Good afternoon, and thank you for joining us on today's conference call to discuss Palo Alto Networks' fiscal Q4 fiscal year 2020 financial results. With David Neederman, Vice President of Investor Relations, this call is being broadcast live over the web and can be accessed on the Investors section of our website at investors. Palelsonetworks.com. With me on today's call are Nikesh Arora, our Chairman and Chief Executive Officer Luis de Sozo, our Chief Financial Officer and Lee Klarich, our Chief Product Officer. This afternoon, we issued a press release announcing our results for the fiscal Q4 ended July 31, 2020.
If you would like a copy of the release, you can access it online on our website. We would like to remind you that during the course of this conference call, management will make forward looking statements, including statements regarding the duration and impacts of COVID-nineteen on our business, our customers, enterprise and cybersecurity, industry and global economic conditions, our financial guidance and modeling points for the fiscal Q1 of 2021, our expectations with regard to certain financial results and operating metrics for fiscal year 2021, our competitive position and the demand and market opportunity for our products and subscriptions benefits and timing of new products, features and subscription offerings, including those from our proposed acquisition of the Crypsis Group, ARR and various billing run rates as well as other financial and operating trends. These forward looking statements involve a number of risks and uncertainties, some of which are beyond our control, which could cause actual results to differ materially from those anticipated by these statements. These forward looking statements apply as of today, you should not rely on them as representing our views in the future, and we undertake no obligation to update these statements after this call. For a more detailed description of factors that could cause actual results to differ, please refer to our quarterly report on Form 10 Q filed with the SEC on May 22, 2020 in our earnings release posted a few minutes ago on our website and filed with the SEC on Form 8 ks.
Also, please note that certain financial measures we use on this call are expressed on a non GAAP basis and have been adjusted to exclude certain charges. For historical periods, we have provided reconciliations of these non GAAP financial measures to GAAP financial measures in the supplemental financial information that can be found in the Investors section of our website located at investors. Palisonetworks.com. And finally, once we have completed our formal remarks, we will be posting them to our Investor Relations website under the Quarterly Results section. We'd also like to inform you that we will be virtually participating in the Citi 2020 Global Technology Conference on September 8 and the Deutsche Bank Technology Conference on September 14.
And with that, I will turn the call over to Nikesh.
Thank you, David. Good afternoon, everyone, and thank you for joining us today for our Q4 and full year 2020 results. I hope you enjoyed the video we showed you before our employees made that to celebrate, as all of Networks has responded over the year.
I thought it would be
a fitting start to to everything we're talking about today. As you can probably tell, we're delighted with our results this quarter and extremely thankful for the resilience that the team at Palo Alto Networks has shown in navigating the current environment. I cannot appreciate the efforts enough. I also want to acknowledge the challenges that people are experiencing globally as a result of COVID-nineteen. This is a difficult time and we need to pull our strength and find empathy to get through it.
Before we talk about the quarter, I wanted to go back and remind you of the journey over the last 2 years. 2 years ago, in my first and subsequent earnings calls, I shared my observations about the cybersecurity industry. I talked about the needs for integrated platform, need for setting platform with industry leading solutions. I also talked about the need for us to become more relevant in emerging cloud security and the need to focus on AI, ML and automation. 2 years later, we are well on our way of transforming from a single product category company to a 3 platform company, a company that secures the network with Strata, secures the cloud with Prisma and a platform for AIML applications and automation with Cortex.
We've been building products and acquiring new businesses to make progress towards our vision of providing integrated solutions. We are in early stages of our journey, but excited about the progress we've been able to achieve so far. The focus of our transformation has strengthened our results to double down on the growth areas of cybersecurity and aspire to be the cybersecurity partner of choice. The partner providing integrated comprehensive and industry leading solutions to our customers. We've had several conversations over the last 2 years around our M and A approach.
As you've seen, successful M and A is an integral part of our approach. We've honed a disciplined framework to ensure that the companies require productive investments and that they fit well within our long term strategy. We look for industry leading solutions that prepare us for tomorrow and we focus on integration and retaining key talent, talent that has beat our orgs and build solutions designed for tomorrow. We have been able to unlock value by activating our go to market and customer success machines with incremental technologies to accelerate the acquired businesses. When we analyze the performance of our acquired companies, we see that we are achieving our stated goal of increasing a given target company's internal business plan by 30% to 40% in the 1st 12 months of bringing them into Palo Alto Networks family.
We recently reviewed the M and A history of Palo Alto Networks to our Board and delighted to report that the aggregate annual run rate of all businesses that we have acquired is 4 times what it was pre acquisition. Just as important, we've also been able to retain the key talents that have helped build the acquired companies. Let's look at some of the financial highlights from this quarter, starting with NGS. 2 years ago, these collective offerings made up approximately 8% of our total billings. We closed FY 2020 with $928,000,000 in NGS billings, representing approximately 20% of the total.
Additionally, NGS ARR was approximately $650,000,000 in Q4 2020. 2 years ago, we didn't have products that addressed the automation of cloud security market. Today, we're doing multimillion dollar deals in these areas, creating a strong foundation for our future growth. This is one of my favorite slides. NGS is growing faster than any of the single product new or
public companies in the space.
Let's take a deeper look in the piece parts of NGL. Turning to Cortex. We drove incredible innovation during 2020. We established a new category by transforming EDR to XDR, delivering detection and response across not just endpoints, but also firewalls and cloud assets. In November, we introduced XDR 2.0, which featured a unified management UI, powerful new endpoint features, ingestion of third party data analytics.
XDR is rapidly gaining transaction traction, sorry, and is the fastest growing product with an NGS to win 1,000 customers. We recently added Managed Threat Hunting, Industry's 1st Threat Hunting service, operating across integrated endpoint, network and sub data. Cortex XDR's momentum continues to accelerate, including a 7 tier deal with a major energy company that chose Palo Alto Networks as a key partner in their digital transformation journey. Cortex XDR helped them drive down the complexity of security operations by standardizing independent detection response tools onto one superior platform. Through Cortex XPR, they were able to significantly reduce the number of alerts that we get from triaged and investigated by the security analysts, all while gaining holistic visibility across C and R enterprise.
As security progresses more real time, it becomes more important to manage outcomes and respond rapidly. To aid our customers, we believe it is important to have a team of trained expert professionals to support them. To that end, we announced earlier today our intention to acquire the Fetches Group, Thus, growing Cyber Consulting and it's a responsible company. This acquisition allows us to serve currently new customers across our border owners and our cybersecurity needs. Once the transaction closes, Crippsits will bring strong incident response, forensics and consulting capabilities to our XDR portfolio.
They have served more than 1700 organizations across the healthcare, financial services, retail, e commerce and energy industries. In addition to being able to predict and prevent cyber attacks, Cortex will also now be able to mitigate the impact of any breach that our customers may face, thus strengthening Palo Alto Networks' position as a cybersecurity partner of choice for customers. Let's shift to this team, including the CEO, will join the Cortex results. Let's turn to Cortex FBR, X4. XOR is the industry's 1st extended SOC platform with native threat intelligence management.
XOR more than doubled their customers and billings in the last year, They're one of 2 leading solutions in the market. The most recent launch of the Ekso marketplace, we're opening up the platform to both our partners and customers to enable automation for their security solutions. One of the key wins I'm most proud to highlight for Q4 was an 8 figure Cortex XO deal with the United States Government Agency. Cortex XO was chosen as the cornerstone of our global thought transformation initiative, resulting in a semi positive introduction in their mean time to respond by automating key security processes across the organization. COVID further put Exo's real time collaboration capabilities into focus, allowing the agency to rapidly shift their security operations to an entirely remote model, enabling them to defend the organization without any on-site personnel.
Let's shift gears to Prisma. Prisma Cloud has come a long way this past year. We started with cloud security posture management and expanded our capabilities into cloud workload protection with computer security and serverless security. Prisma Cloud has by now acquired over 1800 customers and boasts 14% of Global 2 1000 list. Our integrated platform approach to cloud security is working.
We signed a 7 figure deal with a Fortune 10 company of using Prisma Cloud for both cloud security posture management and cloud workload protection. Several Prisma Cloud customers are consolidating multiple solutions with our unified cloud security platform. Today, a third of our customers are using both these modules. We will shortly launch new cloud security modules in peer security, Network Security and IAM Security. These modules will allow us to continue to execute on our vision of creating a fully integrated cloud security platform.
SigmaCloud continues to benefit from the overall global shift to cloud computing and customer preference for platforms. We intend to work with our customers to continue to evolve this platform to serve their cloud security needs. Let's talk about Sysma Access. Sysma Access has been through an amazing journey in the last year. Combined with our recent Cloudgenics acquisition, this is the most comprehensive SaaS solution in the market.
SaaS has become a powerful security tool as our customers go through a network transformation and create robust solutions for work from home for the long term. This is showing up in our numbers. The combination of Puma Access and Algenics nearly doubling their customer accounts over the past few years and achieving $90,000,000 in 1,000,000 in 1,000,000 in 1st fiscal quarter. So we're very excited to sign a nearly 8 figure deal with a major healthcare provider Prismax, in the Q1, winning against the competitor by providing clear evidence that our solution provides the most effective security for their needs. Additionally, we saw a very strong conversion of Firdapse ACCESS trials that were launched in response to COVID and work from home.
A notable example is a major enterprise that called us on the 1st Friday of COVID lockdown because their data center lacked sufficient bandwidth for all of their remote employees. By Monday, they had 1,000 users up and running and by Wednesday, they had shipped enough users that pressure for data centers relief. This quickly became their secure work from home solution and they are now looking to extend Prisma access up to all branch offices replacing their existing provider. We have many more similar examples of customers converting from Prisma Access trial and they're delighted to have been able to help companies and their people remain productive during these challenging times. While NGS is an important part of our go forward strategy, we're equally proud of our progress and success of our firewall business.
Recognized as an 8 time Gartner Magic Quadrant leader, we continue to relentlessly innovate to stay ahead of the pack. We continue to believe that firewall capability is essential and needs to evolve to deliver capability across all customer needs. Hence, we've been offering a consistent approach in our hardware, software and now containerized firewalls and also able to deliver them in the cloud through Prisma access. We introduced our new PAN OS 10.0 that features the industry's first machine learning based power next generation firewall with advanced telemetry capabilities, ability to secure containers, simplified decryption and many more groundbreaking features. To truly enable the firewall platform, we have worked on services that work seamlessly as part of our platform.
The launch of IoT security subscription is our most recent example. In the last 18 months, we have doubled our subscription offerings from core to 8, JNS Security, which was launched in Q3 2019, has been our fastest growing subscription with over a 15% crash rate and now over 3,000 customers. Our software next generation firewalls continue to shine. VM Series continues to capture new customers at rapid rate with over 9,000 customers now using VM Series, many of which are consumed through cloud marketplaces. With the introduction of CN Series, we can now apply NextRegan Power capabilities to containerize environments on prem or in the cloud with consistent security and policy.
Turning to the topic of COVID-nineteen and its impact on both the global economy and our business, let me back with you to review our fiscal Q3 results in May, the pandemic was still in early stages. As we speak to our customers, we hear and see a range of impact and feedback. Many companies are becoming more cost and cash conscious. Companies are also adapting to the new environment by accelerating investments in technologies to ensure the more dispersed port is secure. I believe that we are in the very early stages of acceleration that the next several years present significant opportunities for cybersecurity as an industry and follow ups networks in particular.
For our own employees, the second half of our fiscal twenty twenty was indelibly marked by COVID-nineteen. We responded quickly, taking rapid action to ensure the safety of our employees by establishing protocols and tools to work from home. We quickly gathered our early efforts and named it FlexWork, recognizing that we were in the early stages. Today, I'm delighted to announce that we're launching the next phase of Flexwork to help our employees maintain health, well-being and productivity during COVID-nineteen. The Flex Work program includes a broad range of initiatives including Flex Benefits and Flex Learn.
These initiatives will ensure that our people can choose benefits that make positive to their work and family environment and follow personalized learning paths designed to help them do their jobs and manage teams remotely. We plan to give our employees an additional allowance of $1,000 of course, the biggest flexible benefits and over time, we intend to individualize benefits making them an employee choice. Even with all the challenges presented by COVID, the Palo Alto Networks teams have been able to adapt and make gains focus, allowing us to postpone great results. I know we cannot sit on the progress achieved so far, we need to focus on what is ahead. As I mentioned, we are pleased with our progress so far, yet we have a lot of work ahead of us.
The macro environment, while better than we anticipated, is still uncertain. Here's what you can expect from us in 2021. We will continue to invest in our next generation security and security subscriptions, both through organic and inorganic means to continue our transformation journey. We will do so in a financially prudent manner as we have been able to demonstrate. They can expect us to manage our organic operating margin in line with what has achieved this year.
The work from home transition has created a challenge in the industry around hardware and we expect this trend to continue. We have been shifting our customers to software delivered security and we plan to continue to do so. We expect most of our growth to come from software and services. While there are some cost savings due to COVID, we are trying to reinvest those savings towards our employees. We'll be more generous over the coming years to drive this transition to a flexible environment.
In the words Marc said Marc anyhow, we will be responsive to and support all our stakeholders, not Trustmark shareholders, because we believe that is how true value is created in the long term. I want to thank our amazing employees and partners for their contributions. Our success is only possible through our combined efforts. Now, I want to take the opportunity to welcome Luis to Palo Alto Networks. Luis joined us almost 2 months ago from Amazon's AWS division and has been rapidly learning all things cybersecurity.
We're extremely fortunate to have an executive, Luis Siskelever, to lead our CSO organization. With that, I will turn the call over to Luis. Thank you,
Mikael for the warm welcome. When I wasn't here for the 1st 2 years of the transformation, I can clearly see that it is working, and we're only getting started. I'm encouraged by the value that Palo Alto Networks can create going forward, and I look forward meeting you in the upcoming events. Moving on to our results, I'd like to note that except for revenue and billings, our financial figures are non GAAP and growth rates as compared to the prior year period unless stated otherwise. As Nikesh indicated, we had an extremely strong finish to our fiscal year The fiscal Q4 billings of $1,390,000,000 an increase of 30% year over year.
Our next generation security business is performing strongly. With NGS billings of $357,000,000 which grew 86% year over year. Firewall app and platform billings, which includes physical firewalls, VMs, Prisma access and Cygenex grew 19%. In the Q4, we beat our guidance across all guidance metrics. Total revenue grew 18% to $960,400,000 For the fiscal year, we reported total revenue of $2,200,000,000 an 18% increase year over year.
Looking at growth and geography, Q4 revenue in the Americas grew 18%, EMEA grew 20% and APAC grew 16%. Q4 product revenue of $205,600,000 was flat compared to the prior year. Q4 subscription revenue of $389,800,000 increased 33%. Support revenue of $255,000,000 increased 23%. In total, subscriptions and support revenue of $644,800,000 increased 29% and accounted for 68% of total revenue.
Turning to billings. Q4 total billings of $1,390,000,000 net of acquired digital revenue increased 32%, driven by strong execution across the company, work from home tailwinds and continued success in next generation security. The dollar weighted contract duration for new subscriptions in core billings for the quarter remained at approximately 3 years that year over year. We closed 5 additional Palo Alto Networks Financial Services deals, enabling our business by offering greater fixed flexibility to customers. Our fiscal 2020 total billings were $4,300,000,000 up 22% year over year.
Total billings were $1,070,000,000 a decrease of 3% year over year and represent 25% of total billings. Support billings were $1,210,000,000 up 28% and representing 28% of total billings. And subscription support sorry, and subscription billings were $2,020,000,000 an increase of 40% year over year and represented 27% of total billings. Total deferred revenue at the end of Q4 was $3,800,000,000 an increase of 32% year over year. In the Q4, we continued to add new customers at a healthy pace, adding approximately 2,400 new customers in the quarter.
We also continue to increase our share of wallet of existing customers. Our top 25 customers, all of which made a purchase this quarter, spent a minimum of $55,300,000 in lifetime value through the end of fiscal Q4 2020, a 35% increase over the $40,900,000 in comparable prior year period. Q4 gross margin was 74.3%, which was down 220 basis points compared to last year as some of our fastest growing products are still gaining the scale required to have the right cost structure and higher freight costs associated with COVID. We expect these headwinds to continue to fiscal year 2021. Q4 operating margin was 19.8%, a decline of 180 basis points year over year and includes the impact of approximately $14,000,000 of net expense associated with our recent acquisitions.
For the full fiscal year 2020, operating margin was 19.6%, a decrease of 4.40 basis points year over year compared to fiscal year 2019 operating margin of 22% and includes the impact of approximately $22,000,000 of net expense associated with our recent acquisitions. We ended the 4th quarter with 8,000 and 13 employees. On a GAAP basis, for the Q4, net loss increased 2.83% year over year to $58,900,000 or $0.61 per basic and diluted share. For the full fiscal year 2020, GAAP net loss increased 2 26 percent year over year to $267,000,000 or $2.76 per basic and diluted share. Non GAAP net income for the 4th quarter decreased 1 percent year over year to $144,900,000 or $1.48 per diluted share.
For the full fiscal year 2020, non GAAP net income decreased 10% year over year to $484,600,000 or $4.88 per diluted share. Our non GAAP effective tax rate for Q4 was 22%. Turning to cash flow and balance sheet items. We finished July with cash, cash equivalents and investments of $4,200,000,000 This includes net cash of approximately $2,000,000,000 raised to the June 2020 offering of convertible senior notes during 2025. Q4 cash flow from operations of $333,700,000 increased by 44% year over year.
Free cash flow was $301,900,000 up 69% at a margin of 31.8%. Capital expenditure in the quarter was $31,830,000 DSO was 81 days, an increase of 26 days from the prior year period, reflecting strong billings at the end of the quarter that will be collected in 2021. Lastly, in fiscal Q4, we completed a $1,000,000,000 accelerated share repurchase transaction announced in February, where we retired a total of 5,200,000 shares. For the 1st fiscal quarter of 2021, we expect billings to be in the range of $1,030,000,000 to $1,050,000,000 an increase of 15% to 17% year over year. We expect revenue to be in the range of $915,000,000 to $925,000,000 an increase of 19% to 20% year over year.
We expect non cash EPS in the range of $1.32 to 1.35 using 99,000,000 to 101,000,000 shares. We do not expect Crysvisk to have a natural impact in Q1 results. Additionally, I would like to provide some additional modeling points. We expect non GAAP effective tax rate to remain at 22%. CapEx will be approximately $35,000,000 to $40,000,000 Turning to the full fiscal year 2021, I would like to provide a few markers on how we expect to perform.
We expect billings to grow in the mid teens and revenue to grow in the high teens and product revenue flat to slightly down year over year. As Nikesh mentioned, we expect flat organic operating margins as we continue to invest in NGS and our employees during COVID times. ETF is expected to grow in the low to mid teens as we face headwinds from lower interest income. Lastly, we expect our annual free cash flow margin to be consistent with 2020 margins. To note, we expect Q1 free cash flow margin to be higher than the year due to strong Q4 'twenty billings.
With that, I'd like to open the call for questions. David, please poll for questions.
Thanks, Luis. Our first question will come from Saketalia from Barclays and our second question will come from Keith Klies from Morgan Stanley. Okay, great. Hey, guys. Thanks for taking my question here and welcome, Luis.
Look forward to working with you. Nikesh, a lot to talk about on the next gen security side. But maybe just to get it out of the way and touch on the core firewall business, can you just talk about what you saw this quarter in terms of customers' appetite for appliances? And which attached subscriptions perhaps maybe surprised you to the upside?
Thank you very much for your question. Look, as we've been talking about the macro environment for a while now, and a lot of customers are not in their offices. When customers are not in their offices, it's very hard for hardware to be delivered for POCs to happen. So we are calling that hardware is going to continue to be a tough business in the next 12 months. We saw appetite from existing customers who are expanding their state, are getting more firewalls, they're committing more capacity.
You don't see as much new firewall business out there or new hardware business out there. So we have to be very careful and cautious on it, but we are seeing that being supplemented by a lot more software based solutions. So you saw the success and strengthened Prisma Access. You saw the success in our VMs. We are seeing people step up and solve that problem using our software solutions more and more In a case where they need more capacity, so more VPNs or more remote users, they are expanding capacity with firewalls or they are going through a cycle where some firewalls are getting end of life, they are doing a refresh in those cases.
But in terms of subscriptions, I have to say that as I highlighted DNS, which we launched in Q3 2019, has hit its 3,000 customers mark. We are in the process of allowing subscription capability in the future on our software power format. So you will see us continue to drive the subscription thing. It's early for IoT, but we have a lot of expectation of IoT because we believe that's an important need from the enterprise perspective. So we have launched V1 with our most recent ML powered firewall and we hope to be able to add more enhancements to IoT and mix effect of that as well.
This is harder, I can see myself. I'm not used to doing this on an earnings call.
Great. Our next question comes from Keith from Morgan Stanley. Excellent. Thank you guys for taking the question. And a very nice quarter, really impressive overall billings as well as those next gen security billings really sustaining us a ton of momentum.
I wanted to take on to this next question and better understand when we think about the kind of the overall firewall platform billings growing 19%, it's a very impressive number. Is there a substitution effect going on? And is there any way that you could quantify that in terms of people taking Prisma Cloud versus teaching firewalls and maybe some substitution of dollars going from one side of the equation to the other versus cost revenues?
Yes, I think thank you for the question. Yes, there is substitution going on. If you look at the example I highlighted in the call, where one of our customers was running out of capacity in their data center to be able to do remote secure access and we went and deployed Prisma Access. We got 1,000 people live in over the weekend. They got more people live by the end of next the following week and now they're going to go put Prisma Access across the entire state across all their offices.
That would have been a box sale. 2 years ago, that would have been more boxes in data center running ATMs. So there is clear substitution going on. Prisma access is distributing hardware. Now I like it because, A, it's a software factor, which means we can update and upgrade that software on a more regular basis in hardware and the customer has to be updates and upgrades, which is where the security system is.
So for us, having software contractors out there is a long term amazing tool cost of ownership benefit, not just for us, but our customers allow us to keep updating security as we go on. So yes, the substitution is happening. It's happening from the hardware format to the software format as in the tapes of Prisma Access or take the case when customers say, as we at Palo Alto Networks, we have significantly shrunk our data center capacity. We basically shifted all of our own compute to Google Cloud or to AWS. And when that happens, we're not deploying more hardware in our data centers, we're actually buying more cloud from the public cloud providers.
And to protect ourselves in those situations, putting our VM Series firewalls or our CNC firewalls in the future against our cloud instance. And that's again, because we're moving to the cloud, we're substituting our own hardware purchases and our own hardware deployment with what is a containerized or a VM firewall. So in those cases, you're seeing the substitution happen. That's why you've been talking about this firewall as a platform number for the last year and a half saying, look, pay attention to that number because when these substitutions happen, some vendors, some partners or some industry players have some of those solutions, not all of them. And the virtue of us having all 3 form factors, whether a cloud based firewall or a firewall that can operate in the hardware form factor onto Prisma Access or against the public cloud instance.
That allows us consistency and allows us to pitch the right power over the right situation.
Okay. That's very helpful. Thank you. Our next question will come from Phil Winslow from Wells Fargo. Then we'll have Walt Pritchard from Citigroup.
Hey, congrats on a strong quarter. I wanted to
focus in on just the
go to market efforts. Wondering if you could give us an update heading into this fiscal year, how you feel about sales productivity, sales capacity and also just the incentive structure and anything that you're changing this year, any priority focuses for fiscal 2021?
We're going to make sure that we don't do what we did 2 years ago, if that's your question. It's I don't want to use the word unprecedented because I think it's being used too often. But launching it right now, we're going through our sales kickoff as we've gone from a 3 day event, which used to be typical last year in Vegas, and I'm not missing Vegas, but it's turned into a 6 week learning journey and we're instrumented everything online, where people have to go through the learning process and they're going to upload their video pitches up into a platform and each of them are going to read each other and critique each other. So we are all learning with the times in terms of how to go sort of initialize the sales force in new fiscal year. And I think our teams are doing a really good job of making that happen.
So from that perspective, I am not concerned about our ability to go out there and create the opportunities from our sales teams. I think the real question going into next year is how do we continue to maintain the momentum. And as I've said, we intend to keep investing in our transformation that we've done so far with next generation security. We're all very pleased. If you'd asked me at the Analyst Day 2 years ago, what did a year ago, what do I think were the biggest risk cost?
Our biggest risk cost can we get to $805,000,000 of billings connection to security because they're all sort of somewhat fledgling businesses we bought, we were going to integrate them, we're going to go into new customers that this is the right way to go by cybersecurity. And $928,000,000 of billings, to us, was a welcome surprise for us in a good way. Our teams love the product. Our customers are loving the product. So we're just going to try and keep that momentum going, going into next year.
All of our sales tweaks or commission tweaks, the go to market tweaks that we make are going to be aligned towards meeting the objectives that we set out to ourselves. So hoping not to make any major shifts yet keep doing and investing the direction that the teams have shown to us.
Great. Thanks, Nikesh. And should we expect Nir to drop an electronic flute album this coming fiscal year?
That video was sent to me by an employee 2 days ago, and it was just very sort of amazing that they put it together, the entire team to show. And I don't even know where or when Nir was caught playing the electric Right. It's just us.
Can we go to Walt from Sidguru, please?
Hi, thanks. Yes, I'm here. So, just a question on margins. I guess, you took on pretty significant margin dilution in fiscal 2020. Could you help us understand the puts and takes around margins as we head into 2021?
And especially you've seen that revenue on those acquisitions, it sounds like ramp quite a bit and take care of some of that dilution.
Can you help us understand where
the incremental investments are going relative to keeping those margins flat?
Yes. Well, I think if you think about the success in NGS, what we did was we deployed a speedboat model, which was we created a dedicated sales team that was helping us sell Cisco Cloud and helping us sell Cortex and Cortex 4. And now what we're doing is we're trying to keep that momentum. We saw that we grew that number 105%, and that requires us to make sure we continue to invest in a sales team that can actually go compete with some of the other players in the market and go into hand to hand combat for some of the larger deals. What we've also done is we've deploying that capability across our entire core sales, seeing what they're able to take the products and not with it.
So we track very carefully how people are spending time and how much of our new products we're able to sell. So we're glad that the proportion of our sales teams that are able to sell next generation security continues to rise, which is a good thing. But we continue to hope to make investments in that direction. The other part, which Louise alluded to, is that as we see ramp up in next generation security, because there's a significant amount of deployment expense and consulting expense, which is a one time expense that happens early in the life cycle of us deploying these products, you see that we have some compression in the 1st year of the margin, both on the gross margin, the operating margin, both sides when we deploy the services. So it's really you're seeing the margin impact of the significant ramp up of our growth in manufacturing and security.
Luis, do you want
to add something? No, I think you covered it well, Nikesh, nothing to add.
Okay. Thank you. Great. Our next question will come from Fatima Gulani from UBS. Following Fatima will have Sterling Auty from JPMorgan.
Great. Good afternoon, everyone. Thanks for taking my Either for Nikesh or Louise, nice to meet you. I wanted to drill into your fiscal 2021 outlook, appreciate the high level trajectory of the key metrics in the business. But if I triangulate between a near triple digit growth in your MGS portfolio, which is now a 5th of the mix, if I think about the software business contribution accelerating and even substituting for hardware, I'm wondering, just maybe underpinning some of your conservatism on a mid teens outlook, would love to get some of your question and your thought process behind that outlook relative to the 32% you did this quarter.
Yes. Thank you for the information. Nice to meet you. I think there are we should take into account 2 factors. 1 is the strong performance of Palo Alto Networks, right?
So we're performing very strongly and you'll see that in our Q4 results and you see that in our guidance in Q1. But we there is still a lot of uncertainty out there and we want to be prudent as we give guidance for the year or as we set a framework for the full year. So we just want to be prudent as we think about it, just given the uncertainty.
Great. Our next question comes from Sterling Auty from JPMorgan. Yes, thanks. Hi, guys. So I want to drill into the acquisition of Crypsis.
So we're watching FireEye actually separate their product business from their services business. And I just want to make sure, is there an intention with this acquisition to have the incident response actually drive follow through purchasing of product? Is that what you're looking to accomplish with it? Or is it a different strategy in terms of the acquisition?
Sterling, that's a great question, and I would not comment on FireEye. But we have noticed when it comes to XDR, the customers are both excited about having a managed capability around it, as well as we've noticed that in the case of incidence response, typically, if you have a good set of products and those products help you protect in that or help you diagnose during that incident. So customers are reasonably keen on deploying those products on a larger scale. We've experienced that with XDR even without having incident response team. We've been called in by many of our large customers in certain cases where we've gone on a sort of on a partnership basis, gone and helped them in the case of an incident or in the case of a breach.
And almost all times invariably, the customers have actually embraced XDR and deployed it in large numbers. So we've noticed that and we believe that if we had a team that was being of canvas to pass to come in and do help in this case, which has done 1700 such responses from an incident perspective. We think the upsell and cross sell possibility for SDR, if it's the right product in that instance, is huge. So we think this will significantly allow us to amplify our success in XDR in the future.
Understood. Thank you. Our next question will come from Catharine Trebnick from Colliers. Then we'll have Patrick Colville from Deutsche Bank.
All right. Nice quarter, gentlemen, and thank you for taking my question. During the quarter several of the IT executives I spoke to talked a lot about Microsoft and their native firewall. If you will drill down for us on their capabilities versus theirs and where you think they are in achieving growth through their native firewall? Thank you.
Thank you for asking the question. And I was hoping that there'd be a question where I can point to Lee because he's wearing his nice clean shirt today.
Good question, Catherine. What we have seen relative to the cloud providers is they it's very important to them to have a set of security capabilities that helps remove certain obstacles for getting customers to consume more and more cloud, but not necessarily going to the level of true enterprise class. And I think that's the underpinning of our success with TM series, just recently released CN series, personal cloud as well. We're really focused on bringing the enterprise class capabilities that our customers expect in a much more tightly integrated fashion and being able to then take those capabilities and go multi cloud as well as hypercloud. And so one of the key differences in our approach is our ability to support our larger customers as they have multi cloud strategies, whereas cloud providers themselves almost by definition going to be single cloud in their solutions.
Great. Now, we'll have Patrick Coldwell from Deutsche Bank. Thank you for taking my question and congrats on the great quarter. Can we just talk about the product fiscal 'twenty one color you gave, appreciate the world is changing. We're going to more software driven world, more or less hardware.
The guidance you gave is suggestive of kind of market share bleed to Fortinet and Checkpoint. And so any thoughts around, does that matter? Are you guys now more focused on the kind of software components? Just help us, get your thinking around the hardware side and what used to be the core business.
Yes. I think, Patrick, thank you for the question. I don't get to the same conclusion. So the way we think about the firewall platform, as you see, we consider a situation where we sell Prisma Access to have been a hardware situation. And if you sold Prisma Access with CloudGenics, an SD WAN solution, we think that's a like for like deal where we're not losing market share.
And the reason we've been talking about firewall as a platform for last year and a half or so is, when we look at market share from the firewall perspective and say, am I selling more firewalling capability than the industry growth rate? I think the industry growth of firewalls is in the low single digit range. And if we can deliver firewalls platform growth rates in the high teens, that's a good outcome for us. So we grew firewalls platform 19% industry focused and we continue to share. I took share with Software, which I think is long term much better outcome for us because it allows us to believe our customers in a better situation.
And also, it's not a hardware dependent business where there's more risk. So we don't see them get to the same conclusion on loss of market share. As long as I'm growing firewall as a platform in the ranges that we have, I think we're taking share. You may be shifting share to the earlier question from hardware to software, but you don't have any intention of losing any share to anybody in the market. And hopefully, we intend to gain share in the market.
And I think let's look at it more holistically across what Dscaler is doing, what Check Point is doing, what Microsoft Firewalls are doing, what our firewalls are doing. And look at that as a small firewall market, you want to be growing that, but share that pie. And even the current environment, as I said, it's very hard to go deploy hardware or sell hardware customers because many of them are not there in the office to make delivery and do a proof of comfort even. So we're delighted that we have software compact to be able to call them in this environment and deploy them remotely because that's what the customers are looking for right now.
Thanks for the color. Our next question comes from Rob Owens from Piper Sandler. And we'll have Brian Essex from Goldman Sachs. Hi. Thanks for taking my question.
Wanted to drill down a little bit more into Prisma Cloud and some of the newer offerings that you guys discussed relative to data security, network security, IAM, are those products going to be from Palo Alto exclusively? Would you expect you to partner with some of the other vendors in the markets? And any incremental color in terms of timing and functionality would be appreciated. Thanks.
So I'm going to give you a perspective and I'm going to ask Lee to jump in and talk about the market. But one of the points of view we have taken as we deploy our next generation of products, whether it's cloud security or Cortex, we have tried to make sure that we give the customers the best of breed integrated solutions for cloud security. So when we bought RedLock, we bought Twistlock and PureSec and Alpharetto, we make sure they're integrated into one platform. The way we felt that is we go to our customers and say, our customers buy credit to use our products. So we keep introducing these new modules within our product.
And as the customers experience our product, they start exploring these new modules and start using them, which keeps decrementing credit. So we're trying to create scale from a go to market perspective and provide them the best capabilities. But towards that end, the 1800 customers we have for Prisma Cloud, these customers are in on prem cloud versions, they will have the opportunity of experiencing every one of our modules without having to come out and buy it from us. They will already have it as part of the product. And if they choose to use it, they will decrement their credits back.
So that's our strategy. And towards that end, we believe that the true benefit for the security solution of the customer as well as for us economically is if we don't have to go do sort of a sales role every time that we are launching a new module because we believe cloud security is not fully developed as a platform. So we will have 7 modules sometime later today, and I'll let Lee talk about the future of technology and capabilities.
Yes. So one of the very strong points of feedback we're hearing from our customers with Prisma Cloud is our ability to give them both breadth of capability as well as depth in those capabilities is really resonating. They like the strategy of an integrated platform delivering an increasingly comprehensive set of cloud security capabilities that they need. So with that in mind, these 3 new modules that will be coming out, which we expect this fiscal quarter are really exciting. The first one is data security.
So this is effectively applying both DLP as well as malware scanning to cloud storage. Cloud storage, basically data breaches is one of the big challenges a lot of customers deal with. And this module will aim to address and fix that. 2nd is a module focused on web application and API security. So this will play in the sort of the WAF and RASP market categories and fully integrated leveraging the exact same agents that our customers have already deployed when using SDG Container and Serverless Security.
And then IAM Security, which is focused on the cloud credentials that customers have and a really big challenge around over provisioning and provisioning of those credentials. And so this will give visibility as well as security around how to lock those down with the right security policy. And then tying this back to what Akash said, as these new modules are available,
our Prisma Cloud customers will simply
be able to start using them and decrementing the capacity of already purchased from us, making the turning on and using these new modules super simple.
Thanks.
Next question is from Brian Essex with Goldman Sachs. Great. Thank you. Thank you for taking the question. Hey, I just had a quick question on OS X and saw that you released it a few weeks ago and was wondering how meaningful that cycle should be relative to other releases?
Is that something that customers are going to get automatically with their subscription? And how might we expect this to be rolled out throughout your installed base? Thank you. Obviously, super excited about the release and all of the capabilities, the ML powered next gen firewall, really just infusing machine learning into the core of the product. I'd say, to begin with, any of our customers who have a hardware device or software form factor are able to use it.
However, they need to be on some of the newer hardware platforms. So this will, in some customers who are still on older generation of hardware, actually want to upgrade in order to get these capabilities. 2nd, this is the release that will unlock some of the newer subscriptions we talked about, including IoT Security. And so there will be added incentive for customers to get to 10.0 in order to take advantage of these subscriptions.
Great. Thank you very much.
Our next question will come from Brent Thill from Jefferies. Following Brent, we'll have Jonathan Ho from William Blair. Nikesh, over the last year, you're now approximating well north of $800,000,000 in M and A. And we appreciate the payback that you gave us, but kind of maybe give us a sense, do you expect that pace to continue? Or do you feel like you need to digest what you have now and you have the court uses to achieve what you'd like to go forward at this point?
Brent, as we highlighted in the prepared remarks, we have followed a very disciplined approach. When you look at we're constantly looking at new cybersecurity capabilities in the industry. As you know that as soon as, let's call, an antidote is found towards a cyber breach tactic, hackers start working the next way to try and figure out how to hack the customers. So we have to be constantly on the lookout. And we've taken a very, very proactive point of view that we don't want our customers to go integrate these solutions themselves, which is what causes the chaos in cybersecurity.
We've stepped up and said we're going to become more and more comprehensive player in areas where we believe we can add value. So we're not going to we don't see value in putting off the old red oceans where there's enough players in the market and we're not trying to create a place to get everything. We're trying to get to a place where the product that we deliver or the platform we deliver has all comprehensive capability. And as I said, cloud security is not fully evolved because we are all moving to the cloud and discovering across the entire process and our customers are trying to integrate some solutions. That's why we've chosen to acquire some companies but also build these next few modules that Lee highlighted internally organically because we believe the cost of integration will be higher than doing the organic software.
So we're constantly on the lookout to make sure that we are solving the problem for customer. We will continue to stay on the lookout front and what we're trying to highlight is that we're not we're very thoughtful when we do M and A. We look at it both from an economic and product perspective. And so far, our track record has shown that we are able to significantly accelerate the capabilities once we acquire these companies both from a go to market perspective, product perspective, and we're going to continue looking at the market on that lens.
Jonathan Ho, William Blair. Great. Just with Strata, can you talk a little bit
about whether
where you're seeing the fastest
growth in terms of that product set?
Could digital transformation maybe create a different wave of security investment around the CN Series and some of the other products in Chatter? Hi, Jonathan. So to your first question, where we're seeing the fastest growth, I mean, I think obviously, as you've seen, we're seeing great growth across the platform. Start with Powerwall as a platform and inclusive of Prisma Access and the newly integrated CloudGenics, Prisma Cloud. Certainly, with the recent acceleration of the shift to cloud, Prisma Cloud has been a fantastic cloud security platform hub available for our customers to help them in that shift, and Cortex is really gaining traction both around XR and XDR.
Great. Our next question comes from Brad Zelnick, Credit Suisse. And this will be our final question. Thanks so much for fitting me in and congratulations on the momentum into Q4, very impressive. I've got an easy one for you guys.
I just wanted to ask about the spike in DSOs. So it's completely natural to understand why this quarter you would see monthly July being so heavily back end weighted. But if you were to normalize and assume a more normal linearity to this Q4, how much of this is because of extending payment terms, if at all? And what are you seeing with customers and their need to spread out payments? Thank you.
Yes. That's an easy question, as you said. No, we do not expect any structural changes. We do expect to get back to a normal level in Q1. We would just this is how our billings came in Q4, but we don't expect this to be an issue going forward.
That concludes the Q and A portion of our call. Thank you for all your questions. I'll turn it back to Nikesh for closing remarks.
Thank you again everyone for joining us today. Parcel Networks remains committed to helping our employees, partners and customers navigate the challenges posed by the global pandemic in every way we can. We strive to empathize with those suffering from the worst impacts and when help in our communities and networks where possible. I'm encouraged by the positive attitudes and teamwork I see on this call from our committed employees and this helps fuel our drive to continue our mission of making each day safer and more secure than ever before. We look forward to connecting virtually with all of you at one of the many upcoming investor conferences.
Keep safe and stay healthy. Thank you again for joining our call. Have a great evening.