Allot Ltd (ALLT) 2021 Q1 法說會逐字稿

Hello, everyone, and welcome to the Allot Investor Day 2021. It's a big day for us. Today, we're going to share a lot about our company and where we're headed, and we're very excited about the future.

I'm Barry Spielman, Director of Product marketing for cybersecurity. And you're going to hear quite a bit about cybersecurity over the next couple of hours and how it's becoming a central pillar in the company's growth strategy. In that context, this virtual Investor Day and the information we will be sharing marks an important milestone on Allot's journey, and we're thrilled to have you with us for the ride.

Today, I'm joined by Allot's senior management, our Chief Executive Officer, Erez Antebi; our Senior Vice President for Cybersecurity and Head of the Cybersecurity Business Unit, Dr. Yael Villa; and Allot's Chief Financial Officer, Ziv Leitman. And before we begin our presentations, I'd like to remind everyone of our safe harbor disclaimer.

Certain statements in today's presentation and responses to various questions may constitute forward-looking statements that represent our outlook and current expectations. We caution you that other additional factors not anticipated by management may cause actual results to differ materially from those projected in these forward-looking statements. We recommend that you refer to the risk factors contained in our most recent annual report on Form 20-F and subsequent filings with the U.S. Securities and Exchange Commission.

In addition, on this call, we will make reference to certain non-GAAP financial measures, including non-GAAP gross profit and non-GAAP net income. The reconciliation of these non-GAAP measures to the most directly comparable GAAP measures can be found in the Appendix to the investor presentation and in the company's first quarter 2021 earnings release, which is posted on the company's Investor Relations website.

I want to point out that a recording of today's session will be available on the Investors section of the Allot website as well. Now to get things rolling, I'd like to kick off the day with a short video clip about Allot cybersecurity business. Setting the stage for today's sessions, which will demonstrate to you, we believe, while Allot is literally revolutionizing consumer cybersecurity.

(presentation)

Before I turn over the microphone, I want to quickly go through the agenda and what we have planned for you today. We will start with a briefing by our CEO, Erez Antebi, who will show you how Allot is revolutionizing consumer cybersecurity. He will describe the huge business opportunity for both CSPs and for Allot. We will then share with you a discussion our CEO recently had with Marc Rouanne, Executive Vice President and Chief Network Officer at DISH. Allot recently signed a deal with this to provide end to end-user plane protection against DDos and botnet attacks on this cloud-native open round based 5G network as well as to provide cybersecurity threat protection for DISH consumer, MVNO and SMB customers.

We will then move on to Dr. Yael Villa, our SVP for Cybersecurity, will give an overview on the technology that makes it all happen. Following Yael's presentation, we will share a couple of additional short testimonials from our customers, who will discuss how Allot solutions help them achieve significant growth. And finally, Ziv Leitman, our CFO, will discuss Allot's revenue sharing business model. We will have plenty of time to answer your questions during the Q&A session. If you have any questions, feel free to send them via the questions tab on the platform at any time. And we will answer them during the Q&A.

Okay. I think we're ready to get started. I'm pleased to hand it over to our CEO, Erez Antebi. Erez?

Thank you, Barry. Good day, everyone. Welcome to a lot Investor Day. Thank you very much for joining us. I want to talk today about Allot and how we are revolutionizing consumer cybersecurity. So Allot, in general, as a company, we are a software company, and we are selling software to communication service providers or CSPs globally. We have hundreds of customers, operators around the world. Many of them are tier 1 operators. Allot has been growing nicely. We've been growing with a CAGR of 18% during the last few years. And last year, $23 million out of our $136 million of revenue were cybersecurity revenues.

We have a strong management team with proven experience in the areas of both service providers and cybersecurity. Later today, you will hear from Ziv Leitman, who is our CFO; and from Yael Villa, who is our Senior Vice President for Cybersecurity. The technology that Allot uses the heritage of the company, if you will, is extremely mature. Our technology is deployed with operators around the world. Was Vodafone in Europe, Telefónica in both Europe and Latin America, with Rakuten in Japan, with GEO in India, Optus in Australia and many, many others. We have, as a company, we have a telco grade software. This is different than enterprise software. This technology heritage coming from the telco world is an extremely significant barrier to entry for many competitors from around the enterprise software world. If -- because we come from the telco world, our software is capable of handling extremely high throughputs, multi-tenancy having millions of customers that can each have different profiles, different logics, joining the service, coming off of the service, that was extremely high quality.

We operate in 5G networks. We operate in a cloud-native environment, and we're based to a large degree on AI technology. As we will see later today and during this presentation and in the presentation from Yael, this is an extremely important factor. When we look at the Allot Secure platform, which is our cybersecurity platform, that too is deployed worldwide with many customers. Many Tier 1 and Tier 2 operators, both in Europe, Latin America, United States, Asia, customers like Vodafone, Atchison, Telefónica, Rakuten and many others. More than 20 million subscribers globally are protected by Allot Secure. Tier 1 operators really do trust us.

We believe today there is a big challenge in protecting the consumer and small business environment. Most cybersecurity companies today focus on protecting large enterprises. They built their technology and solutions with the enterprises in mind. We are taking a look at consumers and small businesses, really the small businesses. The guys without an IT department. If you like, the small lawyers office or the restaurant, they are small businesses that don't have an extensive IT knowledge. We're looking at families. Really, each and every one of us. As an individual at home with our family with our kids. Who is responsible to protect us as individuals as a family from the threats on the Internet.

Well, the answer is surprisingly that we are individually, each and every one of us. And as you will see here, this is a very, very big challenge. We when we look at the threats on the Internet, we are seeing that threats that are attacking consumers and small businesses are growing, and actually, they're growing exponentially. Look at these graphs, I'll start from the right-hand side graph. The number of new malware apps that are detected worldwide is growing dramatically year-over-year, and it's expected to continue to grow at these rates. If you look at the left-hand side graph, this is a graph showing some of the results of what we and Allot are catching and protecting consumers against in Europe. You can see that both the adware and fishing attacks are growing very significantly. Why is this happening? First of all, because, unfortunately, Cybercrime is a business and it's a growing business. But not only that. What's happening these days is all accelerating that. The border between office and work has blurred. We work from our home. We will work using our broadband connection at home. We are using our own device -- our personal devices to do our work. COVID is accelerating this change. People are looking, for example, for information. It's very easy to send somebody a message and tell them, just click on this, I'll give you information on what's happening with COVID in your neighborhood, and you click on it or somebody clicks on it and boom that's a fishing attempt.

This is happening today, and it's accelerating. 5G networks will accelerate it even further because of 5G networks, they come with much, much higher bandwidth, and many, many more unprotected IoT devices. So the attack surface is growing. So overall, when we look at the threat on consumers and small businesses, that threat on the Internet is growing and it's growing worldwide. So what is really the solution today? How are we expected to protect ourselves from this? Well, the answer is that what we're expected to do is to go online, choose some security app. Pay for it, download it, then start installing it on all our devices, on our phones, on our computers, on our smart TV, figure out a way to install some app on our IoT devices. Install it also on our kids' devices and so on. It's a big task.

At the end of the day, customers don't want to do this. They don't download these apps. They don't -- either because they are maybe a bit technically shy of deciding which app it is. Maybe they are not up to the big task of doing this repetitively on many different devices. But at the end of the day, when we talk to operators worldwide, we asked, okay, how many customers actually download security apps the answer is that less than 5% typically do it. And if they do reach 5% that download it, it's considered a huge, huge number. So what we're seeing really is that while consumers are expected to be their own CCLs and ProTect themselves, consumers and small businesses cannot be their own CSOS. Somebody else needs to protect them. Now operators today worldwide are reselling endpoint apps, but they are doing this with very limited success. So if consumers and small businesses cannot be their own CECL, someone else can be and someone else should be. And that's where I believe the opportunity lies.

This is a big opportunity. It's an opportunity really to change they way families, communities, small businesses are being protected from the threats on the Internet. We ask consumers and businesses if they are aware of the threats. And the answer is that overwhelmingly, they are. Look at the numbers. In Galafold, we see that 72% of U.S. consumers do worry about personal or financial data being hacked, 66% of U.S. consumers worry about being a victim of identity theft. So there is definitely awareness from consumers and businesses that they are under attack. Who do consumers think that you provide them this service? The answer is that they think overwhelmingly, 90% of consumers pulled think that the operator, the communication service provider should be the one providing them a security solution.

Why is it the operator? Because what we basically ask the operator to do is don't just deliver us a transparent pipe that brings all the threats from the Internet to us and then expect us to clean it up ourselves, provide us a clean pipe, filter out all this bad stuff, the malware, the threats, filter it out in the network before you bring us the Internet access itself, the data that we're actually looking for. So there is a clear expectation from consumers and businesses that the operator will be the one delivering the security for the connection. Our customer is willing to pay for it. Well, we polled customers around the world. We're showing here the results for our polling in the U.S. market. And we asked them. Are you willing to pay for it to be protected? And how much are you willing to pay for it? And the answer is that roughly 2 out of 3 customers are willing to pay for it a significant amount. They're willing to pay either $3 or more per month for security on the mobile phone, and they're willing to pay $6 or more per month for security on their home broadband connection.

These are extremely interesting numbers. So we can see that right now, threats are growing. Current solutions of downloading apps do not work, people are aware, they're willing to pay, and they expect the operator to deliver a clean pipe. Are the operators at all position to provide these security services? Well, it turns out that they're extremely well positioned to do this. Because the communication service provider is the sole provider of access to the network. Anytime we access the Internet, no matter by which device, how we do it. There's a communication service provider and operator that's providing us that connection. As a result of that, that means that the operator sees all the traffic, and therefore, the operator is capable of blocking all these attacks and threats before they reach us. And not only that, but we all interact with the operator and the operator interacts with us with multiple touch points.

They're a trusted brand. They have a billing relationship with us or us with them. We have frequent interactions with them, whether we change the plan or we decide to buy something else or we decide to buy another phone or whatever. So this is some one that we know, that we trust and can really provide us a security service. So it turns out that they're really extremely well positioned to do this for us.

Now is it worth their while? They're expected to do it, they can, should they, turns out that cybersecurity can really be the next big thing for operators around the world. Today, when you look at operators worldwide, they are being relegated really to a dump pipe. Their revenues are stagnated at best. In many cases, the revenues of operators are declining. And they're fighting for any kind of differentiation, any kind of new service that will add to their revenues. Security can be exactly that next big thing. But it's not only the revenues. Really, it's 3 different values: First one, I would say, is brand recognition. Brand recognition means that the operator is transitioning from being a broadband provider to being a secure broadband provider. This is better. It's providing something to the customer that the customers actually want. Not only that, it brings new revenues. And we saw that customers are willing to pay for it. So this is new revenues for the operator.

And not only that, we'll talk about it a bit later, there is an increased customer loyalty. Customers who are signing up for security services from the operator are less susceptible to churn and increased loyalty, and it shows with Net Promoter Scores becoming much higher. Now to add the cherry to the cake, FANG, Facebook, Amazon, Google and so on cannot do this. While they are taking away a lot of the operators perceived value and relegating them to a dump pipe, they cannot take away securing the access. Because the operator is the only one who owns the access and the operator is the only one who sees all the traffic.

Once a communication service provider launches this service, they will become their customers' heroes. We are told this by operators who launched the service that the Net Promoter Score of the customers signing up for this is significantly higher and that customers really, really value what the operators are doing for them. In this ecosystem, Allot, our vision is to be the technology company that will enable this revolution to happen. Changing the way we protect consumers and small businesses, taking the ones from protecting ourselves from each and every one of us, placing it on the operator, allowing the operator to provide that protection to us as individuals, provide that to us as a service from the network. This is something that we believe in Allot that will not only happen, but we will be the technology company that will enable this to happen. We will provide the technology that enables the communication service provider to become a secure broadband connector instead of just a broadband provider and really protect the family and the small business.

How do we do this? To do this, we have developed what we call the Allot Secure solution. The Allot Secure solution is a solution intended at protecting consumers and businesses from the network, meaning, the protection is done at the network level itself without the need for the end user to download anything. You don't need to download an app, you don't need to configure anything. You don't need to do anything. It's all in the network itself. That's owned by the operator. And our vision is to protect families and businesses against many, many different threats against on all their devices wherever we are in our home, in our car, visiting friends.

It's to protect all members of the family, parents, kids, whomever. We need to see the family and the business not just as a collection of devices. Now protections vary, right? There are differences between how we protect ourselves and how we protect our kids. For example, we want to prevent our kids from accessing harmful content that we may wish to have access to by ourselves. We want the video camera in the kids' room not to stream to a site, say, in a foreign country, but we do want to be able to access sites worldwide with our own computer. So profiles matter, and we need to understand the concept of a family and it's not every device being the same. We have to differentiate between devices, protect them differently, see who is responsible for what, who has to be protected how and provide this over encompassing digital security for the family and for the business as a whole. Allot built a solution that enables this to happen. We call the solution, like I mentioned, Allot Secure. It's -- we believe that this is a 360-degree security solution. And it's made really of, I would call it, 3 different layers.

First of all, we have at the bottom of the slide, you see the various enforcement points. We have security enforcement points in the home router or the business router for -- to protect the broadband connection. We're protecting in the network itself in the core network for the IoT devices and mobile devices, and we're protecting even the DNS access link. All of these are built into the network. This is a software that we provide that resides in the network of the operator so it's a 0-touch onboarding. There's no need to download or install anything. All of these enforcement points are connected to a single unified management system that provides a seamless security experience. It doesn't matter on which device you are. It doesn't matter what the access means, it doesn't matter if you're at home or in your car, it's the same security profile. It's the same A protection.

Now to make sure that it's 100% updated all the time, the management system connects continuously to our cloud to the Allot cloud that provides updated information on threat intelligence, categorizing websites, device fingerprinting, that -- and it's constantly updated every few minutes to make sure that we have the best protection online all the time. This solution, such a comprehensive view of this solution is something that I believe is unique to Allot. I'm not familiar today with any other company that is offering such a fully unified security blanket for consumers and small businesses. Now to do all this inside the operator's network, looking at all the traffic, real-time without adding delay and with extremely high resilience, requires technology foundations that I talked about earlier, and Yael will expand on later today.

Now how big is this opportunity? We understand that it's important. We understand that, that can bring tremendous value, but how big is it? How big is it for the whole ecosystem? And how big is it for Allot?

Let's take a look at the numbers. We start with what are the connectivity revenues worldwide. Well, worldwide, according to the OECD studies, connectivity revenues of mobile and fixed broadband networks are $1,200 billion per year. Now we believe that the potential revenues coming from security an operator can charge their customers an incremental 5% or 8% of Z connectivity charges that they charge them today. We'll talk about why we believe that these are the right numbers in a couple of minutes. So that means that if these numbers are correct, that means that the operator is looking at somewhere at a total addressable market of somewhere between $60 billion to $100 billion annually. Now to be truthful, not all customers will sign up for it. We believe that realistically, 25% to 40% of customers will really sign up for this service, and we'll show you why we think that those are realistic numbers, which means that the realistic addressable market for operators is between $15 billion to $40 billion annually.

That's a very large number. How much of this can Allot compete for? Well, we believe that by providing the technology solution to this, operators are willing to share revenue with technology companies, such as Allot, around 30% to 50% of these revenues. Which means that we and Allot are looking at a potential multibillion-dollar market anywhere from $5 billion to $20 billion of annual revenues once this grows to encompass the operators worldwide.

Let's look at how we reached these kinds of numbers. These are examples of operators who actually launched the cybersecurity service and how much they are charging consumers and small businesses. Looking at the -- at the left side, we see that Vodafone that launched this in 10 different markets across Europe are charging on average around EUR 0.99 or EUR 0.01 per month in addition to their regular access charges for the security. This is around 5% of the average price plan that Vodafone charges. Hutchison that launched this service in Austria is charging EUR 1.5 per month. Making it for consumers, making it roughly an 8% of the average price plan. And now looking at the right-hand side, is also charging roughly EUR 1 per month in Portugal, which means around 6% of the average price plan. When we're talking about SMBS, we're looking at for example, Telefónica, they launched this in Spain and is charging EUR 10 per month, which brings it to about 20% of their average price plan to SMBS. So overall, we see that it is realistic to expect operators to charge customers and for customers to actually pay roughly a 5% to 8% premium over their price plant to get cybersecurity protection from the operator. Our customers willing to really pay that and how many of them are willing to pay that.

These graphs show the percentage of customers that are actually signing up to services over time as these services are getting launched. I'll start with the top left graph that shows the take-up rate in several European countries of consumers signing up to this service. And you can see each line here in the graph represents a different market, a different country. And the -- with the axis -- the horizontal axis presenting the time from launch of the service. So it's overall over a period of 3 years, and we can see that the numbers vary but within a few years, we can see that the most successful countries end up getting 50% and even 55% of their customers to really sign up for the service.

Less successful countries will get to around 10%. This depends a lot on the go to market, but an average of 25%, even 30% of take-up rate for consumers in Europe, I think is a reasonable number based on what we are seeing today from operators that have actually launched this service. This is a tremendously successful value-added service. If we go to the bottom left graph, this is an interesting one, showing what happens, specifically in stores. When this is an operator that launched the service and is selling it primarily in the stores. So when people walk into the stores, and they want to do something. They want to buy a plan, they want to sign up for a service. They want to buy a new phone, whatever it is that they want to do. They are also offered by the person in the store. They're also offered to sign up for a security service in addition and pay extra. This is in Europe. And you can see here that new customers that are walking into a store and signing up with this operator for the first time take-up rates are around 80%. 80% of customers that come in and join the service are also signing up for the security at the same time.

With the existing customers that walk in and buy something, whether it's a new phone or they change the plant or they do anything, take-up rates are between 50% to 60%. These are extremely, extremely high numbers. Once people sign up on it, and I will share with you that invariably with almost all operators that we work with, customers can opt out and leave the service at any time they want.

So once they've signed up for it, do customers stay with the service. Look at the bottom right graph. This shows in months from when a customer signed up, what percentage of customers actually keep the service and it shows that 18 months from 1 period. When customers sign up, 1.5 years after they've signed up, 64% of customers still keep the service. It's a very, very sticky service. People do not give it up. They want to be secured. This is an extremely successful service. We talked until now about consumers, what about businesses. So the top right graph shows an actual penetration in Europe for an SMB service. And you can see that within 1 year and several months, 16 months from the launch of the service, you can see that 34%, 35% of all the SMBs that, that operator is serving have signed up for the service, phenomenally high acceptance rate. So what we're seeing here is that once operator launched this service, customers really buy it. The take-up rates are high.

They really want this. How do we do the deals with the operators? Well, we believe in this service. As you can see from these numbers, there is a good reason to go even this service and in the future of it. So we come to the operators with the easiest deal that we can for them. And I think, honestly, the best one for both sides. We're willing to provide the operators everything that they need, hardware, software, professional service, marketing support. We have a dedicated marketing team that works with the operator's marketing team to show them how to market this service in the best way and achieve the highest penetration numbers.

We provide all of that. We do not ask for anything upfront, no charge-off front, no financial commitment, all we ask for is a revenue share. Once customers come online and they start paying for the service, that's when we expect to get a share of those new revenues. Now because we're doing this in such an open fashion, with no minimum commitments requested from the operators. Operators really see us as a partner. And to date, they are willing to share with us up to even 50% of the security revenues that they are expecting to see from their customers. This is a true partnership model and a very, very interesting recurring revenue model for us. And when we talk to customers, about this. And we'll hear testimonies from customers later on today, but I did want to give you a few quotes from them to share with you what customers who have launched the service, what they think of it. And here's what some of them are saying.

Hutchison are saying, look, up to 80% of new customers sign up for it, tremendous number. Telenor is telling us that simple onboarding is driving customer take up, and it's driving a higher Net Promoter score. So it helps boost their brand. Vodafone went public an earnings result a couple of years ago, sharing with the world how much new revenue they are making from this. And so Telefónica is telling everyone what a huge potential it is. So operators who launch this service are very, very happy with the results.

Now I'm very excited about this transformational opportunity. You can tell that. And I think it's a huge opportunity for us. But I think that there's even more than this. We are seeing today, 5G networks starting to become a real -- a reality. And starting to be to go online and starting to grow. Now 5G networks are much more vulnerable to attacks than LTE networks were until now. And this is for 3 main reasons: one is that they are much higher in bandwidth. The high bandwidth means that it's a lot easier to provide massive attacks or to tack massively, if you like, the network. There are many connections to the Internet. This is not a centralized -- this is not a centralized network like 4G was with everything coming to a centralized core, but it's really a distributed core with many Internet connections. And the vision of 5G is to have many, many IoT devices on it. Billions and billions of IoT devices are expected to be connected to the 5G network, and they are much, much harder to protect than other devices. So we had Allot -- we've developed a product, we call 5G NetProtect that is intended to protect the service provider network itself, from malicious and attacks on the network itself. Our first customer that we signed up for this product is DISH in the U.S. DISH, as I'm sure you know, is building now a completely new 5G cloud-native network across the U.S. and they have selected Allot to be part of what is protecting their network from attacks and threats across the whole platform.

Now this is not just for DISH, and we'll be hearing from the DISH Chief Network Officer later today. But it's not just DISH. This is an example of what we expect to -- of things to come. 5G network protection protecting them, protecting the network itself is actually an additional cybersecurity growth engine for Allot.

Not only that, but all of that together, we can build on beyond that. Why? Because Allot technology is placed in an extremely strategic location. We have a technology that sits inside the operator's network. We see and read all the traffic, all the Internet traffic that's going to and from the customers. We see all of it, and we know how to do things with it. We can decide to clean attacks. We can decide to block malware, but we can do more than that. And as we are working into the future, we will work to provide more value both to the operators and to their customers. We will do this by providing data-driven security, which is now in development phase. We will do this by enhancing the ability to protect consumer privacy. And we will do this with other ideas that we have and that we will have going forward. We are situated in exactly the place that enables us to do this. Yael will expand a lot more on this later on today.

As we look to Allot, you can see that we really have today 4 growth vectors to the future. First one is we want to sign up as many operators as we can that will launch customer security from the network, and we are continuously signing up more and more operators that will launch this service. Each and every customer that launches, we will work with them to increase the number of customers with both consumers and small businesses that actually sign up to the service. And then we will work to increase the value that we provide to those customers. Some customers start with only protecting mobile phones. Some customers start with only protecting the home broadband. As we can -- as we see with the Allot Secure platform that we have built, you can start with mobile only, then expand it to home broadband then add the DNS security and expand will provide more and more value all the time. And last but not least, protecting the network itself, protecting the operator network itself specifically on 5G networks, which is a growing business today, starting with DISH, but with many more, hopefully, operators to come.

As a company, we are also going -- undergoing a transformation. Allot up to 2018 was focused mainly on DPI technology. We were selling software to operators, but it was for DPI applications, and the type of deals that we were doing were CapEx deals that was until 2018. By 2019, we started signing up security revenue share deals. Last year, '20 -- and this year, we are starting to see the initial security as a service revenues come to Allot in a meaningful way. And by 2022 and beyond, we expect security as a service revenues for Allot to grow to be very significant and fast-growing numbers.

Ziv will discuss the time line of how signing these deals turns into security revenues for us and what we expect on the future revenues of Allot to look like.

To summarize, while most cybersecurity companies focus on securing the enterprise, there is a huge opportunity to secure consumers and small businesses. We believe that we are positioned to seize that opportunity. The threats to consumers and businesses are growing. Consumers and small businesses are unprotected. The existing solutions, downloading apps don't really work to protect the mass market. Customers are aware of this. They understand that they are under threat. They understand that they are not well protected, and they look to the operators, to the communication service operators for solutions to protect them, and they are willing to pay the operators to do that for them. Allot is revolutionizing the mass market cybersecurity with the network-based security service offering because we are the ones enabling the operator to deliver on this promise. And this overall is a huge revenue generation opportunity, both for communication service providers and for Allot. I believe that this revolution in how consumers, small businesses are being protected from the Internet is happening. It is happening because it is an absolute necessity in my mind. And I believe that we in Allot are best positioned today to be the technology company that drives this revolution and really makes it happen. Thank you very, very much.

Thank you, Erez. Now let's join a conversation Erez recently had with Marc Rouanne, Executive Vice President and Chief Network Officer at DISH, following the announcement of the recent deal between our 2 companies.

(presentation)

We are pleased to share with you now a few of our customer testimonials.

(presentation)

I want to now introduce Dr. Yael Villa, our Senior Vice President for Cybersecurity. Yael also heads the company's cybersecurity business unit. Yael?

Thank you, Barry. Hi, everyone. My name is Yael Villa. I joined Allot 6 months ago to lead the cybersecurity BU. Today, I would like to share with you a deep dive into the technological backdrop of Allot consumer cybersecurity offering.

We will start with an overview of our consumer security concept, which is unique in the market. Next, we will briefly describe our security assets and how we prepare for tomorrow's challenges. The cyber world is very dynamic and sophisticated. And we need always to be ahead of the bad guys. The main difference between existing solutions, mainly for enterprises and financial institutes and Allot solution is that existing solutions are extremely hard to manage. Different alert systems coming from different applications, very long loss and basically, enterprises and financial institutes have a CSO to manage the security within the organization. In the consumer world, this is not happening, and nobody is expecting the consumer to be its own CSO therefore, the solution should be seamless and easy to use. Otherwise, it will simply not work. Consumers actually don't know anything about security vulnerabilities, they just want to be protected. Some of you can ask, if Allot can have comprehensive solution why can't the big cyber companies, if they are willing to do the same in no time?

Well, it's not that easy, and we will discuss why. Finally, we will talk a little about the road ahead. What do we need to start thinking today to be always ahead of our competitors and constantly bring new value to our customers? Allot solution is based on the 360-degree security concept. What is 360-degree protection? Consumers are looking to have a complete end-to-end protection anywhere, at their network, at their home, at their offices, at the coffee bar, at the bus station, everywhere. They are looking to be protected by any threat fishing through ransomware, everything. They are looking to be protected in any device they are using phone, laptop, iPad. They want the same protection in all their devices. This is the 360-security protection, and we need all of these to be easy, 0 touch. The user basically doesn't have to do anything, client less and self-management. If they want to do something, they need to be able to do it by themselves.

Our research shows that 90% of the consumers believe that the CSP should provide them security. So they expect to have the CSP as the single provider of security solutions. So what is the Allot Secure 360 concept all about.

The solution is built around the ASM, Allot Secure Management. The Allot management is designed to provide a unified seamless security experience not only for the end user, but also for the CSP, for the CSP to be able to be the single security provider. We have different enforcement points unsecured business secure, IoT secure, network secure, DNS secure and endpoint secure. Network secure is a network-based security for mobile consumers and SMBs that includes threat protection and parental control with frictionless onboarding, mass activation up to 50% penetration, in line customer engagement tools and everything, basically.

Home secure is a CPE-based security, protecting all devices, including IoT devices in smart home and offices, home router protection, full home office network visibility. The different enforcement points are getting the input from our Allot cloud. All the up-to-date threat intelligence, web categorization and device finger print data are stored and constantly updated in our Allot cloud. The design of the ASM was done under the unification concept. The same capabilities and the same look and feel for all the enforcement points. Therefore, we developed all our capabilities once and no need to develop again and again for each enforcement point. For example, if we want to add a new anti blocking algorithm, we develop it once and it will work for all the enforcement points. We have the same reporting system to all the different products. Due to the flexible architecture, if Allot decided to introduce a new service like privacy protection or the customer wants to use its own enforcement point like McAfee, these additional solutions can easily be integrated in our management system and gain reporting, notification, account management, without the need to develop anything. It's the same feel, for the end user and for the operator. This user adopted the entire 360 threat protection solution. He can be blocked within the network. If it's at home, or if he is at his coffee bar. The same protection regardless where he is, the same blocking page, one seamless security experience, one policy, unified reporting and unified event handling, regardless which enforcement point is active. The user will get a reporting, summarizing all the malicious activities we have, like in this example, more than 300 -- 3,000 blocks, most of them phishing, malware analytical spyware.

Robust security is the core of our business. Our comprehensive security comprises URL-based filtering for HTTP and HTTPS traffic, anti-malware, anti phising, antivirus and antibot, up to 3 antiviruses engines to scan files downloaded, Kaspersky, bitdefender and (inaudible).

We have a dedicated threat intelligence research team to analyze new threats and variance of existing threats. We developed machine learning algorithms, including deep learning, anomaly detection, classifiers, virus analytics and clustering. To optimize our detection performance, meaning high detection rate with low false positive. In addition, we developed machine learning algorithms aim to serve 2 more challenges. For example, phising detection when all the traffic is encrypted. Allot's deployments are in hundreds of CSPs worldwide. And since strength spread over different markets we develop a global information sharing platform to share patterns between different deals and different type of customers, allowing us to detect new type of malicious activities earlier.

In our parental control solution, we have more than 120 URL categories. The CSP typically exposes macro categories to the subscribers applicable to HTTP and HTTPS traffic. We have the ability to completely shut down Internet access for a device during a specific amount of time. The customer or the end user can create a list of allowed and block domains anywhere else. Any good threat protection solution is based on a diversity of data elements and good algorithms that can classify and inspect all sources of information.

In our cloud-based as intelligence database, we aggregate data coming from multiple data sources. We have regular classification analysis from top website lease, unclassified URLs received from existing deployments, categorization requests from our customers, external feeds, carefully selected under constant examination, regular classification exercise by CSPs, automated tool to find new URLs and get them classified. Threat research team dedicated to investigate new threats. And then constant analysis engine for dynamic and real-time analysis of malicious URLs. And more than 120 categories for detection from our detection and parental controlling. Consolidation of threat intelligence from many different sources, internal and external to Allot, is imperative to reach high detection rates with low false positive. This is unique to Allot as aggregator of threat intelligence even from competing vendors.

For a consumer cyber security solution to succeed, it should be seamless and easy to use, easy to use for the end user as well as easy to use for the operator. The key of this simplicity is the ASM, Allot Secure Management. The ASM provides unification of all Allot Secure products under a single management, same profile, same protection, same control access to all of different enforcement points. A unified IT, rest APIs for portals and applications, single integration point, unified provisioning, map subscribers to API, map endpoint to subscribers, all of this done very, very easily.

In addition, the ASM provides a framework to integrate additional security products, either Allot's or customer products. Therefore, this unified management platform empowers the CSP as the single provider of holistic digital security solutions for consumers. On top of the functionality needed to maintain our solution, there is significant additional value Allot has given to the CSP.

Flexible and powerful management and monitoring tools, like full integration with (inaudible), which is a monitoring and alerting tool kit and Grafana, which is an interactive visualization tool, collection of KPIs and system behaviors, user activity, global threats and many more.

Advanced reports providing visibility into subscribers' usage of the Internet, behavior attacks, devices, patterns that can allow targeted product offering and marketing as a source of additional revenue stream for the CSP. The solution should be really easy to use by the end user. The average consumer doesn't understand anything about security. And our goal is to give him good protection without the concern of onboarding or maintaining a security solution.

So first of all, there is no need for any application download. If you want to use the system as is, you can use it from day 1. The onboarding is seamless. If the consumer wants to do minimal configuration, it's very easy and intuitive. Due to the multi-tenant architecture of the solution, the user receives personalized reports of free security status in which you can appreciate the value of the service.

What is the consumer experience unification? Unified reporting and notification, block threats across all its enforcement points, threat distribution, periodic reports, what we did for you, report from all users in your family plans. The management UI/UX is built to prove the value of the service, including security rating, in this case, a very high security level. And overall dashboard like here, in the last 24 hours, there were 3 threats detected and 5 infected.

Another aspect of the consumer experience unification is a user-centric management. Forget about the complexity of managing devices, products and technology and focus on users' persona, self-reporting tools as an additional mechanism to show value. This report can be proactively sent to the user. And the unified policy activate the activate malware protection, allow block lease, activate the activate categories, assign devices to users, you can choose, which categories to block. You can easily choose the quiet time you want for your kids.

A layered management approach, simple configuration in one click. Usually, we will ask how long it will take for one competitor to build a solution like ours, which is unique today in the market. And the answer will be quite a long time. Why? The reasons can be divided in 2 categories: because we have a very rich telco background, and because we have a quite broad security experience. So what assets does our telco background give us? Scalability, we are able to process more than 50 terabytes per second -- 15 terabytes per second, sorry, experience to integrate solutions in complex CSP network and visibility, existing in line Allot deployments in major CSPs worldwide gives Allot a privileged understanding on Internet trends, which can drive product evolution to stay ahead of the market.

What asset does our securities experience give us? Unified end-to-end security for the consumer market, multi-tenancy, personalized configuration and reports for unlimited number of users, existing deployments with more than 7 million [Optenet] subscribers where each one has its own configuration and personalized reports. Go-to-market support, we partnered with the CSP to succeed in adoption rates, Allot has the experience and the tools to create the right market in Germany. And our proven categorization and threat intelligence, our rich data component that takes a long, long time to compile.

In order to stay leaders in the consumer cybersecurity market, we need to constantly think what's next. We should continue adding value to our existing offering. A privacy protection solution, which is a major concern these days, broaden our offering in the SMB market. A lot of businesses don't have an IT department at all. And some of them have an IT department, but not the right skills to manage security controls. And many of them will be happy to get security services from the CSP.

The 5G new world, together with the increase of IoT devices may offer new use cases like securing connected vehicles, mission-critical applications to be secure and much more. From the other hand, we are Allot. We sit in the network, and we see the network traffic. Therefore, we can offer additional data-driven security services like encrypted traffic analysis, insider threat protection. And we can identify new trends, allowing Allot to be first to market with new product offerings.

In summary, our current solution is strong, mature and with top-notch technology. 360-degree security, any place, any threat, any device, great threat intelligence, sophisticated machine learning, algorithms and automation, global sharing of patterns, a unified management, zero-touch personalization due to the multi-tenancy architecture.

It will not be easy for other companies to close those gaps. Our wide experience in the telecom market, including scalability and understanding of CSPs networks, and our extensive experience in security, including multi-tenancy, go to market, give us a great advantage. And finally, we have significant strategic expansion opportunities, privacy protection, SMB, cybersecurity 360, 5G new use cases, data-driven security services and much more. Thank you very much for your time, and hope you are a little bit more knowledgeable about our cybersecurity offering.

Thank you, Yael. We are pleased to share with you now a few of our customer testimonials.

(presentation)

At this time, I'd like to hand it over to Ziv Leitman. Allot's Chief Financial Officer, to discuss the revenue sharing business model, which has created a win-win situation for both CSPs and Allot and a significant opportunity. Ziv?

Thank you, Barry. Hi, everybody. Thank you for attending our event. I would like to share with you a few slides, which will better explain our business model. Security is already an integral part of our offerings, and we have security revenues from our current installed base. In 2020, the total security revenues were $23 million, which were 17% out of total revenues, $2 million out of these were SECaaS revenues. The balance of $21 million came from 3 sources: security CapEx deals, security and maintenance of CapEx deals from previous years, and CapEx deals of distributed denial of service or DDoS for short, which is a security product for protecting the CSP network itself. Our 2025 goal is that more than 50% of Allot's total revenue will be derived from security and our hope is that almost all the security revenues will come from SECaaS-type deals.

In the coming slides, I will walk you through an example of how we are going after this very large total addressable market, which we presented before, so we can understand the process and the time it will take to build and ramp up the revenues.

For internal and external purposes, we use a metric by the name of MAR, which stand for maximum annual revenues. The MAR represent total potential revenues from security as a Service as a Service or SECaaS, under the assumption, of the 100% end customer penetration rate, which, of course, will never likely happen. Based on our past experience, the penetration rate after few years can vary form anything from single-digit percentages to more than 50%. We find that this mainly depends on the go-to-market strategy executed by the CSP.

In order to make sure that everybody understands the MAR mechanism, I will use a simple example. Let's assume that we are engaging with the mobile operator, which has 5 billion subscribers. This CSP intends to offer the security service for an additional $1 per month, which is 5% of ARPU of about $20. As part of the revenue share agreement, let's assume that Allot will receive 1/3 of the CSP revenues, which is 1/3 of the $12 yearly fee, amounting to $4 per sub. So if we multiply the yearly fee of Allot of $4 by the 5 million subscribers, we get to an MAR of the CSP of $20 million, which means if eventually, the penetration rate will be 25%, we will get yearly recurring revenues of $5 million.

I want to stress that the sales cycle of these deals is rather long and can take up to 2 years. After signing the contract, the implementation period can take even up to 1 year. After the commercial launch, we should see a ramp-up in the penetration rate. So if you look at the graph, we see an average penetration rate of approximately 4% in the first year, about 12% in the second year and about 20% in the third year.

The accelerated growth in revenues will generally continue until we get to the $5 billion, which represent, in this simplistic example, a steady state penetration rate of 25%.

The accumulated MAR of all deals signed by the end of 2020 was $280 million. More than 50% out of it will start generating revenues at the beginning of 2022 due to the long implementation process, as I just explained. I would like also to remind you that we provided guidance for additional MAR in 2021 of $180 million. The rest, we can also look at it from a different angle. If we take the expected cumulative MAR of $460 million at the end of 2021 and assume a steady state penetration rate of 25%. Then in a few years, we can expect just from this MAR figure, yearly SECaaS revenues of $115 million, which is the 25% out of the $460 million. The actual SECaaS revenues in 2020 were $2 million. The surprising last wave of COVID and the associated lockdowns around the world might push a little the timetable of some projects' implementations.

However, we believe that despite these delays, we can still achieve annual SECaaS revenues of at least $6 million, of which most should come in the second half of the year. When applying project cycle mechanism, as described previously, keep adding each year, MAR of $180 million, which identical to the guidance of 2021 and reaching penetration rate of 25% after 3 years, we get the following simulation. So for instance, in 2024, we should already come close to the magic number threshold of yearly recurring security revenues of $100 million.

Most of our current recurring revenues for the entire company are coming from support and maintenance. So in 2022, we are expecting more than $60 million in recurring revenues due to the expected accelerated growth of SECaaS revenues, we anticipate that in a few years, the recurring revenues of the entire company will be more than 50% of total revenues. Of course, the proportion of the SECaaS revenues out of total recurring revenues will increase dramatically to more than 2/3 in a few years from now. I have just one slide regarding the entire company's revenues.

As in the last few quarters, we can see the perfect chart of revenues, steady growth. Q1 2021 revenues were $31 million and the gross margin of 70%, both in line with our expectations. Please remember that traditionally, Q1 is the weakest quarter in the year, while Q4 is the strongest. The Q1 OpEx was $24 million, which was lower than our plan due to R&D open positions, which we haven't recruited for yet, and we hope to fill them in the near future.

We would like to reiterate that our 2021 non-GAAP guidance is for revenues between $145 million to $150 million, gross margin of 70% and operating loss of $6 million to $8 million. Let me remind you that even though we were able to grow our DPI revenues in the last 3 years with a CAGR of 19%, we expect that in the future, the growth of our DPI revenues will be just in the single digits. As explained, the accelerated growth of the company is expected to come from the SECaaS business.

So now in order to sum up, there is a huge addressable market for our SECaaS business in the magnitude of billions of dollars, as Erez presented, we feel comfortable that we can overcome the challenges of the long sales and deployment cycle, and choosing the right go-to-market strategy. We are very excited about the opportunity to show accelerated growth in the recurring revenue starting next year and really turn Allot into a large cybersecurity company with a strong SECaaS model.

As my last slide, I would like to share with you a regression simulation of Allot's security valuation versus other security companies. In this graph, the x-axis represents projected revenue growth from 2021 to 2022, which is the independent variable. The y-axis represents the ratio of the current enterprise value to projected 2022 revenues, which is the dependent variable. We placed on the graph the data of 14 selected cybersecurity companies. Please note that we took their total revenue even though for some of the companies, a portion of their revenues are not considered recurring revenues.

In addition, this revenue projection for 2022 were not issued by the companies, but by estimates from third-party sources. As a comparison, we placed Allot total projected revenue and the current enterprise value as you can see in the lower left side of the graph. When we use just the projected SECaaS revenues growth of Allot, on the regression line, which mean calculating the dependent variable, we get a much higher theoretical valuation of Allot. As you can see on the upper right side, of the slide. By the way, the R-square of this regression is 81%, which is relatively high. However, this simulation is just one metric and shouldn't be considered as a comprehensive comparison or a formal recommendation regarding Allot valuation. Thank you.

Thank you, Ziv. So now we move on to the final part of our program, the Q&A session. We already have a few questions that were sent in. (Operator Instructions).

Thank you, Barry. Thank you, everyone. (Operator Instructions). Okay. We have a few questions already. I'll read the questions out loud, and then we'll try to answer. What caused the big rise in deferred revenue this quarter? Ziv?

The deferred revenue this quarter, it was $51 million compared to $36 million in the previous quarter. The increase is due to payments that we got from customers for deals that -- which were not recognized yet. Traditionally, in the past few years, the deferred revenues were between $30 million to $40 million. So the current level is rather high, and we expect that in the future, it will be a little bit lower as it was in the previous years.

Okay. Does your mobile security product screen robo calls?

No, it does not. The product we provide, like Yael explained, is doing anti-malware, anti-phishing antivirus but it does not provide at this stage at least. We do not provide anti-robo-call.

Can you elaborate on the impact of COVID to Allot business and has it changed in the last few months?

Yes, I can. There's been -- as you know, there's been the last few months, there has been a rise in COVID -- in the COVID, I would say, crisis actually throughout Europe, Asia Pacific and Latin America. Israel is in a really good situation from COVID and the United States is gladly getting there. But there were many lockdowns in the rest of the world during the last few months. So to some extent, it's also delaying some of the launches that were planned by a bit more. And probably as a result of that, we may have some impact, but we still believe we'll make our $6 million of recurring security revenue for 2021, like Ziv explained earlier.

Okay. Was the colonial pipeline hack? Is there an opportunity for you to partner with another cybersecurity provider to capture this market. Yael, do you want to take this?

Yes, sure. So definitely, we are partnering with customers. We don't believe in having an organic solution for every type of malicious activity. And this is not something that we are considering right now, but we are going to consider in the future.

Okay. Thank you. Before developing the SaaS model, you did perpetual software license deals with some large carriers, are they eventually candidates for the SaaS model?

I think by and large, the answer is no. There may be some exceptions, but customers who have bought perpetual license really have very little incentives to move to another model where they would actually pay us more money. I think the fundamental of the SaaS model is that we, as Allot, take a very significant part of the risk upfront. And therefore, the operator does not have to take any risk score. It takes a very, very low risk. And therefore, if the service succeeds, we get paid a lot more and over time. Those who have bought perpetual licenses have already taken that risk. So the switch between those is not -- I do not expect that, there may be specific cases, but in general, I do not expect that to happen.

When will the DISH deal start to hit your revenue line? Look, DISH is planning to launch their 5G network this year. And I do not expect them to have too many customers this year. So I don't expect there to be too much of that during 2021. But it's yet to be seen. We'll see how the launch goes, we'll see the exact timing, and it will depend on that.

Since signing the deal with DISH, has there been more interest in your 5G business? And if so, can you enlighten us?

Well, I'm glad to say that there has been -- there's ongoing interest in our 5G business. That started before we signed the deal with DISH and it's continuing and actually growing after that. I think there are several accounts that we are currently in active engagement, and I hope to be able to share some news once we hopefully close such an account. We will share that with you. But I think in general, I think the outlook is positive.

What is the -- what do you think is the size or potential size for the 5G NetProtect market?

Look, it's okay -- continue what I said before. 5G networks are getting launched around the world. And like we talked about during the presentation, there is a need to secure 5G networks. That is larger than what was the need even on 4G network. So I think there's a growing interest in our ability to protect the 5G network data plan. I believe that this is potentially a business of hundreds of millions of dollars, not necessarily for Allot, but as a market, I think it is not that size today because 5G networks are very small still. But as it will grow and the need for -- to protect them will be large.

If we look at the size of protection for current 4G networks, and we are we look at where this will end up being for 5G in several years, I think there's a total addressable market that should be in a few hundreds of millions of dollars for that business.

You talked about security for SMB and consumer. Why doesn't Allot provide security also for enterprises?

Well, I think like we try to explain, it's a totally different market, okay? It's -- the enterprise market is one where the bank persona is an IT department in an enterprise. They are trying to protect the company or that enterprise itself from, many times, not just generic attacks, many times, direct attacks on the enterprise, try -- focused on them trying to get information or other things out of the company.

Now there are many security companies that are dealing with that, Check Point, Palo Alto, CrowdStrike, many security companies that are developing technology to exactly focus on protecting enterprises from those kinds of very, very significant attacks. Comparable to that, consumers, SMBs, are also under attack, but not so much under individual-targeted attack. It's more sort of blanket attacks across the board where the attacker is throwing sort of think of it as a fishing net and trying to catch whomever they can. And that is where we excel. We know how to take the technology and mass-ify in a way that protects the mass market of consumers and SMBs.

And it's a different capability and is required to protect the enterprise market. So we are trying to focus on what we are good at and what the other companies in the security market, the vast majority of them are less good at. So they are good at targeted attacks for enterprise. We are good at massive attacks on consumer and SMBs, and we are focusing on that area.

How much latency does your security solution add to subscribers' traffic? Yael, I think...

Yes, I feel from almost nonsecured to our -- basically doesn't perceive any latency issues do.

Who do you compete with on 5G NetProtect?

In protecting the network itself -- the 5G network itself, we're competing, I think, with the companies that are providing DDoS protection for the 4G networks. These would be companies like Arbor, for example, Radware, et cetera. I would expect to find them as -- what to expect -- I am finding them as the competitors in this area. There may end up having more competitors in the future, but those are the main ones.

Can you discuss any progress you are making with the Broadcom relationship? What are your future expectations for these products?

I'll remind everyone that the Broadcom relationship, it's a deal that we signed approximately 1 year ago with Broadcom, where Broadcom had a product line Packeteer, which is a DPI traffic management product line for enterprises. And we were in our DPI business, we were competing with them with our DPI product. And we signed a deal a year ago with Broadcom, where they were -- Broadcom basically the end-of-life for the Packeteer platform, and agreed to steer customers, distributors and so on.

That are -- we're interested in continuing with the on-site traffic management like Packeteer and (inaudible), to bring them to Allot and -- or sorry, refer them to Allot. And recommend that they buy the Allot product. I can say that it's going very well. We are signing up more and more value-added resellers and distributors. That were formally distributing Broadcom product. We are gaining market share, and we are growing our bookings and revenues in that business. And I believe that this year, we should be growing significantly the enterprise portion of our business to a very large extent due to the Broadcom deal that we did.

Okay, a bit of a long question. Thank you for providing very helpful analysis and revenue build for future years. Is the assumption of $180 million MAR per year conservative. It seems possible that a single large operator could represent $300 million or even $500 million of MAR using even the low end of your assumptions. In connection with this, could you elaborate on traction in North America market outside the recent win with DISH?

Look, I think it's -- I would like the $180 million to be conservative, but I honestly don't know. I think we're taking a realistic target for this year. If -- I hope that we will be able to exceed it, but I don't know and the -- what is going to be the MAR for any individual customer, depends to a large degree on exactly what is the deal that we will sign with them.

Is it possible that a single large operator could present a larger MAR of several hundred millions of dollars?

It could very well be. But also remember that the larger the operator, there is also a larger leverage in the -- from their part in striking the deal with us, including the possibility to put some sort of cap at -- on very, very high -- on very high penetration numbers, cap in terms of what they will pay us. So I think we're taking a realistic number with $180 million. We hope to be able to do better than that, but we don't want to create sort of illusions on this.

Traction in North America market, I think, is now very good. I think I talked about it in the previous earnings call, what we are seeing now that we did not see a year ago even is significant interest from several North American operators to provide Security as a Service to their customer base -- is provide network-based Security as a Service to their customer base.

This was not the case 1 year or 1.5 years ago. We're engaged with several operators in North America. The first one we signed the deal with the -- on protecting the network itself was with DISH, like we announced, and we expect to sign a deal with DISH also on the Security as a Service, on network-based Security as a Service for their customers. We are in active engagement and this, I mean, and some of it in trials, some of it in -- even in commercial discussions with other operators. So I am optimistic, but yet to be seen if we close the turn up. I'm hopeful.

Can you elaborate on the difference between your offering to DISH and Palo Alto's offering to them in terms of the 5G solution?

Palo Alto, I'm not an expert on Palo Alto, so I'll phrase it in general terms. Palo Alto is basically offering a firewall that is protecting sort of the entry and exit from the network, mostly the entry into the network from various types of attacks, but this is a firewall. What we provide is the ability to do real-time analysis of the traffic that is going on, on the network and identifying attacks that have managed to pass the firewall. They could have passed it because they were abrupt. They could have passed it because it's an unknown source. There are various reasons why things do pass firewall.

To a large extent, we're also the main protection from attacks that originate inside the network such as bots that are connected to the network and are not trying to attack the network itself but are actually trying to use the network as a means to attack someone else, which is also very important. So it's really -- these are, I would say, these are solutions that complement each other.

What accounts for gross margin declining from 74% to 70%? Ziv?

So in the last few years, the average gross margin was around 70%. Specifically, in the first quarter of last year, there was an extraordinary onetime favorable mix of products, but it was something unusual. So we can expect that the average would be around 70% as it was in this quarter.

Is DISH or other U.S. providers seriously looking at your recurring revenue technology?

The answer is, absolutely yes. And I think I answered a similar question. Yes. There's a lot of interest today in the North American market for this. And it's very different than what we saw previously. So I think I'm positive -- I have a positive outlook on what I expect to happen in North America on this.

Security as a Service seems like a no-brainer for any operator. Why don't all operators launch this service immediately?

Okay. We would like them to. They are taking their time. Look, I think it's for a few reasons. First of all, let's face it, communication service providers, operators, are relatively, I would call it, slow-moving entities. They have large networks to take care of. They have many millions of customers. They are concerned of disrupting the current business that they have. So things take time with operators.

And I think anybody who's worked with operators can appreciate it. That's why it takes between 1 to 2 years to close a deal. And even after we close the deal, all the implementation, testing, integration, et cetera, et cetera, would take between 9 to 12 months easily until the service is actually launched. Even though technically, we could launch it much, much faster. There -- it's not that much work, but there's a lot of testing, making sure and so on that's going into.

I think that one of the things that operators are looking at today is that they have launched over the years many different value-added services. And when you talk to operators worldwide, they typically think that the value-added service is something that is -- that will provide a 2%, 3%, 4% penetration, just like security apps that they are selling, right? That's about what the penetration rates they expect to see.

And here we are coming with a different security solution, and that says, no, this is -- you can sell this to the market as a value-added service, but you are able to get -- if you have the right go-to-market, you're able to get much, much higher penetration rates. So this is a relatively new concept. And being a bit more conservative, taking time to make such decisions, tends to make their decisions a little more prolonged and more delayed than we would like them. However, having said that, I think that there are more and more operators that are saying today that this is indeed a significant service. They are seeing the success that other operators are enjoying, started out with a small number of other operators. It's growing slowly, gradually, but slowly. So more and more operators are starting to be convinced that, yes, indeed, they should launch such a service.

So I talked earlier that we -- that in answer to a different question that we are seeing North American operators interested in this in a way that we did not see 1 year, 1.5 years ago, in -- throughout Europe, for example, we are seeing RFPs to launch for a technology company such as ourselves, to partner with the operator and launch Security as a Service to the consumer and SMB market. And there are many more RFPs now than there were 2 years ago.

So it's taking time. It's taking them more time than I would like. But slowly, but surely, I believe they are getting there. DISH, we talked about.

Does 5G net protect revenue depend on customers?

No, it does not. The NetProtect is a product that protects the 5G network itself. So that is a deal that we did with DISH to protect the network itself and our revenues does not depend on customers. It's really the protecting the network itself. The other deal that we hope and believe we will sign with DISH for launching Security as a Service to their consumer and small businesses, customers, that will be a recurring revenue deal, like we talked about today during the presentations that will depend -- our revenue will depend on the number of customers that sign up on it.

What type of indemnity agreements do you have in place with your CSP partner in the event there's a network outage that the CSP partner could not be held liable?

It varies. But generally, we've been working with operators for many years as a company. We've been working with them and putting in line technology. For many years in DPI and recently more and more for security. We are, of course, we do have liability clauses in the contract if we cause major disruptions and so on. We have clauses of penalties, et cetera, but they are -- I would say they are the standard in the industry. It's not something that suddenly all the revenues of the operator, we're liable for that. That's not the kind of things.

It's you normally sign a deal for a certain amount. We are -- we stand behind our product. There are penalties to pay if we do not meet our obligations, and I believe that I wouldn't say never ever, but it's not -- we don't pay penalties as a general sentence, so we're okay.

How do you secure connectivity into the network via other means, for example, the laptop connecting over the Wi-Fi at a coffee bar, i.e., not via the in-home router.

So we have an enforcement point exactly for that use case in which there is no mobile connection or the CPE connection, but WiFi connection our EndpointSecure solution is taking care of that.

And it's under the same umbrella?

Under the same area, same umbrella, same look and feel, same management system, everything the same.

I would add to that just a comment that while we have the capability, most people, even when they buy a combined package of network-based security and endpoint security, most people don't download the endpoint for the same reasons we talked about today. They just don't bother to do it. So it's there, technically. We provide a full suite solution, but the same inhibitor to actually downloading exists here as well.

What do you guys lose sleep over?

Okay. Personally, I try to sleep well. It helps me work the next day. I think -- look, I think the -- I think we explained what were going up, right? We want to sign up more operators. We want these operators to go aggressively into the market and sign up and get more and more customers using the network. I'm not sure losing sleep is the right phrase to use. But if you ask, what are we focusing our efforts on, it's that. Ziv?

I think we have, as was presented, we have a huge addressable market. There is a need for our product, for our solution. And the challenges, the execution and the execution is the long sales cycle, the long implementation cycle. And this is our challenges. That's where we are focusing. But we are very optimistic that we will overcome those challenges.

You mentioned your hope is that future revenues in security would be largely SECaaS. Will 5G UPP, User Plane Protection, CapEx deals fall in DPI or security revenues? And given your view of a multi-hundred million TAM in 5G, could this represent upside to growth in non-SECaaS?

CapEx deals, UPP is a security product. So we count it as security revenues. And yes, this is an upside to growth in our non-SECaaS security revenues.

Is the revenue model for the deal with DISH recurring also? Is it for...

Again, 2 deals with DISH, one that we signed and closed, which is NetProtect to protect the network itself. User Plane Protection, that's a CapEx deal, not recurring revenue. That is signed and done. We have another deal pending with DISH that we've both announced together that we fully expect to sign it for -- but we have not signed it yet, for recurring revenue -- sorry, for Security as a Service for their consumers and SMBs, that will be a recurring revenue deal for us.

When will your company be sustainably EBITDA positive? How much cost investment do you need going forward? Ziv?

So according to our guidance this year, we will have a negative EBITDA of a few millions of dollars. Currently, our main priority is to focus on growth. But we know that growth, it's just a mean in order to provide profitability because the -- our goal to provide profitability and positive EBITDA and positive cash flow. But the mean is to grow the company.

So we didn't provide guidance for next year. But definitely, in the next few years, we will have -- we'll be EBITDA positive.

I think I'm going through the questions here. I think many of them are repeating questions we already answered.

Okay. Okay. Thank you -- I want to thank everyone for participating on this day. I really appreciate the time, and I appreciate everyone who stayed on until now. It's not trivial. And it's not taken for granted. So thank you for your interest in Allot. And I really, really hope to meet with you definitely in the next earnings call. But hopefully, with some of you before that and hopefully even face-to-face. Thank you very much.