Gen Digital Inc (GEN) 2015 Q3 法說會逐字稿

Good day, and welcome to the Symantec's third-quarter 2015 earnings conference call. Today's call is being recorded. At this time, I would like to turn the call over to Ms. Helyn Corcos, Vice President of Investor Relations. Please go ahead.

Good afternoon, and thank you for joining our call to discuss third-quarter 2015 earnings results.

By now, you should have had the opportunity to review our earnings release and supplemental information. We've also posted a presentation that complements our prepared remarks. If you have not reviewed these documents, they can be found on the Investor Relations homepage. A copy of today's prepared remarks will be available on the website after our call is completed.

Participants on today's call are Mike Brown, Symantec's President and CEO, and Thomas Seifert, Executive Vice President and CFO. This is a live call and will be available for replay via webcast on our website.

I'd like to remind everyone that we provide year-over-year constant currency growth rates in our prepared remarks except for statements about net income and EPS. All references to financial metrics are non-GAAP unless otherwise stated. Also implied billings refer to revenue plus the change in sequential deferred revenue, and we've provided a trended history of this metric in our supplemental information in both as reported and at constant currency rates.

I'd like to take this opportunity to highlight a few dates for you. Mike will be presenting at the Goldman Sachs Technology Conference on February 11, and we will be holding our Financial Analyst Day in New York on April 17. We intend to announce our fourth quarter earnings on May 14.

Please note non-GAAP financial measures referenced during the call are reconciled to their comparable GAAP financial measure in the press release and supplemental materials posted on our website. Today's call contain forward-looking statements based on the environment as we currently see it. Those statements are based on current beliefs, assumptions, and expectations, speak only as of the current date, and as such involve risks and uncertainties that may us actual results to differ materially from our current expectations.

Please refer to the cautionary statement in our press release for more information. You will also find a detailed discussion about our risk factors in our filings with the SEC, and in particular in our annual report on Form 10-K for the year ended March 28, 2014.

Now I'd like to introduce our CEO, Mr. Mike Brown. Go ahead, Mike.

Thank you Helyn.

Separating our security and information management businesses has already begun to improve both our strategic focus and operational discipline. Our employees, partners, and customers are energized about our future, and our momentum is accelerating.

We continue to execute on our five key priorities, especially in managing our businesses as a portfolio which resulted in operating margin and EPS that exceeded guidance this quarter, achieving our operating margin target of 30%, implied billings growth of 3% year-over-year on a constant currency basis, marking our third consecutive quarter of implied billings growth, and year-over-year deferred revenue growth for the first time in six quarters.

Now I'd like to discuss the progress we've made in more detail in each of our three segments, starting with our Veritas business. Revenue growth in our information management segment accelerated to 5% year-over-year from 3% in the September quarter, driven by double-digit revenue growth in NetBackup software, NetBackup appliances and Enterprise Vault.cloud.

Last week we unveiled the new name of our stand-alone information management Company, Veritas Technologies Corporation. Veritas remains a powerful brand that still has tremendous equity with our customers, partners, and employees.

The need for information management solutions continues to accelerate with growth in unstructured data projected to increase at 42% per year. This trend is underpinning the growth we're seeing in this business. We continue to outpace the market with 15% year-over-year revenue growth in NetBackup software. Our NetBackup appliances grew 22% year-over-year driven by the October launch of our NetBackup 5330 appliance, which delivers twice the performance and capacity of prior models making the management of information even simpler and less expensive.

Similarly, in archiving we had key releases that enabled our customers to access their archive content anywhere, including on mobile devices and to archive nearly any type of content. We are gaining share in all of these markets.

Veritas will continue to aggressively enhance its industry-leading backup and recovery, storage management, clustering, disaster recovery, archiving, and e-discovery core solutions with releases planned across all key products over the upcoming year. Those solutions will also create a foundation for new information availability and insight technologies that will help customers unlock the value of their data to help drive business productivity and profitability.

By extending current product capabilities, leveraging IT and developing differentiated architectures, Veritas will bring next-generation solutions to market designed for the hybrid cloud throughout the upcoming year. Two examples of these solutions include the information map and the IT resiliency platform.

First, the information map is a cloud-based service that provides a global view of all the information across an organization in a simple and rapidly deployed solution. The information map is the first application that will leverage our information fabric technology and the catalog from NetBackup, the most commonly installed backup platform in the world.

Second, the IT resiliency platform, due out this summer, is a new business continuity software solution, providing one-click application recovery automation for complex enterprise hybrid clouds. Late last year, we announced a joint partnership to also deliver this capability as a complete service offering with HP services in the HP Helion OpenStack cloud platform. Both form factors reduce business risk and expense by bringing simplicity to complex enterprise operation.

We shared our security strategy when we announced the separation of our businesses on October 9. The three pillars of our unified security strategy are, first, provide a unified security global analytics platform that leverages the intelligence of our enterprise and consumer offerings augmented by third-party data to provide secure outcomes to customers better than anyone else; second, simplify our enterprise security product portfolio by delivering newly developed integrated advanced threat protection and information protection.

We've already simplified our Norton offerings to a single product, and third, grow our cybersecurity service capabilities. We continue to make progress in realizing our strategy, particularly in leveraging our telemetry to deliver better threat protection for customers.

Now let me discuss some of the progress we've made in our consumer and enterprise securities segments. As the largest provider of security for consumers, we continue to protect customers against increasingly sophisticated threats. As an example, we recently uncovered a zero-day vulnerability which affects several versions of Adobe Flash player. Consumers with the latest Norton security updates were protected against this threat.

Our previous efforts to simplify our Norton product portfolio and exit unprofitable OEM products resulted in 1,055 basis point of year-over-year operating margin expansion. As we noted in our last earnings call more transparency and automatic renewals in Norton along with our decision to exit certain unprofitable OEM and retail channel arrangements result in negative year over-year-revenue comparisons in the Norton business over the next several quarters.

Norton revenue was down 7% year-over-year to $461 million. However, the net impact of eliminating unprofitable revenue and lower operating expenses more than offset lower revenue, resulting in 15% year-over-year growth in operating income. We believe we can mitigate the revenue declines in Norton by improving online customer acquisitions, enhancing the customer experience, transitioning Norton customers to a subscription service, and by providing a virus removal guarantee to customers who opt in to auto renewal.

Since Norton revenue is ratable, we expect the next four quarters of year-over-year declines to be at the magnitude we are seeing today. However, the rate of decline should start to moderate as revenue compares ease after that. Throughout this period, we expect to maintain operating margins above 50%.

Moving to our enterprise security segment, today, most advanced threats exploit endpoints to steal financial data and intellectual property. With our market-leading position at the enterprise endpoint we are well-positioned to help customers counter these trends. Symantec endpoint protection, or SEPs revenue growth of 5% year-over-year underscores our continued leadership in endpoint security, the largest segment of the security market. In a moment I will discuss how we will further extend our endpoint leadership through our upcoming advanced threat protection offerings.

Unified security is our name for Symantec strategy to collect massive amounts of security-relevant telemetry from the global footprint of our products, researchers, and third parties in our global intelligence networks. To accelerate our efforts in harnessing this telemetry and building the next-generation analytics platform, we've hired 65 engineers and data scientists from Narus, a Boeing subsidiary recognized as a leader in cybersecurity big data analytics, as well as acquired certain technology rights. Symantec will leverage Narus' talent and expertise in data science, big data analytics, and machine learning to deliver on our unified strategy.

Coupled with efforts to enhance our analytics capability, we have organic developed a highly innovative advanced threat protection, or ATP solution, which consists of three modules. These modules cover the critical control point of network, email, and endpoint. Our ATP Network solution can scan or block malicious traffic using all of Symantec's industry-leading technologies and our new Cynic virtual execution sandbox capabilities.

ATP Network will correlates suspicious traffic with endpoint and email activity monitored by other Symantec products. With this product we will provide a differentiated capability in prioritizing incidents for security professionals to help them cope with the increasing number of false positives that occur with competitors' products. For example when malware is detected on the network a security professional will be able to see that [SEP] or Email Security.cloud has successfully blocked it, eliminating the need for further remediation. ATP Network will ship in the June quarter.

ATP email extends our Email Security.cloud offering by providing additional visibility into targeted attacks delivered via email, a common attack vector for advanced threats. ATP Email will also ship in the June quarter.

ATP Endpoint will collect endpoint activity data from our SEP agents and apply machine learning algorithms for detection and prioritization of suspicious files and behaviors. ATP Endpoint compares customer specific data with our insight reputation global data and can submit files to Cynic to reduce false positives and increase the confidence of detections.

The security professional can then direct SEP to black-list and eradicate these threats. ATP Endpoint will ship in the September quarter. Importantly, ATP Endpoint is not a SEP replacement but a complementary add-on product that makes customers' investments in over 100 million Symantec endpoints more valuable.

With these ATP products Symantec will be well-positioned to address not only better protection but also detection and response. Customers will be able to purchase any of our three ATP components together, or may leverage investments they've already made in third-party network solutions by purchasing any of our ATP offerings separately.

Now I'd like to touch on our information protection product family, where we're bringing two new cloud solutions to market. A comprehensive security solution not only keeps threats out of an organization that it also keeps critical proprietary information in. Symantec's information protection products, including our flagship DLP offering, are the industry leaders with nearly twice the market share of our closest competitor.

Our information protection solution will enhance advanced persistent threat detection intelligence by providing additional telemetry regarding location, access, and movement of confidential information. This telemetry can then be profiled and correlated with our other products to better detect advanced threat activity. For example in the case of a large network breach, since DLP knows which user machines actually store the most confidential information, security professionals can start at the source of greatest risk.

We are well-positioned to leverage our DLP market leadership to protect enterprise data stored in the cloud and on mobile devices. In the December quarter, we launched two new DLP cloud solutions, DLP for cloud email for Microsoft Office 365 Exchange and DLP for Amazon Web Services.

Finally, I'd like to discuss our cybersecurity services, which addresses a $10 billion market opportunity by 2018 growing at a 30% compound annual growth rate. We are the only Company in the world with the breadth of cybersecurity services that includes our market-leading security monitoring services, incident response services, managed adversary threat intelligence services, and security simulation services.

In the December quarter, we launched our managed adversary and threat intelligence annual subscription service which provides clients with advanced warning and intelligence on key threat actors, and their emerging tactics, techniques, and procedures. This quarter we are launching the cybersecurity simulation service, and we have already secured a large European government as a customer.

This week we launched our incident response retainer service in North America and the UK. This service allows customers to take a more proactive approach by identifying gaps in their existing incident response programs and deploying defense capabilities in advance of the security incident to reduce the time to identification and eradication of the threat.

As the world's largest security Company monitoring 4.3 trillion global threats in real-time with more than 500 full-time researchers, we continue to uncover new threats every day. We were the first to publish on Regin, identifying the advanced spying tool that displays a degree of technical competence rarely seen, exhibiting traits reminiscent of other sophisticated malware families like Stuxnet.

We will continue to move quickly in making the changes required to ensure Symantec as a more successful future, and in doing so we will stay focused on executing to deliver for customers, employees, and shareholders. We look forward to outlining our business model targets for Veritas, consumer security, and enterprise security in more detail at our Financial Analyst Day on April 17.

Now I'll turn it over to Thomas to provide a review of our financial results and guidance.

Thank you, Mike, and good afternoon.

Both Symantec's operating margin and earnings per share exceeded guidance. We drove operating margin above our 30% target, and at guided rates we delivered revenue within our guidance range.

The US dollar continued to appreciate significantly against major currencies during the December quarter, creating a headwind of $60 million to our revenue, and $183 million to deferred revenue on a year-over-year basis. Our implied billings were up 3% year-over-year marking our third consecutive quarter of growth. The number of large deals greater than $300,000 grew 21% with strength in financial services, insurance, and information technology. On a constant currency basis deferred revenue grew 1% to $3.5 billion.

License revenue continued its improving trend from last quarter, growing 20% year-over-year and 35% on a sequential basis. Strength in license revenue was driven by enterprise backup and appliances. Enterprise subscriptions increased 3% year-over-year, accounting for 15% of total revenue.

Moving now to our business segments, in consumer security we continue to drive operating margin higher increasing 10.6 percentage point year-over-year to 53%. As Mike discussed, we exited certain unprofitable OEM and retail channel arrangements, as well as provided greater transparency on automatic renewals, which are adversely affecting revenue and billings in Norton over the next several quarters.

Revenue in the period was down 7% year-over-year to $461 million. Enterprise security revenue was flat year-over-year at $509 million. Our endpoint protection and DLP products grew 5% and 2%, respectively. This was offset by weakness in endpoint management and mail and web security.

GAAP operating margin declined to 17% compared to 20% in the year-ago period, driven by higher support spend. Information management revenue increased 5% year-over-year to $668 million. NetBackup appliances and software generated strong year-over-year growth of 22% and 15%, respectively. Strength in NetBackup was offset by weaknesses in Backup Exec.

GAAP operating margin improved sequentially to 25% compared to 20% last quarter, but was down versus 27% in the year-ago period, due to higher commissions. Gross margin decreased 30 basis point year-over-year to 84.1%, driven by growth in our lower margin appliance business. We achieved an operating margin of 30.4%, 140 basis point expansion year-over-year through a combination of pricing optimization and improved renewals processes which drove enhanced top line performance, coupled with profit improvement programs such as optimizing the Norton business.

We incurred restructuring costs of $39 million and separation costs of $29 million during the December quarter. As we noted last quarter, we are reducing our workforce and taking steps to improve our cost structure as we prepare for the separation. We expect the remainder of these charges to occur in the March and June quarters. Net income of $367 million resulted in fully diluted earnings per share of $0.53, up 2% year-over-year.

Now turning to cash flow and share purchases, cash flow from operating activities totaled $358 million, up 9% year-over-year driven by the ongoing reductions in our cost structuring. Sequentially, cash flow from operations was up 107% from $173 million. Capital expenditures were $101 million as we continue to build our IT and cloud infrastructure. We returned to $229 million to shareholders during the December quarter via share repurchases and dividends; $104 million was in the form of cash dividends, and $125 million was used to repurchase 4.9 million shares at a average share price of $25.63.

We have $283 million remaining under the current stock repurchase authorization. We remain confident in the strength of our cash flow generation and continue to be committed to returning value to our shareholders. With this goal in mind, our Board of Directors has approved a new $1 billion share repurchase program.

Now, I'd like to briefly discuss some of our revenue and cost initiatives. We reached our fiscal year target for renewal initiatives with a greater focus on value selling and process improvement. In license compliance, we have ramped the team to conduct more than three times the number of audits year-to-day than we completed in FY14. In the fourth quarter we expect to conduct more than 10 times the number of FY14 audits.

With our cost saving initiatives for the second consecutive quarter, we've realized the benefits of optimizing the Norton segment. We are focusing our global footprint reduction efforts to optimize our labs, data centers and location for two standalone companies.

Before I review our guidance, I'd like to discuss the progress we are making to complete the separation of the Veritas and security businesses by calendar year end. We finalized the planning phase of the separation and are advancing to the execution phase, and our separation activities remain on track. Let me review some of the important milestones that we have achieved.

First, we have chosen Veritas Technologies Corporation as the name for the information management Company and plan to relaunch the Veritas brand in a phased approach over the coming months. Second, we've named key leaders as well as sales and product personnel for both businesses. The Veritas and Symantec sales organization will be operating independently as the new fiscal year begins.

Third, in the area of consumer and partner contracts, we have made significant progress in allocating products and services between Veritas and Symantec. Fourth, we've begun building an ERP solution for Veritas and are well underway towards separating IT infrastructure. Fifth, we finalized key real estate decisions and made substantial progress in creating the appropriate legal entities and corporate infrastructure to separate the Companies, and consequently we're on track to make Veritas operational as a stand-alone Company in October.

Over the coming months, we'll complete carved-out financial statements and prepare the Form 10 to be filed with the SEC by August. At our financial analyst event, we will provide more detailed information including financial targets for each business.

Now turning to guidance, in the beginning of the fiscal year, we set our guidance at an exchange rate of $1.38. At that rate, we expect to achieve revenue growth year-over-year as reported and exceed our original FY15 guidance on all metrics. We are now providing FY15 guidance at the weighted average exchange rate of $1.28. Using the exchange rate, we expect FY15 revenue to be between $6.515 billion and $6.575 billion, operating margins between 27.5% and 27.7%, and EPS between $1.87 and $1.90.

With the continuing strengthening of the dollar against other major currencies, we are expecting an FX headwind of approximately 5.5 percentage points to our year-over-year revenue growth in the March quarter. At an exchange rate of $1.16, we expect March quarter revenue between $1.525 billion to $1.585 billion with operating margins between 26.5% to 27.5%, resulting in EPS of $0.42 to $0.45. The Company's operating margin will be lower in the March quarter compared to the December quarter due to typical seasonality and the FX impact.

In conclusion, I'm pleased with the progress the team has made in better aligning our cost structure and setting the path to growth. I look forward to sharing more details on our progress at the Financial Analyst Day, and with this, I'll turn it over to Helyn to begin taking your questions.

Thank you Thomas. Operator, will you begin polling for questions?

Thank you.

(Operator Instructions)

We would take our first question from Walter Pritchard from Citi.

Thanks. On the security side, I'm wondering, it feels like your endpoint business is performing well. Last time we had an update on that business, it was a big part of that security business. Can you talk about with the outlook looks like? You highlighted endpoint management and mail and web as drags on that business. Is there anything on your road map that you think will help to mitigate some of the declines you're seeing and help the SEP business which I think is the lion's share of that business, the growth there, shine through?

Walter, we are continuing to improve our SEP, or endpoint product, which you're right, is the flagship of our enterprise security portfolio. With continued releases, we would expect to keep up with some of the trends we need to, to better protect from attacks. I think significantly, as you referred to, the ATP series is a set of modules that are complementary products. ATP Endpoint will obviously be a complementary product that will better protect the endpoint but it also derives strength from the modules that we'll be selling with that.

ATP Network for example will be attacking a completely new market for us to better protect incoming attacks that occurred over network traffic. We're excited about the continued growth we're seeing in the endpoint product. We're going to continue to enhance that product, but the ATP solution is something that will be additive to our revenue and the enterprise security portfolio.

Thomas, for you, on the buyback, the $1 billion, I might have missed this because I was hopping around on calls, the $1 billion that you announced, you pretty much have continued the $125 million per quarter on the buyback. Should we think about that $1 billion, is it all impacting the run rate at which you buyback stock?

Not at this point. We were down to slightly above $280 million remaining in the previous authorization. At the run rate we had that you correctly mentioned, that was not enough of a [sell] buffer. We were rather public that we were going to continue the capital distribution policy that we have in place to date, at least until the separation takes place. This new authorization is really enabling to continue with what we have in place, and at this point in time, [not a] contemplation to increase the run rate.

Okay, great. Thanks for taking the questions.

We'll take our next question from Raimo Lenschow from Barclays.

Thanks for taking the question. A question for Thomas. Thomas, if you look at the improvement in margins so far they are very impressive, and you keep working on inefficiencies. How do we have to think as we go through the year in terms of pre- and post-separation? Are there things that you can do after the separation that is not possible today? Or are you driving this toward optimum level, and then as we have to separate the Company, we just have to live with the revenue growth? Thank you.

Very good question. Of course, we think, and we've said that before that the momentum that is building through the initiatives and driving the organization to a better focus on efficiencies, that momentum will carry into the new fiscal year, and we will carry that momentum also in both entities after the split. Of course the rate of improvement is going to slow down a bit. It's going to plateau.

We were also public saying that some of these savings, we are going to reinvest, especially on the securities side. On the Symantec side we're going to reinvest some of the efficiency gains into innovation and R&D spend. You could expect improvement beyond separation, but probably at a slower pace.

Thank you. I'm done.

We will go next to Brad Zelnick with Jefferies.

Thank you very much for taking my question. I wanted to focus on the consumer business. Even with consumer revenues down 11%, you were able to maintain 43% operating margin, 10 points better than the prior year, which is, again, very impressive and similar to last quarter. Last quarter 7 of those 10 points came from a year-on-year improvement to the OEM fees that were not paid as they were in the prior year. I'm assuming that is similar in this quarter, but what I'm trying to understand is for every dollar you save in OEM fees, in the period you forgo multiple quarters of revenue for the unit you didn't acquire. What I guess I'm trying to ask is, how sustainable should we think about the margin improvement being?

Brad, I think about it as being very sustainable. One of the things that you point out about the OEM placement fees is they should help pay for an ongoing stream or you could think of it as an annuity. What you find when you look at the actual results from [placing] with OEMs is first of all you're not assured that for the business they do that's not direct, for example what they sell through retail, you can be replaced even before the consumer sees your product. We were finding that with large retailers that many of them exert their own power to put whatever consumer protection product they would like on there, depending on how they are paid.

Those in turn end up being a lower rate of renewals. The business is driven off, how well you can improve renewal rates. Rather than rely on this chain, a very uncertain transaction, us to the OEM, the OEM to the retailer, the retailer to the consumer, we're choosing to focus on improving the online acquisitions, going direct to the consumer, improving the customer experience, and then improving the renewal rate. That's one of the reasons why we simplified the product line and have gone to subscription service. That will take us a number of quarters to be able to convert most of our Norton consumers to a subscription service, but when we do that we believe we'll have a very sustainable business and get away from the headwind we are facing right now that relates to auto renewal policy changes.

I appreciate that color, Michael. As we think about this shift to more of a subscription service on that journey, can consumer be down double digits at constant currency? I think it was down 7% this quarter, but when we put our models together what does that trajectory look like? I appreciate the backdrop, but operating income for that segment is up 15% for this quarter which is extremely impressive, and you've done a great job managing the segment.

As we said, we expect for the next several quarters to have rates of decline that are equivalent to this magnitude. Then we would expect the compares to ease or improve so that, that trend is moderated, and obviously we will keep you updated as we go through that.

Thanks again for taking my questions.

Sure.

We will go next to Philip Winslow with Credit Suisse.

Thanks, guys. Congrats on a great quarter, particularly on the margins side. My question, I actually wanted to focus on license growth. I was looking back at my model. I think it's been over a decade since we've had two quarters of constant currency license growth north of 20%. My question is, I know we have an easy comp here these last couple of quarters, but you've also made so many changes in the past 18, 24 months on just the go-to-market strategy. How do you feel those are paying off? How do you expect license to trend moving forward?

Thomas would probably have a comment on this in a minute, but before he comments, I would just say that the license growth we're seeing is driven by some particular products as we mentioned. If you look at the strength that's being driven by our enterprise NetBackup business and our appliance business, we are both growing share in that business right now, and we are focusing more of our resources in the backup business towards the enterprise.

For example on the appliance business, we just introduced the 5330 at the end of last quarter. It doubled the capacity and performance of the previous model that was in the market. We're really addressing a whole new market segment there, and we would expect that we'll be able to continue not only to expand that globally because it was introduced first in North America with that product, but also we'll continue to make improvements in capacity and performance. We feel like that trend has some staying power.

Not much to add from my side. I think we see the benefits of the go-to-market changes that have been initiated. Unfortunately, some of the progress is camouflaged or headwinded by currency topics for the time being, but the soundness of the transformation, attacking some of the root causes of the underperformance in the past seemed to be rather effective. That's why we are quite content with the profits we have achieved so far.

Great, guys, and congrats again on a great performance, and also congrats on that acquisition of Narus. I thought that was one of the coolest vendors at RSA this last year. Congrats on that.

Thank you.

We'll take our next question from Brent Thill with UBS.

Thanks. Just on the network side, you guys have typically shied away, but with the Boeing acquisition that was at least chattered as having network monitoring capabilities. You just mentioned now you're entering ATP with network. Is this a new strategy at Symantec? You're no longer going to shy away from the network, and you're going to make a much stronger proactive push this way going forward?

Brent, I wouldn't view it as a new strategy. It's really just reflecting the fact that network traffic is an important area to understand when you're trying to analyze the threat. If you'll recall, when we several quarters ago we introduced our first ATP offering which was Managed Security Service ATP, it also took advantage of a partnership that we have with three of the next-generation firewall providers, Cisco's Sourcefire, [PELS Networks], and CheckPoint.

It's not indication that we're going into network. Don't expect us to be delivering a next-generation firewall product, but we are recognizing that adding that telemetry to what we already do in terms of understanding from the other control points like mail and email, like web, like endpoint, is an important element in understanding be whole. We'll continue to partner there, and if we can provide a product like we're doing the ATP Network that complements an investment in a firewall, you can expect something like that from us.

Just quickly, Michael, you mentioned north of the 50% operating margin you can maintain in the consumer business, I guess this just blends into the next generation of endpoints. You're seeing this new breed of solutions entering the market from a lot of competitors. When you think about -- clearly, there's been some inefficiencies in that business that you're addressing, which is great to see. But the question I get a lot from investors is -- are you putting enough in the innovation pipeline to get out with something here? The question is, can you continue to maintain that type of margin while blocking these next-generation vendors coming in with the new series of endpoints?

One of the things that is often missed is that there's tremendous leverage between the consumer business and enterprise business at the endpoint. All of the innovations that we talk about for enterprise endpoints are also in our consumer product, and in fact, as consumers subscribe, they are getting more of a real-time improvement in product capability.

In addition to the real-time signature updates which people were getting before the products, now you can actually get improvements in the functionality rather than waiting for renewal cycle and downloading the next version. We are keeping consumers every bit as protected with advanced features, use of high capability analytical engines that we have, and sourcing that vast telemetry that we like to talk about, that 4.3 trillion objects in real-time that we're monitoring globally. Consumers are benefiting from that just as our enterprise customers are.

Great, thank you.

We'll go next to Keith Weiss from Morgan Stanley.

Thank you, guys, and thank you for taking the question. I just wanted to dig into the concept of the consumer subscription a little bit, to get a better understanding of what we're talking about here. I've always thought about the Norton business as, at least a recurring revenues stream, if not a subscription, what do you exactly mean by a consumer subscription now? Is it a price increase that's going to help the monetization there?

I think of it in two ways. One is that we are able to keep customers protected and avoid this question of an annual renewal cycle. This is something where we made changes to the business recently, somewhat in response to changes in consumer protection in EMEA, but was rolled out worldwide. If you think about it, every time you present the customer with a renewal opportunity and have to make a choice there's an opportunity for leakage in the business. If someone is a subscriber then they maintain their subscription until they opt out. That's what we mean by going to a subscription basis.

This is the second way to think about it. A customer benefits here because we're not waiting for a renewal and a download. That means rather than a one-year cycle, at the end of that period, and then I downloaded a new version, we can provide more continuous updates to the customer in terms of functionality of the capability delivered from the cloud. It's just a more modern way of protecting consumers. They get better protection, and we think they'll be a better business model that results for Norton and Symantec.

Got it. You call it a subscription, and it gets around the idea of not having to do an auto renewal anymore, because the subscription can be open ended?

Right. That's right.

When we think about Symantec endpoint protection in some of the new functionalities coming out on ATP, you said it's going to be a separate product. Do you foresee doing any bundling? We've seem a lot of new functionally coming out of the endpoint, and it tends to get bundled into an endpoint security suite over time. What's your confidence that this is going to be an independent separate product that you will be able to get some pricing power from, versus something that over time is just going to get bundled to what is the endpoint agent?

If I think about one way your question could be going, it's how inconvenient is this for customers, and actually it's designed with customer convenience in mind. It takes a large enterprise something on the order of two years to implement a new endpoint protection, and that's because it needs to be qualified and tested. You not only have to replace perhaps an endpoint product with a new endpoint, but also the endpoint manager needs to be replaced at the server level. Rather than ask our customers to go through some kind of two-year upgrade cycle, they're able to add this complementary product of ATP Endpoint and get this advanced capability while leaving their current investment in SEP leveraged.

Of course that will be at a different price point because this will be a separate capability that we'll be offering from what people have traditionally bought with endpoints. As it relates to future packages down the road, it will be too early to say. We'll have to see what customer feedback we get, as we launch this initial ATP solution with the three modules. We'll certainly be looking for their feedback on what's the best way to buy security, in addition to continuing to offer services for those customers that don't want to go through that process of trying to integrate products themselves. We view expanded services as another growth opportunity.

Excellent. Thank you guys.

We'll take our next question from Matt Niknam with Goldman Sachs.

Hi, guys. Thank you for taking the question. I just wanted to dig into some of the momentum that you've referenced as you begun separating the two business. How do you ensure this momentum continues in the face of some the ongoing headcount reductions in the business? Thanks.

The momentum is really driven by what we are seeing. Let's start with the Veritas business, as the opportunities that we're focused on. We feel like we're focused on some of these higher growth opportunities where we have real advantage. We've talked often about NetBackup as being the premier backup product for enterprises, and we are gaining share in that right now. We are investing and improving NetBackup with more frequently releases. We expect that to continue to be able to drive strength. It's the same with the appliances which has been one of our fastest-growing businesses, and we are clearly gaining share. We're now the number two in that market.

I think the headcount reduction is separate. There, we are looking for some efficiencies, and we're being smart about where we would take that headcount reduction. That doesn't get in the way of providing better products for customers, R&D, or the selling motion where we have productive territory. I really see them as two different activities that we're looking very carefully at, the connection between where we can get continued growth but still drive efficiencies and not slow down our progress.

I think it's important that we especially protect the momentum in two areas, on the innovation front and on the go-to-market side. On the innovation side, we hardly touched our overall R&D spend. We're putting a lot of focus into productivity measures, getting faster turn, agile deployment, and more efficient development processes, but we're hardly touching R&D from an overall spend perspective in order to protect the innovation momentum.

On the go-to-market side, we have accelerated the separation. I've been talking about getting operational separation for the two entities by October. We plan to enter the new fiscal year starting in April, however, with two separate sales organizations. The sales leadership has been dedicated. The coverage models have been defined. Sales compensation and quotas have been rolled out, so we can make sure that we are not impacting that momentum during the year but are in the right starting positions with the first day of the new fiscal year.

Thomas brings up a good point on the go-to-market motions. We in fact had increased the number of quota carrying salespeople while bringing total sales headcount down. Leadership for each of these two sales forces has already been meeting to start planning FY16 in Q1, so it's certainly our intent to have as a smooth the transition as possible to the beginning of next fiscal year when we'll have those sales forces completely dedicated.

Understood, thank you.

Thank you.

We'll go next to Nikolay Beliov from Bank of America.

Hi, thank you for taking my question. I have a question around enterprise subscriptions. According to my calculation, it is a $1 billion business which is very sizable compared to stand-alone software-as-a-service players and growing 3%. With customers consuming technology more, the software-as-a-service, can you remind us what [business] are in these bucket, and maybe how this business can accelerate the growth levels here?

Nikolai, you're really asking what parts of our product line and enterprise security are cloud?

I'm talking about enterprise subscriptions.

I think that's about 15% or so of our total enterprise security business. Helyn is reminding me, total revenue of Symantec. Is that --

Total revenue, yes.

Thanks for the correction. It's really the email protection. Email.cloud would be the largest product line there, the largest offering.

Got it. I also have a question on enterprise maintenance, with licensed recovering nicely the last couple of quarters, are we at a point where enterprise maintenance has turned the curve, and has actually turned positive? [In growth rate?]

I think that would be a fair description from a momentum perspective. This is one of the areas where we think we've hit the turning point.

Thank you.

We will take our next question from Pat Walravens from JMP Group.

Great, thank you. I was wondering if you could walk us to the decision process for keeping the Veritas name? Was that a difficult decision?

Sure, Pat. We stepped back and looked at what is the brand equity for Veritas because that was an obvious choice to make, so we undertook some research there with customers and partners. Probably no surprise to you and many of the folks up follow us, we kept the Veritas name in some of the product lines that we've had. In particular, the storage foundation, cluster server products, still very much identified with Veritas.

Then we also took a look at other names we could use. Of course, that would've cost us a lot more to be able to invest in launching another name, and quickly concluded that it made sense, both from the tremendous positive brand equity there was in the Veritas name of customers, partners, employees certainly. That made it a very simple choice relative to the additional costs that we would have incurred been trying to launch a new name to the marketplace.

Great. Thank you.

Sure.

We will go next to Michael Turits with Raymond James.

Good evening. Two questions, one product, just on the new ATP Network or sandbox [product], what is the architecture of that product broadly? In other words, is it an appliance or software? Is it a cloud components? Anything you can describe would be helpful.

Interestingly enough, Michael, it's all three of those. It will be an appliance. Of course, it's software loaded on that appliance, and it uses the cloud. In a nutshell, some of the key capabilities of that product, we will be able to through the software prioritize the incidents we see from the traffic that we are analyzing. That's key from a productivity standpoint because one of the things that we've talked about before is the complex problem that security operations professionals have. They've got to look through a tremendous number of alerts and identify quickly what are false positives here and what's already been remediated.

The ATP Network product particularly in combination with our ATP Endpoint product you're going to be able to see if something you're observing as a potential attack has already been remediated on the endpoint. A tremendous benefit by looking at these capabilities together, and then the ability to prioritize those incidents is a tremendous productivity improvement.

Delivered from the cloud will be something we call Cynic that I referenced in my earlier remarks. This is the virtual execution engine, the sandbox capability, and we believe this will be certainly best in class because we are now able to prevent attacks from what we're calling malware aware threats. The malware has become more sophisticated in evolving to know if it is in a sandbox. We've got a way around that to force it to expose itself so that we can detonate that.

Also delivered from the cloud is the correlation with that telemetry data that we have. That's a capability we called Synapse, so we'll be able to see what you're seeing on the network and how does that correlate with our 4.3 trillion threats that we are monitoring. An appliance obviously using the software and definitely utilizing cloud capability.

But the virtual execution engine or sandbox is in the cloud?

That's right.

Then I had a question for Thomas. Anything you can do to help us out on the direction for cash flow this year? You did $1.3 billion in cash from ops last year. I think we have been expecting that the cash impact from restructuring to be about $100 million this year, so it makes sense just to think of it as $100 million down from last year?

Unfortunately, I think I said this on the last call, we understand this year is a bit messy. We'll think for the Analyst Day whether we finally get to a point where we provide cash flow guidance on a quarterly basis. We will have more impacts than just separation and restructuring impact. We also said that in order to move our business model we would see some increased IT and infrastructure spend to consolidate sites, to consolidate data centers.

Then we had some one-times, especially this quarter on the cash flow side, not so much from the separation but with respect to tax payments. We ended this quarter at $358 million. For the fourth quarter, we will be up probably 20% including all the separation and restructuring charges.

Up 20% sequentially or year-over-year in the fourth quarter?

Sequentially.

Okay, thank you.

We'll take our next question from Aaron Schwartz with Macquarie.

Thank you very much. I just had one question on the enterprise security business. That business on a constant currency basis was flat on an easier comp arguably, and a pretty strong spending environment. Can you either walk through -- is there something that you're seeing in bookings that's a little different than what you called out on the revenue? Or does that business just have a couple of products that are going to be naturally a drag here in the near-term, and you're really depending on some of these new or more innovative products to come out to see some sustainable growth there? Thanks.

Aaron, I think both of what you said are true. We have some products that are not growing that we called out here, but we're seeing in terms of the business activity significant improvements that lead us to believe that in FY16, our next fiscal year, we'll definitely see growth from the enterprise security segment. In particular, we're excited about the ATP products because those are additional revenue coming from new products that provide complementary capabilities.

Our DLP business continues to grow. We're twice as big as the next competitor there. We've seen that grow in the last couple of quarters, and we continue to add some new capabilities to make sure we have the best DLP capability out here. We talked in my earlier remarks about two new cloud offerings that we are having there. We're going to be introducing this quarter, I should say. I am confident we're going to see some growth from enterprise security in FY16.

Great, thank you very much.

We'll go next to Matt Hedberg with RBC Capital Markets.

Thanks. This actually Matt Swanson on for Matt. There seems to be a debate among IT buyers about the advantages between point solutions and a congruent full suite. As you guys working here to grow the product portfolio, how is that helping when you're having these customer conversations compared to smaller vendors in areas like email and APT and backup, for instance?

I think there are two concepts that you're talking about. One is the advantage of suites, and the other is size of vendor. I'll just talk about size of vendor first. I think it's a tremendous a tremendous advantage to be able to supply customers, not only with a range of products, but also the support that's required and the benefit of a historical ongoing relationship. I think as it relates to the size of vendor, if we can provide something that is competitive in the marketplace, I think we have an advantage versus the many small companies, start-ups out there. Even though they've got something that could be interesting, it's very complex to be integrating all of these point solutions.

I'd say that if there is something that truly offers incredible advantage, the largest enterprise customers are going to be willing to take a look at that, but even they have to be selective and it take up a lot of their resources to be able to understand all these products and integrate them. We should have an advantage at Symantec giving our size and scale. One of the things that we're banking on, as you can tell from our strategy, is taking advantage of all that threat telemetry. It's not just the technology capability, but what do we see out there in terms of the threats? How can we make our customers smarter?

We've already got some interesting proof points of customers being able to see more about what's going on and protect themselves better by taking advantage of that vast threat telemetry that we offer. That's why we think the ATP solutions are going to be so powerful in the marketplace.

Thanks, guys.

Operator, I see we're at the top of the hour, so that will be our last question.

Thank you. I'd like to turn the conference back over to Mr. Brown for any closing remarks.

Thank you very much for joining us today, and we look forward to seeing you at our Financial Analyst Day in New York on April 17.

Thank you, everyone. That does conclude today's conference. We thank you for your participation.