Good day, everyone, and welcome to the Palo Alto Networks fiscal 4th Quarter Fiscal Year 2018 Earnings Conference Call. Today's conference is being recorded. At this time, I would like to turn the conference over to Ms. Amber Off Director, Investor Relations. Please go ahead.
Good afternoon, and thank you for joining us on today's conference call to discuss Palo Alto Networks, fiscal 4th quarter and fiscal year 2018 financial results. This call is being broadcast app live over the web and can be accessed on the Investors section of our website at investors. Paloaltonetworks.com. With me on today's call are Nikesh Arora, our Chairman and Chief Executive Officer Kathy Banano, our Chief Financial Officer Mark Anderson, our President and Lee Klarich, our Chief Product Officer. This afternoon, we issued a press release announcing our results for the fiscal fourth quarter ended July 31, 2018.
If you would like a copy of the release, you can access it online on our website. We would like to remind you that during the course of this conference call, management will make forward looking statements including statements regarding our financial guidance and modeling points for the fiscal first quarter 2019. Our competitive position and the demand and market opportunity for our product and subscription, benefits and timing of new products and subscription offerings. These forward looking statements involve a number of risks and uncertainties. Some of which are beyond our control, which could cause actual results to differ materially from those anticipated by these statements.
These forward looking statements apply as of today and you should not rely on them as representing our views in the future and we undertake no obligations of update these statements after this call. For a more detailed description of factors that could cause actual results to differ, please refer to our quarterly report on Form 10 Q filed with the SEC on June 5, 2018, and our earnings release posted a few minutes ago on our website and filed with the SEC on Form Eight K. Also, please note that certain financial measures we use on this call are expressed on a non GAAP basis and have been adjusted to exclude certain charges. For historical periods, we've provided reconciliations of these non GAAP financial measures to GAAP financial measures and the supplemental financial information that can be found in the Investors section of our website, located at investors. Powellowsnetwork.com.
And finally, once we've completed our formal remarks, we will be posting them to our Investor Relations website under quarterly results. And with that, I'll turn the call over to
Thank you, Amber, and thank you everyone for joining us this afternoon for our fiscal fourth quarter fiscal year 2018 results. I spent the last 90 days talking to over 100 people and industry experts, customers, partners and our peers. It's been a lot of fun learning and drinking from the cybersecurity fire hose. I've also spent some time reading what all of you have been wondering about. And I realize you're all very curious to understand what the future holds for Palo Alto Networks and how we are likely to perform under new leadership.
So before Kathy takes you through our strong Q4 results, which I think are a testament to the company's great marketing opportunity and execution, market opportunity. I want to share 5 key observations and messages with you to give you a little more insight into what to expect from me going forward. First, I think the security market is large and continues to grow. The security market size estimates are close to about $100,000,000,000 in 2018 and expect it to grow at a CAGR of about 9% over the next 5 years. Despite being the leader in cybersecurity, We're still a small percentage of the market and we have aspirations to be larger.
Continued spending in securities being driven by a few notable technology trends. 1, Consumers and employees are walking around with very powerful computing devices, which are constantly connected using increasing bandwidth. This is forcing a large scale upgrade in IT infrastructure globally. 2, the transition to the cloud is gathering steam, Every customer I have talked to is working in a version of a cloud strategy and migrating either some or all of their business to SaaS and PaaS. 3, there's a broad understanding of the value of data and the need for good usable data as a basis for applying AI and machine learning in the future.
The increased complexity of managing these changing IT environments is creating significant challenges for enterprise security practitioners. We believe that the benefits organizations seek as they make these transitions cannot be fully realized unless security solutions transform with them. Digital transformation requires security transformation, which gives me a lot of confidence in the continued growth in security spending. This leads me to my second observation, and that is, with the need for security transformation so apparent, we are well positioned to continue to succeed as Palo Alto Networks. Our centralized in our platform approach to security, which emphasizes best in class security with automation and integration to simplify security management.
The company is starting with network security or the next generation firewall change in the industry. Network security remains extremely important to enterprises and we continue to innovate and take share in this space. The past 15 months, we have introduced updated versions of almost every next generation firewall we offer and have delivered new models which allow us to solve additional use cases to our customers. Our cloud delivered subscriptions are natively integrated into our firewalls, and offer best in class network security protection as well as eliminate the need for our customers to deploy multiple point product solutions. As digital transformation accelerated and as mobility and cloud computing have grown, our innovation has kept pace.
We're also doing well in the nascent cloud security space. This is one area where I personally feel we could do a lot better. Our customers are facing new challenges and as we see the market embrace hybrid cloud and multi cloud strategies, customers are asking for solutions that can integrate with their existing infrastructure. With over 54,000 customers worldwide, we have a ring site seat to understand the challenges of both traditional network security, as well as evolving needs of our customers in the cloud security space. Today with over 6000 customers using our VM Series Aperture, Evident and GlobalProtect cloud service, offerings, we've made great inroads into cloud security.
In the endpoint market, which is extremely competitive and also in transition, I believe we're on the right path with Traps in Sec 2. With Traps, we now serve over 3000 customers and protect over 5,000,000 endpoints. With our recent acquisition of SEK2, we will add important EDR capabilities, which will enable us to compete even more aggressively. My third observation is that I believe that our bet on the application framework is the right one, and I'm pleased to report that it's progressing well. Coming from the outside, I had no bias one way or the other after spending a good deal of time talking with customers about the application framework, Three things came across loud and clear.
1, customers are looking for greater integration. They continue to be concerned with the fragmentation of solutions of the market. As new attack vectors are exploited by cyber criminals, the response for Benny has to be has been to add more point products and solutions. The results, however, have been challenging from a management and policy perspective. And management of the overall security environment has become too cumbersome to be effective.
2, customers are looking for simplification and deployment. With the multitude of users and endpoints and a sprawling infrastructure to manage, customers are concerned with the time to deploy security solutions across enterprise. The longer it takes to deploy, the more exposed they kill. 3, the bad actors are more and more on the cutting edge of technology and customers are concerned within level of sophistication, both in their use of large scale computing resources and approach to data. The application framework is an attempt to resolve all of these and prepare for a world which is data rich.
The Application Framework could provide simple yet flexible integration, spot speed of deployment and innovative security applications offering big data analytics and machine learning to stay ahead of the bad guys and solve the most challenging cybersecurity threats. In August, the Application Framework became generally available to 3rd party apps, and we expect the first of those applications to be offered to customers in the near future. In R and D, the teams led by Lee Klarich, who's on the call attacking all of these challenges for our customers with tremendous innovation. Please organization now includes more focused leadership across each of our product areas. The goal of this change is to launch product speedboats to help us innovate faster.
I'm also delighted to say that Nir Zukin's Rajeev, our co founders, At both reengaged, are in entrepreneurial mode, helping to accelerate our development engine and ensure we stay ahead of the evolving threat landscape. On to my 4th observation, I recently read a number of analyst notes and I understand that my attitude towards M and A is a topic of interest. Well, you all know we have cash on our balance sheet, which in the tech sector seems to be the norm. We don't intend to spend it in a non judicious manner. Not only as a shareholder, but also as an investor, my interests are very aligned with yours to create long term shareholder value.
I understand that we cannot create value either by expensive acquisitions or without bringing significant value and execution to any acquisition we may. Any activities in this area are going to be guided by aspirations to solve our customers' problems and bring value to our customers and shareholders. Which leads me to my 5th and final message. I'd like to leave you with today. And that is our intent to run the business for the long term.
Being astute with Warren Buffett, I'm going to be focused on generating long term value, balancing investment in the business, which will allow us to go and succeed with the need to provide returns to our shareholders. And while I appreciate the value of guidance for analysts and investors, I'm all about creating long term value for our shareholders and not just managing for the next 6 to 9 months. Therefore, you will notice the shift in our approach this year as we provide guidance for only 1 quarter. For rest assured, I'm here for one reason and one reason only. That is to build the best cybersecurity company in the world.
In summary, I'm delighted to be here and believe that we have a significant opportunity ahead of us as long as we continue to go past innovate and most importantly provide industry leading security for our customers around the globe. With that, I'll turn the call over to Kathy.
Thank you, Nikesh. Before I start, I'd like to note that except for revenue and billings, all financial figures are non GAAP, and growth rates are compared to We continue to see healthy security spending and strong demand across our platform. With the addition of over 3000 new customers during the quarter, We are privileged to now serve over 54,000 customers. We also continue to increase our wallet share with existing customers. Our top 25 customers, all of which made a purchase this quarter, spent a minimum of $31,700,000 in life time value, a 45 percent increase over the $21,900,000 spend in the same period a year ago.
In the fourth quarter, total revenue grew 29 percent to $658,100,000. For the fiscal year, we reported total revenue of $2,300,000,000, a 29% increase year over year. By geography, Q4 revenue grew 24% in the Americas, 43% in EMEA, and 43% in APAC. Q4 product revenue of $267,600,000
grew
26% compared to the prior year. Q4 SaaS based subscription revenue of $214,500,000 increased 38%. Support revenue of revenue of $390,500,000 increased 32% year over year and accounted for 59% of total revenue. Q4 total billings of $868,100,000 increased 29% year over year. The dollar weighted contract duration for new subscription and support billings in the quarter was approximately 3 years, consistent with what we have seen in prior periods.
For fiscal 2018, total billings were $2,900,000,000 up 25% year over year. Product billings were $871,500,000, an increase of 23% year over year and represented 30% of total billings. Support billings were $856,200,000, up 20% and represented 30% of total billings. And subscription billings were $1,130,000,000, an increase of 31% year over year and represented 40% of total billings. We continue to drive In addition to strong attached services revenue during the quarter, the momentum of our non attached subscriptions continued.
RVM series, traps, auto focus, aperture, magnifier, global protect cloud service, logging service, and evident offering exited the fiscal year with run rate billings of approximately $274,000,000, growing over 68% year over year. Total deferred revenue at the end of Q4 was $2,400,000,000, an increase of 33%. Q4 gross margin was 76.2 percent, a decline of 110 basis points compared to last year, due to continued pressure from new product introductions. Or 53.2 percent of revenue, which represents a 40 basis point improvement year over year. Q4 operating margin was 23% a reduction of 70 basis points year over year and includes approximately $13,400,000 of operating expense related to acquisitions.
For the full fiscal year 2018, operating margin was 20.8%, an increase of 70 basis points year over year compared to FY17 operating margin of 20.1 percent. Included in the 70 basis point increase is approximately 140 basis points of organic operating margin expansion, which adjusts for acquisition related revenue and expenses. We ended the fourth quarter with 5348 employees. Non GAAP net income for the fourth quarter grew 46 percent to $125,000,000
or
$1.28 per diluted share. For the full fiscal year 2018, non GAAP net income grew 51% year over year to $381,400,000, or $3.99 per diluted share. On a GAAP basis for the fourth quarter, net loss declined 94 percent to $2,300,000 or $0.02 per basic and diluted share. For the full fiscal year 2018, GAAP net loss declined 32% year over year to $147,900,000, or $1.61 per basic and diluted share. Turning to cash flow and balance sheet items, We finished July with cash, cash equivalents and investments of $4,000,000,000.
This includes net cash of approximately $1,500,000,000 raised through the July 2018 offering of convertible senior notes due in 2023. Q44 cash flow from operations of $277,900,000 increased 16%. Free cash flow was $252,500,000, up 33% at a margin of 38.4%. These numbers include approximately $12,400,000 Capital expenditures in the quarter were $25,400,000. DSO was 57 days, a decline of 13 days from the prior year period.
Turning now to guidance includes the type of forward looking information that Amber referred to earlier, there are 2 important notes for guidance this quarter. First, we intend to revert to quarterly revenue and EPS guidance only, which was our practice prior to fiscal 2017. 2nd, we will adopt ASC 606 during Q1 fiscal 2019, and our guidance reflects the change in accounting rules. In our fiscal 201810 K and our Q4 2018 supplemental financial information, we will provide an overview of ASC 606 adjustments associated with select financial metrics. The impact on revenue and operating income is expected to be immaterial of $625,000,000 to $635,000,000 on an ASC 606 basis, an increase of 25 to 27% year over year.
We expect 1st quarter non GAAP EPS to be in the range of $1.04 to $1.06 also under ASC 606, using approximately 98,000,000 to 100,000,000 shares. Before I conclude, I'd like to provide some additional modeling points. Our non GAAP EPS guidance includes expense of $10,000,000 to $15,000,000 associated with our recent acquisitions. We expect our non GAAP effective will be approximately $35,000,000.
Certainly. Our first question will come from Phil Winslow with Wells Fargo.
Hey, thanks guys and congrats on a great quarter. You saw another strong quarter of new customers additions, but you also highlighted just continue to up sell and just penetration. Inside of existing customers. So my question is as you look forward to Q1 and over the coming quarters here, you think about the balance between the new customer addition, the land to land there, but also kind of further gaining wallet share existing customers, how do you kind of think about this coming fiscal year versus what we saw over this last year? Thanks.
Yeah. Hey, Phil, it's Mark Anderson here.
I think we're going to see
more of the same. I think we we have strong motions with partners and sales teams around the world. With a really good coverage model, focusing on growing their existing customers and expanding into new customers. I think wind has probably never been more behind our sales than it is right now, just in terms of our, our brand in the market and a reputation for driving better security outcomes. We've got, I think, a team that's focused on doing both of these work streams as part of their day to day job.
Got it. And then just a follow-up for Nikesh. The, the app framework going live here, obviously, it's just kicking off here, but what are the milestones that are KPIs that you're looking at to show adoption of that? Is it it customer go lives? Is it partner go lives?
How do you think about the milestones that you're looking at that we should keep track of too?
Hey, thanks for your question. I think when I talk to customers, as I mentioned, the challenge seems to be a lot of point solutions in the industry. And from my perspective, the app framework is definitely the long term direction, both for us and for the industry. The way we're trying to think about it internally is to make sure that we get our big products to start working together much better. So I expect us to start making seeing more and more integration between our firewall products and end products, endpoint products, like sort of in the XDR world as we acquired Secoo and we're busy working hard to make these things go live together.
At the same time, obviously, we want the application framework to be useful for other third parties. So the more third party players we can get to adopt our model, the more we can get our products to work together, the more we can provide customers the opportunity to be able to see how to look at their threats, how to look at their security posture across multiple parts of their infrastructure towards that as a win.
And if I could just add on top of that Nikesh, I think we both feel when we talk to customers about it that they love they love the notion. They love the concept. They love the idea of being able to distill innovation into much more consumable form factors. And, I think more importantly, prospects that we're talking to, we talk about the application framework as a future state for them. And it gives them real sort of strong strong belief that picking Palo Alto Networks as their future provider is the right way to go.
Yep. Thank you.
Thank you. Our next question will come from Matt Hedberg with RBC Capital Markets.
Hey guys, thanks for taking my questions. Congrats on the results as well. You know, the product refresh seems to be moving along nicely. And clearly, Cass, you called out strong growth in SaaS and emerging products. I'm curious though if you could drill down a little bit more on both, on pricing, both within the core firewall and also some of the newer that are seeing quite
a bit of growth as well?
Sure. Yes. Thanks, Matt. We we're definitely very, excited about the opportunity that Refresh presents to us. Obviously, it's an important opportunity for us and we're definitely very focused on capturing that opportunity.
But as we've already discussed, most of the opportunity for us comes from attracting new customers, winning new customers and expanding within our existing base. And, you know, we've seen very consistent pricing, throughout our history, our our deal size tends to remain in the, you know, sort of mid five figures in we're not really seeing a change to that. What we focus primarily on is expanding the lifetime value. And we've seen very nice continued expansion of lifetime value over time with our customers.
That's great. And then, we continue to hear good things from Traps. You called out good growth, good customer addition there. I'm curious though, now that with Secdu in the fold here, how do you look at that antivirus opportunity, adding EDR capabilities And maybe how do you think about the competitive landscape in that market? Thanks.
Yes, thanks. This is Leclared share. So, you know, we're very pleased with the progress of Avid Traps. It was a very prevention focused in how we approach the endpoint security market. There's a lot of opportunity there for us to take advantage of.
With the acquisition of Secdo, it gave us an opportunity to expand that footprint toward EDR. And as we've looked at that and we've made progress on it, our views have course, expanded to thinking about not just what we can do for endpoint data, but what we can do with data collected across the entire platform. And the ability to do that is in large part, enabled by division execution, we're we're doing in the application framework. That brings these different components together, brings the data together in one place enables us to build applications to take advantage of that.
Thank you. We'll move to our next caller, Pierre Ferragu with New Street Research. Please go ahead, sir.
Hey, thanks for taking my question. Nikeshu, you mentioned your objective is to become the best cybersecurity companies of the world, which is, which is very exciting. And I was wondering, can you could you tell us a bit more about that, like, 5 years from now? What does Palo Alto network look like? Is that like a product company selling its own cybersecurity technology and appliances?
And and products are more of an enabler helping how they develop their own products. And then, I'd love to hear your thoughts about what you've seen in the early build up of your developer community. So who is very excited about the opportunity to develop on your platform today, typically. And also I'm really curious to hear whether you meet on the excitement or also some sort of resistance from people who might have to choose between collaborating with you or competing with you?
Hey, thank you for your question. I want to remind you that this is day 90 on the job for me and my cyber security knowledge is only restricted to my ability to read everything in cyber security, media industry players and Constantly Pepper Lee Near and Rajeev and the team with questions. So having said that, that's a good question. Where do we see the company 5 years from now? It's kind of very fascinating.
As I go talking to customers, they're obviously trying to protect things that they can as quickly and easily as they can. And if you think about the bad actors, they're really trying to attack the most vulnerable part of infrastructure, which is the easiest thing they can crack. What's important is they're getting more and more sort of best of breed in terms of user computing, use of data, user technology. And we need to be able to match them and do better than them in terms of our ability to understand data and be able to deploy large amounts of computing gears. So 5 to 10 years from now, I think this is going to become a data game and an AI game and an ML game.
It will be impossible for human beings to be able to protect companies are large enterprise infrastructures because the whole world is going to the cloud and there's tons and tons of data being created every day. So if you believe that, then it's to be able to apply good AI and ML is very important to get by data and garbage in garbage out, put stuff in, you're more likely to get a good outcome. So I think part of what Lee and me and the team we've been working on is to make sure that we've produced good data from the products we have. So a lot of the acquisitions that calls and networks have made have been very strategic their ability to collect the right data. And that allows us to create the version of the logging service the application framework that we're aspiring to create.
So you can expect us to keep trying to put good data into our logging service. Keep trying to encourage both our internal teams and partners to write applications against that logging service. So it's no longer a point solution that endpoint solves for endpoints and firewall solve for firewalls and cloud security solves for cloud security. It's you see a threat once anywhere. You have the ability to figure out what to do with it across all parts of infrastructure.
So that's what we'd like to be is be able to look at threats across any sort of ingress point into infrastructure, any user, and be able to give you a solution that fixes that at the other end. Now over time, you want AI and ML to do this, And it's a journey from getting there from where we are. But given all the products we have in place, all the ingredients we have in place, I'm personally very excited that we have the skillset and the capability and the people and the resources to get there.
Thank you. Our next question will come from Jonathan Ho with William Blair. Please go ahead.
I just wanted to, I guess, start with you, Nikesh, now that you've had some time in seat as the CEO, what do you see, in particular, you mentioned that in cloud you saw maybe some room for improvement, but what do you maybe see as the gaps or the opportunities, just given your time so far?
Look, I think it's fair to say that Palo Alto Networks has grown at an amazing pace. And as you grow at an amazing pace, the things that you could have done better as you were growing. Part of the opportunities collectively as a management team to sit down and say, look, what have we been ignoring? What can we collectively put our efforts behind? Where can we improve our execution and how do we compare with other players in the industry?
What is our strategic vision? Where should we go from here? So I think generally that's what me and the team have been doing for the last 90 days. Team has been very collaborative and open to rethinking certain things. Having said that, as I mentioned, both in my due diligence before I got to Palo Alto Networks, and in my last 90 days, there are no major obstacles to being able to achieve the vision that I laid out.
And we have a collective opportunity as management to continue to hone our execution continue to stay focused. And as I mentioned in my prepared remarks that, one of the best things you've done the last 90 days is sit down with Lee and the product team and say, look, to win in this space, we have to be a product company first, which is how we got here in the first place. So let's make sure that our product teams are aligned towards the opportunities. We are being very honest with ourselves in terms of how do we get scale and how do we win these areas. And we've taken the step towards streamlining our teams and getting more focused.
And now the plan is to put more wood behind those arrows and be able to compete effectively in all those places. So sort of like work as an entrepreneurial empowered team in each of our product areas to go ahead and solve the problem for our customers. At the same time, keep the integrated fabric of our aspiration to have a common set of data coming from all of our products. So we can actually solve the larger problem as we get smarter about applying AI and analysis opportunity.
Got it. And then just as a quick follow-up, what's been the initial, I guess, partner response with the application framework you maybe talk a little bit about what's exciting for them and some of the integrations that you're performing, with those third parties?
Look, I think there's 2 ways to look at it. I think from a customer perspective, there is a resounding sort of, yes, we would love something like that, on a philosophical and principle level, where they'd like to see the data sort of big commingled and be able to work together across our product. Obviously, they'd like to see more data visits hours. And part of that opportunity is to understand what is good data and over time how that gets into the same place. I think from a partner perspective, our partner is the 1st 30 beta partners that we have.
Are happy that they can get access to the data and start building their apps on top of it as opposed to having again to solve point by point with our products on an initialized basis. But I think this is a journey in both ends, both on the partner side and the customer side of getting more and more good stuff to the center. Mark, do you want to add something?
Yes, just with regards to channel partners, Jonathan, I think the value proposition for them is quite compelling. I think most of them tend to focus on 4 or 5 different vendors and apply the training necessary to enable their people to be a trusted advisors for those 5 or 6 to 4 or 5 different companies. We now give them the opportunity to partner, you know, with many, partners, so that we're we're doing the integration work with the application framework and abstracting the complexity out of provisioning that innovation. So it's really compelling proposition for them. Most Most partners that I've talked to are busy looking at how they can build an application themselves, how they can take advantage of the the
We'll take our next caller, Andrew Nowinski with Piper Jaffray. Please go ahead, sir.
Great. Thank you. And congrats on the strong quarter. So as it pertains to expanding within your installed base, we're hearing that enterprises are increasingly leveraging microsegmentation in the networks, creating these separate enclaves of data. Is that one of the drivers of your new appliance growth or your product growth within your installed base?
The this notion of, sort of 0 Trust Architecture is not a new concept. In internal segmentation and micro segmentation. These are all use cases that have been around for actually for many years. And has been something that we've been very strong in for many years as well. And so while the new appliances with higher performance and higher capacity, certainly, are a very good fit for this use case.
It's part of a go to market motion that is not new to us and something we're very good at.
Okay. And then the growth of your SaaS based revenue continues to outpace the rest of your portfolio. Should we expect the 3 year average contract duration to start coming down? Or are those deals also coming in at a 3 year average?
Hi, yes, Cathy. We've seen pretty consistent, contract lengths or durations as I mentioned during my remarks, we haven't really seen, any change in that to speak of. And we've been adding more and more of our revenue base from subscriptions as more and more of our new offerings tend to be in subscription format. And, so we're getting customers commit to us on average for about a 3 year duration, which has been pretty consistent over time.
Thanks, Andy.
Thank you. Our next question will come from Michael Turits with Raymond James. Please go ahead.
Two questions, both somewhat high level and I think both for Lee and Nikesh. First, both of you guys alluded to doing more with data. And specifically around the application framework and the logging service, does this shift what kind of native apps you might build around the app framework and logging services and move you more towards SIM or towards what other types of applications might we be aiming?
Well, hi, Michael. The first application for the application framework actually was magnifier, which does user behavior analytics And that's a very sort of telling example of the kinds of applications that we can build with the right data brought to the right place in a centralized fashion. And, you know, the the the it's basically a way of applying machine learning to a very challenging kind of security capabilities that in the past often was very difficult to use because it was heavily people oriented and shifting that toward machine learning and automation is the kind of example for the applications that we're going to be focused on. Now when you do bring data to a central location, there's obviously a whole bunch of other options that present themselves, whether it has to do with intelligence, analytics, data visualization, automation, etcetera. And, some of those will be things that we will take on ourselves.
And a lot of those would be things that third parties are able to build applications toward.
And my follow-up question has to do with the cloud. And there are lots of different ways to approach cloud. One is thinking what you put in the cloud and then you deliver it from the cloud. So it's that ladder that I'm interested in. And the cash and lead, do you think that there is a need to do more on the GP and the GlobalProtect direction of actually delivering from the cloud because that's an area where we've had less of a presence.
Well, I'll give you my learnings of 90 days and Lee can jump in with more. I think the whole cloud space is a huge opportunity and I think still early because people are just beginning to move their workloads and mass to the cloud and trying to understand what their the internal operating infrastructure looks like. As that becomes to get more robust, they're going to understand the need for having the same features and tools that they've added to their traditional infrastructure. And I think there are a lot of tools which need to be created which don't exist and which are not going to come from your native cloud providers. So they're going to be looking for 3rd party like us or others to provide those capabilities.
I think that's why I said there's an area we could do a lot better in. So we are focusing our speedboats towards that area. And you will hear more from us in upcoming quarters about progress in those areas. But, clearly, as you identified, GlobalProtect is, we believe, is a unique product, which has a lot of use cases and our opportunity and challenges to be able to hone each of those use cases and really go aggressively in those categories. In terms of use case, to try and make sure customers understand the benefit value of that product.
Lee, did you want to add?
Yes. I mean, look, if you think about what it takes to properly secure an enterprise, and particularly mobile users, remote networks, branch offices, etcetera. The, you know, our our view and philosophy is you need to secure all applications, all traffic, all locations, all users with very consistent and sophisticated security capabilities. And We think we're very uniquely positioned with GlobalProtect And Global Cloud Service to be able to do that.
Thank you. Our next question will come from Fatima Boolani with UBS. Please go ahead.
Nikesh, in your prepared remarks, you talked about, giving we sort of a more defined product related leadership So maybe the question is for you Lee, just, you know, what specific areas in terms of a priority sequence you're focusing on within your product organization because you have a lot of irons in the fire. And I'd just like to understand sort of where you're focused on from an R and D perspective. And then a follow-up for Cathy, if I may.
Yes, absolutely. So the just to clarify, what Nikesh said in the prepared remarks, What what I've done within my organization is, create focus across the different product areas. With the, with leaders that have the sort of empowerment, the entrepreneurship, the ability to make decisions quickly and and drive the product strategies and innovation. And that's not me. That's about me creating the structure within the What that then creates for me is the ability to then focus on the areas that we view as being the highest opportunity in the future, cloud application framework, etcetera.
That's really helpful. And Kathy, for you, just that high level, can you give us any sense or a complexion of the product revenue trajectory, as we think about, next year or this year rather. And you know, appreciate that the attached subscriptions are an important part of the story. I just wanted to get a better sense of how you're thinking about that for next year. Thank you.
Yes, absolutely. We saw a really nice product growth this year and, this quarter as well. So we're really pleased with the product trajectory. The new products that we've introduced are being very well accepted in the marketplace, and we're having a lot of success selling those new product offerings. So we're really excited about them in the marketplace.
Obviously, we haven't guided to product revenue in the future. And, all I can really tell you about that is we feel good about our position in the market and we're we've seen and, expect as the continues continued good performance of our products in the
Thank you. We'll move next to Ken Talanian with Evercore ISI. Please go ahead.
As we look into next year, I was wondering if you could rank order the primary drivers of billings growth. And then among those, where do you see the greatest potential for variability?
Sure. In terms of billings growth, I would say the same thing that we've been talking about for some time our primary driver of growth continues to be expansion within our existing customer base. And trying to drive that lifetime value higher. And we've had a lot of success with that, as you know, and that has worked out very well for us and continues to be the primary driver. We're also seeing nice, new customer acquisitions, which is very important for us as well.
And those two movements really dwarfs any other opportunity that we have. We've talked about refresh in the past that's a very important opportunity for us. But when we think about the magnitude and the numbers, it really comes primarily from expansion and then new customer acquisition.
Okay, great. And the cash, as you think about the importance of data going forward, what types of changes to Palo Alto as an organization and from a technological standpoint or needed to really position it for success?
Well, I think part of what, as you saw some of the changes we already made, I talked about, one is, Lee's really focused the team because what we want to understand clearly how each of these product areas could go out and become big for us and win for us. We felt that we needed to put more sort of directed effort of the application framework and Nir himself has decided to jump in. And he's leading the Application Framework team to keep moving them in line with our strategy moving faster. So one is clearly speed. I think secondly, we're giving all those product leaders go to market partners who are basically focused with them to become more entrepreneurial and go faster.
So part of what we're trying to do is that this is an industry which has a lot of vendors, a lot of partners, a lot of players, an industry that's moving really fast. And we're trying to figure out how we can leverage the benefits of being a large player in this space and being a cybersecurity leader. At the same time, not give up the ability to move fast, move quickly, try fail, try again, execute. So we're trying to keep the entrepreneurial spirit and reinvigorated and try and make this a company which actually can balance those 2 things, which is both an opportunity and our challenge going forward.
Thanks very much.
Thank you. Our next question will come from Keith Weiss with Morgan Stanley. Please go ahead.
Excellent. Thank you guys for taking the question and a very nice quarter. Maybe to play devil's advocate, a little bit to see your thoughts on the subject. I mean, do you guys have $4,000,000,000 of cash on the balance sheet now and you took out, sort more of a credit facility. So it definitely seems like you're building up a war chest and you're talking about customers need to consolidate and integrate solutions and buy from fewer vendors, which makes a ton of strategic sense.
And I've heard it from CISOs for quite some time. But it also seems like CECOs say that they want consolidation and they want to buy from fewer vendors, but in reality, they keep buying point product. They keep sort of doing the same thing that they have been doing of buying sort of best re point solutions. What do you think is going to change that in the marketplace? Like, what do you think is going to make consolidation?
The right answer, that you guys could effectively consolidate multiple products and get customers
to actually buy a broader swath
of the products over time.
Look, I'd like to make a very clear point here. You should not hear the word consolidation from us. Will hear the word integration from Palo Alto Networks, but never the word consolidation. And the distinction I make and I've made internally and for you is that Product consolidation means them being able to buy from the same person. We're not interested in that.
We're just in solving the multiple problems for the same ourselves. That actually is a bigger effort. It requires a lot more thinking, a lot more work on our part to make two things work together. That's why you see when we got Secu, it's not like we started selling Secu in addition to selling our firewalls. We basically took the product team inside, we're reintegrating them into our architecture, we're trying to make it work with our stuff so that when the customer comes in, okay, now I can just check another box and get more capability across multiple pieces of infrastructure.
The customer definitely wants that and they will buy it if you can actually prove that they don't have to learn 2 different policy systems, 2 different management planes, two different ways of managing threat vectors. They want the ability to manage across their threat landscape on fewer tools. And they want it to be as good as the other product they could have bought. So they want both. They want best to breed and they also want integration.
So you're right. The reason they're buying point solutions is because somebody comes and tells me this is best of breed to go buy that best of breed. Nobody wants to be caught with a breach saying, oh my god. I bought something that was easier to buy than one that was better. So definitely want best of breed, but they also wanted to work together because they know when they have 140 vendors across their enterprise, they can't seem well at night.
Excellent. That makes a ton of sense. And perhaps a follow-up for Kathy. Product gross margins have been sort of way down by sort of the new product introductions. But this quarter, we saw sequential improvement and it looks like it's starting to turn up a little bit.
How should we think about product gross margins where they are today versus where they've been historically and the ability for them to sort of inch back up towards those historical levels?
Sure. Yeah, you know, we're really comfortable with where our gross margins are right now. We've been operating within a gross margin rate that we've talked about for some time now, 75% to 78%. And what the current gross margins reflect is the fact that we've introduced a lot of new products. And when we introduce new products, they tend to be lower margin.
And we expect those to increase over time. The fact that we're selling a lot of new products, we're very excited about, we would expect that those margins will improve over time, but we're always looking at, a range of margins within the various products that we sell. And obviously, we haven't provided guidance for gross margins into the future, but we're comfortable with where we are now given the fact that we've got so many new products in our mix right now. And we're also continuing to invest, not on the product side, on the services side, in the application framework, and logging service, etcetera, which is also impacting our overall gross margins.
Thanks Keith.
Thank you. We'll move now to Craig Winterlick with Cowen and Company. Please go ahead.
Okay. Thank you very much. I have a follow-up to one of Michael's questions on the Application Framework. And this is probably for Lee. How are you thinking about the timetable of being able to take customer data from physical and virtual firewalls and end point and, you know, bring that into the data lake and and use ML to run correlations against it.
Any color on, you know, where the solution is today from a technical perspective and more importantly, where you think you could be in a year or 2 would be helpful.
Absolutely. Good question. So first of all, we're doing a lot of what you just said. We are taking data from much of the platform into the logging service and being able to learning to that with the magnifier application. And we're very pleased with the progress we've continued to make on that.
And in the prepared remarks, we talked about just last week releasing the production ready APIs that will enable 3rd party applications to be delivered most likely later this month. So that's where we're at and we continue to make a lot of progress. From a future stay perspective, I mean, I think we've painted this vision many times over. We envision collecting more and more data from more and more customers and applying more and more of our own and third party applications against that. And the response that we've seen from customers has been tremendous.
They buy into the vision, they understand how it solves in important problems that they've been facing in very unique ways that others are not able to do.
Terrific. And then just a follow-up for Kathy, if I could, you mentioned that the Q1 will have $10,000,000 to $15,000,000 of expenses from recent M and A. Are you able to give us a sense of approximately how long into fiscal 'nineteen we should expect, you to incur elevated investment levels from Evident and Seq?
Yeah. We're not really providing any guidance beyond Q1 at this point. Okay. Thank you
very much.
Thank you.
Thanks, Craig.
Thank you. We'll now move to Don DeFucci with Jefferies. Please go ahead.
Thank you. My first question, I think it's for Lee. And maybe, maybe, Mark, from a field perspective, we all know that Talo Alto Networks provides a broad platform of security offerings that are more or less integrated. And and the application framework enables the integration data, okay, from this different security solutions and vendors. And but Nikesh noted that customers are really looking for even greater integration.
What about the next level of integration, what's sometimes called orchestration across other vendors established products? That are even complementary to your offerings. Is that something that you can even do or does a truly neutral vendor need to fill that role?
I don't want to get ahead of
this. Here's
all laughing. That's
the reason. Yes, it's an interesting question. When I think about automation, think about it from a number of different ways. And actually I believe that the most valuable automation is the automation that no one even sees. And it's the automation that we're able to do natively within the platform that where things just happen.
And the customers just benefit from it. Now so when you talk when you ask questions about orchestration, it's like, yeah, it's a necessary component but often orchestration is used to make up for a lack of integration. And so Yes, we will enable it. We have partners that do it. They do important things.
But we're going to always be looking to see terms of the unique value that we can provide. How do we more natively automate things in the back end and actually reduce the necessity to have external orchestration.
Okay. Okay. Then it sounds because I do have a second question. Maybe this is a big topic. We talked further on that at some point, Lee.
But my second question is really, I think, for Nikesh and Cathy, we certainly understand your desire to manage the business for the long term. But why does that goal coincide with the discontinuation of annual guidance? Because I mean, you're going to end up you know, having a wide disparity of expectations out there, which, you know, is fine, but I'm not sure that's great.
Yeah. So, look, you know, I really view this as more of a returning to our practice prior to fiscal 17. When we had always provided quarterly revenue and EPS guidance. And in fiscal 2017, we felt the need to provide additional metrics and more longer term guidance, given that we undertook a sales restructuring during that year. But we are beyond that.
We're very comfortable with your ability to model. We're very comfortable with our ability to execute. And, so we feel like returning to that prior practice is appropriate at the
Well, thanks for that vote of confidence, Cathy.
We want you to have the same confidence in us that we have in you.
Thank you. We'll move now to Walter Pritchard with Citi. Please go ahead.
Hi, thanks.
First question on the cloud side, Robin talked about here, but one thing I think is a question out there is, do the public cloud providers enable the 3rd party vendors at this point to really provide the solutions customers need, or do you need more access to APIs and, and, network protocols and so forth? Field insert yourself in the right position and curious your thoughts on that?
Look, I personally had very encouraging discussions with the leaders of all the C Public cloud providers out there over the last 90 days and the CEOs of the company. So clearly, they understand that there's a shared responsibility between the customer and them. They don't want to take the entire onus of security onto themselves. At the same time, to somebody's earlier question, In that case, nobody wants one vendor to provide the solution and most solutions, that customer that deploying our multi cloud or hybrid clouds. Which case, they want a third party to provide that capability.
Yes. We do need some access to certain parts of the APIs, etcetera. We have to figure out the container stuff for them. So the stuff that we need to do, I'll let Lee answer that because that's past my 90 day expectation. Of understanding just ever leaking each other.
Yeah. I mean, there's a there's a lot that they already do and and work closely with engineering to engineering to enable the things that we need to secure our joint in the cloud. Now we're also constantly working with them to expand and further enable that tight integration, which makes it easier for our customer to consume and leverage our security capabilities within these environments.
Got it.
And then just for Cathy, I think on the product side, the thing is a bit of a challenge here is I think your original guidance, you ended up about 17 percentage points ahead of your original product. Guidance for fiscal 2018 and reported results. And I guess we'd love to hear from your perspective. How much of what drove that substantial upside in '18 are sustainable trends you see going forward versus factors that may have been refreshed or one time or forecasting it was challenging. Just trying to understand the, you had such big upside.
I think it's hard for all of us to think about even where product revenue might land next year given that.
Yes, I think that the important thing to know is that the biggest opportunities for us continue to be motion that we have executed on year after year after year. So continuing to expand within our existing base and continuing to attract and win new customers. And that remains the vast driver of our growth. And I would just say perhaps when we look at our product performance, we introduce new products during the last 15 months that have been very well received in the market, which is, you know, allowing us to solve new use cases, win new customers, and definitely, you know, keep, keep nice win rates against our competition. So we, we don't feel like these are one time benefits to our company.
And refresh is certainly an important opportunity, but I've mentioned before the real opportunity comes from continued expansion and winning new customers.
Yes. And well, if I
can just underline that, I mean, Our customers are working with our sales teams and our partners to solve really important business problems for them and that inevitably leads them to buying into our security operating platform notion, which provides consistent security controls wherever they put their data and their applications and infrastructure employees. So I think buying into that, that architecture is a really really big difference between what we do and what everybody else does. And I think that's why we're enjoying such, such tailwinds relative to the market.
You, everyone. That will conclude our question and answer session for today. I would like to turn the conference back over to Mr. Aurora for any additional or closing
Hey, everyone. Thank you very much for joining us for our earnings call. My my maiden earnings call at Palo Alto Networks. In closing, I'd like to thank all the employees the company, our customers and our partners for the amazing work they've done so far. This is really the beginning for us and for me, and I'm excited to see what's in store for us in the future.
Thanks again for your time.
Again, that will conclude today's conference. Thank you all for participating. You may now disconnect.