Check Point Software Technologies Ltd (CHKP) 2017 Q4 法說會逐字稿

Greetings, and welcome to the Check Point Software Fourth Quarter and Full Year Earnings Conference Call.

(Operator Instructions) .

As a reminder, this conference is being recorded.

It is now my pleasure to introduce your host, Mr. Skip (sic) [Kip] E. Meintzer, Head of Global Investor Relations for Check Point Software Technologies.

Thank you.

Mr. Meintzer.

You may begin.

Thanks, Michelle.

I guess I have a new name now.

I'd like to thank all of you for joining us today to discuss Check Point's 2017 fourth quarter and full year financial results.

Joining me today on the call are Gil Shwed, Founder and CEO; along with our CFO and COO, Tal Payne.

As a reminder, this call is webcast live on our website and is recorded for replay.

To access the live webcast and replay information, please visit the company's website at checkpoint.com.

For your convenience, the conference call replay will be available through February 7. If you'd like to reach us after the call, please contact Investor Relations by email at kip@checkpoint.com or by phone at +1 (650) 628-2040.

Before we begin with management's presentation, I'd like to highlight the following.

During the course of the presentation, Check Point representatives may make certain forward-looking statements.

These forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities and Exchange Act of 1934 include, but are not limited to, statements related to Check Point's expectations regarding business, financial performance and end customers, the introduction of new products and programs and the success of those products and programs, the environment for security threats, trends in the market, our strategy and focus areas for 2018, demand for our solutions and our business and financial outlook, including our guidance for Q1 2018 and full year 2018.

Because these statements pertain to future events, they are subject to various risks and uncertainties.

Actual results could differ materially from Check Point's current expectations and beliefs.

Factors that could cause or contribute to such differences are contained in Check Point's earnings press release issued on January 31, 2018, which is available on our website, and other factors and risks, including those discussed in Check Point's Annual Report on Form 20-F for the year ended December 31, 2016, which is on file with the Securities and Exchange Commission.

Check Point assumes no obligation to update information concerning its expectations or beliefs, except as required by law.

In our press release, which has been posted on our website, we present GAAP and non-GAAP results, along with a reconciliation of such results as well as the reasons for our presentation of non-GAAP information.

Now it's my pleasure to turn the call over to Tal Payne for a review of the financial results.

Great.

Thank you, Kip.

Good morning and good afternoon to everyone joining us on the call today.

I'm pleased to begin the review of the fourth quarter and the full year 2017.

Revenues for the quarter increased by 4% year-over-year to $506 million, in line with our projection, and our non-GAAP EPS grew 8% to $1.58, exceeding the top end of our range.

Before I proceed further into the numbers, let me remind you that our GAAP financial results include stock-based compensation charges, amortization of acquired intangible assets and acquisition-related expenses and the related tax effects.

Keep in mind, as applicable, non-GAAP information is presented excluding these items.

Now let's take a look at the financial highlights for the quarter.

Product and security subscription revenues increased this quarter by 3% over the same quarter last year, reaching $296 million.

Our security subscription revenues continued to grow and be strong with 18% growth year-over-year, reaching $130 million.

As we discussed before, the growth rates begin to normalize as we reach the anniversary of the bundling of richer security subscriptions with our appliances.

Our software update and maintenance revenues reached $210 million, representing 6% growth year-over-year.

Deferred revenues as of December 31, 2017, reached $1,187,000,000, a growth of $121 million or 11% over December 31, 2016.

Revenue distribution by geography for the quarter was as follows: 45% of revenues came from the Americas; 39% of revenues came from Europe; the remaining 16% came from Asia-Pacific, Japan, Middle East and Africa region.

As you can see, revenue growth during the quarter came from Europe and AMA, while Americas continued to be weak.

The changes we have implemented in the field didn't bear fruits yet, and as noted before, it will take a few quarters to ramp up the level of productivity and results that we expect.

From a deal size perspective, the number of customers with transactions over $1 million increased nicely by 11% to 110 customers this quarter compared to 99 in the same period last year.

Transactions greater than $50,000 were 75% of total order value, similar to the fourth quarter of 2016.

Non-GAAP operating margin for the quarter was 58%, up from 55% in the same quarter in 2016.

Variable expenses, mainly commission, were lower as expected in this level of booking.

Our headcount continued to increase and, in general, in line with our plans.

Effective non-GAAP tax rate for the quarter was 15%.

This quarter, our tax expenses included tax benefits from lapse of statute of limitation on certain provisions and a reduction of tax assets, which related to the decrease in federal U.S. taxes.

The net benefit was approximately 7%.

GAAP net...

$7 million.

Sorry, $7 million.

GAAP net income for the fourth quarter of 2017 was $239 million or $1.46 per diluted share, an increase of 11% from the fourth quarter of 2016.

Non-GAAP net income for the quarter was $259 million or $1.58 per diluted share, an increase of 8% from the fourth quarter of 2016.

Our cash balances reached $3,848,000,000 at the end of the quarter.

Our cash flow from operations for the quarter was $248 million, 36% growth over the same quarter in 2016.

The increase related mainly to strong collections from customers and reduction in tax advance payment to the tax authority.

In addition, in Q4 2016, we had tax settlement payable -- payment for prior years.

If you recall, it was around $30 million in Q4 last year.

Excluding income tax payment, our operating cash flow for the quarter increased by 8%.

We continued to implement our share buyback program during the quarter and we purchased approximately 2.4 million shares for a total cost of approximately $250 million.

Now let's take a look into 2017 full year highlights.

Revenues for the year were $1,855,000,000, an increase of 7% from last year.

Non-GAAP operating margin for the year was strong at 55%.

Effective non-GAAP tax rate for the year was 17%,

GAAP net income for the year was $803 million or $4.82 per diluted share.

GAAP earnings per share grew by 15%.

Non-GAAP net income for the year was $888 million or $5.33 per diluted share a year ago, an increase of 13%.

For the year, cash flow from operations increased by 18% and reached $1,090,000,000 compared to $926 million in 2016.

Net of income tax payment, cash flow from operations in 2017 increased by 11%.

During 2017, we announced an extension of our buyback plan to repurchase up to $250 million a quarter, up to an aggregate amount of $1 billion.

During 2017, the company indeed repurchased approximately 9.5 million shares at a total cost of approximately $995 million.

Now let's take call -- turn the call over to Gil for his comments.

Thank you, Tal and Kip.

As you just heard from Tal, our results for the fourth quarter were good.

We were just over our midpoint of revenues and exceeded our EPS projections.

For the full year, we posted healthy results and set a few records in the process.

We reached a record operating profit of over $1 billion on a non-GAAP basis for the first time.

Our annuity business represents now 70% of our total business for total revenues, fueled by our security subscriptions.

These security subscriptions represent the new advanced threat prevention technology that we provide to our customers.

We believe this is an impressive achievement.

These records were accomplished while facing some execution challenges in the United States.

Otherwise, our already impressive results would have been even better.

We're still a few quarters away from seeing the results of the changes and investment we made in the U.S. sales force over the last year.

In the past quarter, we continued to demonstrate the superiority of our security technology.

For example, we won the first NSS Breach Prevention System benchmark with 100% prevention rate.

This is quite an achievement.

There were a few factors that are even more impressive in this win.

According to NSS, our total cost of ownership was approximately 4x better than the next competitor.

And even more important, we were the only vendor that could run the benchmark and come out on top using only a network gateway.

The other vendors weren't -- gateways weren't able to achieve much inferior results without using additional installation in other places of the network.

This demonstrates for everyone that in the real world, our technology sets the pace for innovation and provides the highest level of security.

But fighting the daily threat prevention battle isn't enough.

There needs to be a bigger overall strategy for customers to step up to the challenges of the current generation of threats.

And I believe that we are ready to launch this strategy.

So let me give you a little overview of that.

2017 was a critical year in cyber-security.

The world experienced massive cases of data leakage from the cloud, devastating attacks that took down almost the infrastructure of an entire nation, and we continue to see daily attacks using new methods and technologies.

These are sophisticated attacks that are based on multiple vectors of infection into the enterprise.

Many of these attacks are polymorphic, meaning that they don't carry a static signature that is easy to detect.

Some are based on tools and vulnerabilities that were discovered by state-sponsored organizations and were widely available to hackers on the network, individual hacktivists and criminal organizations.

This sophisticated generation of attacks that we're facing today is what we call Gen V or the fifth generation of cyber attacks.

When the attack landscape is already a Gen V, most enterprises will protect themselves using third-generation technology.

So no wonder that everybody feels vulnerable to attacks.

Most enterprises are 2 generations and almost 10 years behind in their security infrastructure.

We are at an inflection point.

And in my opinion, there's only one choice: jump ahead to Gen V of cyber protection.

This must be done with the best security tools in threat prevention, covering all vectors of attack: the network, the cloud, the data center and the mobile.

And it cannot be done with over 1,000 security vendors.

Consolidation, real-time threat information sharing and real-time threat prevention is necessary.

This is what we've built into Check Point -- in Check Point with Infinity.

We believe that this is the first Gen V cyber-security architecture that is designed to allow enterprises to make the generational leap and get back in control.

In the past year, Check Point has been focused on building that architecture and finding the best way to deliver it.

I'm very excited to start 2018 with some of these announcements.

So last week, in our Check Point Experience 360 or CPX360 conference, we reached several milestones in addressing Gen V threats.

We launched our new security management appliances that are capable of consolidating the key functions of security management: high-speed event collection and correlation; security policy management and monitoring; security governance management; and multiuser, multisite management capabilities.

This is a natural extension to our leadership in security management.

We gave a preview of our new cloud security family.

Cloud is a critical element and the major vulnerability in today's computing environment.

We believe that the vast majority of data breaches last year were the result of weaknesses in cloud security.

But cloud security isn't a simple thing.

It actually captures a wide range of solutions just like the cloud itself.

Cloud security needs to cover the infrastructure-as-a-service model that is delivered by cloud providers such as AWS and Azure.

This infrastructure provided the many services that need to be secured and monitored.

It also includes the software-as-a-service or SaaS model that is provided by application vendors in services like Office 365, G Suite, salesforce.com and many others.

For many people -- for many years, people have considering securing SaaS application as mission impossible given the fact that these are closed application environments that aren't open to change.

To be able to secure the cloud, you'll need to address a very wide range of environments and technologies, and I believe that we are ready to start making this impossible mission possible.

So next week, we expect to formally launch CloudGuard, a new family of cloud security solutions under the Infinity architecture umbrella.

We have designed CloudGuard to provide the best-in-class SaaS security capabilities, enabling the utilization of Check Point's advanced threat prevention tools in most common SaaS application.

It also addresses the key vulnerability of the cloud environment and the fact that it is open to account takeover.

We will be launching a new technology called [IDX] that addresses that challenge in a way that hasn't been done before.

Under the CloudGuard umbrella, we will also unify additional Check Point cloud technologies for infrastructure-as-a-service environment.

Last and not least, deploying this depth and breadth of technologies even after consolidation can be quite complex.

We've launched what I believe is a breakthrough in business model for security consumption.

It enables enterprises to get full coverage for all security needs with a fixed price subscription model per user.

This model includes everything needed to secure the enterprise, consolidating more than 20 families of security software, including the needed hardware appliances, providing all the included subscriptions and support services, all included in a single and predictable price model.

In my more than 30 years of experience in the IT industry, I haven't seen a model like this.

I believe that this model can be a real breakthrough in exposing the C Suite into the opportunity of jumping ahead into Gen V cyber protection.

We've also started the year with a more aggressive marketing plan.

We launched our largest-ever sales partner and customers conference in Barcelona last week with close to 3,000 participants.

We're going to repeat it with an even bigger one in Las Vegas next week.

All together, the reaction from our customers and partners are extremely positive with regards to our new initiatives in the Gen V strategy.

They've shown real interest in the Infinity Total Protection consumption model.

Cloud has captured the attention of the audience and got a high level of interest, so I believe that we are starting 2018 with a great strategy and a nice road map of things to come throughout the year.

And of course, not without some challenges that I already mentioned before.

So this is a good opportunity to talk about our projection for 2018 and the first quarter.

As a reminder, you know my regular caveat.

It's hard to predict the future.

There are risks, challenges, changes, and there are upside opportunities.

With that said, revenue for the full year are expected to be between $1.2 billion to $2 billion...

$1.9 billion.

$1.9 billion.

Sorry, $1.9 billion to $2 billion.

Sorry, I confused with the 2. So now $1.9 billion to $2 billion.

Non-GAAP earnings per share is expected to be between $5.50 to $5.90.

GAAP EPS is expected to be approximately $0.62 less.

For the first quarter, revenues are going to be in the range of $440 million to $460 million and earnings per share in the range of $1.25 to $1.30.

GAAP EPS is expected to be approximately $0.14 less.

With that, I'd like to open the call for your insightful question and looking forward for your great feedback on our strategy.

(Operator Instructions) Our first question comes from the line of Brad Zelnick with Crédit Suisse.

So Gil, you've talked about the execution issues that the company has faced since last quarter.

I was hoping you can just help us to better understand what's changed internally because this is the same team that has delivered so well for many years prior.

And what is it that you can see that gives you the optimism that this only takes 2 or 3 quarters to fix?

And as well, just in terms of external versus internal, not all companies in your space are facing challenges.

There's a lot of change out there in the environment.

What can you tell us competitively versus internally?

Okay.

So these are like 3 different questions.

I'll try to address them.

I hope I'll remember by the third one, what it was, but let me start with that.

We -- last year, we've started making a lot of changes, especially in the U.S., about how do we access -- how do we approach the market.

I mean, we are facing new milestones.

We are getting close to the $2 billion mark.

And we wanted to set the right infrastructure to grow better and to address more customers and grow that business.

So with the -- we did a new coverage plan for accounts.

We've created new positions for addressing accounts.

We've created new regions that will focus on key sectors and so on.

And these changes include many changes in management, many changes in the field.

They include many new people.

And these things take time.

And unfortunately, they take a little bit longer than what I'd like them to take.

And I think they're mostly internally focused, and I hope that we will start to see to bear the fruits of these investments in a couple of quarters.

So that's for the first part.

You asked me about the competitive environment and what we see around.

So we remain in a very competitive environment.

So that's not new.

And I haven't seen a lot of changes there with that regard.

I think overall, we're in a healthy environment, even though it is a bit of a challenging one because there's many, many security vendors, there's many people approaching every customer with a lot of different ideas, not just direct competitor, not just people that sell things, that compete head to head with what we do, and it's pretty hard for the customer to devise the right strategy.

And I think the way the market is operating right now, it's almost impossible to get to the right security strategy, and that's why we launched the Gen V initiative.

And we're talking about the Gen V of security.

We want to demonstrate to the customers where they should be, we want to demonstrate to the customers where they are right now.

Let's be clear, most customers today are around Gen III, usually below Gen III of security, and we must make the generational gap to move all the way to Gen V. And to my belief, we have the only viable strategy to get them there, and I think that's what we are investing in for the future.

And just for Tal.

Tal, what tax rate is implied in the guidance?

So the tax rate -- if you notice in the last 2 years, in Q4, we have lower rates as a result of closure of lapse of statute of limitations in different countries.

So the assumption is 17% between Q1 to Q3 and 10% in Q4.

Our next question comes from the line of Anne Meisner with Susquehanna Financial Group.

First one is for Tal.

So the short-term deferred revenue was a bit below where most of us modeled it.

I know you don't guide that metric, but just not as strong as we've seen in prior Q4s.

I know you did discuss the anniversary of the increased blade bundles, but typically that is up a bit more sequentially if you look back in history, and I'm just wondering if you're seeing anything notable that would explain that, perhaps blade bundle attach rates or kind of different mix there or on renewals.

So there's 2 reasons.

One, we talked about the expected deceleration in subscription as a result of the fact that it's anniversary of the bundling.

And second, we said that the weaker quarter we had in the U.S. -- the fact is -- bear in mind that Q4 last year was phenomenal.

Okay.

And then just maintenance pricing is similar?

No changes there?

No changes there.

Pretty steady.

And then on the guidance, does the guidance assume any impact on ASC 606, the new accounting standard, maybe as it relates to commission, the treatment of commission?

No, nothing significant there.

Okay, great.

And then just a quick one for Gil.

Gil, can you please share with us your outlook on tuck-in M&A?

You really haven't done much of that recently, something that you've done on and off in the past.

I know it's partly a function of valuation, but I'm just wondering if you're looking to do a bit more of that at some point.

Maybe you can share the strategy there.

So yes, we are -- we keep looking quite actively in a potential M&A deal.

I think we're looking in some of the key areas, I won't name them to not expose too much, but you can guess which areas we're looking at.

The real challenge is not to find one point technology but to find technologies that will be of [roam] interest to the market and will fit our overall strategy and our overall architecture.

We have some good ideas actually, so I'm actually quite positive that in the next 6 months, we will find some interesting technologies that we can acquire.

Our next question comes from the line of Andrew Nowinski with Piper Jaffray.

(technical difficulty)

Anniversary-ing the subscription bundles, but the combination of product revenue and subscription revenue only increased about 2.8% year-over-year, which is well below the market growth rate and well below every other vendor, suggesting you're losing share.

So I guess are you concerned with that sharp deceleration in the growth of products and subscriptions?

And is there anything else that might explain why the other vendors are outpacing you other than the anniversary-ing of the bundles?

No, just the fact that America was weaker.

So it was -- while AMA and Europe were growing nicely, America was weaker.

So as a result, that's the 3% that you see in the P&L.

And also, again, last year, we had some major wins, so it is a tough compare.

But as we said, we did face some execution issues in the U.S. I think if you look at Europe and the rest of the world, it is good.

And if we're talking about general market share, we are actually seeing that we have very loyal customers.

Our renewal rates are some of the top in the industry.

We've actually keep winning more new customers.

And last year, we had this nice increase in the amount of business that we get from new customers.

So I think that we are making the right steps and we are seeing some good results.

And we -- except to some local weaknesses in execution, I think we should be right on that.

Okay, got it.

And then if I look back over the course of 2017, despite revenue coming in largely at the midpoint in each quarter, your free cash flow consistently exceeded expectations.

This quarter, it also exceeded, but if -- it looks like that was more attributable to the onetime deferred tax benefit.

And without that, free cash flow looks like it might have missed.

I guess do you see any changes to your free cash flow growth trajectory going forward for 2018?

I actually gave the numbers, excluding the income tax because it was a large effect, you're right.

And if I recall, it was 11% and 8% quarterly and annually.

So it was good, healthy growth in our operating cash flow regardless to the changes in the taxes, and we expect it to be in line next year.

So probably slightly above $1 billion next year as well.

That's the general high-level expectation.

Our next question comes from the line of Shaul Eyal with Oppenheimer.

Gil, Tal, so you guys are just coming out of your budget planning sessions over the course of the past few weeks most likely.

When thinking about your hiring plans as 2018 unfolds, can you guys share with us a little to maybe even quantify what's the sales and marketing, what's the R&D and maybe what's the overall number in terms of employees you guys are thinking about adding to the roster down the road to '18?

We don't have numbers in front of me, and I'm not sure that we want to share them.

But I think generally speaking, we will continue to invest especially in the sales force, we're going to also add people in all the other functions, in R&D and all the other places.

But the majority of investment will be on the sales force side.

That's where I think we have the opportunity.

That's where I think we need to get more customers and to get more coverage on the -- to the marketplace.

And maybe just to give you bit more color, when we -- as you said, we plan to increase our headcount even more than the midpoint of revenues.

Bear in mind, this year, if you remember, our plan was to decelerate or to have less operating margin in order to invest in the future, and we actually increased our operating margin from 54% to 55%.

The plan was 53%.

I'll tell you that next year, we expect to be pretty much in the midpoint of 52%, 53%.

You will see it when you will [build] the guidance, taking into account the tax rate that I gave you.

Obviously, we start the year lower, and the peak is in Q4, as every year.

So I think you have enough on that milestones that I gave you in order to build your plan for next year.

Understood.

Understood, Tal.

And if I may follow -- another question.

So Gil, you talked, I think, during your prepared remarks greatly about the cloud, about infrastructure-as-a-service.

Do you think that Check Point has all the necessary ingredients right now to go and challenge this market?

Do you feel that maybe you might be a little bit behind?

Or you think that you're a little bit ahead?

What's the current thinking from a product perspective, from a strategic perspective about cloud and infrastructure-as-a-service?

So I think that we are a little bit ahead in this marketplace, definitely ahead of what customers are investing and I think a little bit ahead of the competition in that.

We definitely don't have everything that's needed.

And I think one of the big challenges of the cloud in general and the infrastructure-as-a-service in particular, that it's offered hundreds of different services.

So we might be the best, for example, in providing threat prevention, intrusion prevention, network security capabilities for the cloud.

But to secure the cloud, you need much more than that, and the -- unlike an enterprise network.

But if you -- so that if you secure the perimeter, everything inside is less susceptible to attack because it's protected.

In the cloud, it doesn't work that way.

You may have a hundred different services being utilized by the company, and they are all exposed on the public Internet, in the mainstream of the Internet.

So we are building -- so we have a strategy for that.

We are building better solutions.

We are looking at additional technologies.

And I think that's definitely major area for our strategic expansion.

Our next question comes from the line of Walter Pritchard with Citi.

Question for Gil.

Can you -- just come in terms of the changes on the sales side, are you now done making changes?

Or are there any further changes going into the year that were significant that, to some degree, changed the timing of that stabilizing as you look into the first half of '18?

Well, we're never done.

I mean, if -- again, if -- when the -- let's put it this way.

We -- the -- if the results are excellent, you want to do more and you want to accelerate.

If the results in some places are less than perfect, you want to make the changes and keep it better.

If the people are new, you can never say that we're done because in a few months, we will know which people are successful and which people need more help and support.

So I think overall, we made the big changes that we wanted, we are in line with where we are.

And I think now we will start to make adjustments.

I think time will tell if it will be only minor adjustments or we'll be -- we'll also need slightly bigger fixes in some places.

And then, Tal, just a follow-up on the tax rate.

I heard -- we heard you for this year.

I think a lot of companies have seen sort of volatility in 2018 tax rates and then something that settles out beyond 2018.

Is there any difference in what you might expect in tax rate beyond 2018?

Not at this point of time, no.

Not based on what I know today.

Our next question comes from the line of Shebly Seyrafi with FBN Securities.

So my channel checks indicate that Palo Alto really picked up its game over the past 2 to 3 quarters.

So I know you blamed a lot of the issues on the sales changes you made recently, but how much of it is external specifically with Palo Alto Networks?

I believe that most of our challenges and execution are internal.

I don't -- again, I'm not running their business, so I can't comment about the good or not-so-good things that they've been executing.

I think we have some good channels that like what we do.

They are -- I think that we are putting all the right emphasis in place and then I think that we can do better in many places.

Okay.

And how many quarters do you think it'll take you to normalize the Americas?

I hope that it's about -- that we're about 2 quarters away, but you can never know.

I think my sales team is a little bit more optimistic, and I think -- they think that we can see results even before that.

But it can take longer.

Again, you can never know.

Okay.

And I think Tal said that the hiring growth expectation in 2018 is going to be more than the midpoint of your revenue growth guidance, which is 5%.

So just 2 questions.

What was the ending headcount?

And specifically, what kind of hiring growth do you think it'll be?

Do you think it'll be like 10%?

High single digits?

Just elaborate.

So I think probably -- again, we don't provide this for competitive reasons, so I apologize, I cannot tell you.

But you can see -- if you calculate the margins based on the guidance that we gave you, you'll see that we plan to be around 52% most of the year and pick up in Q4 to get to the total number.

And so you can see it's not overacceleration, but it's more than the revenues.

That's one.

Bearing to account that we had quite a large effect of the currencies as the dollar weakened against the Israeli shekel, the euro, the British pound and a few main other local currencies, so next year guidance takes into account that weakening of the dollar versus the main currencies.

Okay.

And last one for me.

You -- your large deal activity greater than 1 million was up 11% year-to-year, which was pretty strong.

How do you jibe that strong large deal activity with the relative weakness in the Americas?

A good question.

I mean, we're not looking for excuses, but last year, we had very, very, very large deal, which is, in the comparable, made it very hard for us to achieve the growth between Q4 and Q4.

That's why I said that our comparables were very tough.

But instead of making these excuses, I just said we need to continue and improve our execution.

We got this.

But that's the explanation.

We actually had very nice transactions above -- or customers that purchased more than $1 million.

You're right, there was a nice increase there.

But in the dollar amount, there were a -- 1 or 2 very large deals last year that skewed the dollar amount and hurt the total bookings.

Our next question comes from the line of Michael Turits with Raymond James.

Just had a question.

First for Gil.

Gil, can you drill down perhaps on the character of demand and whether or not it's shifting from any particular product categories to any others right now?

I think that -- first, we are trying to address 2 different -- or more than 2 different -- we're trying to address multiple markets, some in the product -- specific product markets.

People renew their gateways, people refresh their infrastructure and so on.

And this is one market.

And of course, we're trying -- this is the main market [without] security gateway.

We're also trying to address additional security markets like mobile, like cloud, like advanced threat prevention.

Then there's the bigger challenge that we're trying to address, which is the challenge of Gen V cyber-security or the overall security architecture for the customers.

So I think on all of them, we see healthy demand.

It's not that we see that any market is weak, but I think the biggest challenge is to address the larger one, the Gen V, the architectural win across the customer, because that's the real solution to bringing the market forward and to bring customer to the new generation.

And frankly, financially, that also has a very high potential to gain share within an account and with many new accounts as we take a big role in their total security architecture and not being placed into just a niche.

Even though it's the largest niche, the network security one, it's still just a part of the security infrastructure.

I think that all of them we're seeing a pretty healthy demand, but it's just about renewing and refreshing, and I think customers don't like to spend much more.

When it's about expanding, customers have more budget and they are more ready to invest it.

So I think if we can help them consolidate, we can grow our business in a significant way and we can actually help our customers lower their total cost of ownership and also in a pretty significant manner.

And then, Tal, can you comment on 2 trends?

One, discounting.

Where are we in terms of discounting, particularly on maintenance?

And is that going well in terms of what the strategy is?

And second, where are you in terms of sales turnover?

Has it troughed at this point during the transition?

So I'll say, first, on the discounts, we've seen stabilization already a few quarters.

So it continues, which is good.

Talking specifically to your question on the maintenance, so remember, when -- what affects the growth of the updated maintenance in the quarters and in the future is basically what happened to the discount.

So the good news is the discount stabilized already 2 or 3 quarters since we talked about it.

And the growth in new product revenues.

So in theory, with the new pricing that majority of the new products are launched as a subscription or as an Infinity model, then the lines of subscription and the line of support and the line of product has been sucked into the subscription line in a sense.

So remember that there can be movement between the lines.

So the discount didn't reduce, but if product is...

It didn't increase.

Didn't increase the discount, sorry, but if the product doesn't grow, then you see a deceleration in the updated maintenance.

And then my question on sales turnover and sales turnover and attrition.

Has that troughed during this transition?

So we actually saw an increase.

You remember we talked about it, we said we made many changes as a result of this change, and many people moved position.

There was some increase in the churn, and we've seen stabilization of that around Q4.

Our next question comes from the line of Philip Winslow with Wells Fargo.

I just want to focus on just the price environment out there just on the product side.

Just any sort of changes that you may have noticed over the course of the past year just on the new sales or replacements.

In terms of the pricing environment, again it remains competitive.

But on the same time, our focus is on delivering more value and delivering better security and delivering more advanced security services.

And I think on that, we're doing quite well.

We had a lot of -- more customers.

We actually were surprised to see how many customers are using our SandBlast technology on their gateways, and that increases the value and so on.

So I think overall, I can't say that last year was a -- I mean, I don't know if there was a major change last year.

It was relatively stable throughout 2017.

Yes, I think if I'm recalling, subscription actually -- update and maintenance stabilized, product picked up a bit.

There is a competition out there, but nothing overdramatic in regard of a financial change there.

(inaudible) cyber, 10 years ago, let's be clear.

Yes, let's...

But it's stable compared to last year, not compared to 5 or 10 years ago.

Yes, so second derivative hasn't changed.

Got it.

Our next question comes from the line of Gregg Moskowitz with Cowen and Company.

A question for Gil about Infinity Total Protection.

So it's a comprehensive subscription-based security offering, as you outlined, that should be valuable to some of your customers.

At the same time, I would imagine that providing security across network, cloud, end point and mobile doesn't come cheap.

So if you were to look at your average customer today, can you give us a sense of how meaningful an increase in spend is required to adopt Infinity Total Protection?

It actually depends how it's being used.

I think it's -- if it's being used just to replace the current product, very slight increase.

If it's being used to replace many other security technologies on the enterprise or to make massive changes in the infrastructure, it can be a dramatic decrease in the total cost of ownership because it does include all the key security technologies: Advanced Threat Prevention, advanced endpoint protection.

And not more technologies in all the areas of security, but actually, if you look at all of them, the value which you provide is an amazing value for that measure.

And I think the main challenge here is to drive it all the way up to the C-level because on the different silos, people will see only their domain and this is covering more than one domain.

It covers the -- almost the entire security spectrum of an enterprise.

Okay.

And then just for Tal, I know that you don't explicitly guide to product revenue.

But just to help everyone from a modeling standpoint, is there any high-level color that you can provide on product revenue for 2018?

Or more specifically, do you believe that product revenue can return to growth at some point over the course of the year?

The answer is yes.

In the second half of the year, I expect to see a positive growth in the product.

Remember, there's a range there between $1.9 billion and $2 billion, right.

But in general, the answer is absolutely yes.

And I will say bear in mind that also, the thing that is quite harder to predict is the move to Infinity, how many customers will choose the model of Infinity, how will it be split between the lines based on fair value and so on.

So that's how I look at the total number and less on the split between the lines.

Our next question comes from the line of Keith Weiss with Morgan Stanley.

I think this is a question for probably Gil and Tal.

I mean, the sort of the new pricing model, sort of like giving a broad suite across 20 different product functionalities on a per-user basis sounds really interesting in an industry that's moving more and more towards consolidated solutions.

I was hoping you could give us some understanding kind of how pricing is going to work on that.

How do you think about that in terms of sort of potential uplift into existing customers?

Or sort of like is it going to move -- like you're saying, Tal, is it completely a subscription model?

Is it completely an appliance model?

How do we see that sort of working into the model over time?

Well, it's early to say how much it will move into the model.

I think it has a nice potential.

The model itself is extremely simple.

It's a single price per user per year.

And it includes everything.

It has -- it includes the software, it includes the appliances.

And I think that's the -- and it includes the subscription and the associated services.

So it's quite a revolutionary product.

Again, it's hard to -- it sounds very simple, but it's a little bit hard to digest it because I don't think that there's other models like that in the IT industry in general, not just in the security space.

If you want to, I guess we'll be happy to walk you through that and see how it can work.

I think in general, it can be a great model both for existing customers and very much for new customers.

Got it.

And any indication of what type of uplift you would see from like a -- one of your existing customers moving to that type of model?

That obviously depends which customer because it depends how many technologies he's already using, how many solution he's already using.

If he's still in the world of NGFW or firewall and he moves to that, it can be a more significant uplift, but it moves him all the way to Gen V security solution, covering end point, cloud and the network.

If he's already an advanced customer that covers Next Generation Threat Extraction or Prevention and SandBlast, then there'll be a lower lift.

So it really depends on the starting point.

I...

Got it.

And then for a more product focused question.

You talked about CloudGuard and ability to create real protection for SaaS-based applications.

When we've heard other vendors talk about this, it's usually in the context of some type of CASB solution.

Should we think about CloudGuard in that kind of model?

Or is it a different type of technology we're talking about here?

It's a different kind of technology.

Most CASB technologies are about monitoring or about detection of things, asset management and so on.

This is a really revolutionary model.

It talks about putting the most sophisticated security services, threat prevention services to cloud applications.

So just as an example, when you upload, download, send a file through a cloud application, the file will be checked with the most advanced threat prevention technology, with the SandBlast technology.

So this is one element, which I think is very important.

It doesn't exist today.

And for -- of course, prevent a malicious file from getting through, there's many, many other capabilities, encryption, DLP and so on, that are also included in that.

And resolve the issue of account takeover.

One of the biggest -- the #1 threat today in any cloud environment is that somebody's just getting the account, getting the credentials of a user and, through that, getting to the entire enterprise.

And I think we've created a very unique technology, simple, but I think a breakthrough technology that if you're using your device and you're using your account, we won't prevent somebody else from another device to use that, and we will stop that right away.

And again, that's also very different than CASB solutions.

It's not a new authentication technology, it's just making sure that the user is the -- that the device and then the user are combined together and there's no account takeover that happens.

Got it.

And Gil, if I could sneak one last in and a broader kind of industry question for you as an industry expert.

We were talking -- you're talking earlier about sort of infrastructure-as-a-service and Check Point being a leader in terms of the solutions necessary to protect infrastructure-as-a-service.

But there's a lot of debate going on amongst investors on sort of when that opportunity is actually going to materialize.

You have companies like AWS who are already sort of $20 billion run rate businesses, and it doesn't seem like any of the security vendors have a big sort of -- a lot of revenue streaming from that opportunity.

And the fear from investors is that the cloud vendors are just going to do it themselves, that AWS will have their own firewalling capability and they'll just protect their workloads on their own infrastructure themselves, and there's not going to be an opportunity.

Where do you fall on that side of the argument?

Do you think this opens up to be a large opportunity for security vendors themselves?

Or are the cloud vendors going to become more of a competitive threat over time?

I think, first, the risk and the -- definitely a risk there.

But I -- in all of our experience and I think taking 25 years of experience in that industry, every vendor in networking, in operating system, in every application was trying it one time in systems, was trying at one time to become a security vendor.

And none of them, by the way, was successful.

And if you look at -- and I think we've competed in the last 25 years with everyone, from IBM, to HP, to Microsoft, to name a few, and I can name many, many more big names and none of them became a security vendor.

And the reason is that security needs to be an overlay that grows.

First, it goes beyond what the vendor provides.

The vendor main business is to provide more computing environment and not more security, and what -- and our job is to take it a step forward.

And second, and I think that's the most important, is to manage security and to apply security on a cross-platform basis.

And I think that's the key element.

That's another key element that's needed.

So I still think that there's going to be an opportunity for security in the cloud.

It may not be identical to what we've seen in the physical world.

It may not be the same gateways or the same security places.

And I think we're very well aware of that, and that's why we are building new technologies and new models to combat that, because we're not just trying to copy the security that we had on the traditional network to the cloud environment.

Our next question comes from the line of Sterling Auty with JPMorgan.

I wanted to circle all the way back to follow up on a question that Anne asked early on.

And it's regarding 606.

I just want to confirm that you are shifting to 606 in terms of the revenue recognition.

Are you doing modified or full retrospective in terms of the restatement?

And what type of impact do you expect on the revenue recognition?

So you have 2 items there that are theoretically relevant.

One is the revenue recognition and the second is the commission.

Now we don't expect any of it to be a material effect on our year-to-year numbers.

You will have an effect -- obviously, the accounting has to put it in the balance sheet on the year before to put the effect on the retained earnings, but there's not going to be a material effect there going forward.

Okay.

And are you going to do the modified or full retrospective?

So how are we going to see the comparisons moving forward?

It's -- again, it's not -- you won't need it because it's quite a small number.

So you will have an -- probably, you will see in the 20-F an adjustment that shows you before and after, but we don't expect it to be material.

Our final question comes from the line of John DiFucci with Jefferies.

I actually have a follow-up to -- I think it was Keith's 13th question.

And it's for Gil.

Gil, you said you're ahead of others in the cloud market.

And -- but it sounds like it's really early out there.

I know you've had virtual appliances for a while, but CloudGuard's really a new concept.

Are enterprises still in their infancy when it comes to cloud adoption?

Or is there -- is this more of the entire security community really trying to play catch-up to accommodate the adoption as it's just moving really quickly right now?

I'm just trying to understand how that's all evolving.

So first, it's not one answer that applies to everyone, and the cloud is obviously a large business.

But if you look at major enterprises, which represents the majority of our customers, most of them still have their infrastructure on their private data center or private cloud and not on the public cloud.

All of them or almost all of them have some experiment and some things on the cloud, but the majority of the infrastructure is not yet there.

So they're really in their infancy in adoption.

There are a few customers, large and small, that built large businesses and large operations on the cloud.

And for these people, the cloud is a significant business.

And they are not big consumers of cloud security yet at the moment.

Then again, it also represents an opportunity.

So these are the 2 major audiences.

Now in general, the way the cloud was built and the way the security was built, it was delivered by the DevOps people that are -- that have delivered the cloud solution.

They are using a lot of things.

They're using the open-source tools, using the APIs and tools kits widely available out there.

And they -- and I think they were the ones -- or even the way things -- all -- everything on the cloud, not just security, was implemented.

I think what we've seen in previous market -- it's not the first market that have been evolved like that.

The Internet in general has been evolved like that, what -- based on technological mavericks that had pushed things forward, used open-source things, used open toolkits and moved it forward.

And when the market starts to mature, there starts to form categories of technologies that become more commercial, more standardized because, again, not every organization wants to build your own tool and not every organization has the expertise, not every organization can afford this.

And mainly, organization, when they scale up things, they need to move into a higher-grade tools.

And I think that will be a similar phenomenon in the cloud itself.

We're seeing it really in every organization.

But -- there wasn't like a threefold of how to do security on the cloud, but it was more the developer did something.

If they did good, they are reasonably protected.

We've also seen -- again, with the large data leakage incidents from last year, you can see that some large organization haven't done an adequate job in protecting the cloud.

Thank you.

I would like to turn the call back over now to Mr. Meintzer for any closing remarks.

Thank you, everyone, for joining us today.

If you have any further questions, again send an email or pop me a call on the work line.

And we look forward to seeing you throughout the quarter at the conferences and in your offices.

So have a great day, and this is Kip signing off.

Thanks, guys.

Bye-bye.

Thank you very much.

Thank you.

Thank you.

This concludes today's teleconference.

You may disconnect your lines at this time.

Thank you for your participation, and have a wonderful day.