Palo Alto Networks (TICKER: PANW) Palo Alto Networks Inc Panw Ceo Nikesh Arora On Q3 2021 Results Earnings Call Transcript

Palo Alto Networks, Inc. (NASDAQ:PANW) Q3 2021 Earnings Conference Call May 20, 2021 5:00 PM ET Company Participants Walter Pritchard - SVP, IR Nikesh Arora - Chairman and Chief Executive Officer Dipak Golechha - Chief Financial Officer Lee Klarich - Chief Product Officer Conference Call Participants Brian Essex - Goldman Sachs Fatima Boolani - UBS Keith Weiss - Morgan Stanley Sterling Auty - JPMorgan Saket Kalia - Barclays Matt Hedberg - RBC Tal Liani - BofA Keith Bachman - BMO Gray Powell - BTIG Adam Tindle - Raymond James Michael Turits - KeyBanc Patrick Colville - Deutsche Bank Operator Good afternoon and thank you for joining us for today's conference call to discuss Palo Alto Networks' Fiscal Third Quarter 2021 Financial Results. I am Walter Pritchard, Senior Vice President of Investor Relations and Corporate Development. This call is being broadcast live over the web and can be accessed on the Investors section of our website at investors.paloaltonetworks.com. With me on today's call are Nikesh Arora, our Chairman and Chief Executive Officer; Dipak Golechha, our Chief Financial Officer; and Lee Klarich, our Chief Product Officer. This afternoon, we issued a press release announcing our results for the fiscal third quarter ended April 30, 2021. If you would like a copy of the release, you can access it online on our website. We would like to remind you that during the course of this conference call, management will make forward-looking statements, including statements regarding the impact of COVID-19 and the SolarWinds attack on our business, our customers, the enterprise and cybersecurity industry, and global economic conditions; our belief that cyber-attacks will continue to escalate, our expectations regarding the single equity structure, our expectations related to financial guidance, operating metrics, and modeling points for the fiscal fourth quarter and fiscal year 2021; our expectations regarding our business strategy, our competitive position and the demand and market opportunity for our products and subscriptions, benefits and timing of new products, features, subscription offerings, as well as other financial and operating trends. These forward-looking statements involve a number of risks and uncertainties, some of which are beyond our control, which could cause actual results to differ materially from those anticipated by these statements. These forward-looking statements apply as of today. You should not rely on them as representing our views in the future, and we undertake no obligation to update these statements after this call. For a more detailed description of these factors that could cause actual results to differ, please refer to our quarterly report on Form 10-Q filed with the SEC on February 23, 2021, and our earnings release posted a few minutes ago on our website and filed with the SEC on Form 8-K. Also please note that certain financial measures we use on this call are expressed on a non-GAAP basis and have been adjusted to exclude certain charges. For historical periods, we have provided reconciliations of these non-GAAP financial measures to our GAAP financial measures in the supplemental financial information that can be found in the Investors section of our website located at investors.paloaltonetworks.com. And finally, once we have completed our formal remarks, we will be posting them to our Investor Relations website under the Quarterly Results section. We'd also like to inform you that we'll be virtually participating in the JPMorgan 49th Annual Global Technology, Media and Telecommunications Conference on May 24 and the BofA Securities 2021 Global Technology Conference at June 8. Please also see the Investors section of our website for additional information about conferences that we may be participating in. And with that, I'd like to turn the call over to Nikesh. Nikesh Arora Thank you, Walter. Good afternoon and thank you for joining us today for our earnings call. Let me begin with the current cybersecurity landscape. After the December SolarStorm attack, we saw an acceleration in attacks throughout our third quarter and after the quarter closed. These range from software supply chain attacks like SolarWinds and Codecov to ransomware attacks like Colonial Pipeline. Ransomware especially has been in the spotlight recently and data from our own Unit 42 shows that the average ransom paid in 2020 tripled from 2019 and in 2021 it's more than doubled again. The highest demand we've seen is $50 million, up from $30 million in 2020, with organized groups with near nation state discipline perpetrating coordinated attacks. The targets are not only corporations where healthcare and pharma is a focus with the pandemic, but also government organizations and shared infrastructure. The reason for this vulnerability is deep seated. Organizations run their operations on technology that is decades old, sometimes predating the internet. They continually bolt on new technologies to automate facilities, and make them compatible with the modern internet, but those platforms are inherently insecure. At the same time, cyber defenses are fragmented, making it very challenging to block sophisticated attacks and lengthening meantime to discovery and repair. Lastly, more and more businesses and consumers are coming online without a baseline of productive protection. In such a scenario, it is imperative that customers focus on securing their most critical assets, while also focusing on reducing the fragmentation and leveraging new technologies like artificial intelligence, machine learning and using those approaches. With that backdrop, let's focus on our results. Overall, we saw continued strong demand environment and our own continued execution drove Q3 billings revenue and EPS side of guidance. We saw billings growth accelerated 27% in Q3 ahead of our 24% revenue growth forecast with growing ratable revenue contribution. I want to highlight one dynamic regarding our billings to help you better understand the drivers. During COVID, some customers were asking for annual billing plans to meet their needs. We noted to you that we saw success with larger, more strategic transactions in Q3. Along with these deals, we saw an uptick in annual billings plans. Normalizing for this, our billings would have grown greater than 28%, nearly two points higher than we reported, which is the highest billing growth we have seen in the third quarter since Q3 of fiscal year 2018. Last year, we saw billings plan have an approximate one point impact along with billings. We also saw 38% growth in our remaining performance obligations. This metric is growing faster than both revenue and deferred revenue, and will be a source of consistent revenue growth in the future. Within the strong performance, we also saw 71% growth in ARR or annualized recurring revenue from our next generation security offerings, where we finished our third quarter at $970 million up from $840 million in Q2. These ARR, billing and RPO trends drove 24% year-over-year growth in our reported revenue. It's worth noting, given your attention to NGS ARR, that in the very first week, in the first day of Q4, we transacted one of our largest next generation security deals in the history of Palo Alto Networks, with a Fortune 30 manufacturer, which brought in $7 million in NGS ARR. So we're already at $980 million on the first day of this quarter. With the acceleration and incremental NGS ARR in Q3 and trends we see in the business, we continue to have confidence in our Q4 targets of $1.15 billion in [ending] (ph) NGS ARR. As part of the strong Q3 performance, we saw notable momentum in large transactions with 901 customers having spent $1 million Palo Alto Networks in the last four quarters. This cohort of customers was up 29% year-over-year growing ahead of our overall revenue and billings growth. This growth in active [indiscernible] customers has accelerated in recent quarters. As part of this large deal performance, our business is benefiting from growing adoption of multiple Palo Alto Network security platforms across startup [indiscernible]. In Q3, 70% of our global 2000 customers have purchased products from more than one of these platforms and 41% have purchased all three platforms. This is up from 58% and 25% two years ago. Turning to our product areas, earlier this year we started the dialogue around network security and cloud and AI and shared additional financial metrics to give you more transparency. Having these two product areas under the common umbrella of our world class R&D and go-to-market organization is key to our strategy being the largest cybersecurity company in the world. Starting with the network security side of our business, we are the leader in this business. Our strategy of selling customers leading firewall platform delivered to hardware, software or as a service form factor underpins our success in this market. This has resulted in the business that is 28% larger than our next peer on a revenue basis in Q3. Also if we look at leading indicators that include deferred revenue and RPO, our scale comes through even further, we are 40% to 50% larger. On this leading balance sheet metrics, we're growing faster than our next peer. Three years ago, when I joined Palo Alto Networks, we were hardware based Firewall Company. We had a vision of a hybrid world where the enterprise and data centers would remain predominantly hardware oriented, growing adoption of software form factors like our VM series firewalls. Meanwhile, the remote access and remote office work, this opportunity has been transformed by cloud adoption and work-from-home trends to feel secure access service edge or SASE adoption. The reception to our strategy of delivering a firewall and multiple form factors has enabled the accelerating Firewall as a Platform growth rates we just showed you. Within our Firewall as Platform billings, we're seeing a distinct mix shift towards software. The software mix, which includes our VMs and SASE business, now makes a 40% of Firewall as a Platform, up 21 percentage points from a year ago. We saw seven figure transactions for our software firewall capability, including VM and CN-Series with a U.S. government agency, a Fortune 30 manufacturer, and a diversified financial services company. While, we have seen the significant transition and form factors, one driver of growth in value in our business, our attach subscription support have grown at a steady rate over the last several quarters on a revenue basis. We expect the software mix to continue to increase in the medium-term, although along with this, we expect to continue to see attach subscription as a key growth driver. We're showing you for the first time here, the NetSec annualized recurring revenue, which was 2.66 billion at the end of Q3 and grew 25%. As a reminder, this does not include our hardware business, which continues to be significant. This recurring revenue business is a key driver to strong cash generation, which we have guided to 42% for NetSec in FY 2021. We believe this high degree of recurring revenue and strong cash flow generated by NetSec is something that should be more clear now, given this incremental disclosure over the last two quarters. Now, turning to innovation and focusing first on Prisma SaaS, back at the beginning of the pandemic, we saw customers look to significantly expand remote access capability, while not compromising security or user experience. We've met that demand with free remote access trials and broad proof-of-concepts, enabling customers to see that value in Prisma Access, as well as supporting the network transformation as they move to the cloud. We're seeing these efforts as well as momentum generated for the 2.0 launch, driving strong initial purchases and [indiscernible] expansions. This quarter, we saw a number of large Prisma Access transactions including a global technology company, a large manufacturer, and a Fortune 10 healthcare company, all eight figures or greater. Additionally over 25% of our Prisma Access new customers in Q3 were [net new] (ph) to Palo Alto Networks. Lastly, we're seeing early traction in our service provider partners for Prisma Access, including Comcast, Verizon, Orange Business Services. These relationships are part of broader initiatives to serve providers that we see as a significant growth opportunity. Just yesterday, we announced a significant release in network security focused around a comprehensive approach to Zero Trust. This is timed well and last week's executive order out of the White House that defines Zero Trust in a way that is very consistent with the Palo Alto Networks strategy. There has been a lot of noise in the industry around Zero Trust Network Access, a solution continue to be fragmented around either remote users, access control, or enterprise apps. Our approach covers all users and devices, all locations, all apps and the Internet applying consistent access control and security. Our new PAN-OS 10.1 release brings cloud based identity controls, integrated CASB and enhancements to our URL and DNS Security Services. Palo Alto Networks position across appliance, software and [SASE] (ph) is unique, and these new innovations are applicable to all our customers across all form factors. This is one of the most significant innovation releases for our next core, next generation firewall franchise, and gives us confidence in continued NetSec growth as we look forward. Now, moving on to cloud and AI, On the Prisma Cloud front, we continue to build on our early leadership position in Cloud Security Posture Management, Cloud Workload Protection capability, a marketplace delivered virtual firewalls, where we are the largest player across this opportunity set. Our strategy is to stay ahead of customer demand as they adopt cloud native security services across hyperscalars. We believe we've staked out a leadership position in cloud native security this business. We've achieved over $250 million in ARR across Prisma Cloud in our marketplace VM-Series. Fueling this growth is 39% growth in total customers and 38% growth in global 2,000 customers across Prisma Cloud. Our unique consumption model in Prisma Cloud based on credits, enables customers to use any of our modules across the cloud deployed workloads, including using multiple capabilities for workloads. We're seeing strong growth in credit consumption, with over 100% growth year-over-year in Q3. Despite our strong position with Prisma Cloud, targeting an early opportunity, we see the next big challenge in security at the developer level, or shift left security. We recently addressed this with our acquisition of Bridgecrew completed in Q3. Traditionally, security issues in code pose a challenge for the CCEL organization. And we're seeing leading companies drive a collaborative approach between the CCEL organizations to address this. Shift Left integrate security into the DevOps process to catch these issues upfront, where they are easy and quick to fix. It's a win for developers and a win for security. Bridgecrew has as an open source product; Checkov, this product delivers significant value to developers to a free download. Post the acquisition close on the release of 2.0 of Checkov, we our Bridgecrew download accelerate was also seeing strong momentum and speed customers, including a six figure customer in Q3. We're only in the very early stages of cross selling between Bridgecrew software and Prisma Cloud our cortex product area, we continue to focus on delivering significant volumes of innovation to XDR XOR, and our recently acquired expense product. In Q3, we deliver a new release of XDR, which expands endpoint query capability and improved visibility into network activity, XOR we significantly expand our market based partner integrations to increase the set of automation and security playbooks that customers can deploy. Seeing this result in steady cortex customer additions to XDR and extra customers, there were 2,400 customers starting from essentially scratch two years ago. Focus in innovation has been validated by the market as well. We were particularly proud of this validation where Cortex XDR in Q3 were regarded the best overall results in round three testing provider. Also in the recently released Forrester Wave, bring endpoint security software as a service market, named a leader. Source across 100 partner contributed content packs, and now has over 650 content packs in the marketplace. Our expanse offering was featured in Tim Jr.'s keynote this week at RSA, where research uncovered that one-third of leading organizations attack surface is susceptible to exposure and are the main avenue for ransomware. No other leading security company has the degree of visibility to identify and prevent today's most pernicious attack vector. Within Cortex, we are starting to see an uptick in large customer signings, such as a seven-figure transaction with the financial service firm, which included XRD Pro and XR. Last during Q3, we formed the new unit 42 under the leadership of Wendy Whitmore, who comes to Palo Alto Networks after building successful security services businesses. Our new team is a combination of two of the most capable teams in cybersecurity. The sepsis team is laser focused on the mission of conducting world class data breach investigations. Pas unit 42 team has focused on rapidly building threat intelligence and Developer Network products. This new unit 42 has completed over 1300 engagements in calendar, 2020, bringing to bear the power 140 consultants and responds to solar winds rant and ransomware attacks, Microsoft data breaches and other tax immobilizer consultants and rapid response engagements, which help customers through these difficult times. As we look forward, we're focused on using services to become an even more strategic partner to our customers. As I've reviewed with you here and should be evident innocuous results, we're seeing broad strength in our business across geographies and product areas. We see strength in our pipeline, and continued demand tailwind to remain strong, leading us to raise our FY 2021 guidance. I also want to update you on our plans we discussed in Q2 around exploring an equity structure for ClaiSec. We continue to focus on providing transparency for each part of our business. You'll notice the error for NetSec, which we've highlighted this quarter, we believe this has helped investors gain better insight into our overall financial profile, and especially understanding both sides of the business with a different growth and free cash flow characteristics. We have finished all the work required to file any form of equity on ClaiSec. However, given the state of the market, and offering extensive conditional shareholders we have decided at this point is best to continue with a single equity structure, and an integrated P&L postponing a decision to list ClaiSec equity. Lastly, we're excited to welcome Aparna Bawa, Chief Operating Officer at Zoom to Palo Alto Networks Board of Directors. She brings deep operational, financial and legal expertise, having served in diverse roles and rapidly growing tech companies such as Zoom, Magento and Nimble. Her addition comes off as February appointment of Dr. Helene Gayle to our Board. We continue to have a strong commitment to diversity at Palo Alto Networks, including at the most senior levels of governance in our company. With that, I'll turn the call over to Dipak Golechha, our CFO. We're excited to have Dipak step into the CFO role, enables smooth transition within our organization. He brings world-class experience. We're already seeing him bring someone's experience to bear in driving improvements. Over to you Dipak. Dipak Golechha Thanks, Nikesh. I'm excited and humbled to be part of this world-class leadership team. I look forward to driving total shareholder return. As Nikesh indicated, we have a strong third quarter as we continue to deliver winning innovation, while simultaneously adding new customers of pace. The strength gives us confidence to raise guidance for the year. We delivered billings of $1.3 billion, up 27% year-over-year, with strong growth across the Board and ahead of our guidance of 20% to 22% growth. We've continued to see some customers ask for billing plans. Many involving larger transactions as we become a more strategic partner to our customers. We've also use our Palo Alto Networks financial services financing capability here. The dollar-weighted contract duration for new subscriptions and support billings in the quarter were consistent year-over-year and remained at approximately three years. We added approximately 2,400 new customers in the quarter. Total deferred revenue at the end of Q3 was $4.4 billion, an increase a 30% year-over-year. Remaining performance obligation or RPO was $4.9 billion, an increase of 38% year-over-year. We continue to see these metrics is becoming more meaningful, as we drive growth from our ratable business. Our revenue of $1.07 billion grew 24% year-over-year ahead of our guidance of 21% to 22% growth driven by via billings and broad business strengths and amidst an increase in our audible subscription revenue. We remain focus on driving this high quality revenue with all new product offerings being pure or substantially all subscription in nature. Looking at growth by geography, the Americas grew 24%, EMEA grew 23% and APAC grew 25% showing broad executional excellence across the world. Q3 product revenue of $289 million increased 3% compared to prior year. Q3 subscription revenue of $474 million increased 34%. Support revenue of $311 million, increased 33%. In total, subscription and support revenue of $785 million increased 33% and accounted for 73% of total revenue. Our Q3 non-GAAP gross margin was 74.6%, which is down 60 basis points compared to last year, driven by product mix, which are less mature. Q3 non-GAAP operating margin was 17%, an increase of 60 basis points year-over-year. There are several factors driving our operating margins. We have revenue upside, lower travel and event expenses, due to COVID and some shift in spending out of Q3. At the same time, we continue to aggressively invest the growth largely in the areas of sale capacity and R&D investments. With health conditions improving and geographies of many of our facilities, including our Santa Clara, headquarters. We're seeing more employees look to return to the office. We expect this trend will continue to gain steam in Q4, reversing some of the savings we've seen in the last few quarters in our OpEx. Non-GAAP net income for the third quarter increased 22% to $140 million, or $1.38 per diluted share. Our non-GAAP effective tax rate for Q3 was 22%, the EPS expansion was driven by revenue growth and operating expense leverage with an undertone of strong investments of growths. On a GAAP basis for this quarter, net loss increased $140 million, or $1.50 per basic and diluted share. We ended the third quarter with 9,715 employees, including 39 from the Bridgecrew, at the close of acquisition. Turning to the balance sheet and cash flow statement, we finished April with cash, cash equivalents and investments of $3.8 billion. Q3 cash flow from operations $278 million, increased by 64% year-over-year. Free cash flow was $251 million, up to 100% at a margin of 23.4%. Our DSO was 60 days, a decrease from three days from the prior year period and flat from second quarter. Our Firewall as a Platform, or FWaaP, had another strong quarter, as we continue to grow faster than the market. FWaaP billings grew 26% in Q3, and we continue our transition from hardware and software and SaaS form factors as Nikesh highlighted. Our next generation security or NGS continues to expand, and now represents 27% of our total billings of $346 million, growing at 70% year-over-year. In the third quarter, we added $133 million in new NGS, ARR, reaching $973 million. The acquisition of Bridgecrew, added an immaterial amount to this number, and we remain confident in our plan to achieving $1.15 billion in NGS, ARR exiting fiscal year 2021. Turning now to guidance and modeling points. For the fourth quarter of 2021, we expect billings to be in the range of $1.695 billion to $1.715 billion, an increase of 22% to 23% year-over-year. We expect revenues to be in the range of $1.165 billion to $1.175 billion, an increase of 23% to 24% year-over-year. We expect non-GAAP ups to be in the range of $142 to $144, using 101 to 103 million shares. Additionally, I'd like to provide some modeling points. We expect our Q4 non-GAAP effective tax rate to remain at 22% and our CapEx in Q4 to be approximately $30 million to $35 million. As Nikesh indicated, we're seeing broad drivers across our business in Q3, driven by foundation of innovation and strong sales execution along with trends we see in our pipeline and the long trail demand tailwinds that remain strong, we're raising our fiscal year 2021 guidance. We expect billings to be in the range of $5.28 billion to $5.3 billion, an increase of 23% year-over-year. We continue to expect next generation security, ARR, to be approximately $1.15 billion, an increase of 77% year over year. We expect revenue to be in the range of $4.2 billion to $4.21 billion, an increase of 23% -- 24% year over year. We expect product revenue growth of 1% to 2% year over year. We expect operating margins to improve by 50%, 50 basis points year over year. We expect non-GAAP EPS to be in the range of $597, $599, using $99 to $101 million shares. We expect regarding free cash flow for the full year, we expect an adjusted free cash flow margin of approximately 30%. Now let's review our fiscal year projections for NetSec and ClaiSec. Overall, we are confirming our ClaiSec projections, while raising NetSec billings by 300 basis points and revenue by 100 basis points, given the strong performance of SASE, VM-Series and subscription business overall within that NetSec. Moving on to adjusted free cash flow. We expect Network Security will deliver a free cash flow margin of 42% in fiscal year '21, up from 38% in fiscal year '20. We continue to expect Cloud and AI free cash flow margin of minus 43% in fiscal year '21 an improvement from negative 59% in fiscal year 20. While we are focused on growth investments in Cloud and AI, overtime we expect Cloud and AI to -- to achieve growth, operating and free capital margins in line with industry benchmarks as we gain scale, our customer base matures and we become more efficient. In Q3 we repurchase $350 million in our own stock at an average price of $322. As of April 30, 2021, we have $652 million remaining available for repurchases. This is part of a broader capital allocation strategy focused on balancing priorities and maximizing total shareholder return. We start with fueling organic investments and managing priorities across innovation and go to market to set the foundation for sustainable growth the Palo Alto Networks. Second, we deploy capital for targeted acquisitions which accelerate this growth opportunity. We rigorously evaluate targets, focused on acquiring leading technology, retaining key members of the team and following through with integrating these acquisitions into our businesses. Finally, we work to optimize our capital structure using the options available to us in this dynamic market that includes deploying debts, using stock for M&A consideration and also buying back their own stock when we see it representing the good value. With that, let's move on to the Q&A portion of the call. Walter over to you. Question-and-Answer Session Operator Thanks. [Operator Instructions]. Our first question comes from Brian Essex from Goldman Sachs with Fatima Boolani from UBS on deck. Brian Essex Hey. Hi, thank you. Good afternoon and thank you for taking the question. Maybe for unit cash, we've seen a lot of solid outperformance relative expectations on a network security side. And nice performance this quarter with respect to Cloud and AI ARR growth. Wanted to get a better understanding, given that the outperformance has been on the network security side, how confident are you in your ability to hit that $1.150 billion guide for the full year? How do we think about, you know, how that business is performed relative to your expectations so far this year? Nikesh Arora Brian, remember, two or three years ago when we set out targets for next generation security business, we didn't have the muscle [indiscernible] networks to figure out how we can get out of the firewall business and have that sales force go out and actually go sell Cloud and AI. The good news is over the last two and a half years we're building muscle, we're learning how the market operates. It's kind of interesting, every one of these markets operate slightly differently. If you look at NGS, it's a combination of SASE, Prisma Cloud and Cortex. Now SASE's characteristic are a lot of the free trials we gave a few quarters ago and this whole push to work from home is forcing customers to think hard about their security stack and it's no longer, you can access half the apps, half the time, you need to be access -- able to access everything from wherever you are. So we're seeing network transformations and that's what's driving the success on SASE and some of the huge wins you had on Prisma access. As I mentioned one of the deals, which we closed and shipped on the first of this month is our largest SASE deal ever, which gave us $7 million of NGS ARR, so you can see approximately the quantum of that deal. So we're seeing a lot of traction on the access front and the SASE front, so that's good. Cortex is an interesting space, because we compete there with people like CrowdStrike and SentinelOne and the others. We're great on the product front as we've showed you the Forrester Wave and the MITRE results. We're trying to create more muscle around being able to do those deals. Those deals are typically, you got to -- because it's a competitive market, you got to do a whole bunch of deals there, and they all range in the $1 million to $5 million range with the higher end and the smaller below that. So you don't get lumpy deals as you have to do a lot more deals, so that's what we're doing on the Cortex front. Last, but not the least, on the cloud front, we got 2,250 customers, but there the deals end up being large deals that are slightly lumpy, and they have very high variability in duration and consumption. So some deals have moved in the cloud, how to buy credit to the next three years, how many credits do I need. They suddenly find their deployment is slower because they haven't deployed fully on GCP or AWS or Azure. Others, you'll say, they've been customers last three years. They're upping because they moved all their workloads to the cloud and their workload ramp is increased. So, all three of them have slightly different characteristics. That's why we end up in a portfolio situation. You saw this quarter we added about $133 million in net new NGS ARR, I just told you about seven more, because I felt you guys are extremely curious in NGS and I don't want you guys to go out thinking we're not confident on 1150. So right now we all feel that we'll get to 1150 on NGS ARR, and it's going to end up being a portfolio call in terms of some things extremely doing extremely well something doing normal. Brian Essex Got it. Got it. Thank you for that. And then maybe a follow-up with Dipak. Appreciate the commentary on the improving operating efficiency or potential to improve the operating efficiency of cloud and AI. And I think that's one of the things that investors kind of struggle with when I think we've all looked at this business on the sum of the parts basis and the performance of each on its own, in the challenge with cloud AI that its burning cash at the rate that it is, what do you think about the term -- the timeline for improving profitability and cash flow generation from that business, because I think that might be a trigger for investors to maybe look at that business on a standalone basis and assign it a little bit more value? Dipak Golechha Yeah. So, maybe if I answered in two different ways. I mean, we look at what other companies have done as they've kind of like grown through there -- they've scaled over time. And we often benchmark ourselves versus where were they at this time and are there things that we can do to be able to get there. But at the same time, we're not shy from like making the right investments, if we see the opportunity there. So that's why I don't want to really box ourselves into a timeframe. It really is a question of what opportunities are out there at the time, so we have a base plan that's constantly improving, but we're also reflecting on the fact that this is a dynamic market, and sometimes you need to lean in, if it makes sense for the long-term. Nikesh Arora Yeah. If I can add to that. Brian Essex Great. Thanks. Oh, go ahead. Nikesh Arora Yeah. There are two parts one, as Dipak, highlighted. We continue to work hard towards getting gross margin efficiency on those products because the product development is in our control, and Lee who's sitting to my right, he and his team work hard at trying to make sure that we optimize the gross margin part. The rest of it honestly is the question of how much do we want to invest in sales capacity to be able to drive those? Don't forget, in each of those areas, we are dealing with extremely competitive situation. In the case of XDR we deal with dedicated salespeople from CrowdStrike, they outflank us 8:1 on the number of salespeople. So we have to look hard at how much investment we want to make on the sales side. We do get leverage with the Palo Alto sales people, eventually end up with hand to hand combat. On the Prisma Cloud side, I'd say we were doing fine and we are doing fine. But suddenly the equity of the venture markets have gone and provided phenomenal valuations and dumped a lot of cash in some very early stage companies who are not dangling large paychecks to our sales people [indiscernible] got the most qualified cloud security sales. And so, that's why I think Dipak is right in saying that, we're going to watch the market carefully. But again, we just told you another number. $250 million in ARR in cloud security, VMs and public cloud security. That's a number which is -- outflanks our next competitor by probably 25 times. Brian Essex Super helpful color. Thank you. Operator Great, Thanks. So just a reminder, let's limit to one question. So next up is Fatima Boolani and on deck is Keith Weiss from Morgan Stanley. Fatima Boolani Thanks Walter. Nikesh, maybe I'll start with you very quickly. You talked through a lot of the areas of strength from a product pillar perspective. But in terms of just zooming back, can you stock rank for us what specific product areas in the NGS portfolio really were the drivers of billings acceleration in the quarter? And then I have a quick follow up for Dipak, please. Nikesh Arora Yeah. As I highlighted, SASE is strong. Dipak highlighted the subscriptions are strong. We're pleased with the way Cortex is evolving and cloud ends up being lumpy. So some quarters we'll get some very large deals, and then make up the billing. Some quarters they push. But across the board, the portfolio is performing in line with our expectations or slightly ahead, as we said, we hit 973 or 980, depending on how you count it. Fatima Boolani Very good. Dipak, nice to meet you. Operator Well, we're just going to go to -- let's just go one question. Let's -- we're going to move on next to Keith Weiss with Sterling Auty from JPMorgan on deck. Keith Weiss Excellent, thank you guys; Very nice quarter and thanks for taking the question. I think, you guys are doing a very good job of illustrating the -- there's a difference between firewall appliances and more generally firewalling capabilities. And you're seeing that firewall is a platform growth, sustained really well, actually accelerating in recent quarters. And I think that's probably one of the key areas that investors are most cautious on, is the durability of growth and firewalling. Can you talk to us a little bit about where you're seeing that strength from? Do you believe it to be durable over the next couple of years, and is there anything that we should be watching out for in terms of tough compares or any one-time items from a year ago period that might upset that that growth trend that you've been seeing in firewall as a platform? Nikesh Arora Well, I'll gave -- I'll make two comments, Keith. One is, is there are situations where the customers are looking for, like you say, firewalling capability. We can walk in and say we can solve this problem with software or we can go deploy tons of hardware to solve the same problem. So take a large retailer, then go deploy 1,200 firewalls in each of their stores; if they choose to go down the hardware route, which is more costly to deploy, harder to maintain, harder to upgrade over time; or we can go in and say, let's do that with Prisma SASE, which is a software dependent solution, which has lower cost of ownership, easier deployment, easier to solve. So you're seeing us create some degree of substitution in our customer base. So if you compare us like-to-like with some of the leading hardware firewall businesses, which don't have that strength in that software capability, they cannot deal that substitution capability, which we think is better for the long term, because we just point to the ARPU. So look, we can grow ARPU at 38%. That just means we have future revenue coming down the pike on the FwaaP front, which is going to be harder to hunt and kill on a quarterly basis, if you were hardware only business. So I actually think there's more resilience in our network security business than most hardware develop -- dependent businesses. The second piece, I would say, in that context is what was proxy based architectures is now full firewall in the cloud. We're seeing that in space and Prisma SASE, people are stepping back and saying, okay, let me understand this, how do I get my trading system to be accessible from an employee's home, you can do that with proxy based architecture. We talked about that [indiscernible] and we're seeing that really bear out in the success we're seeing in Prisma SASE. My fellow colleagues Walter and Dipak will not let me throw out more stats in that area, but I'll just say I'm extremely delighted with the progress we've made in SASE from where we came. 2.5 years ago, there used to be a product called GPCS, and we would shudder, like you said the onetime items. There was one deal when I came to Palo Alto, we sweated the entire year to see how we left that in the following quarter. Now we do six of those in the quarter. And we've got tons and tons lined up in our pipe going forward. So SASE is strong, which should give us continued strength. I think the network transformation is in a very, very early stage. If you think about it, if you see AWS, GCP, Azure clipping $40 billion, $50 billion of billing in a quarter, all those customers are going to stand up and realize wait I'm relying on MPLS based architectures to go back to my data center, now I don't need to go there, I need to go to a public cloud. And to do that, you got to go SASE. Right now, we firmly believe we have the best SASE solution in the market. We firmly believe that we have the most deployed customers out there at scale. Operator Great, Thanks. Next question from Sterling Auty and Saket Kalia from Barclays on deck. Sterling Auty Hi. Thanks. It's fun to see Walter on the other side trying to keep us to one question after all these years. I want to follow up on Keith's question as well on FWaaP. Help us understand what are the metrics that we should look at in terms of and you gave a little bit of this last quarter, but when look at your install base of the on-premise appliances, as some of that starts to transition to FWaaP, is that happening? And if it does, how is the dollar-for-dollar comparison? In other words, do your customers still end up spending more, does they are still expanding under FWaaP versus their traditional clients? Is it smaller or the same? Nikesh Arora I'm going to bring in my colleague Lee Klarich, who spends a lot of his time making sure that these transitions work, and we see these transitions happen, Lee. Lee Klarich Yes. Thank you, Nikesh. Good question, and actually last quarter we provided some insight into this, if you remember. There's effectively two transitions that we see play out. One transition has to do with movement of applications from data centers to the cloud, where the form factor often is changing from a hardware form factor to software form factors, VM series etcetera. The other transition is from -- based on how the employees and users are moving increasingly obviously, moving off the network and soon moving to more of a hybrid state where, in that case, it often is moving from hardware to hardware plus cloud-delivered SASE architectures. And so as you think about those, the net effect of all of it is positive for us in terms of the overall spend from customers. There's some puts and takes, hardware going to VM-Series and the cloud is relatively similar, hardware going through SASE is actually typically an uptick in overall spend because it's not just like-for-like, it's actually SASE includes network as a service. And a lot of the networking components, global network reach etcetera and so the overall spend envelope becomes larger as more of the capabilities actually get integrated into the service that we're delivering to customers. So overall, positive and we've been now tracking this and have history of this for a few years to be able to actually see how that plays out. Sterling Auty Great, thank you. Operator Great, thanks. Next question from Saket Kalia from Barclays, and then Matt Hedberg from RBC next. Saket Kalia Okay, great. Thanks for taking my question here. Nikesh, maybe for you. Can you hear me okay, Walter? Operator Yeah. Saket Kalia Okay, cool. Nikesh, that was helpful commentary on the equity structure around ClaiSec. I guess the question is what were some of the things that went into your decision to explore that last quarter, and then maybe reconsider it this quarter, and is it a matter of timing given the volatility in the market or would you say that the probability of exploring that down the road is still relatively low. Nikesh Arora I think Saket as we went through the mechanics of creating all the paper work required to file this. The debate began to happen with some of our shareholders, as look, the true value creations and they actually can take this and separate it, because you'll still have a stub or some sort of tracking stock. And the challenge with separating it, as you saw, 70% of our customers are buying multiple platforms. 40% of our customers are buying all three platforms. We're getting into conversations with CIO, and somebody goes to a breach or ransomware when they want to go, wall-to-wall and say, listen, come protect me, protect my cloud, protect my sock, protect my network transformation. And then we're suddenly saying, look, we have all this vantage point from where we are, where we can go pitch all three platforms and go on the lock the customer with security and we're creating this artificial separation amongst ourselves, we're not going to be leveraged that. So that definitely went through the decision. I think the question which I can keep practicing. So just asked around to Deepak about the