retailer to secure their data center and network of more than 2000 retail outlets. We displaced Vscaler and beat Fortinet at a major European National Healthcare provider, in their digital transformation project. They're securing their hundreds of hospitals, along with all of their patients and employees. Was a great win for us in the quarter. We beat CrowdStrike and displaced Symantec with our Prisma and Cortech platform, at a global insurance company with more than 25,000,000 policyholders.
And we beat Fortinet and displayed Cisco to become the standard security platform for the government of 1 of the most populous regions in Asia Pacific. In summary, there was a lot of great news in the quarter. We continue to have high win rates against our competition, and add thousands of new customers every quarter. In Q4, we added nearly 3000 new customers and are now privileged to have won nearly 65,000 customers. We're looking forward to another great year in fiscal 2020, and we'll now move on to the rest of the presentation.
Please welcome our CEO, Nikesh Sharola.
Good afternoon. Thank you very much for joining us, and thank you, Cathy. Normally when I get up on stage, I usually ask the audience what can I answer so that you leave your happy? Now many of you are so kind, you've written me very long notes about what you wanted me to tell you, which was going to
make you happy. So it's very helpful. It's like
I have my marching orders. You've given me the script. So Keith Weiss from Morgan Stanley, yes, we will talk about product evolution, M and A. Keith Bachman, talks out depths and duration of depressed cash flows. It's not very depressing, but we'll talk about that.
It's not depressed. We're we will go down to the details of our next generation security business explain the financial models around you. They don't get spooked by duration issues. And yes, Brad, No hardware company decides to make a transition like this, but hopefully, we just need to keep growing and not take the transition. Now you do notice that we're displacing your favorite company.
Scaler in many situations. So I was scared today. Back changes the recommendation. Something's gonna happen to the rest of you guys. So for now, I'm happy with Brad where he is.
So is it about 12 plus months? I've been at all over the network, and I know you guys have been asking for us to come about and explain how we're thinking about this company going forward. So hopefully, in the next 75, 80 minutes with me, near Lee and many of my management colleagues, will share our plan for the next 3 years with you in terms of where we want to take this company. Before I go there, I thought what I would do is quickly walk you through what I've learned in the last 12 months. Now, unfortunately, there's going to be no earth shattering, shattering secrets.
And what I'm going to tell you in the first section, but hopefully you'll get a sense that I've been studying this industry for a while. And the problems are obvious, right? This is $140,000,000,000 industry, and we have too many vendors. I've gone to over 300 customers in the last 1 year, the winner so far is 212 cybersecurity vendors deployed at one customer. That's a lot.
What happens is when you have 212 cybersecurity vendors, cyber security only 8% or 10% of your spend, it's way too many vendors for the amount of spend you do on IP compared to the rest of the vendors you have. What that results in is people are requiring too many tools. 1 of these customers, not the 21200 customer, has 9 endpoints deployed. You don't have 9 CRM systems. You don't have 9 in charge systems.
We have 9 endpoints in one financial services organization. We think that model is broken. It's wrong. It cannot be the path of securing that enterprise for the future. If you think what we do in the industry is we give you the tools and say, now, you can write policy against it you can spin up a bunch of alerts and we'll give you all the alerts and you can figure out what to do with them.
So we have tremendous amounts of alerts being generated many of our customers and Lee and Niro talk more about this. On average, a customer can get 175,000 alerts a week. That's a lot of alerts. And then you spent a lot of time and effort manually going through your issues and investigating, which can take anywhere from 4 to 57 days. We have an industry where we have too many vendors, too many tools, too many alerts, and too much manual labor.
We think At the same time, while we're busy complicating the industry, our friends, the adversaries have gotten more and more sophisticated. The days of malicious software, the days of key loggers are gone. Now we're talking about AI based bots, ML based attacks, and people are really addressing your entire enterprise infrastructure, trying to figure out how to get it. So the amount of breaches have actually gone up last year at about 3800 breaches, and most of these breaches or automated facts. So it's kind of an interesting situation in the industry.
We have a situation where people are spending more and more money. On cybersecurity and they're feeling less secure. This is the problem. This problem needs to be fixed. So We believe we need a new paradigm for security.
And much of what we're going to talk about is what that new paradigm is going to be or needs to be. We believe we need to go towards lesser number of vendors. We believe we need to go towards more comprehensive security. We believe this to be more of an automated industry as opposed to an industry that is full of a lot of manual labor. So a lot of what Lee and me are going to talk about is going to be how our products are going
to enable that going forward, and we
will talk specifically about some of the things we're working on, which will be unveiled over the course of next few quarters and years and how we intend to make this happen. At the same time, we are at an inflection point in industry. In my trial over the last 12 months and my time at Google, I have met a customer who's not thinking about going to the cloud. Almost every customer I've met, approximately 300 of them, is in some way, shape, or form on their journey of the cloud. Some of them are evaluating the cloud, some of them are.
Deploy some applications in the cloud, some of them are in a hybrid cloud environments on the going to multiple clouds, but there's not a customer who's not talking about the cloud. Interestingly, we don't believe that cloud security has matured as fast as the cloud platforms have. So the best security you can get some cloud native security offered by an individual platform provider, but you actually don't have comprehensive cloud security that allows you to make that journey to the cloud in a more comfortable and happy fashion. So our belief is as we see this cloud market, go to potentially $1,000,000,000,000 in the next 5 years, there is an opportunity for cloud security to play a relevant role in allowing these customers to make that cloud journey over the next 3 to 5 years. This is a big opportunity.
And the big opportunity we have here make sure we don't make the same mistake we've made in enterprise security, we need to get cloud security rights. We anticipate in cloud security there's an for us to become a platform of choice, and customers not have to deal with the problem of too many tools, too many vendors, too many alerts, and too much manual labor. I won't talk more about that when Liamir come and talk about what we've been doing in the last 12 months for cloud security. But before I walk before I have them come up on stage and talk about the opportunity ahead of us, I want to make sure I give you a sense of what am I doing for the last 12 months? You guys have been all writing all these notes and trying to figure out what we've done as a company.
Let's take a look at where we've come from. Tell me the goal when I came to Palo Alto Networks, we had a phenomenal company, a company that had built an amazing firewall, had a great brand, tremendous months of trust with our customers and over 50,000 customers in the market. Lagged if you don't like to click this in the slide shows up. This looks about all the networks. Zebra, primarily a firewall company.
We've made a few acquisitions and we had done a bunch of projects in the side. But despite the way we had implemented them, we had managed to get 8% of our billings from non attached services outside of our firewall business. The worrying thing was though, I noticed we would acquire companies and decouple them and merge them into our hardware based business. So that's a bad, bad thing if you start taking software businesses to start making them work like hardware businesses. Hardware has a certain QA cycle, has a certain deployment cycle, software as a slightly different cycle.
It's very important for us to make sure we were going to get this right. So we spent the last 12 months focusing. Now I may not know enough about cybersecurity, but having spent many of you know, I spent 10 years at Google. The one thing I did learn at Google is the 1st and foremost you have to get your product strategy right. So for Lee Claresh, our head of product, Nir, our CTO, and many of our product colleagues, has spent many nights sitting with me writing and rerouting product plans, looking at competition, looking at our strategies, looking at whether we are set up to win or not, and literally re architecting many of our products and our strategy to make, or set ourselves up to win.
So we spent hours, their written documents and probably on their 15th iteration where we went through every product category and said, why didn't we make this acquisition? What is the way to win in this category? How am I going to win? Do we have enough resources deployed against it? And once we get the product right, do we have the go to market capability to go make this happen in the market?
It wasn't simple. It wasn't easy, but some results are very exciting. In our firewall business, we had been selling subscriptions, 4 subscriptions against our firewall. And we sat and talked about why cannot the firewall become a platform? Why cannot we take what we have as a firewall?
And instead of having 20 different network appliances and a customer's infrastructure, why can't our firewall become the platform of the future for enterprise security? So as Leannier will talk about, we are going to go from 4 to potentially 10, maybe more subscriptions over time because we believe once our customers trust us to be part of their enterprise infrastructure. We have the ability to go and deploy more and more capability into that infrastructure, and we will talk about our latest acquisition of Singbox. The whole intent is to make that another subscription on our firewall. We believe our customers will deploy that firewall just the way they deploy DNS security, which we launched a few months ago.
So on our firewall side, we have built, we have continued to build the next generation firewall into a faster, better firewall, but really when we went back to the Duanebo, we sat back and said, Nier, if you were starting a company and building firewalls today, if you wanted to, Although some of you believe that firewalls are not going to be interesting. They'll talk about why they're going to continue to be interesting. We sat down and thought, how would you re architect the firewall business and how would you build it going forward? So what you will see as part of our enterprise strategy at Firewall is our expectations of how this market is going to evolve and how do we need to be in the top right of that Magic Quadrant continue to go further in that direction as opposed to, not continuing innovation. Not only that, on our cloud front, We had one acquisition called Evident we'd made 12 months ago.
Over the last 12 months, we've examined the cloud security space very, very carefully, We believe there needs to be a comprehensive multi cloud, multi technology platform available for cloud security. We have made 2 acquisitions in that space with Twistlock and PureSec and we hope to be able to integrate them very swiftly, hopefully before the end of this calendar year and be able to provide the best cloud security platform to our customers. Prisma Cloud, I'm not confusing this with VMs or any other product, has over 1000 customers already. We do not believe there is any cloud security company in the world today, with over 1000 customers securing the public cloud. None.
And we've been able to achieve that over the last 12 months. Not only that, We looked at our products called VPCS, which is effectively driven by access, which is I shouldn't talk about competition just yet. So it's a product with real security that helps you secure cloud native architectures unlike some of the the, stakes in the market, fake is a popular word today's lexicon. So We took Prisma Access. We resourced it.
We moved it to Google Cloud. We onboarded to 100 plus locations and you saw the results. We had the biggest quarter of Prisma Access in Q4. Than Dior had in the company. We have our first, over $10,000,000 deal for Prisma Access where, as we highlighted, we displayed Zscaler So I feel very confident in our ability to keep building Prisma Access as one of the future architecture for securing the call.
On securing the future, we looked hard at the sock industry, and Liam here will talk about it. We weren't comfortable with the way the industry is going. Not comfortable where the solution needs to be that you take all your data, put it in a very large data repository, run a bunch of analytics against him and spin up more alerts. Because alerts give them to the SOC analyst saying that you had 164,000. I've got another 100, really good alerts for you to take a look at.
That's not the right answer. We looked at the market. We acquired Demisto. Demisto has done really well for us. And we believe the future of SOX is going to be more towards automation.
And Lee and me will talk about more about what we're able to do in that space. We also took one of our Crafts acquisition and our Life Fabry and Cyber acquisitions and looked hard at the EDR space. And said where is the endpoint industry going to evolve to? How are we going to win? We launched XDR, 4 months ago.
We've had our 1st full quarter of XDR, I was delighted with the fact that 250 customers have already been acquired by the XDR team. Now this wasn't done without our ability to run not just the product focus, but also a focus in our go to market capability. Over the last, 12 months, we have taken our PRIMA and Cortex teams from 500 people to 15 people. And we did that by hiring new people and acquisitions and effectively redeploying resources from what would have been part of our core business into our new business. Which is what has allowed us to accelerate our Prisma and Cortex growth rate from approximately 70 odd percent to 180 percent, as Kathy highlighted.
I feel very confident that, that is a number or some numbers we can really focus on and drive further. And we'll talk more about where we expect those numbers to go over the next 3 years. So what does it look like today? We've been able to grow our billings from next generation security service to $452,000,000, approximately 13% of our total billings in FY2019. And we feel very, very confident that we have our product portfolio cleared up, and we believe we are actually in the process of delivering and deploying 3 different platforms in the market, one around our firewall, one around our cloud security and one around securing the future where both the firewalls and our cloud security capabilities come together in the song.
We believe our opportunity in the enterprise is to be able to simplify enterprise security, reduce the number of vendors, and that aligns our customers have on vendors. And it's fascinating as Kathy highlighted, one of our very large retail customers we acquired in Q4 has gone to a single vendor solution. A single vendor across all forms of firewalls, firewalls in a data center, virtual firewalls against their cloud instances and Prisma Access against their network security needs. So we are noticing customers re architecting their security as they think about going to the cloud, they're rethinking to the need multiple vendors to secure them across these various form factors, across these various technologies, And many of the smaller ones, of course, I'm going to say that, are making the choice towards consolidating into a single vendor platform. Not only that, on the cloud front, we've had customers after we acquired Twistlock and RedLock who were in evaluation mode have signed multi 1,000,000 multi $1,000,000 multi year deals with us.
It is now the belief that Twistlock and RedLock and PureSec with Palo Alto Networks, are going to keep building and investing these products and continue to grow them further and they're delighted with our vision in terms of how we plan to deliver cloud security to them. We believe we have an opportunity to keep being ahead of the curve of cloud security. And it's funny when we acquired RedLock, RedLock Incorporated and said, we're going to go built container security for you.
That sounds wonderful. I came to New York and
I went to about 10 or 15 customers with financial service and said, look, You're using our Prisma Ground Security. We're going to build a container security 9 months. We don't have time. We're going to take what's out there, the best of breed container security when using it. Situation, our customers want best of breed, but they don't want to wait for an integrated platform to appear and be available across multiple technologies.
So we have been able to take better locks and Twistlock and PureCirc can put them together and offer best of breed across container serverless and public cloud to our customers as a platform. We believe our opportunities stay ahead in that space and deliver comprehensive multi cloud multi platform integrated security solution, for a cloud. Last but not the least and the future, we believe you have the opportunity of taking good data as opposed to all data, taking that and deploying analytics to it, and being able to provide tremendous amounts of automation to allow our customers to be able to secure the future. So I had an option of standing up here in regaling you with my product capability and my product knowledge. But I figured, one of the highlights of today could be for you guys to hear from our founder, who's promised to give you an unfiltered version of what he thinks about the industry.
And how things need to go from there. And then we'll have Lee try and moderate him to make sure he doesn't go off the rails. But before I invite them, And so I do just say, last time we did an Analyst Day, we pointed you to a follow-up network stamp about $19,000,000,000. We delivered all the product investment product capability is developed, we now have the opportunity of addressing close to 70 people in dollar terms in FY 'twenty two. The magic of FY 'twenty two is you will notice, when I come back after we and Nir have talked about our product investments, I'm going to give you guidance for the next years in terms of what we expect our billings to be and what we expect our next generation security capabilities to get to.
Our cash flows and our operating margins. So hold your breath or don't hold your breath. Just hang in there. And with that, let me welcome Lee and Nir, up on stage.
Good afternoon. Good
afternoon.
That's right. Yeah. Well, what's the case here so far? You know, I've, I've been working with Nir for a very, very long time. Almost Yeah.
Yeah. And, I think this is the first time that he and I are actually sharing a stage together. So, That should be fun. So, what we'd like to do is share with you our product strategy, and how we think about things. And we will fit that into the construct that Nikesh has walked through in terms of the 3 pillars securing the enterprise securing the cloud and securing the future.
Now I've been in the security industry for a very long time. I've been without the networks for a very long time, and I can definitively say that I've never been more excited and confident in our ability to deliver these platforms in a very unique, and differentiated way. Now to kick us off, no better first than year to talk about securing the enterprise.
Yeah?
Thank you, Lee.
So let's talk a little bit about securing the enterprises, specifically about network security. I know that some of you would like to believe that the firewall is going away and there's no role for network security in the future. In reality, there are things that have to be done through the network, through network security, and there's just no other place to do them. And So things like looking for command and control connections, things like combining access control, user identity and authorization systems, And most importantly, more than half of the devices that enterprise use today cannot be protected by running something on the device itself has to be protected from the network. Mobile phones, we've locked down operating systems or limited battery life router switches, printers, network attached scanners, and all other kinds of IOTs, like IP phones and things like that, The only way to protect them is through the network because they can't run anything on it.
So network security is here to stay It's always been the core of cybersecurity and will continue to be the core of cybersecurity, but changes have to be made. Because over time, applications have been moving from the corporate data center into the cloud, whether SAS or public cloud, and users have been moving from corporate networks into smaller offices, branch offices that have been moving off the network completely in the form of being mobile users And network security has to follow them. And network security has to follow them wherever they go because again, there are things that network security is the only thing, or there are things that network security has to do, like some cybersecurity functionality, like access control, and and supporting, again, devices that can already be done from the network. The challenge is how you do that. How do you follow the user when they're off the network?
How do you follow the application when it's running in the public cloud? And more importantly, like Nikesh said, customers are asking us to consolidate more and more functionality that they deploy in the network separately from the firewall into the single next generation based platform that we have created And to talk about that and the innovation around it, we'll go back to lead.
So, there's lots of innovation that's going on in NextGen firewall. There's two areas in particular that I want to talk through with all of you today that are of particular importance. The first is, sort of piggyback now from here, we're talking about the importance of form factors. Okay. How do we take all the same capabilities and make sure that they can be deployed everywhere that in line security is needed?
And this is something we started driving several years ago when we expanded from hardware appliance form factors to software form factors with the VM series. Since that time being serious, which turned into the leading virtual NextGen firewall in the market. And then from there, And more recently, we expanded into delivering these capabilities as a service with Prisma Access, which allows us to extend security out to mobile users, branch offices, retail environments, etcetera. Now what's particularly powerful about this, in addition to being able to provide consistent security everywhere, is the ability to have a single control planning to be able to manage this consistently as well. As Mitesh mentioned earlier, one of our very large customer acquisitions in the previous quarter the customer had been with us for a while with hardware in the data center.
And in the quarter, they extended that using DN Series and Prisma Access into a complete solution. And what was particularly exciting and relevant to them was the ability to get that consistent security for system control plane that can't fit anywhere else. Yes. So in hand in hand with this is the ability to use the firewall as a platform for delivering more and more capabilities. If you look, if you think about the enterprise security market, it is actually insane.
The number of different security vendors that customers have to deal with is crazy. We have a running tally of the most number of security vendors that customers deal with when they come to our EPC to hear about what we can do for them. Think the latest record is now up well above 200 different security vendors for a single customer. They have to deal with and manage. Yeah.
We have then from the very beginning, starting to consolidate these through integrating best in class capabilities into our NextGen firewall.
We did this with IPS, we
did this Euro filtering, and we really substantially changed those markets. We took a bit of a hiatus, but we're back. The DNS security launch earlier this year, our 5th subscription for the NextGen firewall, and we intend to extend this more rapidly going forward to be able to integrate what would otherwise be stand alone capabilities, and be able to consolidate those into our firewall as a platform. Importantly, to do that across all form factors as well. Now you saw the the announcement earlier today, Xinbox, for IoT security.
I'll talk about that in a little bit more detail in a second. Just to give you some flavor for, the security services we're looking at, we're also actively working on and building SD WAN as an example. We will be able to integrate across our different form factors in order to be able to, again, both simplify as well as provide better capabilities to our customers, across their network environments. Now to talk about IoT, this is becoming a very much a growing issue within the enterprise.
As you can see from some
of the things here, even fish tanks can be used to break into enterprises and move rapidly, hackers are using IoT devices as both initial insertion points as well as the ability to move louder across networks. Now why is this? IoT devices are have become very ubiquitous across the enterprise. Our estimation, what we've observed in both our own environment as well as others, for every employee, there is about 3 different IoT devices in the typical enterprise. In many cases, IoT devices, they're unpacked, they're unmanaged, We're connected by definition.
That's the security risk. I believe that every single one of our 65,000 customers hasn't a growing IoT security need. And we will be unique in being able to deliver that as an integrated service to our NextGen firewall, obviating the need to deploy yet more hardware in order to get a very relevant and important new security service. Without us, the options are looking at a handful of small vendors and trying to figure out which one to invest in which one you're going to take the operational burden, trying to deploy threat to your network. That's a very powerful, approach that we are able to take by delivering us as an integrated service.
So with that combination of the evolving and expanding form factors, The ability to then deploy multiple and additional security services to those one factors, we see a great opportunity to address the network security cam, as well as an opportunity to replace what today is often outsourced manual labor, with products and automation. You'll see that theme as we talk about the different areas, visibility to leverage automation, to replace out first manual labor is one of the large opportunities we have in consolidating, the products around us. So switching gears from enterprise to the cloud. Okay. Now when we talk about cloud, we're going to talk about 2 distinct aspects of the cloud.
But first, just about every enterprise is on some journey of moving some other applications to the cloud. Okay. Typically it's multi cloud. They're often still keeping the data part of the data center for some of the applications, so it's hybrid. That is one opportunity, very significant opportunity as you saw before.
The second is to leverage the cloud to deliver security to the end users. So those are mobile, branch office, etcetera. So let's start with securing the cloud. Now a concept that all of you have seen probably a million times, but just an important concept is the shared responsibility model. Customers are responsible for the security of everything they deploy in the cloud.
And as we've seen, many of these applications that deploy Our mission critical, have incredibly sensitive data, and they need the best security solution across multi cloud and hybrid cloud.
To put this in context,
the world has moved beyond lift and shift, to large extent and will continue to move toward or cloud native application architectures, which will require a cloud first approach to security. You cannot simply take on prem data center capabilities and simply move them. You have to take a new approach. What you're seeing here is a typical application that has multiple different components, which is very standard. Each of those components often running in a different technology stack.
So how do you secure an application like that, right? So it requires a lot of the same security functions Wherever the application is, but those security functions have to then be applied across all the different technology stacks. So for example, you need to do the vulnerability management, of course, and you need to apply that to VMs. A typical industry answer to
this would be a That's a product.
The problem is you're going to get to that. Every line representing a different product. Now if you're an enterprise looking at that, that's a lot. We are at risk of repeating the sins of the past if we let that happen. I firmly believe that Palo Alto Networks is the only company in a position and with the focus of preventing that from happening.
With Prisma Cloud, our intention and what we are delivering to our customers is the most comprehensive cloud security platform that they can get. Taking these different capabilities, applying them across the different technology stacks, multicloud and even hybrid cloud, to help secure our customer's journey to the cloud. And to be clear, there is a lot that is yet to be done. I anticipate that there are a number of cloud security technologies having been invented yet that we will have to be thinking about. And we will continue to be very decisive and purposeful about building out this platform and continuing to maintain its position as the most comprehensive solution.
Yeah. We talked about the
other kind of cloud and for that. Yeah? Thank you, Lee.
You know, maybe before that, I'm very excited about Prisma Cloud. When we started the company and Lee, Lee's been with me since the beginning, when we started a company, we were going to build a next generation firewall and we had a bunch of very large vendors that we had to go on this place, which we've done, right, we're today by far the largest network security vendor out there, It was a lot of work displacing them. I think that with cloud, with public cloud security and with general, with cloud security, the market is open. There is a need. I don't see any other vendor in a position to do this.
And I think that the numbers that you've seen and the that you will see speak for themselves. Because to do this, you have to first have a firewall because there's no way to secure the cloud without a firewall. You have to look at things that only the firewall can look and there are things that running in the cloud that you need to file because you can't run endpoint security on them. And then on top of that, you need all the and technologies that we've been building and acquiring and integrating over the last few years that I just don't see anyone out there that's even thinking about it. Nevertheless, someone that has the different components that are required in order to go after the cloud security market.
So very excited about that. At least as much as it was excited when we started Palo Alto Networks and went after the enterprise security market. Now once applications start moving to the cloud, which they are, enterprise network architectures and access architectures are changing, And the reason for that, Okay. Yeah. So the reason for that is that traditionally the way users have been accessing enterprise applications which were running in enterprise data centers was through remote access solutions like GlobalProtect.
For example, and through MPLS, ITP and MPLS links, and those links were offering guaranteed bandwidth and guaranteed performance. So there were great ways to access enterprise applications. Once applications start moving to the cloud, whether it's SaaS or public cloud, and once users are moving into smaller offices and to branch offices and, of course, become mobile. It doesn't make sense anymore to run all the traffic through the data center. And then go out to the internet.
You want to have direct internet access from wherever the user is, whether it's in the branch office or whether the user is mobile. Of course, with the tradition of the cybersecurity industry, the way we're doing it or the way the industry is doing it is by offering more and more and more solution, to try to do that, right? So you have NPLS and then you need to satisfy VPNs. And then, some traffic goes that traffic has to go to a CASB proxies and we have of CASB Companies and, and, of course, a favorite topic, the cloud delivered security via proxy. And and maybe a side note here, and if I've I've seen a little bit angry, then then maybe because it is I am, because I feel like like I'm playing a whack a mole game because, about 24 years ago, I had to kill the 1st generation of proxies with stateful inspection, you remember companies like Secure Computing, Anyone here cover them, you probably you're probably responsible for them having a higher market cap than Checkpoint at a time.
I'm not sure where they are today, and companies like Raptor and others. And, of course, proxies always have the issues with proxies. They're slow, they break applications, they break networking, they break network optimization, network routing, and so on, so have to kill them the first time. And then 12 years ago, in 2007, when we started selling our products here, we have to kill the next generation of proxies, the blue coats, and the web sensors of the world which again didn't make any sense. Proxies have never made sense.
They're slow, high latency. They break applications. You can't run everything to them. They break networking and so on. Which we have.
We all know where Blue Cross is today, right, type of part of Broadcom and I'm not sure where our residences. And now, It's it's there's a pool, right, third time, another mall is popping. We have to deliver security from the cloud. How we're going to do it? Guess what?
We're going to do it with a proxy. Why would you do it with a proxy and not with network security? Because it's easy. It's very difficult to become a network security company. It's very difficult to build something that can go into the structure, whether it's physical or virtual, and provide the networking and the security, the packet based security the application level.
So vendors are taking the easy way out, right? Let's put the proxy, so we break application, so we break the network who cares, customers are going to pay for it anyways, and they're trying to use proxies to solve the issue. So first, I think proxy is the wrong way to, to, and I'm not saying, I'm sure proxies are here 6 months ago, I would say we're going to kill the proxy. After what you've seen and what I've seen in the last two quarters, we have killed the proxy, but Again, but I really think that, it's not just the proxy. It's this, it's this mess that the industry is suggesting in order to fix the access challenges that are associated with the move to the cloud.
And of course, there is a much better solution and that better solution is what Prisma Access is about. So Prisma Access takes mobile users and it takes branch offices in a single cloud delivered firewall through firewall based or firewall based solution. It provides access to SAS applications with CASB to public cloud applications, to on premise applications, and and whatever comes next, this platform is going to do. And the reason this platform has been so successful in the last couple of quarters and it's going to continue to be so successful is because when customers see this versus the mess that today is called access, again, a mess driven by the cloud, the choice is very, very clear. This is the way to do it.
And if I look at our position in the market, there are not many firewall vendors out there. There are probably 4 firewall vendors that sell today, The other three vendors are busy trying to figure out why they can't sell hardware against our hardware. I just don't see anyone else. Today in a position to go and capture this huge access to the cloud market. I really like our position, I really like where we are today and I certainly like where we're taking deep into in the future.
Sorry, I'll continue. So now that we've covered
The risks and consequences of getting cyber security wrong in health care can be catastrophic for both the individual and the system. With well over a million employees, this Prisma Access customer is one of the largest employers in the world. To protect this sprawling health care system and its massive amount of patient data in the cloud is a challenge. Displacing Zscaler and beating out Fortinet Palo Alto Networks, along with a strategic partner, was chosen due to our industry leading technology, our consultative approach to security, the wealth of threat data from our global customer base, as well as our proven ability to scale. And with the right cyber security in place, customer is able to take advantage of the latest digital innovations across the health care space and fully focus on the health safety and well-being of their more than 50 million patients.
You imagine trying to access X-ray data through a proxy, they tried, and they have to throw out a huge deployment of the proxy. So Going back to TAM, we think that cloud security in 2020 represents a very large TAM, a very large opportunity. And like I said, I personally just don't see much competition over there. And anyone that has the components to compete against us in cloud security, then if you look at the automation, that's needed in order to drive that security automation that today is done by people, and we do that with software and analytics, the opportunity becomes even larger, okay? Now that we cover the first two pillars, let's move to security future.
So let me catch that, Both enterprise security and cloud security are here to stay with us for a long time. And we have to do both, and we have to be good at both, and we are going to be continuing doing both and be the market leaders in both. At some point, these 2 converge in the security operation system. Because the security operation system needs to run both enterprise security and cloud security, and it all comes to one place. And there are big issues in the security operations today that just aren't that basically make the security partners that are not prepared for the future.
And we've decided couple of years ago to go and fix that, to prepare the security operation center for the future. So let's first talk about what's not working in the security operation center. Most security version centers are based around a technology called SCIM, SIEM Security incident and event management. By the way, I was nothing to do with incident and event management, but whatever. We'll call them that, but basically collect as much log as they can from network devices and endpoints and applications and servers and wherever they can get, logs from.
And then they have a bunch of static rules and or manual labor looking at this data and guess what they do. They generate alerts based on the data. Now of course, the data that's coming in order to include because if the firewall or the IPS or whatever found something bad or something bad was bad was found in the public cloud and so on, On top of the alerts that the SIM collects and displays the user, the SIM has rules, we call them correlation rules that generate even more alerts, Something have some filtering mechanism to filter out alerts. Usually, they filter out alerts that needed, gone as target, why they had the malware that told them about the breach and only looked at it 9 months later. And then all of that leads to reactive investigation.
And what the industry is trying to do to fix that, because ask any customer. They'll tell you that the SIM is broken. Right now, the solution for the SIM is broken is we're going to switch to another broken SIM with the hope that that the other broken SIM is going to be better and it's not. And the more advanced companies in the industry have figured out that something has to be done. And what has to be done is you have to collect much more meaningful data from the network or from endpoints and so on and provide much more meaningful processing using machines of that data, right?
So the same doesn't work. So why don't we create a new industry called EDR? We're going to ask customers to put yet another agent on the endpoint. We're going to collect a lot data from the endpoint. We're going to process the data with whatever machine learning, static rules.
Maybe we put some people on it, We're going to find that thing, generate even more alerts because there aren't enough alerts already, and maybe sometimes we're going to respond back to the endpoint. Now that's not enough. We have to do the same thing with the network. So there's a whole industry called NTM network traffic analysis that's doing that on the network, fencing the collect deep data from the network using separate sensors into another data lake, process that with rules and whatever and machine learning and then maybe respond back. Usually, they generate just more orders.
And the same thing happens for IoT, and the same thing happens for public cloud. And the same thing happens for SaaS, and I'm sure that with every new challenge, the industry is going to generate it, another vertical that's going to collect it, another separate set of data, and all of that because the SIM doesn't do anything. Okay? We think that this doesn't make sense. Like, specifically, EDR doesn't make sense.
Like, why would you limit yourself to collecting data only from the endpoint? Process data just from the endpoint and respond back back to the endpoint. We think there has to be something much better than that, and that's what Cortex is about, okay? Now maybe before that, this is a survey that the MistO company we acquired, this late last year, before we acquired them, You've heard it before, an average enterprise has to do with $174,000 per week. Usually, they have the capacity to handle maybe 12,000 even that gives them a few seconds for each alert.
It doesn't make sense. That leads to at least 4 days of investigating the alerts that they figure out that they need to investigate and some alerts that just don't touch are the real alerts that they need to handle. And we have to fix that and that's what Cortex the R is about. And to do that, I don't have my product guy, I tell you how it works.
So we think about securing the future. We're really talking about, collecting good data, applying analytics against it, leveraging as much automation as we can, because manual work can be error prone. Obviously, it takes too much time, etcetera. But ultimately, we're trying to get to a proactive outcome. Trying to get away from the reactive.
Something bad has happened. Let me figure out how bad it was and when it happened and things like that to proactive. How do we actually prevent the bad things from happening? So using that as a framework, it all starts with good data. There's a massive amount of money that is being spent on collecting logs and alerts, but not on collecting good data.
You have to collect good data in order to drive good analytics, AI, machine learning, and things like that. Yeah. To get the good data, we, of course, started with the best courses we know. Our next gen firewalls, Traps on the endpoints, our cloud services, We know because we can control those as sources, the kind of data, the rich deep data we can get in order to drive analytics. So that is where we started.
But now we are starting to extend that out to 3rd party sources as well. The starting point for that will be other network security devices. We're going to start with checkpoint and probably on the Cisco and other things like that because, again, in the enterprise, there's still a bit of a mess of lots of different things. And so while we try to move everyone to a better state, we can help by at least taking in that data correlating, etcetera. So we are starting to now pull in 3rd party data to augment our data sources to be able to drive good analytics.
So what does good analytics look like? Well, good analytics, 1st and foremost, should be capable of detecting attacks that otherwise can't be Hortex XGR does that for sure. In addition to that though, analytics is very powerful in being able to reduce the amount of noise and alerts that enterprises have to deal with. We have seen in certain environments up to 50 x reduction of alerts by being able to just simply group them into incidents to be able to then investigate incidents as opposed to lots of alerts. We've also then seen the ability to reduce the amount of time significantly and how long it takes to investigate, in instance.
By pre stitching data together, and showing the full view to the analyst, it is much, much more powerful and easy for them to go through the investigation, get to conclusion, and ultimately, provide automation. Our aspiration here is to get orders of magnitude improvement, even from this, which, by the way, to the sock, This is a massive improvement for the other LiDAR, and we're going to keep focusing on driving these better outcomes. Now good data to good analytics, ultimately, to really good automation. Automation is where we can, take a lot of the noise out of the system and really lead the soft counts with just what they need to
be able to, you have to focus on.
And again, you can see the level of alert reduction by simply automating the investigation response so that humans don't have to do the work. Improving the the meantime to respond, in some environments, well north of 90% improvement and how long it takes to respond to incidents. That is massive benefit to an enterprise, to the sock. And going forward, we have a view that we can even make this automation predictive in nature that based on everything that we see across growing ecosystem, we can build a network effect as we've done in many other areas so that we actually will be able to tell customers This is what you should do in order to achieve these outcomes. The security industry's cyber security industry needs to get more opinionated about how to achieve the right outcomes as opposed to simply providing tools and let customers kind of do what they want with them.
Automation is a key area for this. Lastly, to bring this together, we are ultimately trying to get to a proactive response, footprint where Again, instead of reactive, we're proactive. This is why Traps on the endpoint is so important to have vortex functions. Not only does it provide really rich deep data in order to drive analytics and other things like that, but it can actually prevent attacks from happening in the first place. Every attack that is prevented up front means fewer and fewer alerts that even have to be analyzed on the back end.
Additionally, this is the footprint that allows us to, when we do finish, when customer does finish the investigation, we can actually then automate the response back to an enforcement point to take action. It would prevent on the front end, provide rich data, and then ultimately prevent on the back end as well. We can automate that entire sequence. So if we bring this together, each one of these components is in itself best in class. But importantly, integrated together to form the foundation of a platform that can solve a lot of the challenges that Nir talked about.
That the stock currently deals with and are growing. So let's hear from one of our customers, as they talk about their adoption of cortex and what it meant to them.
We were given a security initiative by the Phillips to be a unified voice for securities or open state. That really forced us into looking at a much wider scale. Now we had to be responsible for security for higher ed, for KFO, for all the political subdivisions. And cities and county government. Prior to that, we were very much focused in security 4th government.
So when court texts came on board, we were able to bring those other entities under that umbrella and see a unified view of all security. As a small entity, we are encountering security professionals. Security professionals are very expensive and hard to find. And we have taken on a lot more role for security. We desperately needed to do automation and to have a tool that's entered through all the noise for us.
So far what we're seeing with Corte sistering exactly that. We're seeing the noise that there's performing where it seems that it's going away. We're getting an important alert that we haven't seen previously. We did not have a formal stock, so we are engaged in a build to stock process. As part of that, we are using Cortex as a foundational piece We're also bringing in other pieces such as missiles to tie those pieces together and accomplish the automation pieces we need.
That to reduce the staffing that we would normally not need for a sock, and we can supplement that with Cortez.
Oh, it's cool and
you can secure a state. And of course, all this adds up to a large and growing camp. The combination of endpoint protection, analytics, automation, and maybe most obvious in this case, the ability to then reduce the manual outsourcing and pull that into product automation analytics as well is a substantial opportunity we see as well. And for that, with that, I'd like to invite Nikesh back up and talk about
Well, thank you, Leonir. So as I mentioned, we spent a lot of time making sure we get our product strategy, right? And Leonir have highlighted where we plan to go. I hope you didn't miss the fact that Lee's committed publicly to deploying a lot of subscriptions or firewalls and potentially applying against the event across every form factor. I'm just trying to make sure he hears me to save it to you so that I can make sure I can hold him good.
And we also talked about ingesting 3rd party data into Cortex, which is an extension of our vision of our application framework, from the past. But product is just part of our solution. Once you get product right, you've got to make sure you have the execution capability to put the product out in the market. And as an analyzed, enterprise company, it's very interesting. There is very few very large enterprise companies and many small enterprise companies.
And it's interesting if you look at them, there's a distribution engine that needs to be created to commensurate with your cost product capacity. Companies get started. They get into a very good state with 1 set of products. And then either you have to keep innovating and adding more product to the portfolio of the salespeople, or you have to acquire product and be able to ingest it in a way that your salespeople didn't sell it. There's only one way to double revenue, either double the number of salespeople and make sure there's enough capacity in the market, or make sure you double the amount of products that a salesperson can sell and is able to sell.
To be able to do that. Our intent is to do a little bit of belt. And what I want to highlight is in addition to product capability, we've also been working on our execution capability and making sure we have the go to market. As Lee and I just highlighted, and I ended my last session with saying we can address a $70,000,000,000 market. This is how that market breaks out.
We think there's a $27,000,000,000 opportunity in network. Approximately $8,000,000,000 in cloud, $13,000,000,000 in software endpoint protection and about $25,000,000,000. In the automation, which needs to be deployed across all of those categories. It's a slightly different view than you will see in the industry. Industry still believes there's going to be a very large services market.
We on the contrary believe that the services market is important for the architectural pieces to get cyber security, right? But if you need a lot of people to be able to manage security for large enterprises in the long term. That is not going to give you the automation and the right outcome, and it's going to require way too much time while the adversaries are working on automating their ability to attack you and get to your precious data. So as you see, we have 65,000 customers we have an amazing brand which people trust. Just to highlight, one of the first subscriptions we launched early this year, we've been able to deploy to over 500 customers in a very short period of time.
So our sales teams know how the moment when we deploy scriptions, they're able to add it to our firewall capability and get deployed to the market. As Lee talked about the IIT capability, we want to make that available to everyone of our enterprise firewall customers. And one of you asked me, why wouldn't you go acquire a more complex IoT company? There are some larger companies in the IP space it's all complex use cases. I understand why as a startup, you would go after a complex use case because that's probably where the large deals are.
But the enterprise ID is the need for every customer. Our salespeople know how to sell it. We know how to adapt this to our firewall and our aspiration is that for every that we deploy, we should be able to get to thousands of customers, if not tens of 1000 of customers in a 2 p 3 year time frame, which allows us keep expanding both Span and our revenue in a leverageable way, with our customer base. And if you look at our current capabilities, we have 4000 partners. We operate across 150 countries and we have 3000 people out in the field.
Which makes us the largest pure play cybersecurity sales team out of the field. We want to turn that into a large distribution capability We also believe that we have built the best execution team in cybersecurity. I know many of you are opening our notes about the management turnover call it an hour. No, part of network has built a phenomenal company, which is firewall centric, and we had done some stuff in the cloud and some stuff in the sock. Is very important as we go through this transition of building a multi product, multi platform cybersecurity business that our management team represents our capabilities which are required to be able to sell multiple platforms in the market.
And what we have done over time is we've made sure that we're managing the transition and updating our skillset for our team to make sure that we can actually go sell cloud, it can go sell automation, it can go sell AI ML, it can go sell fiber. I joined Google, when there were 450 people in Google, Europe. We took that team from 450 people to 5000. And we've quadrupled revenue in 5 years when that was there. I left Google.
Google is not its 4th generation of management today, and They're far surpassed the quintupling of revenue from the early days. There were 100,000 employees. So as we go through evolution, you have to make sure you bring your management team to lock that And we're very comfortable that the transitions we're doing on the management front are a continuation of our desire to build the best execution rest assured, mostly management turnover you're seeing. They're all managed transitions. They're all towards the purpose of building this multi capability cyber security sales team.
And, you can see that we did our 1st $1,000,000,000 billings quarter in Q4, while we were going through these transitions, which tells you that we have a very strong field sales force and they're all on board with our desire in addition to build the best cybersecurity player in in the world. Let's see who language news experience. There we go. In the last year, we've hired over 2005 security professionals. We have expanded our hiring limit.
We now hire from 19 cloud next generation companies as opposed to purely enterprise hardware businesses, which have been a lot of our core sales team in the past. And we've built technology, which allows us to cross train our teams in cloud and in automation techniques, this allowed us to train 3000 people in a week to be able to sell cloud. Why this is interesting is This is an important slide. This is what we anticipate in terms of how we are going to take this and build this into larger enterprise security business. The way we do it is we ingest our innovate and build technology.
We put them in speedboats. We have a speedboat for cloud.
We have a speedboat for automation.
We also start training our core sales team out in the field. And this gives you a sense of what proportion of our field status for is able to sell our various products. So we've taken Prisma Access and 60% of our sales teams out in the field is now able to sell Prisma Access. This gives us huge amplification of leverage Prisma Cloud is closing in on 30, 35 percent of our sales force. And by the end of the year, we will have integrated Twistlock and Pure allowing it to be powered Prisma Cloud Platform, which you will integrate seamlessly both from a contractual and from a usage perspective.
So every because my cloud customer will automatically have container and serverless capability. And we believe that leverage is going to allow us to address 40% of our customer base. Our plan is to get our speedboat teams to be able to sell to 90% of our entire through 90% of our core sales was to our customer base allowing us to leverage and the distribution we need to become the biggest player, both in cloud as well as automation and cloud. No other player in our space has more 3000 people in the field out there selling. Not just that.
We want to make sure we do this while we continue to delight our customers. So we have been able to maintain the leadership position and customer happen in some customer success out of the market. Knowing that, we are not going to rest on our laurels. We had just announced to our field team introducing an industry for security incident and assurance service, whereby if any of our customers unfortunately is in a breach situation or any customer in the industry, we're going to be there available until they breach as a result irrespective of other what proportion of the products about auto So we continue to want to be at the forefront of customer success and customer happiness in our ability to execute. With that, I know, yes, there's been another conversation about the channel.
I think there was one meeting we had with the channel advisory board I think every analyst has feedback on. And I think Fatima even said that we've been tweaking our channel model which is causing consternation. This is just to give you comfort that 99% of our business still comes from the channel. And as you can see in Q3 and Q4, because we revamped our channel programs, to create more capability, training and incentive for our channel. The channel sourced business that we're doing has never been greater than we've had in the last quarters follow-up network.
So any noise around the fact that channel and us are not together in this journey to building below cybersecurity business is just noise. We believe the true signal is shown in the results that actually allowing us to amplify our capability and we're really excited about our new acquisitions and the direction we're taking for the various platforms. Alright. This is all full play. Sorry.
It's taking us so long to get here, but until we give you context, it's very hard for us to take you to what you're here for. So with that, as you know, we've had a long history of success. We have increased market share network security despite popular belief that we're not being going to able to grow our security business at twice the rate of the industry. But team and I spent a lot of time over the last 3 or 4 months looking at do we need to go through a financial model transition at Palo Alto Networks? And I've read many of your notes about the 2 ds, depression of cash flows, duration, what is Palo Alto going to do?
Is it the ARR versus the term license or perpetual license? We tested the market, we talk to many of our customers, we talk to many of the companies going through a transition. And We're not going through any major financial transition, this FYI. Our customers like the way we sell our products to them, our salespeople understand how to sell products to themselves, We are going to be selling firewalls. We've been selling them so far.
We are not going to go to any term license model. We're going to stick with the perpetual license model. And some of our software phone factors that sell and replace firewalls are going to be sold like, firewalls sold. So based on all the analysis, whilst we will be building this capability
to sell our next generation security,
We feel very comfortable that we will be able to maintain a 20% billings growth rate over the next 3 years, as well as a 20% revenue growth rate over the next 3 years. I've had the privilege over the last 3 weeks of looking at every one of your models. I've read almost every one of your notes. And I can safely say that this 20% guidance is above the average of most of the models out there in the street, both in revenue and billings. But we stand behind the commitment.
I'll believe you can go out billings and guarantee at roughly 20% growth going forward. An important part I'd like to highlight. One of the shifts we're seeing, because I'm sure you guys, pay attention to product revenues, we call them. We are seeing a shift where we're replacing our competitors, firewalls, boxes, with software form factors with Prisma Access. So what we've done is we've taken our VMs, our Prisma Access Sales and our firewall sales, and said, what would it look like if we considered them all as an upfront sale and how would our revenues or how would our billings look like in the firewall category?
This is a combination of VMs with my access and Firewall. We feel very comfortable that we will be able to go firewall as a category billings by 23% over the next. 2 years, which we believe is still 2.5 times industry growth rate, which will be our firewalls are sold. And we think about that. I will share point out the fact that because we anticipate a large proportion of future Firewall sales to be in the software form factor, there will be a revenue recognition mix shift, which will come through but we still believe the category will do at 23% over the next 3 years.
Talking about the partnership, really excited about We're really excited about our next generation security billings. We were able to achieve $452,000,000 in billings in Prisma in Cortix, so what we call next generation security. We're guiding to $800,000,000 to $810,000,000 of billings for FY20, and we believe we will get to $1,750,000,000 by FY22. Resulting in a revenue of approximately over $1,000,000,000 from next generation security revenue by FY22. This is the part, it
takes some spending to drive that past revenue
growth. So FY 2020, FY2019, we've been able to manage the acceleration of our Prisma and Cortex revenues, by being able to reallocate from our core business. We believe that we need to invest between $100,000,000 to $125,000,000 next year to keep driving that revenue growth at the pace we're committing to. But we believe thereafter, we will be able to keep getting margin leverage by 150 basis points in 20212022, and we believe the long term operating margin for our business should be 20.5%. I know you've been discussing cash flow.
A lot about it. We feel comfortable despite these investments, despite the shift towards more services like software based services in Prisma Access And DMs as well as Cortex, we believe we will safely be able to generate $4,000,000,000 of free cash flow over the next 3 years, guiding to a long term free cash flow margin of 30%. And before I talk about how we think about this, I thought it would be important also to tell you how we intend to use the cash. What we've done on M And A as you've seen, there was a fear when I came 12 months ago guy comes from Google, he's going to spend a lot of money and buy a lot of big stuff. Let me highlight the key tenets of my M and A philosophy.
First and foremost, I prefer avoiding overlapping products. Overlapping products are dangerous. We have products in most categories, I'm not interested in buying another endpoint company. I'm not interested in buying another firewall company because that requires an end to maintain 2 code basis, 2 sets of customers, and is no leverage for me. It's much more interesting for us to create innovation in the category and displace those competitors as opposed to acquire them.
And just create scale. We believe we have scaled most of our categories since we don't need to acquire customers and overlapping product categories. We prefer targeting Blue oceans. We like areas where there's not enough people. We like areas where we can ingest technology and deploy it to our log distribution base as opposed to go in, participate in red oceans where there's a lot of blood and not enough profitability.
You see technology that will integrate across our platforms. If you look, we acquired RedLock, we're merging RedLock and Twistlock into a common platform. We acquired PureSec, which is serverless to be integrated as well. We're acquiring IoT, which will be integrated into our firewall capabilities. We acquired Demisto, which is being integrated into porting.
So we prefer acquiring technology, we believe, fill an important gap and also provide leverage to our go to market engine because if you're acquired to static products, then you have to go train your sales forces on different, go to market capabilities and different USPs for our customers. We prefer acquiring product excellence versus revenue. Because I have to pay a large multiple for revenue, I'd rather not, I'd rather acquire somebody who's built a great product and who has good early customers exhibiting product market fit, every one of our companies that we've acquired, and I will talk about this slide in a second. And last but not the least, we focus on large dams. We're not interested in small times, unless they can be subscriptions, which can be added to our firewalls, which allows us to consolidate the enterprise platform.
So with that strategy in mind, Our approach is in the 1st 9 months, we forced our teams to write integrated product plans. In fact, ZingBot and us have already started talking about what the product integration could look like. Because our 1st and foremost intent was to make sure that integration is done ASAP. We see as soon as we acquire These good technology test for breed companies were able to improve their business plan by approximately 40%, which is what we've been able to do with Demisto Puresec, Twistlock, RedLock and many for acquisitions. And we let their teams run their plays in the market with go to market support from our speedboats.
During months 9 24, we start introducing them through our speedboats to our co business, allowing us to get more leverage and more scale across their acquisitions, and we target doubling their plans. Because of that, past 24 months, they become multiple accretive to us as a business. That's their M and A philosophy. That should give you a good sense of how we intend to use some of that cash flow. And as Lee and Nate have talked about, we are going to constantly make build versus buy so we can deliver best of breed to our customers.
And if you believe that we're not going to get that fast enough, you'll make acquisitions, but the acquisition will be guided by the philosophy I just laid out in terms of smart product teams. And what is delightful is, Neil, I was just sitting early and trying to count of all the acquisitions, we have over 12 founders working in our company and our product organization from 12 months ago, and they're all committed to be here over the next 2 to 3 years. As part of Palo Alto Networks. They make that a condition of acquisition, so they're supposed to stay there. And we actually let them run their products because we believe the fact that they're able to go out against all odds and build a great product and build a great business, it is incumbent and imperatives that we left them on that product for us at Palo Alto Networks.
And I was going to create the right circumstances of that capability for them to make that happen. So that's outlined in M And A. So I thought what I would do is I would do what You guys would do and see how do we compare against the industry. We believe we are already the largest cybersecurity company, and we're growing faster than anybody else in our space. But this is only half interesting.
I find this even more interesting. You take Prisma on Cortex, which are our next generation security business. In the last 12 months, we grew our billings by 89%. In the next 12 months, we're forecasting forecasting a 78% growth, which we believe makes us the largest next generation security. Company compared to all the people out there who enjoy robust valuation.
I will use the word robust. If you look at our forecast with FY22, we believe we'll be almost twice as big as any next generation security company in our Prisma and Cortez category, whilst we're able to maintain our firewall business generated in the future months of cash flow. So I like to call this the ServiceNow slide, right? Also reviewed many analysts day presentations. And ServiceNow was kind enough to build this slide And I understand this is where analysts geek out, where something called the rule of 40 you had your cash, free cash for margins and revenue growth.
And for some interesting reason, over 40 is good until the 40 is bad. Those are all in the service. I left us out of the slide. It's probably we're not we're the old funding that you firewall company. We're not the next generation company, but we decided to make our own versions license, we feel happy.
Let me look at this. And we're delighted to see that, We ranked second from the left based on our last 12 month performance, and we hope to stay far above that median of 38% over the next 3 years. With that, this is what we expect from our company in FY 2022. We expect a 20% CAGR for total billings and total revenue over the next period. We expect to get to $6,000,000,000 in total billings $5,000,000,000 in total revenue by FY 'twenty 2.
Please. Expect that $1,750,000,000 of that total billings will come from our next generation security services and approximately $1,000,000,000 of that will be revenue in FY 'twenty two. We expect to get back to our current operating margins by FY22, the long term target of 25%. Expect to generate $4,000,000,000 of free cash flow by FY22. So from here, simple amount of execution.
With that, let me call by Frank Kathy, who can give you more specific guidance for FY 'twenty and for Q1.
Okay. Thank you. Akash? Alright. So that's a lot.
Talked a lot about fiscal 22 and about what we see in, coming years. Let me just put a finer point on what we expect for fiscal 20. So am I moving these fives or somebody else? Okay. Since it's a lot of data and information on the screen and these slides will be made available to you, I'm going to focus primarily on talking about the year over year growth rates.
We will make these slides available to you following the call. So for fiscal Q1 fy2020, we expect billings growth to be between 15% to 17% year over year. We expect revenue growth of to be in the range of $1.02 to $1.04, which incorporates net expenses related to acquisitions including the XingBox proposed acquisition, which we've just announced. For the full year of fiscal 2020, We expect billings to increase between 17% to 19% year over year, and we expect revenue growth to be in the range of 19 to 20% year over year. As Nikesh mentioned, next gen security billings growth is expected to be in fiscal 2020 non GAAP EPS to be in the range of $5 to $5.10, which also includes net expenses related to our recent acquisitions.
And finally turning to free cash flow. We expect adjusted free cash flow margin of approximately 30% for fiscal 2020. In this slide presentation, you'll also find some additional modeling points related to CapEx, estimates, share count, tax rate, the impact of M and A on EPS. I'm not going to read them to you, but once again, we'll make that available to you. So finally, we've summarized our fiscal 2022 guidance for you as well on the screen.
Nikesh already covered this, but hopefully the format for fiscal 2020 2 will be easy for you to digest. And I don't think it's on the screen, so perhaps
yeah.
Perhaps I should move it since I'm holding the clicker in my hand. Sorry. So while we are investing to capture significant market opportunity, and we do see a gradual shift in durations We expect it to be gradual associated with changing mix of our products towards more cloud and fast delivered products. As Nikesh mentioned, we're not anticipating a big bang event. And so for the years beyond fiscal 2022, We're targeting our operating margins to be above 25% and free cash flow margins at least 30% or greater.
So that, hopefully, will put some of your minds at ease. That concludes our prepared remarks. And now we'll Turn off the lights, we'd be happy to address any of your questions.
Hey, guys. Happy yet or come on. Give me give it a round of applause. Stop crowd.
Okay. We have people running mice, so I'd be some questions.
Please state your name and your firm before you state your question, please.
Thank you. This is Jonathan Harlow from William Blair. One of the questions I had is regarding the next generation growth, can you unpack for a little bit of the components that you see from that NextGen side? And maybe how much that ties
to the investments that you're making? Thanks. Yeah. Look, We're not going to break down the individual components just yet. But, in terms of the investment, We, as I mentioned, we've moved a thousand people through acquisitions or through organic hiring and taken our Prisma and Cortex of Next Generation security team.
It's about 1500 people, out of 7000 people. We highlighted we ended FY19 with. We anticipate adding more people into those categories, both for R And D and for sales. We feel reasonably comfortable that our core team is robust in the size, so we'll be making small additions to our quoting, but mostly refocusing some of our newer hires into Prisma and Cortex. Some of that spending is also a full year impact of what we already invested.
Going into Q3 and Q4 of this year. So some of it is a follow on from Q3 and Q4 investment, which we were able to manage. With our budgets this year, but some of it is incremental higher for Prisma and Cortex. In terms of across the board, I can give you color that, Prisma cloud is doing phenomenally well for us. It's really we need to be out there in front of our customers a lot more.
There's over 2030,000 people selling public cloud between AWS, Azure, GCP and Alibaba. There's probably a few 100 cloud security salespeople in the world. So when we show up in customers and we churn them a demo and say, look, this is what you're not doing. You're, oh, shit, yeah, I got to go cover my security needs. And when I write applications, they're just not on security itself.
We're seeing really good traction in Prisma Cloud. I think Nier made it abundantly clear how excited we are about Prisma Access and how Broad Creek style securing cloud native architectures is not a good idea. So Fisma Access is a huge focus. Demisto has done well post acquisition. It has followed the M and A slide I showed you.
In terms of our SX expertise, but being to double their business plan, from where they are. So an XDR for us has done really well because we got 250 customers in quarter of operation, and we continue to see more and more with the addition of 3rd party data ingestion. And the way we think about ingestion, just to clarify, Lisa, It is tone ingest data. You'd make sure analytics engine can ingest that data and provide analytics and suppress that alerts and give you a good signal and do data stitching. So our ingestion philosophy.
It's more a philosophy which works on building analytics around data and then ingesting data into data. So mean across the board, we anticipate robust growth. That's what we're comfortable guiding to an $800,000,000 to $810,000,000 number.
Lana Hands going up. Okay, Amber.
Hi, Ken Talanian Evercore ISI. I look at that $6,000,000,000 billings number,
how much of that
is from your existing product set? And what are your assumptions around current acquisitions going into that and then maybe some of the future acquisition assumptions that, build up to that.
Look, as Lee mentioned that we believe many of the cloud security products are not fully built in the market from a maturity perspective, you look at serverless, serverless, we think it's 50% built. We bought PureSec. They have a product road map, which is a robust product road map in front of them for 6 to 9 months. So we believe there will be interesting cloud security based acquisitions we might have
to do in the future, which will fall on
the M and A philosophy be highlighted. So some of those bolt on technologies haven't been developed, I anticipated in our desire to build the cloud platforms in the future, but there's no major plugged in that number for us to go out and acquire revenue to reach that $6,000,000,000. If you feel we should be able to get there with the majority of the products we have in place with small, bolt on acquisitions as we see the industry while the product market
Thank you. Shaul Eyal with Oppenheimer. Nikesh, you have put many concerns for us over the course of the past hours. So one question I had
in mind is You
should have one for god. Everything before the butt is good to be.
Yeah. As we think about your target setting towards fiscal 22 and above, have you taken into consideration any changes with respect to channel compensation, partners, anything with a go to market, or pretty much from our perspective, we should be thinking about it mostly at a status quo going further?
There are no major, as I'm in there in changing any channel behavior in the process. We are seeing more activity in the channel by telcos and by FIs, like the Accenture's in the Deloitte's of the World or AT and T's of the World or Telefonica's of the World, are becoming more active in cybersecurity. If you look at most of the landscape, every telco, every consulting organization is building very large cybersecurity pack. Because they're trying to acknowledge the bureaucrats and building job practices. So if you go, this is the biggest facet of going segment in the SI and SP space.
Yes, we anticipate they will have a bigger role to play in how we are able to deploy some of our products in the future, but to us, that's just evolution of channels. If they end up doing more business, bring us to customers. We'll be there with them just the way we are with the updates and regulatory uses today.
Thanks, Saket Kalia from Barclays. Because you talked about no transition to a term license model, for example, for the firewall business, which was, which was good to hear. But you also even suggested that maybe some cloud products could be priced similarly to the firewall.
I think we mentioned that quickly.
Could you just give some examples of that and when that could actually start to happen?
So what I was saying, but thank you first for answering the question. I want to make sure I clarify. Sometimes our sales teams bundle our annual products into 3 year deals and sell them like they would sell an upfront cash payment allows us to get the cash flow just the way we get the cash flow, for our firewall products. And roughly 3 years is roughly the term for hardware business in terms of contract durations. So that's what I'm saying is that some of the cloud deals end up being clear deals instead of annual deals, so we still get the benefit of the cash flow.
Which is why Kathy alluded to the fact that we're not anticipating large duration declines over the next 3 years. We believe, am subject yet, but gonna say it. We believe that the duration declines will be approximately 10% over the next 3 years. And hence, we believe we are able to deliver, we will be able to deliver the $4,000,000,000 of cash flow over the next 3 years.
Hi, it's Kasku Jockey from Guggenheim. Kathy, if I'm doing my math, why we believe the links guide for next year and your billings guide for the next generation of products. If I back that up, it looks like regarding to the core business going at about 8%, the the follow-up business, which is a big step down from the 24% part of growth we have this year. Is that the right way to think about part
of growth next year in the high price?
Yes, I think it's a little bit higher than that, but yes, that's close the reason that we're the reason that we're looking at this firewall technology as a group is because we're very excited about what we're seeing from our customers in terms of demand for both Prisma Access and our VM series. And so that security category, which Nikesh showed up on the slide earlier, we are expecting to continue to grow at very rapid rates. Now, you know, the mix may change a little bit in between there, but I think our forecast still holds regardless. And the firewall security itself, that in line security, that network security is still a very important component for all of our customers, but we've been great demand and great excitement about what Prisma Access can do by delivering that security in a cloud form factor, really security at the service. And so we're very jazzed about our possibilities going forward.
In terms of being able to win deals that would have normally been won with firewalls, hardware with that particular product. And we think that we're the only competitor that can really offer these various form factors to our customers. And so we see a really terrific opportunity.
Just to elaborate on that for a second. You saw 2 examples. 1, Lee alluded to a very large retailer, and we had a video from another. In both cases, we were competing with firewall box. And we went in with Prisma Access with a differentiated strategy.
These were very large deals. As I've mentioned, one of them was over $10,000,000. We have almost closed, but in both cases, we were able to displace the hardware form factor for competitors because the competitors did not have a software form factor. The good news is the software form factor deployment is brief. If you try and deploy a box in two thousand locations in a retailer, it takes them an 8.5 to 2 years.
The software, we can get there in 3 to 5 months. So part of what we're trying to do is we're trying to actually force that shift towards the software form factor because Mir mentioned, we don't believe our competition has the capability to deliver the solution via a software form factor, which allows us both to be differentiated reduce speed of deployment allows it to run across 100 onboarding points from, for our customers. So that's part of the the assumption, which you rightfully captured, we're actually trying to engineer that bigger shift in trying to drive our business more towards the softer form factor.
One more follow-up, Cathy. On the long term target, comparing what you gave us last time in 2017, we had free cash flow margins long term below operating margins. This time, you reverse that your operating margins long term are actually lower than your free cash flow margin targets. What is driving that reversal? Is it just more recurring revenues?
Yeah. Can I just clarify when we're talking about long term? And I'm glad you asked this so I can get it out there for everyone to hear. We're talking 4 to 5 years. Right?
And the previous guidance that we had given, our long term was much, much further out when we're sort of growing at the rate of the market is the way we described it. And at that point in time, we assumed that we'd be a much greater cash taxpayer. And so that was the reason for the lower free cash flow margin. But we're talking right now, long term for us is about 4 to 5 years out. Okay?
And I said 425, not 45. I need to be very
Yeah. Somebody go to Mike. This question is this side. David behind you.
And I saw a woman with her hand up. I want her to get a question, Fatima. Just don't ask us a hard one.
I'll go look you on it. That's a T Mobile 1 from UBS. Just a quick point of clarification on the mix shift dynamics you're seeing in the core firewall business. Is that a displacement dynamic, or are you seeing the mix within the refresh of your own installed base? It's more
of a displacement dynamic. I'll give you a big use case, but there are similar use cases in many places where whether it's a retailer, whether it's a multi branch situation or multiple mobile user situation. We have customers with 100,000 employees or more who want to go to a business access type solution for the mobile users. So it's more mostly a displaced, sorry, mostly a displacement of competition, dynamic than it is a refresh of our data center firewall business.
Understood. So my real question
is I knew where you were going over. I spent 3 months pouring over every one of these shoppers guess. I know exactly where you're going. Please go.
You talked a lot about automation in each one of the pillars of your corporate strategy. And so if I think about your top 25 or your 25th largest customer spending close to $40,000,000 per annum with you mean, how should we think about that with the automation opportunity and the fact that you expect to double the size of your business in the next? 4 to 5 years? I mean, what are some of the dynamics there if you're 26th largest customers already spending $40,000,000 with you?
So, let me use Cortex XBR as a use case. Right? We have thousands of customers who deploy Traps. The version of Traps 4 months ago was not collecting data sending to central data lake, allowing us to do insights analytics against it. We are able to go back to every one of those large customers and allow them to ingest data from the and give and upsell them Cortex XDR.
So this is a use case for us where we take their firewalls, we take their endpoints and say, why don't you collect the data across the board? We'll analyze it to you. We'll reduce the signal at all ratio and we'll couple the best deal with it and be able to give you automation going forward. So That's a use case, for example, we can take our firewall customers, endpoint customers, add automation to this, and that budget comes out of their soft budgets because every one of our customers is building soft, talk is the fastest growing category, it was about 20 plus percent growth year over year, where people are deploying more people and more data ingestion and more more data logging spend.
And do you foresee that more coming out of the wallet of traditional managed security services providers? Sort of offer these tier 1 type capabilities. And where are those dollars coming from as essentially?
Those dollars are coming from both sock dollars, if you will, is there such a category, but they're also coming from efficiencies there to drive for those sock owners who are saying we can come in And instead of, you know, we put up some interesting numbers of that. We put 8 times 50 times in terms of alert reduction. Traditional approach to alert reduction is higher more stock analysts. If you can walk in and see, I can reduce the number of routes by 8 times and I can reduce the number of routes by 50 times, that's a huge amount of savings, which is coming out of the stock, analysts that people have to hire, and it's very few of our customers are able to scale up their stock to hire 300 stock analysts because It's kind of very interesting. One thing I learned is that in DoorDash, they actually customer delete policies.
They're scared of really having 7 or 5 hour policies because somebody wrote them some wisdom in mind. New guys says, oh, shit. I'm not gonna delete it. So there's a poor SOC analyst trying to interpret. Why is that an alert?
And the problem is the alert keeps coming back because they have no Village clouds and remediate that and fix that policy. So part of what Demisto is doing is saying, okay, we understand you learn like sellers that automate this week and start focusing on stuff that's important. We end up at 174,000 alerts. And not that I'm a hacker or a bad guy, if I understand how you prioritize the important alerts you should look at, I'll spend my time trying to figure out how to be under the radar. So part of our philosophy, we want to look at every 100 hours there.
We only need to get the through automation, automation that works in the endpoint, automation that works in your firewall, automation that works in your software. So that's why if you notice every one of our products has a large automation plan, we believe we're going to take away from the services and labor camps and for them to automate. Amber, you're back.
Hi, it's Sterling Auty with JP Morgan. So one question for Nikesh and Kathy, and if possible, can I throw a follow-up question to Nir saw as his microphone? Yes, we've got management team. It's here. Fantastic.
So Nikesh, you mentioned the 10% reduction in duration over the next 3 years. How much of that is actually going to be what you're managing that duration to versus what customers want? Because One of the positive feedback items that we received through the channel over the last quarter or so is finally Palo Alto being flexible on payment terms And if, you know, got the bid, we do roll into some tougher macroeconomic times, I could see more and more customers perhaps wanting to only pay a year to time and for the 3 years upfront. Yes.
We're going to be very thoughtful about those trade off in terms of what sort of financial incentives do we have to provide in order to have our customers commit to us for a longer period of time. We talked about last, that issue last quarter, and we talked about the fact that we were paying very close attention to the economics of deals like that where our customers really wanted to only pay us a year at a time. And we're going to continue to do that. And if our customers demand more and more of that, obviously, we will adapt to what our customers are wanting. But we actually find that there are a lot of customers who are very comfortable with the way they pay us today, very comfortable with, billing practices to date, And so we're not seeing this huge surge of demand.
It tends to be, occasional requests that we handle on a 1 off basis. Potentially, it could become larger in the future, and of course, we'll adapt to that over time. But the big shift that we've been talking about, I'm sorry to catch, is really driven more by the mix shift of the product and primarily the growth of Prisma Cloud. Which we talked a little bit about last quarter, having shorter contract durations, John, on you.
Sorry. Just to add to
that, I've discovered in the last 30 months industry has certain compensating mechanisms already in place, but there are customers who want to pay on an annual basis in the industry the channel wants facilitators have figured out the consort of financing to shore up front doorstep with the entire contract duration's worth of cash flow. So it's It's been around for a very long time, and there are many enterprise companies which have financing arms and all different kind of tactics to enable that cash flow generation. So we haven't assumed any of that stuff. We believe that life will go on. But I have the inimaticals near here.
He wanted to
question. Exactly. The one thought, Nir, when you were talking about proxies, you did gen 1 kind of gen 2, but when we're thinking about Prisma and the competition going forward, you didn't really kind of call out the name. So I wanna be very specific in terms of understanding who you think
You think we didn't call out the name? Who do you think is going
to be the core competition in terms of Prisma Access moving forward? I mean, we all think probably
G scale is going to
be part of it, but what about the Akamai's and the other companies that are in that space and what do you think happens to kind of the traditional firewall vendors, do they all get squeezed out, or do they come up with offerings as well? Thanks.
Yes. So I think the competition is this, Kenneth. However, you know, I strongly believe that the right architecture and the right products at the end of the tailwind. And we've been through that movie multiple times, right? FireEye, for example.
Like, a long time ago, FireEye came out of the market and they had this idea of running sandboxes and signatures are dead and the entire world is going to ship FireEye and, you know, some of you even thought that story, but it was the wrong technical solution. First, you know, first, Sandbox and goggles replace everything. And second, from a technical perspective, if Sandbox needs to do prevention, more detection, It has to be in line and it has to be across entire infrastructure, which means it needs to run off the fire. And that's why they went their way, we went our way and and we all know how he's ended up for both of us. So I think that we're fixing the same situation right now.
There is the right technical way of doing something. And the right way to deliver a product to the market. And there is the wrong way. And proxies have always been the wrong way. And firewalls have always been the right way.
Being in the network, part of the network, being a packet based device, participating in routing, participating in network optimization, and being able to support all applications, not just a few applications, not breaking applications. I don't know if you know, if Microsoft recommends us when you use this scaler, you turn you don't use this scaler when you go to Office 365. Why? Because it breaks Office 365? Because that's what proxies do, and it's their own technical solution, and I strongly believe that the technical solution, will we?
Now if you look at what's involved in access, in access, in the modern access into the cloud and back into the into the corporate infrastructure for mobile users and bunch offices, you need to do a lot of different things. And our competition today different competitors do different things. I don't see a single competitor that does all the the application security part of it, the firewall side of it, the CASB side of it, the SD WAN part of it, the back to corporate side of it. I just don't see anyone that has the complete portfolio, to be able to do what we're talking about. Yes.
There are the firewall vendors. The firewall vendors, like I said, are still busy figuring out why they can't sell their hardware against ours. While we've been spending the last several years building our virtual firewall and building our cloud delivered firewall, to a point where I just it's just there are 3 to 5 years behind, at least, plus the amount of time that are behind our other firewalls, I just I don't see competition from there. Thank you, Neil. I'm gonna record What what remains to say is we respect our competition, and we're glad to be able to built amazingly large businesses and serve the customers and even cybersecurity.
I think that's what you said.
Matt Hedberg, RBC. It seems like every other question with investors is macro you guys delivered strong results. Obviously, some very large deals this quarter and the guidance on a multi year view is very strong. I guess Nikesh, when you're out talking to executives, what is the pulse of buying behavior out there right now? And then I have a quick product question for Nir as well.
What's interesting, and maybe I'm going to ask our president Amit saying who you have not seen in this context. He can talk more because he's been out there on the road. So you guys get to tell the good stories that I get to go out there in the field and drive. So, let's ask, can you come up, Steve?
Oh, go ahead.
The climate for cybersecurity is quite strong, the acquisition. It's driven by all the the challenges you see, you know, in the papers. And buying behavior is actually quite solid. The movement towards software and software delivered is a real one. So, and we're actually very, very excited about the products that we have.
Both on the product side as well
as the service delivery side of
it, because these are cloud delivered solutions to the background that I come from. And there's interesting when you look at any trend, whether it's how many software startups were funded, cybersecurity startups, all the way to the actual market spending, it's very, very solid. Your question was, I think, on the macro picture, we haven't seen any slowdown. We haven't seen slowdown. You saw some of the numbers we shared around pipeline, pipeline growth, partner generation pipeline, And clearly, our Q4 performance, is a measure or testament of being able to go the co business while being also able to generate brand new businesses and scale.
Then maybe just a quick product question. In here, when you think about consolidating security spend, what's sort of your view on identity? It's obviously, it's a hot category out there. What role does identity have on the Palo Alto platform?
Sure. So first, most of our customers integrate our network security with identity. Because identity needs enforcement. And in most cases, the firewall is going to do the be the thing that performs the enforcement. Actually, the only case where it's not the firewall is when you access SaaS applications, in all other cases, it's the firewall that enforcing data entities, sometimes the applications themselves as well.
So that's that's the rough identity. Now if you look at the market today, I think most of the market is focused on what's called hygiene, meaning who can connect and who cannot connect to an application, which is interesting, but is becoming commodity. I think the most interest the more interesting part of identity is identity analytics. So being able to take identity events and figuring out, attacks from the identity. So that's, I think that's one area that's not being addressed today by the market and museum opportunity.
I think that's the other side of identity that's is still, yet to be decided by the market is how do you do machine to machine identity, especially in the cloud. And I think the jury is still out on that, and that's, that could be, one day an interesting thing to look at. That's right. Hi, Phil Winslow Wells Fargo. I just want to focus in
on the firewall platform billings slide. And there you break out firewall hardware versus Prisma and
AT and T. V.
And Sears, we've already talked a lot about Prisma Access here today, but wanted to focus on my question on the VM series. One of the questions I get a lot from, from investors is attach rate of VM series and attach rate of firewalling in the the cloud environment. And so this kind of question to, to the whole team here, you know, is that, 1, how are you thinking about contribution of VM Series, to the forward billing? But also where are we in terms of increasing attach rates of BMC rates and call it, your hybrid cloud, multi cloud security? For clarifying question, what do you mean the attach of the VMs rates?
Do we instead of call it like the out of the box firewall that you get from a cloud, a cloud vendor, you know, Azure AWS attaching, actually, if VM Series, it's through that workload. So we're we're very pleased with the game series and Halston. The when it first came out, we were focused on the private cloud use case because at the time, that was the, that was the 1st generation of cloud. And then it's evolved really well as more workloads are shifted into public cloud infrastructure. The M series today supports all of the major cloud vendors at the US, Azure, GCP, Alibaba, It's evolved in a number of ways that are very specific to cloud in terms of how we integrate it with different orchestration platforms, how we do automation, with only security vendor, for example, especially supportive of TerraForm, which is one of the main sort of multi cloud, automation orchestration tools out there.
We, are sellable to all different marketplaces, and we actually have a very nice business and growing business, with the end series being constraints through the marketplaces. So there's a lot of really good things that are happening there. The I'd say the only sort of challenge that may not be the only challenge, but to make a big challenge relative to your question is, A lot of companies will first try to get by without real security. And the, you know, through various mechanisms, you know, often it's through unfortunate events where something that happens to a company that that triggers the people that actually really go back and pay attention. But that's that's the the the only challenge is sort of getting people over the hump of of trying the the thing that they think might be good enough before they realize that what they really need is best in class security and understand that we can do the cloud integration aspects that they also need.
Great, Carl Kirsten at Deutsche Bank. First of all, on the cash for a guy who, a year ago, said that you're no longer giving annual guidance only next quarter. Thank you for the reversal. Appreciate it. I'll adapt it.
Dynamic. Yes. I wanted to, let's say, stress test your confidence in 20% billings and revenue growth over the next 3 years. And I guess I'm saying this in the context of you having just put up a quarter where you grew both metrics by 22. So you just put up 22 and you're saying you're going to grow 20 for the next 3.
At first blush sounds a little bit optimistic, especially given that you're on stage as well, talking about a hardware to software form factor shift, which if we look at firms like F5 and others that are going through this, it tends to be quite dilutive to your overall growth rate. So, is it that that form factor shift, you expect only to be quite gradual and you can kind of skate around it, or is it that your emerging products are just growing so damn fast, but despite that, you can still get to 20. Thank you.
First of all, thank you, Carl. If I'm allowed to clarify, I was not comfortable giving guidance when I walked in because I didn't understand the levers of that. Not that I understand the industry in order to understand the legal of the company. And I hate to stand up on stage and commit on behalf of 7000 people without having some degree of confidence and comfort in our ability to deliver. So I appreciate you guys enduring the last 1 year of our quarterly guidance, but, I think hopefully we have giving more guidance and putting large news around our necks now that we have to go out and deliver this stuff.
So thank you for for reminding me that. In terms of our comfort level, I want to parse your question into 2 or 3 parts. One part is, we are seeing unabated growth in cloud generally. And I alluded to the fact that, there's not enough cloud security out there. And there's not been enough people eliminating the need for cloud security.
I will not take the name of the customer, but there has been a recent breach where It was a cloud breach. And I can tell you, that got the phones ringing because people suddenly realized that you can have cloud breaches even though you're using a public cloud provider, security cannot be used as an open source set of tools. You actually have to go find the security product to security file instances. As you start putting more and more important crown jewel data out there. So we believe that that's going to drive more, more of the VM use case.
We believe that's going to drive more of the Prisma Cloud use case. We're also seeing, as the question was asked, and then it answered, We're also seeing a lot of rearchitecting going on as people go through their rearchitecting of enterprise. If you look at companies, right? There's no CIO out there. Who's not thinking about how do I go to the cloud?
So this is very important. So if I'm going to the cloud, what do I do with my enterprise IT? What do I do with security, how do I rethink it? As they're rethinking it, they're rethinking their branches. If you have a retailer, retailer needs to put a lot of bandwidth into their branches in the past, There was low bandwidth.
You did your POS systems to work, and that was all you needed today. They wanted AR and AR in the store. They want to move customer data back and forth. Suddenly they need security stores. We believe there is some degree of new use cases being created, which is driving some of the confidence we have in some of our newer services.
And we believe our core business continues to be strong. The underlying core business, the customer base continues to be strong. We fully realize that we are going roughly from let's say, $3,500,000,000, getting number to $6,000,000,000 number, which means we have to kind of double. As I said, there's only one way to double, have more product. Or has twice as many salespeople.
I hope that there's twice as many customers out there as you can get. So we think the balance is right, and we should be able to execute We've done a lot of investing in FY19 in Q3 and Q4 and ramping up both core capability as well as some of our speedboat capability. Now we're stretching our key suppliers to deliver. We'll give it our best shot. Yes.
Litesh First of all, thank you very much for not changing your business model. It took me a very long time to figure it out, and I spent much.
It can be 12 months to figure out how to figure out what the other
guys did with us. That's great. And it gives me the opportunity to ask more of the product question to near And so you explained very well how you plan to completely crush all proxy based competitors And I was wondering, and you've defended very well all the, all what you have already in your development in the next generation firewall and what you've done from there. But I was wondering how you transfer that benefit, to technologies your acquiring. So for instance, if we look at the components of, please my cloud, when they came in, first day, what did you do?
How did you integrate that technology? With your existing technology? How did they benefit from that? And then your clients using it, how does it benefit from a parallel to network style wall and having Prisma Cloud in the same environment.
So, the the cash mentioned a couple of the principles that that
we now apply more vigorously in terms of the incoming companies level responsibility to give them the expectations we put on the founding teams of these companies to, to continue to execute as well as to build an integration plan. Interesting enough you asked about Prisma Cloud, That was formed out of the basis of 2 acquisitions, Evan and I O and RedLock. The integration of those 2 together took us about 4 months. 4 months to integrate 2 products into a single platform. It now forms the foundation where we'll be able to, then further integrate Twistlock and PureSec into that platform as we continue to extend it out.
Again, pulling the leadership teams of the companies into this together, in order to make sure and then building an execution plan. It includes the integration that we all agree on very quickly after the acquisitions happen. And we're very much in the midst right now of executing on that with an expectation that by the end of this calendar year, those will now be new modules in the Prisma Cloud platform. So the a lot of this is around giving the right people the risk the right responsibility, the right accountability, and then executing. We're showing that we can do this with very good success.
On the customer side then, what they're seeing is very easy adoption of additional cloud security capabilities showing up in the same platform that they're already used to. It simply gets to consume and deploy against our cloud workloads, which is a very powerful, go to market and adoption aspects that the products are enabling.
Yes. Yes. Another example will be XDR. So we bought an ETR company. We bought an NTA company, right?
Like do and life cycle and integrated both together. Nobody believes we can do nobody believe you can take network data, take endpoint data, combine them together, and generate meaningful, analytics based on that. And we're the first one to do it. And like I said, EDR and get as they're on their own don't make sense. And now we're going to integrate.
We plan to integrate more and more things into it. Now the other type of integration that we have, which I think we've partly asked about, is would we buy someone like ZYNBooks, or we develop something like DNS security, it becomes a service that is attached to our firewall and all the customer has to do to use it is to flip the switch. You flip the switch and you use the service. And you test it for a week, a month, whatever, you like it, you buy it, you don't like it, you don't buy it. And most customers that turn it on, they see things that they just can't, not buy the product.
And the interesting thing is that those services apply to all phone factors. So if you have a physical firewall, you do that, If you bought Prisma assets, you turn it on, you do that. If you if you went with a competitor, with a proxy competitor, and you wanna do IoT security in the branch, which you do, like you need to secure braces and you probably have IP phones and video cameras and other things connected to the network in the branch. What do you do? You have to go to an IoT security company, you have to buy the product, you have to deploy it in the branch, and you have to deploy it in 2000 branches, if you have 2000 real points and somehow personalize it.
We follow all the networks if you are Prismaox's customer already turn on the switch. Immediately it applies to all your branches. You like it, you buy it. You don't like it. You don't buy it.
It's that simple. Okay. Another question right next to the gentleman. Hi, it's Keith Bachman from Bank
of Montreal. Nikesh and Cathy for you, Is is M and A inclusive or exclusive of what you just put up on the board? And what I mean by that is as we think about the revenue outlook and billing outlook. I assume that the context of that is mostly smaller deals probably don't move the M and A,
but I just wanted to
see if you could clarify And and it relates to you as well, Cathy, on the margins, this year, you're suggesting that margins go lower, but thereafter, they'll move higher. And so is that again, M and A neutral? So if you do some deals, you might ask first for forgiveness for the margin growth that you're suggesting in the outer years, if in fact you do pursue M and A, even some smaller deals that might pressure those margins. So inclusive or exclusive is the shorter question about So
to give you a framework, it's exclusive of any large M and A which has a significant revenue acquisition component. So if you go buy a company for $100 of revenue, we're That's not part of our plan. As I said to the gentleman earlier, there's no plug in these numbers that we're going to be acquiring $2300,000 of revenue growing at 50%, right? There's none of that. So We're not looking for M and A as a strategy.
We're looking as platform as a strategy. Now in the platform content, If you think about are we better off going back? And for example, we build Cortex XDR from the acquisitions. We put it in a got the teams to integrate. We didn't sell it for 6 months.
We got them to integrate it to solve this effort. They put together it. Twistlock, RedLock, PureSec, we integrated, and we're deploying across our platform. So we find there's a product need and a product market fit that needs to be integrated to our platform, that stuff will have to be acquired or keep you posted we acquire them, what the impacts of those are financially. We've not built in any expectations saying we're going to be doing filing and all that the rear, it's going to have certain EPS impact.
We're going to take that and take into these numbers. These are raw numbers organic, Kathy told you, FY2020 has a $45,000,000
M and A?
M and A, what we did this year, after 1 year, we roll that into our organic numbers. So FY 2021, 2022, there's no there'll be, unless we do something with it now and then there's those are some organic numbers. One thing, I think there was a clarification question, which I want to analyze publicly. Somebody asked a question about the duration of 10 percent back every year or across 3 years. The answer is over 3 years, not every year.
Try to keep my friends out of jail. I hear that broadband is poor in jail, bro. So on NPLA. Sounds good. Good idea.
My wife's just still
watching emergency black last night, so I I don't want you there. The, Michael Turits from M And Jain. Question on, for near where you guys saw the SP WAM. And, SD WAN is big and a big part of what Fortinet has been talking about for some time. So I'm trying to think about, 1st of all, how do you become an SD WAN player?
What are you going to do with it? Is it similar, I think, to
what Fordna is doing the same?
Hey, we can do this too and function this to end. We're gonna use it to help improve GlobalProtect Cloud Services networking component because that's also a big place to do scale awareness is by doing networking basically
say it's cheaper money. Yes, doing networking with the proxy, that's interesting. But he doesn't need any more in color
I I I just wanna get him, Ralph.
I can perform for a while. Yeah. So so SD WAN SD WAN so maybe 30 seconds on what SD WAN is. So just to order the same page, as applications move to the cloud and it stops making sense to use NPLs, you want to start using regular internet connections, right? ESL, cable modems, whatever.
E3s, e3s, whatever you can get. The challenge with that is that they don't provide you the same reliability and performance guarantees that NPLs does. So off the start, then you start relying on applications in the cloud, like Office 365 and G Suite and Salesforce dot com, or your own applications deployed in public cloud, but you cannot get the same guarantees. So SD WAN is about taking multiple internet connections, like a DSL from one provider and a cable modem from another or 2 DSL or a DSL and LTE or 5G soon and so on, and somehow doing some kind of networking tricks on them. Such that with the 2 or more links, you can get to the same reliability and the same guarantees, more of us, if you get from MPLS, of course, at a much lower cost, much higher bandwidth, which is what those applications in the cloud need.
Now there are multiple ways of doing that. You can do it in the branch itself. Meaning you can take the firewall that fits in the branch and you can add SD WAN to that firewall and do that, those those networking tricks to make those multiple internet connections appear much more reliable. And we're doing that, meaning we we we're building that and that's going to become a subscription on top of the firewall that like Lisa, where if you deploy our files in the branch, we do that. And in that respect, it's somewhat similar towards other SD1 vendors are doing, of course, with the differentiation being much better security, right?
We always win on security. The other option to do it, and and which which we do today as well with SD WAN partners and we'll continue to do is to use SD WAN to bring the traffic to Prisma Access. Please map this, which is a bunch of firewalls deployed in the cloud, need the traffic together. Now you can do it with traditional, like, 6 tunnels or something like that. A much more efficient way to do it is with SD WAN.
So you program your SD WAN, your, software defined 1, to bring the traffic to Prisma Access, and then you do all the security work in Prisma Access. The advantage of that is that you don't have to deploy any security box in the branch every few years because technology goes stale and, and you need You need to upgrade, which is kind of like painting the golden gate page, right? You start, you deploy 2000 bunches. By the time you finish the 2021, you have to start from the beginning, with freeze marks, you don't have to do it. And that's where the real differentiation is.
So doing SD WAN in the cloud, rather than doing SD WAN in the branch, and using SD WAN just to bring the traffic to the cloud is the right way to do SD WAN, but for that, you need to have something like Prisma Access. And you need to have a networking Prismax. It's not something that breaks the TCP connections and restarts them, which is not networking based. It's called the proxy. QED.
Yes. Do we need a card? No. Like, we said, we're building SD WAN.
Okay. Eric Superger, JMP. Couple of questions. 1, on the free cash flow margins. Is the primary cause for the decline this year duration?
Or what what should we think of as the primary hit on the on the margin front?
Yeah. That's second question after that.
Yeah. The the primary reason for the decline is the same primary reason you'd see for operating margin decline, and that's the investments that we're making not only organically to drive the new areas of our business, but also the M and A investments that we've made.
And then for near Which
is why we expect it to turn around.
Okay. Then for near or Lee, XDR is, is that product production ready.
How much how much
of that, how can we gauge the success of XDR from here? Cause we've had traps out there for a while. Is this something that's going to be a viable competitor to CrowdStrike at this point? Or how should we be thinking about that? And how much of that is getting sold outside of your installed base?
As we mentioned earlier, we're actually very happy with how XGR has done. No. It's early. It's it's we announced it about and released about four and a half, five months ago. You saw the results for the first full quarter.
Number of customers we added, So very excited about the initial, market reception, customer reception to XGR. And the messages that we talked about here are things we're hearing from our customers, very powerfully the ability to integrate the and stitch the endpoint data with the network data. No one else can do that. No one else can get in that end to end visibility. Reducing the number of alerts, reducing the amount of time it takes for them to actually investigate incidents.
So all the things we said here are they're here because that's what we're hearing from our customers that have adopted XDR, okay? The and the interesting aspect of this is that is enabling us to really sort of change the conversation with our customers to one that is a very strategic conversation about the shift toward not just endpoint protection, but the shift toward analytics and ultimately toward automation and time head and weakness.
Almost. So if this is another case where I think that the right technical solution will win, EDR doesn't make any sense. It really doesn't make any technical sense to limit yourself to collecting data just from endpoints, limiting yourself to processing data just from endpoints, and then responding back to the endpoints where we all know that the task has happened across the entire infrastructure. They can start in the SaaS application and then take over an endpoint and then propagate through the network and end up in the public cloud, where your data is. It it the the right technical way of doing it is to collect data from multiple of the infrastructure into one place, use your analytics or your people or whatever it is to go through the entire data find the attacks based on information in the entire data.
And when you find an attack, it doesn't matter where the signal came from. You want to respond back to the entire infrastructure. Is kind of where the MISTO comes in, responding back to the entire infrastructure. And I just don't see the competition doing that. I don't see the competition doing, you know, doing more than just basic endpoint data collection and and response.
So, you know, assuming we get the right marketing and the right sales and marketing around it, go to market on, and there are some missing product features. I think that next time we'll be able to talk much more about where we are versus the competition. If I may, if I may elaborate on that from a market activity perspective, and given that we've only had four and a half months worth of great experience with the product and market against the competitor you mentioned. Remember 12 months ago, we didn't have a dedicated sales force that could compete in terms of on a point by point basis against some of these competitors because we had core sales team, which was not as fully adept at selling this car. Now that we have speed port teams out there, it's fair to say we saw CrowdStrike in between 25.30 deals.
Which were in our installed base because that's where we went after first. And I think the numbers we were able to beat them in 75% of the deals we saw them in our installed base. Again, it's one data point. But we're slowly getting our act together and getting better at this stuff. But 6 months ago, we didn't have a product.
Traps would not compete against EDR because Trapsited endpoint protection did not do XDR. We launched XDR. We've made Traps free. Thousands of customers using Traps. Our first target is to go to the customers.
We already have Traps. So we have the data, we have our firewalls, who better than them to make sure that they can by XDR. And we're delighted that 75% of them wear cars to shore up, but they show us a lot more deals than we do because they have a larger Salesforce. But we're delighted that we were able to beats on the 20 costs and 70 costs that we'll do. Thank you.
Show from Alejandro again. Maybe questions for Anita or Kathy. You're looking in the performance Whereas, you know, it hasn't quite stable over the course of the past, probably 2 years now. I think this quarter and last quarter, not as strong as we have seen before. So is it a macro issue, maybe a UK specific issue, maybe tying tying it to a its former macro related question that was asked.
It's just a great opportunity. Really, it really is Europe. Strong adopter of, you know, cybersecurity is actually on the headlines and there is national legislation in countries to go fix it. And we're just investing in the team, giving them resources. We love the leadership team there.
So it's actually a growth opportunity for us. To do, continue to do well and actually do pyronomia.
All right. We have one in the front and 2 in the back on the right.
Thanks. Andy Nuinski with Piper Jaffray.
So Just had a question with regard to Prisma Access,
at the Gartner security conference,
a few months ago, Zscaler was on stage at the keynote, and they had a few customers on stage as well. That said they tried, you know, GlobalProtect cloud service, which you're not calling Prisma Access. And didn't get
the performance that they were looking for.
It wasn't scalable. I guess, can
you just talk about how you changed or, fixed the performance in the architecture?
The company was an out existing customer, and they they had they had actually selected said competitor.
But we had an
opportunity to get in one last chance. And they told us the same thing. So can you share with us the test that you're doing? And it was provided by the competitor, and it was a flawed test. We were able to show them how it was a flood test, and after they redid the test, to no longer be a flood test.
Prisma Access performed wonderfully. So and that was before the most recent update to Prisma Access where we now have over a 100 onboarding locations around the world. So we are very pleased with the performance of performance capabilities of Prisma Access as a globally deployed cloud solution.
As the video you saw, which talks about 1,000,000 employees and 100 of hospitals, they ran a full POC against the same competitors, so hopefully, which is already deployed. Yes. Questions in the back end. We're coming to the end of our Q and A session, but it's going to take a few more questions from there. And then Let's go to Brad for us.
I don't want to end on Brad.
Thank you very much. Thank you. I really appreciate it.
I want to go out. Happy for Ken. This is a this is a fantastic presentation today.
My question is actually really simple. Yes. 3 months ago, if we listened to your remarks in your earnings call, you talked about a transition.
Yes.
There's not much of a transition.
Yes.
Why? Good question. I'm glad you asked it. 4 or 5 months ago, we were going full speed ahead, analyzing every which way we can make this transition to a fully ratable model. And when we sat down and looked at it from an accounting perspective, a legal perspective, a go to market perspective, we would have to impact the channel of salespeople, We all stepped back and said, okay, why are we doing this?
Our customers are buying 1,000,000,000 of dollars of products from us. They have a notion. Our sales people are quoted, how to sell it, And Seth said, we're doing it because the industry likes ARR models and software models. I personally like money upfront. Cash flow is a good thing.
And then you go out hunt, use some this year, the rest of you could go through it, use it in year 2, year 3. Why do I have to go hunt every year if I'm going to go to analyze model? So we just felt that we were trying to unnaturally change the company's business model and transition to a place which is more akin to a pure software SaaS ARR based model. And we are kind of a hybrid business. We have the firewall business very strong.
Building a next generation security business degree, it's going to be very strong. And some of the characteristics are good to really like. We like the upfront cash. We like the cash flow. That this brings us.
We like the fact that it gives you long term deferred revenue, which allows you to be amortized. So we decided that we're better off going this way. So this is why we're here. And then we were comfortable that we've analyzed everything every year on Sunday. The time of the day has been in the making for 6 months.
We've been trying to look at what we want to come and tell you, what's important, what's not important, as I said. I thought we will never read as many research notes as I've read in the last 6 months from all of you guys. Apologies to you, but I have a day job, but I did read most of them, and I did read what you guys are concerned about and understand why you like those models. But you've got to run the company the way you want to run the company and the way the customers want us to deliver the product. So that's why.
That's really another reason in such group. Nikesh, recently, we acquired Carbon Black and we are
for which company?
I think I'm good.
I'm good. The Yeah. Yeah. No. I know VM Bear very well.
Well, it's Carbon Black. It's carbon black. Yes. Okay. So the question is this, you know, we're trying to make sense of how the landscape is going to be evolving.
It looks like Vienna is going to be acquiring more companies in the space. And what does this mean for the whole security landscape going forward? I can't comment on VMware's strategy. There are a lot of people who believe security is important, right? And they're all stepping up their acquisitions and security.
And I think that's probably accurate. You will see a lot more acquisitions in the space because I don't think 2500 vendors are gonna survive. One of the questions I originally asked was buying behavior. I firmly believe in the next 5 years, you will see more consolidated single vendor buys, then you will see multi vendor buys. We go over 800 EBC at Palo Alto Networks.
The customers show up and I haven't seen a customer who actually espouse his desire that he or she wants multiple vendors to be able to secure their environment. They're looking for a solution which integrates across multiple solutions. So any company out there, whether it's VMware, whether it's Microsoft, whether it's dotcom, can actually gate products and integrate them? I think they're gonna win. So the question is not acquiring, you can all acquire companies, acquisition of the easiest part.
The question is can you integrate them, do you actually get leverage from integrating them into your platform, acquiring a customer, putting them in an ELA and making them free or being part of your large did I hear that, platform level? So there's so there's a new term you will hear soon in the security and space going from PLAs to PLAs. Because people have discounted products, security, and consulting, and chips, and we could put them all to a PLA. Now it does not mean ELA anymore. Because it's more than a week to be.
But those are interesting parts. I think the true need is the customer's integrated platform people can deliver a new platform more power to them. Yes, as Nir just articulated, you need firewall and endpoint data to work together to be able to do next generation security. Similarly, you need container serverless public cloud workloads, to do it, together. And I will tell you an underwriting anecdote, and I apologize if it doesn't apply.
When I went to Google, one of the businesses we started to go after was display advertising, held into security. And Google had no force in the race. They didn't own a display property. Microsoft had 1, Yahoo! Had 1.
And they bought very good at selling their own display properties, but they were not good at cross market selling because typically they default it to their own product. And my concern is when you start looking at cloud native players like AWS or Azure or GCP, or VMware with their own sort of hybrid solutions, it defaults to better integrations and better alignment with your core product. And you don't do as good a job of a cost industry, security solution or cost industry product. So our hope is really the platform of choice across multiple platforms as opposed to a platform that integrates security and tries to bundle it from the BioMar platform. If I don't want to deploy ABMware, Would I be deploying Carbon Black today?
I would have. I may have. Tomorrow, I suspect the allegations will be going to be stronger. Now I'm not sure which value gets you more revenue, maybe gets you more revenue given your scale. But I think the local outcome is that you want a multiplatform solution which is somewhat platform agnostic so it can actually make it work better for you across multiple cloud platforms.
All right. Last one
or 2 questions. Well, how to make sure you guys don't leave here with questions and answer. I'm sure I'll read about it tomorrow or the next week. So why don't we ask the question guys?
Excellent. Thank you guys for having this presentation. And really compelling product vision, it's great to see a value proposition that's not just you gotta be secure because we're gonna scare the crap out of you, but also We're gonna divide down.
We do that out in the field, doc here.
So we're gonna provide value by making it easier and more effective to do the security. So there's a there's a dual value position that customers must see. I wanted to drill down into sort of the firewall market overall. Nier presented a really good sort rationale of why firewalling isn't gonna go away. We're still gonna be doing firewalling.
But it seems like where we're gonna be doing that firewalling is gonna change. So I guess the question I have is, should we expect kind of the traditional firewall you've done from an appliance at the edge of the network? Is that part of the market going to be stable, increasing, declining, in the midst of a broader kind of firewall and capability that still grows.
So I'll give you some data point and then I'll have a lot of product leadership answer that. I went back and as part of preparing for the Analyst Day, I looked at NFI's IT spend of last 7 years, right? Because it's typically the end of life for most IT infrastructure between 7 to 10 depending on what it is and where you buy it. There's approximately 1,000,000,000,000,000,000 to a year that's been spent on enterprise IT. And the reason I go to track that is because I think security is at 3% to 8% of that number, right?
In financial services, the government, it goes to 8% and they're very security conscious. Others go to 3%. So if you think about it, there is approximately $12,000,000,000,000 to $15,000,000,000 of plant out there in enterprises. IT infrastructure cloud. I just put a slide up there, which is a partner slide or Goldman Sachs line.
I kind of know one of those Goldman maybe from this morning, which talks about the cloud disruption opportunity of $1,000,000,000,000 in 2023. Right. So either you're telling me that we're going to stop spending an enterprise IP in the entire ID market is going to go down and all of the vendors you're spending in the cloud. Or you're telling me people are still going to spend a trillion due at going at 3%, and while that is still going to go to enterprise IT. So I suspect this transition is going to longer than we think that people are still going to be spending enterprise IT.
Now granted on the margin, it may be smaller number because people are shifting to cloud. And what it's doing is 2 things: 1, it's making people reevaluate as I'm going to make that trip to the cloud, what do I want to buy that allows me to transition? And that's why I want a large retailer. Let me talk about, they're going to the cloud. They don't want to diversify hardware firewalls.
They want to make sure they can get the answer to the cloud instances. They can get a cloud delivered architecture for business access. So the question is, We expect this transition to happen in the next 5 to 7 years. A lot of it can do you have products that satisfy the three use cases? So here's some use case, the transition use case to the cloud and then the new architecture to look at the cloud.
So we think that's why the product strategy is aligned towards this transition. We think that shift is going to happen. Happen on a customer specific basis depending on how great they are. It'll happen on an industry basis. So it's all just on the moving parts, but we think firewalling is around for a while.
For the people who are still investing in data centers. But I'll let my product colleagues elaborate on this. So from a product perspective, the
firewalls get deployed in lost different places. They get deployed in the data center. They get deployed headquarter, gateways, regional sized branch offices, United States. And the Some of those use cases are more attractive to, to shift the form factor. So for example, applications move into public clouds, the form factor for us to be software, for lots of different technical reasons that are mostly sort of straightforward to understand why you want to do that.
For example, you can't shift a hardware device to Amazon and ask them to into your AWS account. You have to use cell phone practice. As we talked about for branch offices, retail, mobile users, there is a shift that we are driving with Prisma Access that we believe is a very good shift, both in terms of the customer outcome as well as what they need and want to
be able to accomplish.
But there's still, you know, Nikesh was saying, this investment in the enterprise infrastructure over the last, you know, 7 plus years there will continue to be a lot of investment in that infrastructure has to be protected. So particularly in the larger central sites, regional sites, And the world will be hybrid for a long time, meaning data centers, there will still be a lot of hardware that will need to be deployed against that. And one thing we didn't talk, about today, but it's very important to us is, in a lot of those places that I just mentioned, the performance of hardware starts become really important, right? If you think about a large headquarters with 10 gig connectivity growing, you want to do internal or the segment, not IoT devices, things like that, which that might be 100 gig, some of the larger data centers. Hardware still has a very important role to play in
a lot of those core basis. All right. I think, with that, we'll call an end to the Q And A session. I want to say thank you to my management team here who's been part of this journey in getting us here so far. I also Wanna use the opportunity to shout out to our 7000 employees around the world who work hard to deliver results that we're able to deliver.
And hopefully, we'll keep working hard for the next 3 years to achieve the targets that can be on. So achieve the targets we've outlined. With that, it's my pleasure to invite you downstairs for, some cocktails. And some demos in the in case you want to geek out in some of the products.