PANW-7.31.2013-10K
Table of Contents

 

UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
_____________________ 
Form 10-K
 _____________________
(Mark One)
x
ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
For the fiscal year ended July 31, 2013
or
¨
TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
For the transition period from             to             
Commission File Number 001-35594
Palo Alto Networks, Inc.
(Exact name of registrant as specified in its charter)
 
 
Delaware
20-2530195
(State or other jurisdiction of
incorporation or organization)
(I.R.S. Employer
Identification No.)
3300 Olcott Street
Santa Clara, California 95054
(Address of principal executive office, including zip code)
(408) 753-4000
(Registrant's telephone number, including area code)
Securities registered pursuant to Section 12(b) of the Act:
 
 
 
Title of each class
 
Name of each exchange on which registered
Common Stock, par value $0.0001 per share
 
New York Stock Exchange LLC
Securities registered pursuant to Section 12(g) of the Act:
None
Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act.    Yes  x No  ¨
Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Securities Exchange Act of 1934 (the “Exchange Act”).    Yes  ¨ No  x
Indicate by check mark whether the registrant: (1) has filed all reports required to be filed by Section 13 or 15(d) of the Exchange Act during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.    Yes  x No  ¨
Indicate by check mark whether the registrant has submitted electronically and posted on its corporate Web site, if any, every Interactive Data File required to be submitted and posted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit and post such files).   
Yes  x No  ¨


Table of Contents


Indicate by a check mark if disclosure of delinquent filers pursuant to Item 405 of Regulation S-K (§229.405 of this chapter) is not contained herein, and will not be contained, to the best of registrant’s knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-K or any amendment to this Form 10-K.  x
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, or a smaller reporting company. See the definitions of “large accelerated filer,” “accelerated filer” and “smaller reporting company” in Rule 12b-2 of the Exchange Act. (Check one):
Large accelerated filer
x
Accelerated filer
¨
Non-accelerated filer
¨ (Do not check if a smaller reporting company)
Smaller reporting company
¨
Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act).   Yes  ¨ No  x
The aggregate market value of voting stock held by non-affiliates of the registrant was $1,873,615,675 as of the end of the Registrant's second fiscal quarter (based on the closing sales price for the common stock on the New York Stock Exchange on January 31, 2013). Shares of common stock held by each executive officer, director, and holder of 5% or more of the outstanding common stock have been excluded in that such persons may be deemed to be affiliates. This determination of affiliate status is not necessarily a conclusive determination for other purposes.
On September 10, 2013, 71,667,163 shares of the registrant’s common stock, $0.0001 par value, were outstanding.

DOCUMENTS INCORPORATED BY REFERENCE
Portions of the information called for by Part III of this Form 10-K is hereby incorporated by reference from the definitive proxy statement for the Registrant's annual meeting of stockholders, which will be filed with the Securities and Exchange Commission not later than 120 days after the Registrant's fiscal year ended July 31, 2013.
 



Table of Contents

TABLE OF CONTENTS

 
 
 
 
 
Page
 
PART I
 
Item 1.
Item 1A.
Item 1B.
Item 2.
Item 3.
Item 4.
 
 
 
 
PART II
 
Item 5.
Item 6.
Item 7.
Item 7A.
Item 8.
Item 9.
Item 9A.
Item 9B.
 
 
 
 
PART III
 
Item 10.
Item 11.
Item 12.
Item 13.
Item 14.
 
 
 
 
PART IV
 
Item 15.
 
 
 



- 2 -

Table of Contents


PART I

SPECIAL NOTE REGARDING FORWARD-LOOKING STATEMENTS
This Annual Report on Form 10-K, including the sections entitled “Business,” “Risk Factors,” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. The words “believe,” “may,” “will,” “potentially,” “estimate,” “continue,” “anticipate,” “intend,” “could,” “would,” “project,” “plan” “expect,” and similar expressions that convey uncertainty of future events or outcomes are intended to identify forward-looking statements.
These forward-looking statements include, but are not limited to, statements concerning the following:

our ability to maintain an adequate rate of revenue growth;

our business plan and our ability to effectively manage our growth;

trends in revenue, costs of revenue, and gross margin;

trends in our operating expenses, including personnel costs, research and development expense, sales and marketing expense, and general and administrative expense;

our ability to extend our leadership position in next-generation network security;

our ability to timely and effectively scale and adapt our existing technology;

our ability to expand internationally;

the effects of increased competition in our market and our ability to offer differentiated products and compete effectively;

our ability to introduce new subscriptions, renew existing contracts, and increase sales to our existing customer base;

costs associated with defending intellectual property infringement and other claims, such as those claims discussed in “Legal Proceedings” included in Part I, Item 3 of this Annual Report on Form 10-K;

the effects of seasonal trends and macroeconomic conditions on our results of operations;

the adequacy of our current facilities;

the sufficiency of our cash flow from operations with existing cash and cash equivalents to meet our cash needs for at least the next 12 months; and

future acquisitions of, or investments in, complementary companies, products, services, or technologies.
These forward-looking statements are subject to a number of risks, uncertainties, and assumptions, including those described in “Risk Factors” included in Part I, Item 1a and elsewhere in this Annual Report on Form 10-K. Moreover, we operate in a very competitive and rapidly changing environment, and new risks emerge from time to time. It is not possible for our management to predict all risks, nor can we assess the impact of all factors on our business or the extent to which any factor, or combination of factors, may cause actual results to differ materially from those contained in any forward-looking statements we may make. In light of these risks, uncertainties, and assumptions, the forward-looking events and circumstances discussed in this Annual Report on Form 10-K may not occur, and actual results could differ materially and adversely from those anticipated or implied in the forward-looking statements. We undertake no obligation to revise or publicly release the results of any revision to these forward-looking statements, except as required by law. Given these risks and uncertainties, readers are cautioned not to place undue reliance on such forward-looking statements.
    
ITEM 1.    BUSINESS

General

We have pioneered the next generation of network security with our innovative platform that allows enterprises, service providers, and government entities to secure their networks and safely enable the increasingly complex and rapidly growing number of applications running on their networks. The core of our platform is our Next-Generation Firewall, which delivers application, user, and content visibility and control as well as protection against cyber threats integrated within the firewall through our proprietary hardware and software architecture. Our platform offers a number of compelling benefits for our end-customers, including the ability to identify, control, and safely enable applications while offering protection against cyber threats in real time. We believe our platform also offers

- 3 -

Table of Contents

superior performance compared to legacy approaches and reduces the total cost of ownership for organizations by simplifying their network security infrastructure and eliminating the need for multiple, stand-alone security appliances. Our products and services can address a broad range of our end-customers’ network security requirements, from the data center to the network perimeter, as well as the distributed enterprise, which includes branch offices and a growing number of mobile devices.
Our platform is based on an innovative traffic classification engine that identifies network traffic by application, user, and content. As a result, it provides in-depth visibility into all traffic and all applications, at the user level, at all times, and at the full speed of the network in order to control usage, content, risks, and cyber threats. This enables our end-customers to transform their organizations by safely enabling applications through a positive security model with fine-grained policy implementation capabilities.
Our platform is delivered in the form of a hardware or virtual appliance and includes a suite of subscription services as well as support and maintenance. Our subscription services can be easily activated on any of our appliances without requiring additional hardware or processing resources, thereby providing a seamless implementation path for our end-customers. All of our appliances incorporate our PAN-OS operating system and are based on our proprietary identification technologies, application visibility and control (App-ID), user identification (User-ID), and Content-ID, which allow security policies to be defined within the context of applications, users, and content. We deliver these capabilities through an innovative, Single Pass Parallel Processing (SP3) architecture that simultaneously performs multiple identification, security, and networking functions. As a result, our end-customers achieve safe application enablement and advanced levels of cybersecurity, while maintaining high network performance.
We serve the enterprise network security market, which consists of Firewall, Unified Threat Management (UTM), Web Gateway, Intrusion Detection and Prevention (IDS/IPS), and Virtual Private Network (VPN) technologies.
We sell our platform through a high touch, channel fulfilled sales model. Our business is geographically diversified, with 63% of our total revenue from the Americas, 23% from Europe, the Middle East, and Africa (EMEA), and 14% from Asia Pacific and Japan (APAC) in fiscal 2013. As of July 31, 2013, we had over 13,500 end-customers in more than 120 countries.
We were incorporated in 2005 as Palo Alto Networks, Inc., a Delaware corporation. Our principal executive offices are located in Santa Clara, California, and our telephone number is (408) 753-4000. Our website is www.paloaltonetworks.com.
We are organized and operate in a single segment. See Note 12 to Consolidated Financial Statements included in Part II, Item 8 of this Annual Report on Form 10-K.
Products and Services
Appliances. All firewall appliances come with the same rich set of features ensuring consistent operation across the entire product line. These features include: App-ID, User-ID, site-to-site VPN, remote access SSL VPN, and Quality-of-Service (QoS). We classify our appliances based on throughput. In addition to firewall appliances, we offer dedicated Panorama and WildFire appliances.
Panorama. Panorama is our centralized security management solution for global control of all of our appliances deployed on an end-customer’s network as a virtual appliance or a physical appliance. Panorama is used for centralized policy management, device management, software licensing and updates, centralized logging and reporting, and log storage. Panorama controls the security, network address translation (NAT), QoS, policy based forwarding, decryption, application override, captive portal, and DDoS/DoS protection aspects of the appliances and virtual systems under management. Panorama centrally manages device software and associated updates, including SSL-VPN clients, GlobalProtect clients, dynamic content updates, and software licenses. Panorama offers the ability to view logs and run reports from all managed appliances without the need to forward the logs and to report on aggregate user activity for all users, including mobile users. Panorama reliably expands the log storage for long-term event investigation and analysis through high-availability features for central management.
Virtual System Upgrades. Virtual System Upgrades are available as extensions to the Virtual System capacity that ships with the appliance. Virtual Systems provide a virtualization solution to our large enterprise and service provider end-customers that implement large data centers, private cloud, and public cloud security infrastructures and need to support a multi-tenant firewall environment.
Subscription Services. We offer a number of subscription services as part of our platform. These services include:
Threat Prevention Subscription. This service provides the intrusion detection and prevention capabilities of our platform. Our threat prevention engine blocks vulnerability exploits, viruses, spyware, buffer overflows, denial-of-service attacks, and port scans from compromising and damaging enterprise information resources. It includes mechanisms such as protocol decoder-based analysis, protocol anomaly-based protection, stateful pattern matching, statistical anomaly detection, heuristic-based analysis, custom vulnerability, and spyware phone home signatures.


- 4 -

Table of Contents

URL Filtering Subscription. This service provides the URL filtering capabilities of our platform. The URL filtering database consists of millions of URLs across many categories and is designed to monitor and control employee web surfing activities. The on-appliance URL database can be augmented to suit the traffic patterns of the local user community with a custom URL database. URLs that are not categorized by the local URL database can be pulled into a separate, cache-based URL database from a very extensive, cloud-based URL database.
GlobalProtect Subscription. This service provides protection for mobile users of both traditional laptop devices and mobile devices. It expands the boundaries of the physical network, effectively establishing a logical perimeter that encompasses remote laptop and mobile device users irrespective of their location. When a remote user logs into the device, GlobalProtect automatically determines the closest gateway available to the roaming device and establishes a secure connection. Windows and Apple laptops as well as such mobile devices as Apple iPhones and iPads, will stay connected to the corporate network whenever they are on a network of any kind. As a result they are protected as if they never left the corporate campus. GlobalProtect ensures that the same secure application enablement policies that protect users at the corporate site are enforced for all users, independent of their location.
WildFire Subscription. This service provides protection against targeted modern malware and advanced persistent threats. Its cloud-based analysis service provides a near real-time analysis engine for detecting previously unseen modern malware. The core component of this service is a sandbox environment that can operate on an end-customers' private cloud or our public cloud where files can be run and monitored for more than 100 behavioral characteristics that identify the file as malware. Once identified, signatures are automatically generated and delivered to all devices that subscribe to the service. By providing this as a cloud-based service, all of our end-customers benefit from malware found on any network.
Support and Maintenance. We offer technical support on our products and subscriptions to our end-customers and channel partners. We offer Standard Support, Premium Support, and 4-hour Premium Support. Our channel partners that operate a Palo Alto Networks Authorized Support Center (ASC) typically deliver level-one and level-two support. We provide level-three support 24 hours a day, seven days a week through regional support centers that are located worldwide. We also offer an annual subscription-based Technical Account Management (TAM) service that provides dedicated support for end-customers with unique or complex support requirements. We offer our end-customers ongoing maintenance services for both hardware and software in order to receive ongoing security updates, PAN-OS upgrades, bug fixes, and repair. These services are typically sold to end-customers for a one-year or longer term at the time of the initial product sale and typically renew for successive one-year or longer periods. Additionally, we provide expedited replacement for any defective hardware. We use a third-party logistics provider to manage our worldwide deployment of spare appliances and other accessories.
Professional Services. Professional services include on-location, hands-on experts that plan, design, and deploy effective security solutions tailored to our end-customers’ specific requirements. We generally do not directly provide such professional services to our end-customers. Instead, we primarily deliver these resources through our authorized partners. These services include application traffic management, solution design and planning, configuration, and firewall migration. Our Education Services provide classroom-style training and are primarily delivered through our authorized partners.
Major Product Development Projects
We continue to invest in innovation and strengthening our product portfolio, which resulted in several new product offerings during fiscal 2013. These new product offerings include: the VM-Series, an all-software virtualized next-generation firewall platform that brings next-generation network security into the virtualized data center environment; the paid subscription service for WildFire, our cloud-based modern malware prevention service platform; the WF-500 appliance which provides the ability to deploy WildFire in a customer's private cloud; the PA-3000 Series firewalls that provide mid-range appliance options for enterprise customers; and lastly, the M-100 management appliance, which offers an easy to deploy, high-performance, dedicated appliance for our Panorama management system.
Technology
We combine our proprietary SP3 hardware and software architecture and PAN-OS operating system to provide a comprehensive network security platform. The core of our platform is our Next-Generation Firewall, which integrates application visibility and control and is comprised of three identification technologies, App-ID, User-ID, and Content-ID. These technologies allow organizations to enable the secure use of applications while managing the inherent risks of doing so. These fine-grained policy management and enforcement capabilities are delivered at low latency, multi-gigabit performance through our innovative SP3 architecture.
App-ID. Our application classification engine, called App-ID, uses multiple identification techniques to determine the exact identity of applications traversing the network. App-ID is the foundational classification engine that provides the core traffic classification to all other functions in our platform. The App-ID classification is used to invoke other security functions.

- 5 -

Table of Contents

App-ID uses a series of classification techniques to accurately identify an application. When traffic first enters the network, App-ID applies an initial policy check based on IP protocol and port. Signatures are then applied to the traffic to identify the application based on application properties and related transaction characteristics. If the traffic is encrypted and a decryption policy is in place, the application is first decrypted, then application signatures are applied. Additional context-based signature analysis is then performed to identify known protocols that may be hiding other applications. Encrypted traffic that was decrypted is then re-encrypted before being sent back into the network. For evasive applications that cannot be identified through advanced signature and protocol analysis, heuristics or behavioral analysis are used to determine the identity of the application. When an application is accurately identified during this series of successive techniques, the policy check determines how to treat the application and associated functions. The policy check can block the application, allow it and scan for threats, inspect it for unauthorized file transfer and data patterns, or shape its use of network resources by applying a quality-of-service policy.
App-ID consistently classifies all network traffic, including business applications, consumer applications, and network protocols, across all ports. Consequently, there is no need to perform a series of signature checks to look for an application that is thought to be on the network. App-ID continually monitors the state of the application to determine if the application changes. Our platform only allows applications within the policy to enter the network, while all other applications are blocked.
Internally developed or custom applications can be managed using either an application override or custom App-IDs. End-customers can use either of these mechanisms to apply the same level of control over their internal or custom applications that they apply to common applications. Because the application landscape is constantly changing, our research teams are constantly updating our App-ID classification engine. We deliver updated App-IDs automatically to our end-customers through our weekly update service.
User-ID. User-ID integrates our platform with a wide range of enterprise user directories and technologies, including Active Directory, eDirectory, Open LDAP, Citrix Terminal Server, Microsoft Exchange, Microsoft Terminal Server, and ZENworks. A network-based, User-ID agent communicates with the domain controllers, directories, or supported enterprise applications, mapping information such as user, role, and current IP address to the firewall, making the policy integration transparent. In cases where user repository information does not include the current IP address of the user, a transparent, captive portal authentication or challenge/response mechanism can be used to tie users into the security policy. In cases where a user repository or application is in place that already has knowledge of users and their current IP address, a standards-based API can be used to tie the repository to our platform.
Content-ID. Content-ID is a collection of technologies that enables many of our subscription services. Content-ID combines a real-time threat prevention engine, a cloud-based analysis service, and a comprehensive URL categorization database to limit unauthorized data and file transfers, detect and block a wide range of threats, and control non-work related web surfing.
The threat prevention engine blocks several common types of attacks, including vulnerability exploits, buffer overflows, and port scans from compromising and damaging enterprise information resources. It includes mechanisms such as protocol decoder-based analysis, protocol anomaly-based protection, stateful pattern matching, statistical anomaly detection, heuristic-based analysis, custom vulnerability, and spyware “phone home” signatures.
Our cloud-based analysis service, called WildFire, provides a near real-time analysis engine for detecting previously unseen modern malware. The core component of WildFire is a sandbox environment that can be deployed in a customer's private cloud or on Palo Alto Networks' public cloud where files can be run and monitored for more than 100 behavioral characteristics that identify the file as malware. Once identified, signatures are automatically generated and delivered to all devices that subscribe to the WildFire service. By providing WildFire as a cloud-based service, all of our end-customers benefit from malware found on a single network.
Our URL filtering database consists of millions of URLs across many categories and is designed to monitor and control employee web surfing activities. The on-appliance URL database can be augmented to suit the traffic patterns of the local user community with a custom URL database. URLs that are not categorized by the local URL database can be pulled into an on-appliance data cache from a very extensive, cloud-based URL database. The data filtering features in our platform enable policies that reduce the risks associated with the transfer of unauthorized files and data. This can be achieved by blocking files by type, by controlling sensitive data, such as credit card and social security numbers in application content or attachments, and by controlling file transfers within applications.
SP3. SP3 has two elements: single-pass software and parallel processing hardware.
Our single-pass software accomplishes two key functions in our platform. First, it performs operations once per packet. As a packet is processed, the networking functions, the policy lookup, the application identification and decoding, and the signature matching for any and all threats and content are all performed simultaneously. This significantly reduces the amount of processing required to perform multiple functions in one security device. Second, the content scanning step is stream-based and uses uniform signature matching to detect and block threats. Instead of using multiple scanning passes and file proxies, which require download prior to scanning, our single-pass software scans content once in a stream-based fashion to minimize latency. This results in very high throughput and low latency, even with all security functions active. It also offers a single, fully integrated policy, thus enabling easier management of enterprise network security.

- 6 -

Table of Contents

Our parallel processing hardware is designed to optimize single-pass software performance through the use of separate data and control planes, which means that heavy utilization of one does not negatively impact the performance of the other. Our hardware also uses discrete, specialized processing groups to perform critical functions. On the data plane, this includes functions such as networking, policy enforcement, encryption and decryption, decompression, and content scanning. On the control plane, this includes configuration management, logging, and reporting.
We believe that the combination of single-pass software and parallel processing hardware is unique in the network security industry and allows our platform to safely enable applications and prevent cyber threats at very high levels of performance and throughput.
PAN-OS Operating System. The PAN-OS operating system provides the foundation for our network security platform and contains App-ID, User-ID, and Content-ID. PAN-OS performs the core functions of our platform while also providing the networking, security, and management functions needed for implementation. The PAN-OS networking functions include dynamic routing, switching, high availability, and VPN support, which enables deployment into a broad range of networking environments.
Our platform has the ability to enable a series of virtual firewall instances or virtual systems. Each virtual system is an independent (virtual) firewall within the device that is managed separately and cannot be accessed or viewed by any other administrator of any other virtual system. This capability allows enterprises and service providers to separate firewall instances in departmental and multi-tenant managed services scenarios.
The security functions in PAN-OS are implemented in a single security policy and include application, application function, user, group, port, and service-based elements. Policy responses can range from open (allow but monitor for activity), to moderate (enabling certain applications or functions), to closed (deny). The tight integration of application control, users, and groups, and the ability to scan the allowed traffic for a wide range of threats minimizes the number of policies.
PAN-OS also includes attack protection capabilities, such as blocking invalid or malformed packets, IP defragmentation, TCP reassembly, and network traffic normalization. PAN-OS eliminates invalid and malformed packets, while TCP reassembly and IP de-fragmentation is performed to ensure the utmost accuracy and protection despite any attack evasion techniques.
Certifications. Our products have been awarded FIPS 140-2 Level 2, Common Criteria/NIAP EAL 2, Common Criteria/NIAP EAL4+, NEBS, and ICSA Firewall certifications.
Customers
We sell our platform through our channel partners to end-customers globally. Our end-customers are predominantly medium to large enterprises, service providers, and government entities. Our end-customers operate in a variety of industries, including education, energy, financial services, healthcare, Internet and media, manufacturing, public sector, and telecommunications. Our end-customers deploy our platform for a variety of security functions across a variety of deployment scenarios. Typical deployment scenarios include the enterprise perimeter, the enterprise data center, and the distributed enterprise perimeter. Our end-customer deployments typically involve at least one pair of our products along with one or more of our subscription services, depending on size, security needs and requirements, and network complexity. As of July 31, 2013, we had shipped our products to over 13,500 end-customers worldwide. No single end-customer accounted for more than 10% of our total revenue in fiscal 2013.
Backlog
Orders for services for multiple years are billed upfront shortly after receipt of an order and are included in deferred revenue. Timing of revenue recognition for services may vary depending on the contractual service period or when the services are rendered. Products are shipped and billed shortly after receipt of an order. We do not believe that our product backlog at any particular time is meaningful because it is not necessarily indicative of future revenue in any given period as such orders may be rescheduled by our partners without penalty prior to shipment or delayed due to inventory constraints. Additionally, the majority of our product revenue comes from orders that are received and shipped in the same quarter.
Sales, Customer Support and Marketing
Sales. Our sales organization is responsible for large-account acquisition and overall market development, which includes the management of the relationships with our channel partners, working with our channel partners in winning and supporting end-customers through a direct-touch approach, and acting as the liaison between the end-customers and the marketing and product development organizations. For additional information about revenue and assets by geographic region, refer to Note 12 to Consolidated Financial Statements included in Part II, Item 8 of this Annual Report on Form 10-K. We expect to continue to grow our sales headcount in all of our principal markets and expand our presence into countries where we currently do not have a direct sales presence.

- 7 -

Table of Contents

Our sales organization is supported by sales engineers with responsibility for pre-sales technical support, solutions engineering for our end-customers, and technical training for our channel partners.
Channel Program. We work with channel partners that provide our platform to end-customers. We focus on building in-depth relationships with a smaller number of solutions-oriented partners that have strong network security expertise. As of July 31, 2013, we had approximately 1,250 channel partners. These channel partners are supported by our sales and marketing organization and consist of distributors and resellers with proven network security experience. Sales to these channel partners are subject to our standard, non-exclusive distributor agreement, which provides for an initial term of one year, one year renewal terms, termination by us with 30-90 days written notice prior to the renewal date, and payment to us from the channel partner within 30-45 calendar days of the date we issue an invoice for such sales. Approximately 64% of our total revenue in fiscal 2013 was derived from sales to three channel partners.
To ensure optimal productivity, we operate a formal accreditation program for our channel partners’ sales and technical professionals. Around the world, we maintain a two-tier open distribution model where value-added distributors and value-added resellers work together on a non-exclusive basis to market our platform, identify and close sales opportunities, and provide pre-sales and post-sales services to our end-customers. Our channel partner program, NextWave, rewards our channel partners based on a number of attainment goals, as well as provides them access to marketing funds, technical and sales training, and support.
Customer Support. Our customer support organization is responsible for delivering support, professional, and educational services directly to our channel partners and to end-customers. We leverage the capabilities of our channel partners and train them in the delivery of support, professional, and educational services to ensure these services are locally delivered. We believe that a broad range of support services is essential to the successful customer deployment and ongoing support of our products, and we have hired support engineers with proven experience to provide those services.
Marketing. Our marketing is focused on building our brand reputation and the market awareness of our platform, driving pipeline and end-customer demand, and operating the channel program. The marketing team consists primarily of product marketing, programs marketing, field marketing, channel marketing, and public relations functions. Marketing is responsible for the channel program NextWave, as well as the channel enablement functions. Marketing activities include pipeline development through demand generation, social media and advertising programs, managing the corporate web site and partner portal, trade shows and
conferences, press, analyst, and customer relations, and customer awareness. Every six months, we publish 2 major market research papers called the “Application Usage and Risk Report” and the “Modern Malware Report,” which are based on the application and cyber threat landscape of our end-customers. These activities and tools benefit both our direct and indirect channels and are available at no cost to our channel partners.
Manufacturing
The manufacturing of our security products is outsourced to various contract manufacturers and original design manufacturers. This approach allows us to reduce our costs as it reduces our manufacturing overhead and inventory and also allows us to adjust more quickly to changing end-customer demand. Our primary manufacturing partner is Flextronics International, Ltd., who assembles our products using design specifications, quality assurance programs, and standards that we establish, and procures components and assembles our products based on our demand forecasts. These forecasts represent our estimates of future demand for our products based upon historical trends and analysis from our sales and product management functions as adjusted for overall market conditions.
We have entered into a written agreement with Flextronics pursuant to which they manufacture, assemble, and test our products. This agreement has an initial term of three years, which is automatically renewed for one-year terms, unless terminated by either party giving 180 days or more notice prior to the end of the term or upon written notice, subject to applicable cure periods, if the other party has materially breached its obligations under the agreement.
The component parts within our products are either sourced by our contract manufacturers or by various suppliers. We do not have any long-term manufacturing contracts that guarantee us any fixed capacity or pricing, which increases our exposure to supply shortages or price fluctuations related to raw materials.
Research and Development
Our research and development effort is focused on developing new hardware and software and on enhancing and improving our existing products. We believe that hardware and software both are critical to expanding our leadership in enterprise network security. Our engineering team has deep networking and security expertise and works closely with end-customers to identify their current and future needs. In addition to our focus on hardware and software, our research and development team is focused on research into applications and threats, which allows us to respond to the rapidly changing application and threat landscape.
We believe that innovation and timely development of new features and products is essential to meeting the needs of our end-customer and improving our competitive position. We supplement our own research and development effort with technologies and

- 8 -

Table of Contents

products that we license from third parties. We test our products thoroughly to certify and ensure interoperability with third-party hardware and software products.
We plan to continue to significantly invest in resources to conduct our research and development effort.
Competition
We operate in the intensely competitive network security market that is characterized by constant change and innovation. Changes in the application, threat, and technology landscape result in evolving customer requirements for the protection from threats and the safe enablement of applications. Our main competitors fall into four categories:
large networking vendors such as Cisco Systems, Inc. and Juniper Networks, Inc. that incorporate network security features in their products;
large companies such as Intel Corporation, International Business Machines (IBM), and Hewlett-Packard Company (HP) that have acquired large network security specialist vendors in recent years and have the technical and financial resources to bring competitive solutions to the market;
independent network security vendors such as Check Point Software Technologies Ltd. and Fortinet, Inc. that offer network security products; and
small and large companies that offer point solutions that compete with some of the features present in our platform.
As our market grows, it will attract more highly specialized vendors as well as larger vendors that may continue to acquire or bundle their products more effectively.
The principal competitive factors in our market include:
product features, reliability, performance, and effectiveness;
product line breadth, diversity, and applicability;
product extensibility and ability to integrate with other technology infrastructures;
price and total cost of ownership;
adherence to industry standards and certifications;
strength of sales and marketing efforts; and
brand awareness and reputation.
We believe we generally compete favorably with our competitors on the basis of these factors as a result of the features and performance of our platform, the ease of integration of our products with technological infrastructures, and the relatively low total cost of ownership of our products. However, many of our competitors have substantially greater financial, technical, and other resources, greater name recognition, larger sales and marketing budgets, broader distribution, more diversified product lines, and larger and more mature intellectual property portfolios.
Intellectual Property
Companies in the enterprise network security industry own large numbers of patents, copyrights, trademarks, domain names, and trade secrets and frequently enter into litigation based on allegations of infringement, misappropriation or other violations of intellectual property or other rights. Our success depends in part upon our ability to protect our core technology and intellectual property. We rely on patents, trademarks, copyrights and trade secret laws, confidentiality procedures, and employee disclosure and invention assignment agreements to protect our intellectual property rights.
As of July 31, 2013, we had 19 issued patents and 55 patent applications pending in the United States. Our issued patents expire between 2017 and 2029. We cannot assure you whether any of our patent applications will result in the issuance of a patent or whether the examination process will require us to narrow our claims. Any patents that may issue may be contested, circumvented, found unenforceable or invalidated, and we may not be able to prevent third parties from infringing them. We purchased a portion of our issued U.S. patents from other entities. We also license software from third parties for integration into our products, including open source software and other software available on commercially reasonable terms.
We control access to and use of our proprietary software and other confidential information through the use of internal and external controls, including contractual protections with employees, contractors, end-customers and partners, and our software is

- 9 -

Table of Contents

protected by U.S. and international copyright laws. Despite our efforts to protect our trade secrets and proprietary rights through intellectual property rights, licenses, and confidentiality agreements, unauthorized parties may still copy or otherwise obtain and use our software and technology. In addition, we intend to continue to expand our international operations, and effective patent, copyright, trademark, and trade secret protection may not be available or may be limited in foreign countries.
If we become more successful, we believe that competitors will be more likely to try to develop products and services that are similar to ours and that may infringe our proprietary rights. It may also be more likely that competitors or other third parties will claim that our platform infringes their proprietary rights.
Our industry is characterized by the existence of a large number of patents and frequent claims and related litigation regarding patent and other intellectual property rights. In particular, leading companies in the network security industry have extensive patent portfolios and are regularly involved in both offensive and defensive litigation. From time to time, third parties, including certain of these leading companies, may assert patent, copyright, trademark, and other intellectual property rights against us, our channel partners, or our end-customers, which our standard license and other agreements obligate us to indemnify against such claims. Successful claims of infringement by a third party could prevent us from distributing certain products or performing certain services, require us to expend time and money to develop non-infringing solutions, or force us to pay substantial damages (including treble damages if we are found to have willfully infringed patents or copyrights), royalties or other fees. In addition, to the extent that we gain greater visibility and market exposure as a public company, we face a higher risk of being the subject of intellectual property infringement claims from third parties. We cannot assure you that we do not currently infringe, or that we will not in the future infringe, upon any third-party patents or other proprietary rights. See “Risk Factors—Claims by others that we infringe their proprietary technology or other rights could harm our business” and “—Legal Proceedings” below for additional information.
Employees
As of July 31, 2013, we had 1,147 full-time employees. None of our employees is represented by a labor organization or is a party to any collective bargaining arrangement. We have never had a work stoppage, and we consider our relationship with our employees to be good.

Available Information

Our website is located at www.paloaltonetworks.com, and our investor relations website is located at investors.paloaltonetworks.com. Our Annual Reports on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K and amendments to reports filed or furnished pursuant to Sections 13(a) and 15(d) of the Securities Exchange Act of 1934, as amended, are available free of charge on the Investors portion of our web site as soon as reasonably practicable after we electronically file such material with, or furnish it to, the SEC. We also provide a link to the section of the SEC's website at www.sec.gov that has all of our public filings, including Annual Reports on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, all amendments to those reports, our Proxy Statements, and other ownership related filings. Further, a copy of this Annual Report on Form 10-K is located at the SEC's Public Reference Room at 100 F Street, NE, Washington, D.C. 20549. Information on the operation of the Public Reference Room can be obtained by calling the SEC at 1-800-SEC-0330.

Webcasts of our earnings calls and certain events we participate in or host with members of the investment community are on our investor relations website. Additionally, we announce investor information, including news and commentary about our business and financial performance, SEC filings, notices of investor events, and our press and earnings releases, on our investor relations website. Investors and others can receive notifications of new information posted on our investor relations website in real time by signing up for email alerts and RSS feeds. Further corporate governance information, including our certificate of incorporation, bylaws, corporate governance guidelines, board committee charters, and code of conduct, is also available on our investor relations website under the heading “Corporate Governance.” The contents of our websites are not incorporated by reference into this Annual Report on Form 10-K or in any other report or document we file with the SEC, and any references to our websites are intended to be inactive textual references only.


- 10 -

Table of Contents

ITEM 1A.    RISK FACTORS

Our operations and financial results are subject to various risks and uncertainties including those described below. The risks and uncertainties described below are not the only ones we face. Additional risks and uncertainties that we are unaware of, or that we currently believe are not material, also may become important factors that affect us. If any of the following risks or others not specified below materialize, our business, financial condition, and results of operations could be materially adversely affected. In that case, the trading price of our common stock could decline.
 
Risks Related to Our Business and Our Industry
 
Our limited operating history makes it difficult to evaluate our current business and future prospects, and may increase the risk of your investment.
 
We were founded in 2005 and shipped our first products in 2007. The majority of our revenue growth has occurred since 2009. Our limited operating history makes it difficult to evaluate our current business and our future prospects, including our ability to plan for and model future growth. We have encountered and will continue to encounter risks and difficulties frequently experienced by rapidly growing companies in constantly evolving industries, including the risks described in this Annual Report on Form 10-K. If we do not address these risks successfully, our business and operating results will be adversely affected, and our stock price could decline. Further, we have limited historical financial data, and we operate in a rapidly evolving market. As such, any predictions about our future revenue and expenses may not be as accurate as they would be if we had a longer operating history or operated in a more predictable market.
 
Our business and operations have experienced rapid growth in recent periods, and if we do not effectively manage any future growth or are unable to improve our systems and processes, our operating results will be adversely affected.
 
We have experienced rapid growth and increased demand for our products over the last few years. Our employee headcount and number of end-customers have increased significantly, and we expect to continue to grow our headcount significantly over the next year. For example, from the end of fiscal 2012 to the end of fiscal 2013, our headcount increased from more than 750 to1,147 employees, and our number of end-customers increased from approximately 9,000 to over 13,500. The growth and expansion of our business and product and service offerings places a continuous significant strain on our management, operational, and financial resources. As we have grown, we have increasingly managed more complex deployments of our products and services with larger end-customers. To manage any future growth effectively, we must continue to improve and expand our information technology and financial infrastructure, our operating and administrative systems, and our ability to manage headcount, capital, and processes in an efficient manner.
 
We may not be able to successfully implement improvements to our systems and processes in an efficient or timely manner, and we may discover deficiencies in our existing systems and processes. We have licensed technology from third parties to help us accomplish this objective. We have continued to improve and customize our enterprise resource planning system since its launch in the second quarter of fiscal 2013. We may experience difficulties in managing improvements to our systems and processes or in connection with third-party software, which could disrupt existing customer relationships, cause us to lose customers, limit us to smaller deployments of our products, or increase our technical support costs. Our failure to improve our systems and processes, or their failure to operate in the intended manner, may result in our inability to manage the growth of our business and to accurately forecast our revenue, expenses, and earnings, or to prevent certain losses. In addition, our systems and processes may not prevent or detect all errors, omissions, or fraud. Our productivity and the quality of our products and services may be adversely affected if we do not integrate and train our new employees quickly and effectively. Any future growth would add complexity to our organization and require effective coordination throughout our organization. For example, as a result of growth in our employee headcount, on September 20, 2012, we entered into two lease agreements for an aggregate of approximately 300,000 square feet of space in Santa Clara, California to serve as our new corporate headquarters beginning in November 2013. We expect to incur additional expense in connection with the two new leases and the relocation of our headquarters, and we expect that the relocation could disrupt our operations and distract our management team. In the fourth quarter of fiscal 2013, we entered into a sublease agreement for our existing headquarters beginning in January 2014. Failure to manage any future growth effectively could result in increased costs, negatively impact our end-customers’ satisfaction with our products and services, and harm our operating results.
 
Our operating results are likely to vary significantly from period to period and be unpredictable, which could cause the trading price of our common stock to decline.
 
Our operating results, in particular, our revenues, gross and operating margins, and operating expenses, have historically varied from period to period, and we expect that this trend will continue as a result of a number of factors, many of which are outside of our control and may be difficult to predict, including:
 
our ability to attract and retain new end-customers;

- 11 -

Table of Contents

 
the budgeting cycles and purchasing practices of end-customers;
 
changes in end-customer, distributor or reseller requirements, or market needs;
 
changes in the growth rate of the enterprise network security market;
 
the timing and success of new product and service introductions by us or our competitors or any other change in the competitive landscape of our industry, including consolidation among our competitors or end-customers;

changes in mix of our products and services including increases in multi-year subscriptions and support and maintenance;
 
price competition;
 
deferral of orders from end-customers in anticipation of new products or product enhancements announced by us or our competitors;
 
our ability to successfully expand our business domestically and internationally;

our ability to increase the size of our distribution channel;
 
decisions by potential end-customers to purchase enterprise network security solutions from larger, more established security vendors or from their primary network equipment vendors;
 
changes in end-customer attach rates and renewal rates for our services;

timing of revenue recognition and revenue deferrals;

our ability to manage production and manufacturing related costs, global customer service organization costs, inventory excess and obsolescence costs, and warranty costs;
 
insolvency or credit difficulties confronting our customers, which could adversely affect their ability to purchase or pay for our products and services, or confronting our key suppliers, including our sole source suppliers, which could disrupt our supply chain;
 
any disruption in our channel or termination of our relationship with important channel partners, including as a result of consolidation among distributors and resellers of network security solutions;
 
our inability to fulfill our end-customers’ orders due to supply chain delays or events that impact our manufacturers or their suppliers;
 
the cost and potential outcomes of existing and future litigation, which could have a material adverse effect on our business;
 
seasonality or cyclical fluctuations in our markets;
 
future accounting pronouncements or changes in our accounting policies;

the impact on our overall effective tax rate caused by any reorganization in our corporate structure or any changes in our valuation allowance for domestic deferred assets;
 
increases or decreases in our expenses caused by fluctuations in foreign currency exchange rates, as an increasing portion of our expenses are incurred and paid in currencies other than the U.S. dollar; and
 
general macroeconomic conditions, both domestically and in our foreign markets.
 
Any one of the factors above or the cumulative effect of some of the factors referred to above may result in significant fluctuations in our financial and other operating results. This variability and unpredictability could result in our failure to meet our revenue, margin, or other operating result expectations or those of securities analysts or investors for a particular period. If we fail to meet or exceed such expectations for these or any other reasons, the market price of our common stock could fall substantially, and we could face costly lawsuits, including securities class action suits.
 
We are involved in litigation in which Juniper alleges that our appliances infringe seven of its patents. If Juniper prevails in the litigation, we could be required to pay substantial damages for past sales of any infringing appliances, enjoined from

- 12 -

Table of Contents

manufacturing, using, selling, and importing such appliances if a license or other right to continue selling our appliances is not made available to us, and required to pay substantial ongoing royalties and comply with unfavorable terms if such a license is made available to us.
 
In December 2011, Juniper filed a lawsuit against us in the United States District Court for the District of Delaware, alleging that our appliances infringe six of its U.S. patents. One or both of Nir Zuk and Yuming Mao are named inventors on each of the patents being asserted against us. Both Mr. Zuk and Mr. Mao were employed by NetScreen Technologies, Inc., which was acquired by Juniper in April 2004. Mr. Zuk left Juniper in 2005 and founded Palo Alto Networks in that same year. Mr. Mao joined Palo Alto Networks in 2006. Juniper seeks preliminary and permanent injunctions against infringement, treble damages, and attorney’s fees. On February 9, 2012, we filed an answer to Juniper’s complaint, which denied that we infringed Juniper’s patents and asserted that Juniper’s patents were invalid.
 
On February 28, 2012, Juniper filed a motion to strike our defense of invalidity based on the legal doctrine of “assignor estoppel.” Under the doctrine of assignor estoppel, an inventor of a patented invention who assigns the patent to another for value cannot later challenge the validity of the patent. Under some circumstances, courts have held that the doctrine of assignor estoppel applies not only to the assigning inventor but also to a company in privity with the inventor. On March 23, 2012, we filed a brief in opposition to that motion. Juniper filed a brief in response on April 2, 2012. On August 2, 2012, the District Court issued an order granting Juniper’s motion as to one of the patents in suit (the ’634 patent) but denying Juniper’s motion as to the five other patents in suit. Pursuant to the order, we will not be able to argue in the District Court that the ’634 patent is invalid. Under the Court’s order, however, we are not precluded from arguing that our appliances do not infringe the ’634 patent. Juniper may re-assert its position on the doctrine of assignor estoppel as to the other patents in suit at later stages of the proceedings.

On September 4, 2012, Juniper filed a motion to amend its complaint to allege that our appliances infringe two additional U.S. patents (the added patents) but also to withdraw its allegations as to a previously-asserted patent (the withdrawn patent). This amended complaint was officially filed on September 25, 2012, pursuant to a stipulation between the parties. Juniper now alleges that our appliances infringe seven of its patents. On October 12, 2012, we filed an answer to Juniper’s amended complaint, which denied that we infringed Juniper’s patents and asserted that Juniper’s patents were invalid. In light of the District Court’s prior order granting Juniper’s assignor estoppel motion as to one of the patents in suit (the ‘634 patent), we do not intend to argue in the District Court that the ‘634 patent is invalid, and we do not intend to argue in the District Court that one of the two newly-asserted patents (the ‘752 patent) is invalid. 

On September 13, 2012, we filed with the U.S. Patent and Trademark Office requests for inter partes reexamination of five of the six patents asserted by Juniper in its original complaint. We did not file a request for reexamination on the withdrawn patent. The Patent and Trademark Office has since issued decisions on our requests for reexaminations. On October 19, 2012 and December 3, 2012, the Patent and Trademark Office granted our requests for reexamination as to three patents (the '459, '700 and '634 patents) rejecting a number of the claims asserted in the litigation, and on November 15, 2012 and 26, 2012, the Patent and Trademark Office denied our requests for reexamination as to two other patents (the '723 and '347 patents). We have the opportunity to seek review of these denials within the Patent and Trademark Office, and have done so with respect to one of the patents (the '723 patent). On June 20, 2013 and July 23, 2013, we filed with the U.S. Patent and Trademark Office petitions for inter partes review for two other patents asserted by Juniper in the litigation (the '612 and '752 patents). The Patent and Trademark Office has not yet ruled on those petitions. Should any claim challenged in our reexamination requests be finally determined to be valid and patentable, we may be precluded in litigation from challenging any such patent claim on invalidity grounds that were or could have been raised during the inter partes reexamination proceedings.
 
The judge has issued a scheduling order which sets forth the current expectation for important events in the lawsuit, although no assurances can be given that the schedule will not change. On June 18, 2012 and on October 12, 2012, Juniper served infringement contentions, which, among other things, assert that each of our products that run our PAN-OS operating system infringes each of the Juniper patents-in-suit. We served our invalidity contentions on Juniper on July 18, 2012 and, for the newly-asserted patents, on November 19, 2012. Each party served its opening expert report on April 12, 2013, and rebuttal expert report on May 13, 2013, and supplemental expert reports on June 11, 2013. The parties filed opening and responsive briefs regarding claim construction (also known as Markman), filed their opening summary judgment briefs on August 20, 2013, and filed opposition briefs and additional summary judgment motions on September 12, 2013. A hearing to resolve claim construction issues, as well as motions for summary judgment, is scheduled to be heard on November 15, 2013, and a trial date has been scheduled for February 24, 2014. Pursuant to the Court’s general standing order, the February 2014 trial will be limited to determining whether the patents (other than the ’634 and ’752 patents) are valid and whether we infringe one or more valid patents. Thereafter, the Court will rule on any post-trial motions and enter a judgment on validity and infringement. According to the Court’s general standing order, if Juniper were to prevail on one or more of its patents, a subsequent trial on damages would be scheduled following an appeal on the liability issues to the appellate court.
 
Should Juniper prevail on its claims that one or more of our appliances infringe one or more of its valid patents, we could be required to pay substantial damages for past sales of such appliances, enjoined from manufacturing, using, selling, and importing such appliances if a license or other right to continue selling our appliances is not made available to us, and required to pay substantial

- 13 -

Table of Contents

ongoing royalties and comply with unfavorable terms if such a license is made available to us. Any of these outcomes could result in a material adverse effect on our business. Even if we were to prevail, this litigation will be costly and time-consuming, divert the attention of our management and key personnel from our business operations, deter distributors from selling our appliances, and dissuade potential end-customers from purchasing our appliances, which would also materially harm our business. During the course of litigation, we anticipate announcements of the results of hearings and motions, and other interim developments related to the litigation. If securities analysts or investors regard these announcements as negative, the market price of our common stock may decline.
 
We are vigorously defending the lawsuit. At this stage in the litigation, we are unable to predict the likelihood of success of Juniper’s infringement claims.
 
Our revenue growth rate in recent periods may not be indicative of our future performance.
 
You should not consider our revenue growth rate in recent periods as indicative of our future performance. We have recently experienced revenue growth rates of 55% and 115% in fiscal 2013 and 2012, respectively. We do not expect to achieve similar revenue growth rates in future periods. You should not rely on our revenue for any prior quarterly or annual periods as any indication of our future revenue or revenue growth. If we are unable to maintain consistent revenue or revenue growth, our stock price could be volatile, and it may be difficult to achieve and maintain profitability.
 
We have a history of losses, anticipate increasing our operating expenses in the future, and may not be able to maintain or increase profitability or cash flow on a consistent basis. If we cannot maintain or increase our profitability or cash flow, our business, financial condition, and operating results may suffer.
 
Other than fiscal 2012, we have incurred losses in all fiscal years since our inception. We incurred a net loss of $29.2 million in fiscal 2013, $12.5 million in fiscal 2011, and $21.1 million in fiscal 2010. As a result, we had an accumulated deficit of $109.3 million at July 31, 2013. We anticipate that our operating expenses will increase substantially in the foreseeable future as we continue to enhance our product and service offerings, broaden our end-customer base, expand our sales channels, expand our operations, hire additional employees, and continue to develop our technology. These efforts may prove more expensive than we currently anticipate, and we may not succeed in increasing our revenues sufficiently, or at all, to offset these higher expenses. Revenue growth may slow or revenue may decline for a number of possible reasons, including slowing demand for our products or services, increasing competition, a decrease in the growth of our overall market, or a failure to capitalize on growth opportunities. Any failure to increase our revenues as we grow our business could prevent us from maintaining or increasing profitability or cash flow on a consistent basis. If we are unable to meet these risks and challenges as we encounter them, our business, financial condition, and operating results may suffer.
 
If we are unable to sell additional products and services to our end-customers, our future revenue and operating results will be harmed.
 
Our future success depends, in part, on our ability to expand the deployment of our platform with existing end-customers by selling additional products to secure other areas of our end-customers’ network and by upselling additional subscription services to provide increasing levels of network security. This may require increasingly sophisticated and costly sales efforts and may not result in additional sales. In addition, the rate at which our end-customers purchase additional products and services depends on a number of factors, including the perceived need for additional network security products and services as well as general economic conditions. If our efforts to sell additional products and services to our end-customers are not successful, our business may suffer.
 
Further, existing end-customers that purchase our subscriptions have no contractual obligation to renew their contracts after the initial contract period, which is typically one year, and we cannot accurately predict renewal rates. Our end-customers’ renewal rates may decline or fluctuate as a result of a number of factors, including their satisfaction with our services and our end-customer support, the frequency and severity of subscription outages, our product uptime or latency, and the pricing of our, or competing, services. If our end-customers renew their subscriptions, they may renew for shorter contract lengths or on other terms that are less economically beneficial to us. We have limited historical data with respect to rates of end-customer renewals, so we may not accurately predict future renewal trends. We cannot assure you that our end-customers will renew their subscriptions, and if our end-customers do not renew their agreements or renew on less favorable terms, our revenues may grow more slowly than expected or decline.
 
We also depend on our installed end-customer base for future support and maintenance revenues. Our support and maintenance agreements are typically one year. If end-customers choose not to continue renewing their support and maintenance or seek to renegotiate the terms of support and maintenance agreements prior to renewing such agreements, our revenue may decline.
 
We face intense competition in our market, especially from larger, well-established companies, and we may lack sufficient financial or other resources to maintain or improve our competitive position.
 
The market for network security products is intensely competitive, and we expect competition to increase in the future from established competitors and new market entrants. Our current competitors include networking companies such as Cisco Systems, Inc. and Juniper, large companies, such as Intel Corporation, International Business Machines (IBM), and Hewlett-Packard (HP) that have

- 14 -

Table of Contents

acquired large network security vendors in recent years, security vendors such as Check Point Software Technologies, Ltd. and Fortinet, Inc., and other point solution security vendors. New, privately held companies, as well as established public companies, are currently attempting to enter this market, some of which may become significant competitors in the future. Many of our existing competitors have, and some of our potential competitors could have, substantial competitive advantages such as:
 
greater name recognition and longer operating histories;
 
larger sales and marketing budgets and resources;
 
broader distribution and established relationships with distribution partners and end-customers;
 
greater customer support resources;
 
greater resources to make acquisitions;
 
lower labor and development costs;
 
larger and more mature intellectual property portfolios; and
 
substantially greater financial, technical, and other resources.
 
In addition, some of our larger competitors have substantially broader and more diverse product offerings and leverage their relationships based on other products or incorporate functionality into existing products to gain business in a manner that discourages users from purchasing our products, including through selling at zero or negative margins, product bundling, or closed technology platforms. Potential end-customers may also prefer to purchase from their existing suppliers rather than a new supplier regardless of product performance or features. These larger competitors often have broader product lines and market focus and may therefore not be as susceptible to downturns in a particular market. Many of our smaller competitors that specialize in providing protection from a single type of network security threat are often able to deliver these specialized network security products to the market more quickly than we can. Conditions in our market could change rapidly and significantly as a result of technological advancements, partnering by our competitors or continuing market consolidation. New start-up companies that innovate and large competitors that are making significant investments in research and development may invent similar or superior products and technologies that compete with our products and technology. Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources.
 
Some of our competitors have made acquisitions of businesses that may allow them to offer more directly competitive and comprehensive solutions than they had previously offered, such as Intel’s acquisition of McAfee and Stonesoft, Check Point’s acquisition of Nokia’s security appliance business, and Cisco's pending acquisition of SourceFire. As a result of such acquisitions, our current or potential competitors might be able to adapt more quickly to new technologies and end-customer needs, devote greater resources to the promotion or sale of their products and services, initiate or withstand substantial price competition, take advantage of acquisition or other opportunities more readily, or develop and expand their product and service offerings more quickly than we do. Due to various reasons, organizations may be more willing to incrementally add solutions to their existing network security infrastructure from competitors than to replace it with our solutions. These competitive pressures in our market or our failure to compete effectively may result in price reductions, fewer orders, reduced revenue and gross margins, and loss of market share. Any failure to meet and address these factors could seriously harm our business and operating results.
 
If functionality similar to that offered by our products is incorporated into existing network infrastructure products, organizations may decide against adding our appliances to their network, which would have an adverse effect on our business.
 
Large, well-established providers of networking equipment such as Cisco and Juniper offer, and may continue to introduce, network security features that compete with our products, either in stand-alone security products or as additional features in their network infrastructure products. The inclusion of, or the announcement of an intent to include, functionality perceived to be similar to that offered by our security solutions in networking products that are already generally accepted as necessary components of network architecture may have an adverse effect on our ability to market and sell our products. Furthermore, even if the functionality offered by network infrastructure providers is more limited than our products, a significant number of end-customers may elect to accept such limited functionality in lieu of adding appliances from an additional vendor such as us. Many organizations have invested substantial personnel and financial resources to design and operate their networks and have established deep relationships with other providers of networking products, which may make them reluctant to add new components to their networks, particularly from other vendors such as us. In addition, an organization’s existing vendors or new vendors with a broad product offering may be able to offer concessions that we are not able to match because we currently offer only network security products and have fewer resources than many of our competitors. If organizations are reluctant to add additional network infrastructure from new vendors or otherwise decide to work with their existing vendors, our ability to increase our market share and improve our financial condition and operating results will be adversely affected.

- 15 -

Table of Contents

 
Reliance on shipments at the end of the quarter could cause our revenue for the applicable period to fall below expected levels.
 
As a result of end-customer buying patterns and the efforts of our sales force and channel partners to meet or exceed their sales objectives, we have historically received a substantial portion of sales orders and generated a substantial portion of revenue during the last few weeks of each fiscal quarter. If expected revenue at the end of any fiscal quarter is delayed for any reason, including the failure of anticipated purchase orders to materialize, our logistics partners’ inability to ship products prior to fiscal quarter-end to fulfill purchase orders received near the end of the fiscal quarter, our failure to manage inventory to meet demand, our inability to release new products on schedule, any failure of our systems related to order review and processing, or any delays in shipments based on trade compliance requirements, our revenue for that quarter could fall below our expectations, resulting in a decline in the trading price of our common stock.

If we are unable to hire, retain, train, and motivate qualified personnel and senior management, our business could suffer.
 
Our future success depends, in part, on our ability to continue to attract and retain highly skilled personnel. The loss of the services of any of our key personnel, the inability to attract or retain qualified personnel, or delays in hiring required personnel, particularly in engineering and sales, may seriously harm our business, financial condition, and operating results. Although we have entered into employment offer letters with our key personnel, these agreements have no specific duration and constitute at-will employment. We are also substantially dependent on the continued service of our existing development personnel because of the complexity of our platform. Additionally, any failure to hire, train, and adequately incentivize our sales personnel could negatively impact our growth. Further, the inability of our recently hired sales personnel to effectively ramp to target productivity levels could negatively impact our operating margins. If we are not effective in managing the leadership transition in our sales organization, our business could be adversely impacted and our operating results and financial condition could be harmed.
 
Competition for highly skilled personnel is often intense, especially in the San Francisco Bay Area where we have a substantial presence and need for highly skilled personnel. We may not be successful in attracting, integrating, or retaining qualified personnel to fulfill our current or future needs. Also, to the extent we hire personnel from competitors, we may be subject to allegations that they have been improperly solicited, or that they have divulged proprietary or other confidential information, or that their former employers own their inventions or other work product.
 
Our future performance also depends on the continued services and continuing contributions of our senior management to execute on our business plan and to identify and pursue new opportunities and product innovations. The loss of services of senior management could significantly delay or prevent the achievement of our development and strategic objectives, which could adversely affect our business, financial condition, and operating results.
 
Our employees do not have employment arrangements that require them to continue to work for us for any specified period, and therefore, they could terminate their employment with us at any time. We do not maintain key person life insurance policies on any of our employees. The loss of one or more of our key employees or groups could seriously harm our business.
 
We rely on third-party channel partners to sell substantially all of our products, and if our partners fail to perform, our ability to sell and distribute our products and services will be limited, and our operating results will be harmed.
 
Substantially all of our revenue is generated by sales through our channel partners, including distributors and resellers. We provide our sales channel partners with specific training and programs to assist them in selling our products, but there can be no assurance that these steps will be effective. In addition, our channel partners may be unsuccessful in marketing, selling, and supporting our products and services. If we are unable to develop and maintain effective sales incentive programs for our third-party channel partners, we may not be able to incentivize these partners to sell our products to end-customers and, in particular, to large enterprises. These partners may also market, sell, and support products and services that are competitive with ours and may devote more resources to the marketing, sales, and support of such competitive products. These partners may have incentives to promote our competitors’ products to the detriment of our own or may cease selling our products altogether. Our agreements with our channel partners may generally be terminated for any reason by either party with advance notice prior to each annual renewal date. We cannot assure you that we will retain these channel partners or that we will be able to secure additional or replacement channel partners. The loss of one or more of our significant channel partners or a decline in the number or size of orders from them could harm our operating results. In addition, any new sales channel partner requires extensive training and may take several months or more to achieve productivity. Our channel partner sales structure could subject us to lawsuits, potential liability, and reputational harm if, for example, any of our channel partners misrepresent the functionality of our products or services to end-customers or violate laws or our corporate policies. If we fail to effectively manage our existing sales channels, or if our channel partners are unsuccessful in fulfilling the orders for our products, or if we are unable to enter into arrangements with, and retain a sufficient number of, high quality channel partners in each of the regions in which we sell products and keep them motivated to sell our products, our ability to sell our products and operating results will be harmed.

- 16 -

Table of Contents

 
Because we depend on third-party manufacturers to build and ship our products, we are susceptible to manufacturing and logistics delays and pricing fluctuations that could prevent us from shipping customer orders on time, if at all, or on a cost-effective basis, which may result in the loss of sales and customers.
 
We depend on third-party manufacturers, primarily Flextronics International Ltd., our contract manufacturer, as sole source manufacturers for our product lines. Our reliance on these third-party manufacturers reduces our control over the manufacturing process and exposes us to risks, including reduced control over quality assurance, product costs, and product supply and timing, as well as the risk that minerals which originate from the Democratic Republic of the Congo and adjoining countries, or conflicts minerals, may be included in our products. Any manufacturing and logistics disruption by these third-party manufacturers could severely impair our ability to fulfill orders. In addition, we are subject to new requirements under the Dodd-Frank Wall Street Reform and Consumer Protection Act that will require us to diligence, disclose and report whether or not our products contain conflicts minerals. The implementation of these new requirements could adversely affect the sourcing, availability and pricing of minerals used in the manufacture of semiconductor devices or other components used in our products. In addition, we will incur additional costs to comply with the disclosure requirements, including costs related to determining the source of any of the relevant minerals and metals used in our products.
 
These manufacturers typically fulfill our supply requirements on the basis of individual orders. We do not have long term contracts with our third-party manufacturers that guarantee capacity, the continuation of particular pricing terms, or the extension of credit limits. Accordingly, they are not obligated to continue to fulfill our supply requirements, which could result in supply shortages, and the prices we are charged for manufacturing services could be increased on short notice. Our contract with one of our contract manufacturers permits them to terminate the agreement for their convenience, subject to prior notice requirements. If we are required to change contract manufacturers, our ability to meet our scheduled product deliveries to our customers could be adversely affected, which could cause the loss of sales to existing or potential customers, delayed revenue or an increase in our costs which could adversely affect our gross margins. Any production interruptions for any reason, such as a natural disaster, epidemic, capacity shortages, or quality problems, at one of our manufacturing partners would negatively affect sales of our product lines manufactured by that manufacturing partner and adversely affect our business and operating results.
 
Managing the supply of our products and product components is complex. Insufficient supply and inventory may result in lost sales opportunities or delayed revenue, while excess inventory may harm our gross margins.
 
Our third-party manufacturers procure components and build our products based on our forecasts, and we generally do not hold inventory for a prolonged period of time. These forecasts are based on estimates of future demand for our products, which are in turn based on historical trends and analyses from our sales and marketing organizations, adjusted for overall market conditions. In order to reduce manufacturing lead times and plan for adequate component supply, from time to time we may issue forecasts for components and products that are non-cancelable and non-returnable.
 
Our inventory management systems and related supply chain visibility tools may be inadequate to enable us to forecast accurately and effectively manage supply of our products and product components. Supply management remains an increased area of focus as we balance the need to maintain supply levels that are sufficient to ensure competitive lead times against the risk of obsolescence because of rapidly changing technology and end-customer requirements. If we ultimately determine that we have excess supply, we may have to reduce our prices and write-down inventory, which in turn could result in lower gross margins. If our actual component usage and product demand are lower than the forecast we provide to our contract manufacturer, we accrue for losses on manufacturing commitments in excess of forecasted demand. Alternatively, insufficient supply levels may lead to shortages that result in delayed revenue or loss of sales opportunities altogether as potential end-customers turn to competitors’ products that are readily available. Additionally, any increases in the time required to manufacture our products or ship products could result in supply shortfalls. If we are unable to effectively manage our supply and inventory, our operating results could be adversely affected.
 
Because some of the key components in our products come from limited sources of supply, we are susceptible to supply shortages or supply changes, which could disrupt or delay our scheduled product deliveries to our customers and may result in the loss of sales and customers.
 
Our products rely on key components, including integrated circuit components, which our contract manufacturers purchase on our behalf from a limited number of suppliers, including sole source providers. The manufacturing operations of some of our component suppliers are geographically concentrated in Asia and elsewhere, which makes our supply chain vulnerable to regional disruptions. A fire, flood, earthquake, tsunami or other disaster, condition or event such as political instability, civil unrest or a power outage that adversely affects any of these component suppliers’ facilities could significantly affect our ability to obtain the necessary components for our products, which could result in a substantial loss of sales and revenue and a substantial harm to our operating results. Similarly, a localized health risk affecting employees at these facilities, such as the spread of a pandemic influenza, could impair the total volume of components that we are able to obtain, which could result in substantial harm to our operating results.

- 17 -

Table of Contents

 
We do not have volume purchase contracts with any of our component suppliers, and they could cease selling to us at any time. In addition, our component suppliers change their selling prices frequently in response to market trends, including industry-wide increases in demand, and because we do not have contracts with these suppliers, we are susceptible to price fluctuations related to raw materials and components. If we are unable to pass component price increases along to our customers or maintain stable pricing, our gross margins and operating results could be negatively impacted. If we are unable to obtain a sufficient quantity of these components in a timely manner for any reason, sales of our products could be delayed or halted or we could be forced to expedite shipment of such components or our products at dramatically increased costs, which would negatively impact our revenue and gross margins. Additionally, poor quality in any of the sole-sourced components in our products could result in lost sales or lost sales opportunities. If the quality of the components does not meet our or our end-customers’ requirements, if we are unable to obtain components from our existing suppliers on commercially reasonable terms, or if any of our sole source providers cease to remain in business or continue to manufacture such components, we could be forced to redesign our products and qualify new components from alternate suppliers. The resulting stoppage or delay in selling our products and the expense of redesigning our products could result in lost sales opportunities and damage to customer relationships, which would adversely affect our business and operating results.
 
If we are not successful in executing our strategy to increase sales of our products to new and existing medium and large enterprise end-customers, our operating results may suffer.
 
Our growth strategy is dependent, in part, upon increasing sales of our products to medium and large enterprises. Sales to these types of end-customers involve risks that may not be present (or that are present to a lesser extent) with sales to smaller entities. These risks include:
 
competition from larger competitors, such as Cisco, Check Point, and Juniper, that traditionally target larger enterprises, service providers, and government entities and that may have pre-existing relationships or purchase commitments from those end-customers;
 
increased purchasing power and leverage held by large end-customers in negotiating contractual arrangements with us;

more stringent requirements in our worldwide support service contracts, including stricter support response times and penalties for any failure to meet support requirements; and
 
longer sales cycles and the associated risk that substantial time and resources may be spent on a potential end-customer that elects not to purchase our products and services.
 
Large enterprises often undertake a significant evaluation process that results in a lengthy sales cycle, in some cases over 12 months. Although we have a channel sales model, our sales representatives typically engage in direct interaction with our distributors and resellers in connection with sales to larger end-customers. Because these evaluations are often lengthy, with significant size and scope and stringent requirements, we typically provide evaluation products to these end-customers. We may spend substantial time, effort, and money in our sales efforts without being successful in generating any sales. In addition, product purchases by large enterprises are frequently subject to budget constraints, multiple approvals, and unplanned administrative, processing, and other delays. Finally, large enterprises typically have longer implementation cycles, require greater product functionality and scalability and a broader range of services, demand that vendors take on a larger share of risks, sometimes require acceptance provisions that can lead to a delay in revenue recognition, and expect greater payment flexibility from vendors. All of these factors can add further risk to business conducted with these end-customers. If we fail to realize an expected sale from a large end-customer in a particular quarter or at all, our business, operating results, and financial condition could be materially and adversely affected.

We rely on revenue from subscription and support services which may decline, and because we recognize revenue from subscriptions and support services over the term of the relevant service period, downturns or upturns in sales are not immediately reflected in full in our operating results.
 
Services revenue accounts for a significant portion of our revenue, comprising 38% of total revenue in fiscal 2013, 32% of total revenue in fiscal 2012, and 28% of total revenue for fiscal 2011. Sales of new or renewal subscription and support and maintenance contracts may decline and fluctuate as a result of a number of factors, including end-customers’ level of satisfaction with our products and services, the prices of our products and services, the prices of products and services offered by our competitors, and reductions in our end-customers’ spending levels. If our sales of new or renewal subscription and support and maintenance contracts decline, our revenue and revenue growth may decline and our business will suffer. In addition, we recognize subscription and support and maintenance revenue monthly over the term of the relevant service period, which is typically one year and can be up to five years. As a result, much of the subscription and support and maintenance revenue we report each fiscal quarter is the recognition of deferred revenue from subscription and support and maintenance contracts entered into during previous fiscal quarters. Consequently, a decline in new or renewed subscription or support and maintenance contracts in any one fiscal quarter will not be fully reflected in revenue in that fiscal quarter but will negatively affect our revenue in future fiscal quarters. Accordingly, the effect of significant downturns in new or renewed sales of our subscriptions or support and maintenance is not reflected in full in our operating results until future

- 18 -

Table of Contents

periods. Also, it is difficult for us to rapidly increase our services revenue through additional service sales in any period, as revenue from new and renewal service contracts must be recognized over the applicable service period. Furthermore, any increase in the average term of services contracts would result in revenue for services contracts being recognized over longer periods of time.
 
Defects, errors, or vulnerabilities in our products or services or the failure of our products or services to block a virus or prevent a security breach could harm our reputation and adversely impact our results of operations.
 
Because our products and services are complex, they have contained and may contain design or manufacturing defects or errors that are not detected until after their commercial release and deployment by our end-customers. For example, from time to time, certain of our end-customers have reported defects in our products related to performance, scalability and compatibility that were not detected before shipping the product. Additionally, defects may cause our products or services to be vulnerable to security attacks, cause them to fail to help secure networks or temporarily interrupt end-customers’ networking traffic. Because the techniques used by computer hackers to access or sabotage networks change frequently and generally are not recognized until launched against a target, we may be unable to anticipate these techniques and provide a solution in time to protect our end-customers’ networks. Furthermore, as a well-known provider of network security solutions, our networks, products, and services could be targeted by attacks specifically designed to disrupt our business and harm our reputation. In addition, defects or errors in our subscription updates or our products could result in a failure of our services to effectively update end-customers’ hardware products and thereby leave our end-customers vulnerable to attacks. Our data centers and networks may experience technical failures and downtime, may fail to distribute appropriate updates, or may fail to meet the increased requirements of a growing end-customer base, any of which could temporarily or permanently expose our end-customers’ networks, leaving their networks unprotected against the latest security threats.
 
Any defects, errors or vulnerabilities in our products could result in:
 
expenditure of significant financial and product development resources in efforts to analyze, correct, eliminate, or work-around errors or defects or to address and eliminate vulnerabilities;
 
loss of existing or potential end-customers or channel partners;
 
delayed or lost revenue;
 
delay or failure to attain market acceptance;
 
an increase in warranty claims compared with our historical experience, or an increased cost of servicing warranty claims, either of which would adversely affect our gross margins; and
 
litigation, regulatory inquiries, or investigations that may be costly and harm our reputation.
 
Our business is subject to the risks of warranty claims, product returns, product liability, and product defects.
 
Our products are very complex and, despite testing prior to their release, they have contained and may contain undetected defects or errors, especially when first introduced or when new versions are released. Product defects or errors could affect the performance of our products and could delay the development or release of new products or new versions of products, adversely affect our reputation and our end-customers’ willingness to buy products from us, and adversely affect market acceptance or perception of our products. Any such errors or delays in releasing new products or new versions of products or allegations of unsatisfactory performance could cause us to lose revenue or market share, increase our service costs, cause us to incur substantial costs in redesigning the products, cause us to lose significant end-customers, subject us to liability for damages and divert our resources from other tasks, any one of which could materially and adversely affect our business, results of operations and financial condition. Our products must successfully interoperate with products from other vendors. As a result, when problems occur in a network, it may be difficult to identify the sources of these problems. For example, from time to time certain of our end-customers have experienced temporary delays or interoperability issues when implementing our products in large complex global deployments where our products are required to interoperate with a complex environment of third party products. The occurrence of hardware or software errors, whether or not caused by our products, could delay or reduce market acceptance of our products, and have an adverse effect on our business and financial performance, and any necessary revisions may cause us to incur significant expenses. The occurrence of any such problems could harm our business, financial condition and results of operations.

- 19 -

Table of Contents

 
Although we have limitation of liability provisions in our standard terms and conditions of sale, they may not fully or effectively protect us from claims as a result of federal, state, or local laws or ordinances, or unfavorable judicial decisions in the United States or other countries. The sale and support of our products also entails the risk of product liability claims. Although we may be indemnified by our manufacturers for product liability claims arising out of manufacturing defects, because we control the design of our products, we may not be indemnified for product liability claims arising out of design defects. We maintain insurance to protect against certain claims associated with the use of our products, but our insurance coverage may not adequately cover any claim asserted against us. In addition, even claims that ultimately are unsuccessful could result in our expenditure of funds in litigation, divert management’s time and other resources, and harm our reputation.

If the network security market does not continue to adopt our network security platform, our sales will not grow as quickly as anticipated, and our stock price could decline.
 
We are seeking to disrupt the network security market with our network security platform. However, organizations that use legacy products and services for their network security needs may believe that these products and services sufficiently achieve their purpose. Organizations may also believe that our products and services only serve the needs of a portion of the network security market. Accordingly, organizations may continue allocating their IT budgets for legacy products and services and may not adopt our network security platform. If the market for network security solutions does not continue to adopt our network security platform, if end-customers do not recognize the value of our platform compared to legacy products and services, or if we are otherwise unable to sell our products and services to organizations, then our revenue may not grow or may decline, which would have a material adverse effect on our operating results and financial condition.
 
If we do not accurately predict, prepare for, and respond promptly to the rapidly evolving technological and market developments and changing end-customer needs in the network security market, our competitive position and prospects will be harmed.
 
The network security market is expected to continue to evolve rapidly. Moreover, many of our end-customers operate in markets characterized by rapidly changing technologies and business plans, which require them to add numerous network access points and adapt increasingly complex enterprise networks, incorporating a variety of hardware, software applications, operating systems, and networking protocols. The technology in our products is especially complex because it needs to effectively identify and respond to new and increasingly sophisticated methods of attack, while minimizing the impact on network performance. Additionally, some of our new products and enhancements may require us to develop new hardware architectures that involve complex, expensive, and time-consuming research and development processes. Although the market expects rapid introduction of new products or product enhancements to respond to new threats, the development of these products is difficult and the timetable for commercial release and availability is uncertain as there can be long time periods between releases and availability of new products. We may experience unanticipated delays in the availability of new products and services and fail to meet customer expectations for such availability. If we do not quickly respond to the rapidly changing and rigorous needs of our end-customers by developing, releasing, and making available on a timely basis new products and services or enhancements that can respond adequately to new security threats, our competitive position and business prospects will be harmed.
 
Additionally, the process of developing new technology is complex and uncertain, and if we fail to accurately predict end-customers’ changing needs and emerging technological trends in the network security industry, including the areas of mobility, virtualization, cloud computing and software defined networks (SDN), our business could be harmed. We must commit significant resources to developing new products before knowing whether our investments will result in products the market will accept. The success of new products depends on several factors, including appropriate new product definition, component costs, timely completion and introduction of these products, differentiation of new products from those of our competitors, and market acceptance of these products. There can be no assurance that we will successfully identify new product opportunities, develop and bring new products to market in a timely manner, or achieve market acceptance of our products, or that products and technologies developed by others will not render our products or technologies obsolete or noncompetitive.
 
Our current research and development efforts may not produce successful products or features that result in significant revenue, cost savings or other benefits in the near future, if at all.
 
Developing our products and related enhancements is expensive. Our investments in research and development may not result in significant design improvements, marketable products or features or may result in products that are more expensive than anticipated. Additionally, we may not achieve the cost savings or the anticipated performance improvements we expect, and we may take longer to generate revenue, or generate less revenue, than we anticipate. Our future plans include significant investments in research and development and related product opportunities. We believe that we must continue to dedicate a significant amount of resources to our research and development efforts to maintain our competitive position. However, we may not receive significant revenue from these investments in the near future, if at all, or these investments may not yield the expected benefits, either of which could adversely affect our business and operating results.

- 20 -

Table of Contents

 
The sales prices of our products and services may decrease, which may reduce our gross profits and adversely impact our financial results.
 
The sales prices for our products and services may decline for a variety of reasons, including competitive pricing pressures, discounts, a change in our mix of products and services, anticipation of the introduction of new products or services, or promotional programs. Competition continues to increase in the market segments in which we participate, and we expect competition to further increase in the future, thereby leading to increased pricing pressures. Larger competitors with more diverse product and service offerings may reduce the price of products or services that compete with ours or may bundle them with other products and services. Additionally, although we price our products and services worldwide in U.S. dollars, currency fluctuations in certain countries and regions may negatively impact actual prices that partners and end-customers are willing to pay in those countries and regions. Furthermore, we anticipate that the sales prices and gross profits for our products will decrease over product life cycles. We cannot assure you that we will be successful in developing and introducing new offerings with enhanced functionality on a timely basis, or that our product and service offerings, if introduced, will enable us to maintain our prices and gross profits at levels that will allow us to achieve and maintain profitability.

We generate a significant amount of revenue from sales to distributors, resellers, and end-customers outside of the United States, and we are therefore subject to a number of risks associated with international sales and operations.
 
We have a limited history of marketing, selling, and supporting our products and services internationally. As a result, we must hire and train experienced personnel to staff and manage our foreign operations. To the extent that we experience difficulties in recruiting, training, managing, and retaining an international staff, and specifically staff related to sales management and sales personnel, we may experience difficulties in sales productivity in foreign markets. We also enter into strategic distributor and reseller relationships with companies in certain international markets where we do not have a local presence. If we are not able to maintain successful strategic distributor relationships internationally or recruit additional companies to enter into strategic distributor relationships, our future success in these international markets could be limited. Business practices in the international markets that we serve may differ from those in the United States and may require us in the future to include terms other than our standard terms in customer contracts, although to date we generally have not done so. To the extent that we may enter into customer contracts in the future that include non-standard terms related to payment, warranties, or performance obligations, our operating results may be adversely impacted.

Additionally, our international sales and operations are subject to a number of risks, including the following:
economic uncertainty around the world, in particular, macroeconomic challenges in Europe;
greater difficulty in enforcing contracts and accounts receivable collection and longer collection periods;
the uncertainty of protection for intellectual property rights in some countries;
greater risk of unexpected changes in regulatory practices, tariffs, and tax laws and treaties;
risks associated with trade restrictions and foreign legal requirements, including the importation, certification, and localization of our products required in foreign countries;
greater risk of a failure of foreign employees, partners, distributors, and resellers to comply with both U.S. and foreign laws, including antitrust regulations, the U.S. Foreign Corrupt Practices Act, and any trade regulations ensuring fair trade practices;
heightened risk of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of, or irregularities in, financial statements;
increased expenses incurred in establishing and maintaining office space and equipment for our international operations;
greater difficulty in recruiting local experienced personnel, and the costs and expenses associated with such activities;
management communication and integration problems resulting from cultural and geographic dispersion;
fluctuations in exchange rates between the U.S. dollar and foreign currencies in markets where we do business; and
general economic and political conditions in these foreign markets. 

These factors and other factors could harm our ability to gain future international revenues and, consequently, materially impact our business, operating results, and financial condition. The expansion of our existing international operations and entry into additional international markets will require significant management attention and financial resources. Our failure to successfully manage our international operations and the associated risks effectively could limit the future growth of our business.


- 21 -

Table of Contents

We are exposed to the credit and liquidity risk of some of our channel partners and to credit exposure in weakened markets, which could result in material losses.
 
For fiscal 2013, three channel partners represented 64% of our total revenue, and as of July 31, 2013, four channel partners represented 76% of our gross accounts receivable. Most of our sales to our channel partners are made on an open credit basis. Although we have programs in place that are designed to monitor and mitigate these risks, we cannot assure you these programs will be effective in reducing our credit risks, especially as we expand our business internationally. If we are unable to adequately control these risks, our business, operating results, and financial condition could be harmed.

A portion of our revenue is generated by sales to government entities, which are subject to a number of challenges and risks.
 
Sales to U.S. and foreign, federal, state, and local governmental agency end-customers have accounted for an increasingly significant amount of our revenue, and we may in the future increase sales to government entities. Sales to government entities are subject to a number of risks. Selling to government entities can be highly competitive, expensive, and time-consuming, often requiring significant upfront time and expense without any assurance that these efforts will generate a sale. Government certification requirements for products like ours may change, thereby restricting our ability to sell into the federal government sector until we have attained the revised certification. Government demand and payment for our products and services may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our products and services.

The substantial majority of our sales to date to government entities have been made indirectly through our channel partners. Government entities may have statutory, contractual or other legal rights to terminate contracts with our distributors and resellers for convenience or due to a default, and any such termination may adversely impact our future operating results. Governments routinely investigate and audit government contractors’ administrative processes, and any unfavorable audit could result in the government refusing to continue buying our products and services, a reduction of revenue or fines or civil or criminal liability if the audit uncovers improper or illegal activities, which could adversely impact our operating results in a material way. Finally, for purchases by the U.S. government, the government may require certain products to be manufactured in the United States and other relatively high cost manufacturing locations, and we may not manufacture all products in locations that meet the requirements of the U.S. government, affecting our ability to sell these products to the U.S. government.

Sequestration or other actions of the U.S. Government resulting in significant cuts in U.S. Government spending could adversely affect our sales and future results.

The Budget Control Act of 2011 (Budget Control Act), which raised the U.S. national debt ceiling and put into effect a series of actions for deficit reduction, triggered automatic reductions in U.S. Government spending, known as “sequestration,” beginning in 2013. While Congress and the Administration continue to debate how the nation should proceed on these issues, the outcome of that debate could have a significant impact on future U.S. Government spending plans, including the overall spending on network security by the various agencies of the U.S. Government. Our sales and future results may be adversely impacted by reductions in U.S. Government spending as a result of sequestration.

If our products do not interoperate with our end-customers’ infrastructure, sales of our products and services could be negatively affected, which would harm our business.
 
Our products must interoperate with our end-customers’ existing infrastructure, which often have different specifications, utilize multiple protocol standards, deploy products from multiple vendors, and contain multiple generations of products that have been added over time. As a result, when problems occur in a network, it may be difficult to identify the sources of these problems. If we find defects in the hardware, we replace the hardware as part of our normal warranty process. If we find errors in the existing software that create problematic network configurations or settings, as we have in the past, we may have to issue software updates as part of our normal maintenance process. Any delays in identifying the sources of problems or in providing necessary modifications to our software or hardware could have a negative impact on our reputation and our end-customers’ satisfaction with our products and services, and our ability to sell products and services could be adversely affected. In addition, government and other end-customers may require our products to comply with certain security or other certifications and standards. If our products are late in achieving or fail to achieve compliance with these certifications and standards, or our competitors achieve compliance with these certifications and standards, we may be disqualified from selling our products to such end-customers, or at a competitive disadvantage, which would harm our business, operating results, and financial condition.
 
Our ability to sell our products is dependent on the quality of our and our channel partners’ technical support services, and our or our channel partners’ failure to offer high quality technical support services could have a material adverse effect on our end-customers’ satisfaction with our products and services, our sales, and our operating results.
 
Once our products are deployed within our end-customers’ networks, our end-customers depend on our technical support services, as well as the support of our channel partners, to resolve any issues relating to our products. Our channel partners often

- 22 -

Table of Contents

provide similar technical support for third parties’ products, and may therefore have fewer resources to dedicate to the support of our products. If we or our channel partners do not effectively assist our end-customers in deploying our products, succeed in helping our end-customers quickly resolve post-deployment issues, or provide effective ongoing support, our ability to sell additional products and services to existing end-customers would be adversely affected and our reputation with potential end-customers could be damaged. Many larger enterprise, service provider, and government entity end-customers have more complex networks and require higher levels of support than smaller end-customers. If we or our channel partners fail to meet the requirements of the larger end-customers, it may be more difficult to execute on our strategy to increase our coverage with larger end-customers. Additionally, if our channel partners do not effectively provide support to the satisfaction of our end-customers, we may be required to provide direct support to such end-customers, which would require us to hire additional personnel and to invest in additional resources. It can take several months to recruit, hire, and train qualified technical support employees. We may not be able to hire such resources fast enough to keep up with unexpected demand, particularly when the sales of our products exceed our internal forecasts. To the extent that we or our partners are unsuccessful in hiring, training, and retaining adequate support resources, our and our channel partners’ ability to provide adequate and timely support to our end-customers will be negatively impacted, and our end-customers’ satisfaction with our products and services will be adversely affected. Additionally, to the extent that we may need to rely on our sales engineers to provide post-sales support while we are ramping our support resources, our sales productivity will be negatively impacted, which would harm our revenues. Our or our channel partners failure to provide and maintain high quality support services would have a material adverse effect on our business, financial condition, and operating results.
 
False detection of applications, viruses, spyware, vulnerability exploits, data patterns or URL categories could adversely affect our business.
 
Our classifications of application type, virus, spyware, vulnerability exploits, data, or URL categories may falsely detect applications, content, or threats that do not actually exist. This risk is heightened by the inclusion of a “heuristics” feature in our products, which attempts to identify applications and other threats not based on any known signatures but based on characteristics or anomalies which indicate that a particular item may be a threat. These false positives, while typical in our industry, may impair the perceived reliability of our products and may therefore adversely impact market acceptance of our products. If our products restrict important files or applications based on falsely identifying them as malware or some other item that should be restricted, this could adversely affect end-customers’ systems and cause material system failures. Any such false identification of important files or applications could result in damage to our reputation, negative publicity, loss of end-customers and sales, increased costs to remedy any problem, and costly litigation.   

Claims by others that we infringe their proprietary technology or other rights could harm our business.
 
Companies in the enterprise network security industry own large numbers of patents, copyrights, trademarks, domain names, and trade secrets and frequently enter into litigation based on allegations of infringement, misappropriation, or other violations of intellectual property or other rights. As we face increasing competition and gain an increasingly high profile, the possibility of intellectual property rights claims against us grows. Third parties have asserted and may in the future assert claims of infringement of intellectual property rights against us. For example, beginning in January 2009, Fortinet, Inc. began filing a series of complaints against us alleging, among other claims, patent infringement. We entered into a settlement agreement with Fortinet, Inc. in January 2011 which included a three-year covenant by each party not to sue the other party for patent related claims. This covenant not to sue expires in January 2014. Third parties may also assert such claims against our end-customers or channel partners, whom our standard license and other agreements obligate us to indemnify against claims that our products infringe the intellectual property rights of third parties. As the number of products and competitors in our market increases and overlaps occur, infringement claims may increase. While we intend to increase the size of our patent portfolio, our competitors and others may now and in the future have significantly larger and more mature patent portfolios than we have. In addition, future litigation may involve patent holding companies or other adverse patent owners who have no relevant product revenue and against whom our own patents may therefore provide little or no deterrence or protection. In addition, we have not registered our trademarks in all of our geographic markets and failure to secure those registrations could adversely affect our ability to enforce and defend our trademark rights. Any claim of infringement by a third party, even those without merit, could cause us to incur substantial costs defending against the claim, could distract our management from our business and could require us to cease use of such intellectual property. Furthermore, because of the substantial amount of discovery required in connection with intellectual property litigation, there is a risk that some of our confidential information could be compromised by disclosure during this type of litigation. Refer to the discussion under “Legal Proceedings” included in Part I, Item 3 of this Annual Report on Form 10-K for information related to pending litigation.
 
Although third parties may offer a license to their technology or other intellectual property, the terms of any offered license may not be acceptable and the failure to obtain a license or the costs associated with any license could cause our business, financial condition, and operating results to be materially and adversely affected. In addition, some licenses may be non-exclusive, and therefore our competitors may have access to the same technology licensed to us. If a third party does not offer us a license to its technology or other intellectual property on reasonable terms, or at all, we could be enjoined from continued use of such intellectual property. As a result, we may be required to develop alternative, non-infringing technology, which could require significant time (during which we would be unable to continue to offer our affected products or services), effort, and expense and may ultimately not

- 23 -

Table of Contents

be successful. Furthermore, a successful claimant could secure a judgment or we may agree to a settlement that prevents us from distributing certain products or performing certain services or that requires us to pay substantial damages, royalties or other fees. Any of these events could seriously harm our business, financial condition, and operating results.
 
Our proprietary rights may be difficult to enforce or protect, which could enable others to copy or use aspects of our products without compensating us.
 
We rely and expect to continue to rely on a combination of confidentiality and license agreements with our employees, consultants, and third parties with whom we have relationships, as well as trademark, copyright, patent, and trade secret protection laws, to protect our proprietary rights. We have filed various applications for certain aspects of our intellectual property. Valid patents may not issue from our pending applications, and the claims eventually allowed on any patents may not be sufficiently broad to protect our technology or products. Any issued patents may be challenged, invalidated or circumvented, and any rights granted under these patents may not actually provide adequate defensive protection or competitive advantages to us. Patent applications in the United States are typically not published until 18 months after filing, or, in some cases, not at all, and publications of discoveries in industry-related literature lag behind actual discoveries. We cannot be certain that we were the first to make the inventions claimed in our pending patent applications or that we were the first to file for patent protection, which could prevent our patent applications from issuing as patents or invalidate our patents following issuance. Additionally, the process of obtaining patent protection is expensive and time-consuming, and we may not be able to prosecute all necessary or desirable patent applications at a reasonable cost or in a timely manner. In addition, recent changes to the patent laws in the United States may bring into question the validity of certain categories of software patents. As a result, we may not be able to obtain adequate patent protection or effectively enforce any issued patents.
 
Despite our efforts to protect our proprietary rights, unauthorized parties may attempt to copy aspects of our products or obtain and use information that we regard as proprietary. We generally enter into confidentiality or license agreements with our employees, consultants, vendors, and customers, and generally limit access to and distribution of our proprietary information. However, we cannot assure you that we have entered into such agreements with all parties who may have or have had access to our confidential information or that the agreements we have entered into will not be breached. We cannot guarantee that any of the measures we have taken will prevent misappropriation of our technology. Because we may be an attractive target for computer hackers, we may have a greater risk of unauthorized access to, and misappropriation of, our proprietary information. In addition, the laws of some foreign countries do not protect our proprietary rights to as great an extent as the laws of the United States, and many foreign countries do not enforce these laws as diligently as government agencies and private parties in the United States. From time to time, we may need to take legal action to enforce our patents and other intellectual property rights, to protect our trade secrets, to determine the validity and scope of the proprietary rights of others or to defend against claims of infringement or invalidity. Such litigation could result in substantial costs and diversion of resources and could negatively affect our business, operating results, and financial condition. Attempts to enforce our rights against third parties could also provoke these third parties to assert their own intellectual property or other rights against us, or result in a holding that invalidates or narrows the scope of our rights, in whole or in part. If we are unable to protect our proprietary rights (including aspects of our software and products protected other than by patent rights), we may find ourselves at a competitive disadvantage to others who need not incur the additional expense, time, and effort required to create the innovative products that have enabled us to be successful to date. Any of these events would have a material adverse effect on our business, financial condition, and operating results.
 
Our use of open source software in our products could negatively affect our ability to sell our products and subject us to possible litigation.
 
Our products contain software modules licensed to us by third-party authors under “open source” licenses. Some open source licenses contain requirements that we make available source code for modifications or derivative works we create based upon the type of open source software we use. If we combine our proprietary software with open source software in a certain manner, we could, under certain open source licenses, be required to release the source code of our proprietary software to the public. This would allow our competitors to create similar products with lower development effort and time and ultimately could result in a loss of product sales for us.
 
Although we monitor our use of open source software to avoid subjecting our products to conditions we do not intend, the terms of many open source licenses have not been interpreted by United States courts, and there is a risk that these licenses could be construed in a way that could impose unanticipated conditions or restrictions on our ability to commercialize our products. From time to time, there have been claims against companies that distribute or use open source software in their products and services, asserting that open source software infringes the claimants’ intellectual property rights. We could be subject to suits by parties claiming infringement of intellectual property rights in what we believe to be licensed open source software. Moreover, we cannot assure you that our processes for controlling our use of open source software in our products will be effective. If we are held to have breached the terms of an open source software license, we could be required to seek licenses from third parties to continue offering our products on terms that are not economically feasible, to re-engineer our products, to discontinue the sale of our products if re-engineering could

- 24 -

Table of Contents

not be accomplished on a timely basis, or to make generally available, in source code form, our proprietary code, any of which could adversely affect our business, operating results, and financial condition.

In addition to risks related to license requirements, usage of open source software can lead to greater risks than use of third-party commercial software, as open source licensors generally do not provide warranties or assurance of title or controls on origin of the software. In addition, many of the risks associated with usage of open source software, such as the lack of warranties or assurances of title, cannot be eliminated, and could, if not properly addressed, negatively affect our business. We have established processes to help alleviate these risks, including a review process for screening requests from our development organizations for the use of open source software, but we cannot be sure that all open source software is submitted for approval prior to use in our products.
 
Our failure to adequately protect personal information could have a material adverse effect on our business.
 
A wide variety of provincial, state, national, and international laws and regulations apply to the collection, use, retention, protection, disclosure, transfer, and other processing of personal data. These data protection and privacy-related laws and regulations are evolving and may result in ever-increasing regulatory and public scrutiny and escalating levels of enforcement and sanctions. Our failure to comply with applicable laws and regulations, or to protect such data, could result in enforcement action against us, including fines, imprisonment of company officials and public censure, claims for damages by end-customers and other affected individuals, damage to our reputation and loss of goodwill (both in relation to existing end-customers and prospective end-customers), any of which could have a material adverse effect on our operations, financial performance, and business. Evolving and changing definitions of personal data and personal information, within the European Union, the United States, and elsewhere, especially relating to classification of IP addresses, machine identification, location data, and other information, may limit or inhibit our ability to operate or expand our business, including limiting strategic partnerships that may involve the sharing of data. Even the perception of privacy concerns, whether or not valid, may harm our reputation and inhibit adoption of our products by current and future end-customers.
 
We license technology from third parties, and our inability to maintain those licenses could harm our business.
 
We incorporate technology that we license from third parties, including software, into our products and services. We cannot be certain that our licensors are not infringing the intellectual property rights of third parties or that our licensors have sufficient rights to the licensed intellectual property in all jurisdictions in which we may sell our products. Some of our agreements with our licensors may be terminated for convenience by them. If we are unable to continue to license any of this technology because of intellectual property infringement claims brought by third parties against our licensors or against us, or if we are unable to continue our license agreements or enter into new licenses on commercially reasonable terms, our ability to develop and sell products and services containing that technology would be severely limited, and our business could be harmed. Additionally, if we are unable to license necessary technology from third parties, we may be forced to acquire or develop alternative technology of lower quality or performance standards. This would limit and delay our ability to offer new or competitive products and services and increase our costs of production. As a result, our margins, market share, and operating results could be significantly harmed.
 
Misuse of our products could harm our reputation and divert resources.
 
Our products may be misused by end-customers or third parties that obtain access to our products. For example, our products could be used to censor private access to certain information on the Internet. Such use of our products for censorship could result in negative press coverage and negatively affect our reputation.
 
We are subject to governmental export and import controls that could subject us to liability or impair our ability to compete in international markets.
 
Because we incorporate encryption technology into our products, certain of our products are subject to U.S. export controls and may be exported outside the U.S. only with the required export license or through an export license exception. If we were to fail to comply with U.S. export licensing requirements, U.S. customs regulations, U.S. economic sanctions, or other laws, we could be subject to substantial civil and criminal penalties, including fines, incarceration for responsible employees and managers, and the possible loss of export or import privileges. Obtaining the necessary export license for a particular sale may be time-consuming and may result in the delay or loss of sales opportunities. Furthermore, U.S. export control laws and economic sanctions prohibit the shipment of certain products to U.S. embargoed or sanctioned countries, governments, and persons. Even though we take precautions to ensure that our channel partners comply with all relevant regulations, any failure by our channel partners to comply with such regulations could have negative consequences, including reputational harm, government investigations, and penalties.
 
In addition, various countries regulate the import of certain encryption technology, including through import permit and license requirements, and have enacted laws that could limit our ability to distribute our products or could limit our end-customers’ ability to implement our products in those countries. Changes in our products or changes in export and import regulations may create delays in the introduction of our products into international markets, prevent our end-customers with international operations from deploying our products globally or, in some cases, prevent or delay the export or import of our products to certain countries, governments, or persons altogether. Any change in export or import regulations, economic sanctions or related legislation, shift in the enforcement or

- 25 -

Table of Contents

scope of existing regulations, or change in the countries, governments, persons, or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential end-customers with international operations. Any decreased use of our products or limitation on our ability to export or sell our products would likely adversely affect our business, financial condition, and operating results.

Our corporate culture has contributed to our success, and if we cannot maintain this culture as we grow, we could lose the innovation, creativity, and teamwork fostered by our culture, and our business may be harmed.
 
We believe that a critical contributor to our success has been our corporate culture, which we believe fosters innovation, teamwork, passion for customers, and focus on execution, as well as facilitating critical knowledge transfer and knowledge sharing. As we grow and change, we may find it difficult to maintain these important aspects of our corporate culture, which could limit our ability to innovate and operate effectively. Any failure to preserve our culture could also negatively affect our ability to retain and recruit personnel, continue to perform at current levels or execute on our business strategy.
 
We may acquire other businesses which could require significant management attention, disrupt our business, dilute stockholder value, and adversely affect our operating results.
 
As part of our business strategy, we may make investments in complementary companies, products, or technologies. However, we have not made any significant acquisitions to date, and as a result, our ability as an organization to acquire and integrate other companies, products or technologies in a successful manner is unproven. We may not be able to find suitable acquisition candidates, and we may not be able to complete such acquisitions on favorable terms, if at all. If we do complete acquisitions, we may not ultimately strengthen our competitive position or achieve our goals, and any acquisitions we complete could be viewed negatively by our end-customers, investors, and securities analysts. In addition, if we are unsuccessful at integrating such acquisitions, or the technologies associated with such acquisitions, into our company, the revenue and operating results of the combined company could be adversely affected. Any integration process may require significant time and resources, and we may not be able to manage the process successfully. We may not successfully evaluate or utilize the acquired technology or personnel, or accurately forecast the financial impact of an acquisition transaction, including accounting charges. We may have to pay cash, incur debt or issue equity securities to pay for any such acquisition, each of which could adversely affect our financial condition or the value of our common stock. The sale of equity or issuance of debt to finance any such acquisitions could result in dilution to our stockholders. The incurrence of indebtedness would result in increased fixed obligations and could also include covenants or other restrictions that would impede our ability to manage our operations.
 
Our failure to raise additional capital or generate the significant capital necessary to expand our operations and invest in new products could reduce our ability to compete and could harm our business.
 
We intend to continue to make investments to support our business growth and may require additional funds to respond to business challenges, including the need to develop new features to enhance our platform, improve our operating infrastructure or acquire complementary businesses and technologies. Accordingly, we may need to engage in equity or debt financings to secure additional funds. If we raise additional equity financing, our stockholders may experience significant dilution of their ownership interests and the per share value of our common stock could decline. Furthermore, if we engage in debt financing, the holders of debt would have priority over the holders of common stock, and we may be required to accept terms that restrict our ability to incur additional indebtedness. We may also be required to take other actions that would otherwise be in the interests of the debt holders and force us to maintain specified liquidity or other ratios, any of which could harm our business, operating results, and financial condition. We may not be able to obtain additional financing on terms favorable to us, if at all. If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly impaired, and our business may be adversely affected.
 
We may not be able to successfully manage the growth of our business if we are unable to improve our internal systems, processes, and controls.
 
We need to continue to improve our internal systems, processes, and controls to effectively manage our operations and growth. We may not be able to successfully implement improvements to these systems, processes, and controls in an efficient or timely manner. We have implemented a new enterprise resource planning system, and we may not be able to successfully scale improvements to our enterprise resource planning system or implement and scale other systems and processes in a timely or efficient manner or in a manner that does not negatively affect our operating results. In addition, our systems and processes may not prevent or detect all errors, omissions, or fraud. We have licensed technology from third parties to help us improve our internal systems, processes, and controls. The support services available for such third-party technology may be negatively affected by mergers and consolidation in the software industry, and support services for such technology may not be available to us in the future. We may experience difficulties in managing improvements to our systems, processes, and controls or in connection with third-party software, which could impair our ability to provide products or services to our customers in a timely manner, causing us to lose customers, limit us to smaller deployments of our products, or increase our technical support costs.

- 26 -

Table of Contents

 
We recently implemented a corporate structure more closely aligned with the international nature of our business activities, and if we do not achieve increased tax benefits as a result of our corporate structure, our financial condition and results of operations could be adversely affected.
 
We recently reorganized our corporate structure and intercompany relationships to more closely align with the international nature of our business activities. This corporate structure may allow us to reduce our overall effective tax rate through changes in how we use our intellectual property, international procurement, and sales operations. This corporate structure may also allow us to obtain financial and operational efficiencies. These efforts will require us to incur expenses in the near term for which we may not realize related benefits. If the structure is not accepted by the applicable taxing authorities, changes in domestic and international tax laws negatively impact the structure, including proposed legislation to reform U.S. taxation of international business activities, or we do not operate our business consistent with the structure and applicable tax provisions, we may fail to achieve the financial and operational efficiencies that we anticipate as a result of the structure and our future financial condition and results of operations may be negatively impacted.
 
If our estimates or judgments relating to our critical accounting policies are based on assumptions that change or prove to be incorrect, our operating results could fall below expectations of securities analysts and investors, resulting in a decline in our stock price.
 
The preparation of financial statements in conformity with GAAP requires management to make estimates and assumptions that affect the amounts reported in the consolidated financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, as provided in the section entitled “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” the results of which form the basis for making judgments about the carrying values of assets, liabilities, equity, revenue, and expenses that are not readily apparent from other sources. Our operating results may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions, which could cause our operating results to fall below the expectations of securities analysts and investors, resulting in a decline in our stock price. Significant assumptions and estimates used in preparing our consolidated financial statements include those related to revenue recognition, share-based compensation, contract manufacturing liabilities, warranties, loss contingencies, and income taxes.


Failure to comply with governmental laws and regulations could harm our business.
 
Our business is subject to regulation by various federal, state, local, and foreign governmental agencies, including agencies responsible for monitoring and enforcing employment and labor laws, workplace safety, product safety, environmental laws, consumer protection laws, anti-bribery laws, import/export controls, federal securities laws, and tax laws and regulations. In certain jurisdictions, these regulatory requirements may be more stringent than those in the United States. Noncompliance with applicable regulations or requirements could subject us to investigations, sanctions, mandatory product recalls, enforcement actions, disgorgement of profits, fines, damages, civil and criminal penalties, or injunctions. If any governmental sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation, our business, operating results, and financial condition could be materially adversely affected. In addition, responding to any action will likely result in a significant diversion of management’s attention and resources and an increase in professional fees. Enforcement actions and sanctions could harm our business, operating results, and financial condition.
 
If we fail to comply with environmental requirements, our business, financial condition, operating results, and reputation could be adversely affected.
 
We are subject to various environmental laws and regulations including laws governing the hazardous material content of our products and laws relating to the collection of and recycling of electrical and electronic equipment. Examples of these laws and regulations include the European Union, or EU, Restriction of the Use of Certain Hazardous Substances in Electrical and Electronic Equipment Directive, or RoHS, and the EU Waste Electrical and Electronic Equipment Directive, or WEEE, as well as the implementing legislation of the EU member states. Similar laws and regulations have been passed or are pending in China, South Korea, Norway, and Japan and may be enacted in other regions, including in the United States, and we are, or may in the future be, subject to these laws and regulations.
 
The EU RoHS and the similar laws of other jurisdictions ban the use of certain hazardous materials such as lead, mercury, and cadmium in the manufacture of electrical equipment, including our products. Currently, the manufacturer of our hardware appliances and major component part suppliers comply with the EU RoHS requirements. However, if there are changes to this or other laws (or their interpretation) or if new similar laws are passed in other jurisdictions, we may be required to reengineer our products to use components compatible with these regulations. This reengineering and component substitution could result in additional costs to us or disrupt our operations or logistics.
 

- 27 -

Table of Contents

The WEEE Directive requires electronic goods producers to be responsible for the collection, recycling, and treatment of such products. Changes in interpretation of the directive may cause us to incur costs or have additional regulatory requirements to meet in the future in order to comply with this directive, or with any similar laws adopted in other jurisdictions.
 
Our failure to comply with past, present, and future similar laws could result in reduced sales of our products, substantial product inventory write-offs, reputational damage, penalties, and other sanctions, any of which could harm our business and financial condition. We also expect that our products will be affected by new environmental laws and regulations on an ongoing basis. To date, our expenditures for environmental compliance have not had a material impact on our results of operations or cash flows, and although we cannot predict the future impact of such laws or regulations, they will likely result in additional costs and may increase penalties associated with violations or require us to change the content of our products or how they are manufactured, which could have a material adverse effect on our business, operating results, and financial condition.
 
We are exposed to fluctuations in currency exchange rates, which could negatively affect our financial condition and operating results.
 
Our sales contracts are primarily denominated in U.S. dollars, and therefore, substantially all of our revenue is not subject to foreign currency risk. However, a strengthening of the U.S. dollar could increase the real cost of our products to our end-customers outside of the United States, which could adversely affect our financial condition and operating results. In addition, an increasing portion of our operating expenses is incurred outside the United States, is denominated in foreign currencies, and is subject to fluctuations due to changes in foreign currency exchange rates. If we are not able to successfully hedge against the risks associated with currency fluctuations, our financial condition and operating results could be adversely affected.
 
Our business is subject to the risks of earthquakes, fire, power outages, floods, and other catastrophic events, and to interruption by man-made problems such as terrorism.
 
A significant natural disaster, such as an earthquake, fire, a flood, or significant power outage could have a material adverse impact on our business, operating results, and financial condition. Both our corporate headquarters and the location where our products are manufactured are located in the San Francisco Bay Area, a region known for seismic activity. In addition, natural disasters could affect our supply chain, manufacturing vendors, or logistics providers’ ability to provide materials and perform services such as manufacturing products or assisting with shipments on a timely basis. In the event our or our service providers’ information technology systems or manufacturing or logistics abilities are hindered by any of the events discussed above, shipments could be delayed, resulting in missed financial targets, such as revenue and shipment targets, for a particular quarter. In addition, acts of terrorism and other geo-political unrest could cause disruptions in our business or the business of our supply chain, manufacturers, logistics providers, partners, or end-customers or the economy as a whole. Any disruption in the business of our supply chain, manufacturers, logistics providers, partners, or end-customers that impacts sales at the end of a fiscal quarter could have a significant adverse impact on our quarterly results. All of the aforementioned risks may be further increased if the disaster recovery plans for us and our suppliers prove to be inadequate. To the extent that any of the above should result in delays or cancellations of customer orders, or the delay in the manufacture, deployment, or shipment of our products, our business, financial condition, and operating results would be adversely affected.

Risks Related to Ownership of Our Common Stock
 
Our actual operating results may differ significantly from our guidance. 

From time to time, we have released, and may continue to release guidance in our quarterly earnings releases, quarterly earnings conference call, or otherwise, regarding our future performance that represents our management’s estimates as of the date of release. This guidance, which includes forward-looking statements, has been and will be based on projections prepared by our management. These projections are not prepared with a view toward compliance with published guidelines of the American Institute of Certified Public Accountants, and neither our registered public accountants nor any other independent expert or outside party compiles or examines the projections. Accordingly, no such person expresses any opinion or any other form of assurance with respect to the projections.

Projections are based upon a number of assumptions and estimates that, while presented with numerical specificity, are inherently subject to significant business, economic and competitive uncertainties and contingencies, many of which are beyond our control and are based upon specific assumptions with respect to future business decisions, some of which will change. We intend to state possible outcomes as high and low ranges which are intended to provide a sensitivity analysis as variables are changed but are not intended to imply that actual results could not fall outside of the suggested ranges. The principal reason that we release guidance is to provide a basis for our management to discuss our business outlook with analysts and investors. We do not accept any responsibility for any projections or reports published by any such persons.


- 28 -

Table of Contents

Guidance is necessarily speculative in nature, and it can be expected that some or all of the assumptions underlying the guidance furnished by us will not materialize or will vary significantly from actual results. Accordingly, our guidance is only an estimate of what management believes is realizable as of the date of release. Actual results will vary from our guidance and the variations may be material. In light of the foregoing, investors are urged not to rely upon our guidance in making an investment decision regarding our common stock. 

Any failure to successfully implement our operating strategy or the occurrence of any of the events or circumstances set forth in this “Risk Factors” section in this quarterly report could result in the actual operating results being different from our guidance, and the differences may be adverse and material.

The price of our common stock may be volatile and the value of your investment could decline.
 
The trading price of our common stock has been volatile since our initial public offering (IPO). Since shares of our common stock were sold in our IPO in July 2012 at a price of $42.00 per share, the reported high and low sales prices of our common stock has ranged from $72.61 to $39.08, through September 10, 2013. The trading price of our common stock may fluctuate widely in response to various factors, some of which are beyond our control. These factors include:

announcements of new products, services or technologies, commercial relationships, acquisitions or other events by us or our competitors;
price and volume fluctuations in the overall stock market from time to time;
significant volatility in the market price and trading volume of technology companies in general and of companies in our industry;
fluctuations in the trading volume of our shares or the size of our public float;
actual or anticipated changes in our operating results or fluctuations in our operating results;
whether our operating results meet the expectations of securities analysts or investors;
actual or anticipated changes in the expectations of securities analysts or investors;
litigation involving us, our industry, or both, including any developments with respect to our pending litigation, described under the "Litigation" subheading in Note 6. Commitments and Contingencies of Notes to Consolidated Financial Statements in Part II, Item 8 of this Quarterly Report on Form 10-Q;
regulatory developments in the United States, foreign countries or both;
major catastrophic events;
sales of large blocks of our stock;
departures of key personnel; or
economic uncertainty around the world, in particular, macroeconomic challenges in Europe;
 
In addition, if the market for technology stocks or the stock market in general experiences loss of investor confidence, the trading price of our common stock could decline for reasons unrelated to our business, operating results or financial condition. The trading price of our common stock might also decline in reaction to events that affect other companies in our industry even if these events do not directly affect us. In the past, following periods of volatility in the market price of a company’s securities, securities class action litigation has often been brought against that company. Securities litigation could result in substantial costs and divert our management’s attention and resources from our business. This could have a material adverse effect on our business, operating results and financial condition.
 
Substantial future sales of shares of our common stock could cause the market price of our common stock to decline.
        The market price of shares of our common stock could decline as a result of substantial sales of our common stock, particularly sales by our directors, executive officers, employees and significant stockholders, a large number of shares of our common stock becoming available for sale, or the perception in the market that holders of a large number of shares intend to sell their shares. As of July 31, 2013, we had outstanding approximately 71,612,000 shares of our common stock.
        As of July 31, 2013, certain holders of our common stock have rights, subject to some conditions, to require us to file registration statements covering their shares or to include their shares in registration statements that we may file for our stockholders or ourselves. We have also registered shares of common stock that we may issue under our employee equity incentive plans. These shares will be able to be sold freely in the public market upon issuance.

- 29 -

Table of Contents

 
The issuance of additional stock in connection with financings, acquisitions, investments, our stock incentive plans or otherwise will dilute all other stockholders.

Our amended and restated certificate of incorporation authorizes us to issue up to 1,000,000,000 shares of common stock and up to 100,000,000 shares of preferred stock with such rights and preferences as may be determined by our board of directors. Subject to compliance with applicable rules and regulations, we may issue our shares of common stock or securities convertible into our common stock from time to time in connection with a financing, acquisition, investment, our stock incentive plans or otherwise. Any such issuance could result in substantial dilution to our existing stockholders and cause the trading price of our common stock to decline.
 
Insiders have substantial control over us, which could limit your ability to influence the outcome of key transactions, including a change of control.
 
As of July 31, 2013, our directors, executive officers and each of our stockholders who own greater than 5% of our outstanding common stock and their affiliates, in the aggregate, beneficially own approximately 35% of the outstanding shares of our common stock. As a result, these stockholders, if acting together, will be able to influence or control matters requiring approval by our stockholders, including the election of directors and the approval of mergers, acquisitions or other extraordinary transactions. They may also have interests that differ from yours and may vote in a way with which you disagree and which may be adverse to your interests. This concentration of ownership may have the effect of delaying, preventing or deterring a change of control of our company, could deprive our stockholders of an opportunity to receive a premium for their common stock as part of a sale of our company and might ultimately affect the market price of our common stock.
 
We do not intend to pay dividends for the foreseeable future.
 
We have never declared or paid any dividends on our common stock. We intend to retain any earnings to finance the operation and expansion of our business, and we do not anticipate paying any cash dividends in the future. As a result, you may only receive a return on your investment in our common stock if the market price of our common stock increases.
 
The requirements of being a public company may strain our resources, divert management’s attention and affect our ability to attract and retain qualified board members.
 
As a public company, we are subject to the reporting requirements of the Securities Exchange Act of 1934, as amended, or the Exchange Act, the listing requirements of the New York Stock Exchange and other applicable securities rules and regulations. Compliance with these rules and regulations will increase our legal and financial compliance costs, make some activities more difficult, time-consuming or costly, and increase demand on our systems and resources Among other things, the Exchange Act requires that we file annual, quarterly and current reports with respect to our business and operating results and maintain effective disclosure controls and procedures and internal control over financial reporting. In order to maintain and, if required, improve our disclosure controls and procedures and internal control over financial reporting to meet this standard, significant resources and management oversight may be required. As a result, management’s attention may be diverted from other business concerns, which could harm our business and operating results. Although we have already hired additional employees to comply with these requirements, we may need to hire even more employees in the future, which will increase our costs and expenses.

Because we are no longer an “emerging growth company” as defined in the JOBS Act, we are subject to the independent auditor attestation requirements of Section 404 of the Sarbanes-Oxley Act, enhanced disclosure obligations regarding executive compensation in our periodic reports and proxy statements, and the requirements of holding a nonbinding advisory vote on executive compensation and stockholder approval of any golden parachute payments not previously approved. While we were able to determine in our management's report for fiscal 2013 that our internal control over financial reporting is effective, as well as provide an unqualified attestation report from our independent registered public accounting firm to that effect, we have and will continue to consume management resources and incur significant expenses for Section 404 compliance on an ongoing basis. In the event that our chief executive officer, chief financial officer, or independent registered public accounting firm determines in the future that our internal control over financial reporting is not effective as defined under Section 404, we could be subject to one or more investigations or enforcement actions by state or federal regulatory agencies, stockholder lawsuits or other adverse actions requiring us to incur defense costs, pay fines, settlements or judgments and causing investor perceptions to be adversely affected and potentially resulting in a decline in the market price of our stock.
 
In addition, changing laws, regulations, and standards relating to corporate governance and public disclosure, such as continued rulemaking pursuant to the Dodd-Frank Act of 2010 and related rules and regulations regarding the disclosure of conflict minerals that are mandated by the Dodd-Frank Act, are creating uncertainty for public companies, increasing legal and financial compliance costs, and making some activities more time-consuming. These laws, regulations, and standards are subject to varying interpretations, in many cases due to their lack of specificity, and, as a result, their application in practice may evolve over time as new guidance is

- 30 -

Table of Contents

provided by regulatory and governing bodies. This could result in continuing uncertainty regarding compliance matters and higher costs necessitated by ongoing revisions to disclosure and governance practices. We intend to invest resources to comply with evolving laws, regulations, and standards, and this investment may result in increased general and administrative expense and a diversion of management’s time and attention from revenue-generating activities to compliance activities. If our efforts to comply with new laws, regulations, and standards differ from the activities intended by regulatory or governing bodies, regulatory authorities may initiate legal proceedings against us and our business may be harmed.
 
We also expect that being a public company and these new rules and regulations will make it more expensive for us to obtain director and officer liability insurance, and we may be required to accept reduced coverage or incur substantially higher costs to obtain coverage. These factors could also make it more difficult for us to attract and retain qualified members of our board of directors, particularly to serve on our Audit Committee and Compensation Committee, and qualified executive officers.
 
We are obligated to maintain proper and effective internal controls over financial reporting. We may not complete our analysis of our internal controls over financial reporting in a timely manner, or these internal controls may not be determined to be effective, which may adversely affect investor confidence in our company and, as a result, the value of our common stock.
 
We are required, pursuant to the Exchange Act, to furnish a report by management on, among other things, the effectiveness of our internal control over financial reporting. This assessment will need to include disclosure of any material weaknesses identified by our management in our internal control over financial reporting, as well as a statement that our auditors have issued an attestation report on our internal controls.
 
While we were able to determine in our management's report for fiscal 2013 that our internal control over financial reporting is effective, as well as provide an unqualified attestation report from our independent registered public accounting firm to that effect, we may not be able to complete our evaluation, testing, and any required remediation in a timely fashion or our independent registered public accounting firm may not be able to formally attest to the effectiveness of our internal control over financial reporting in the future. During the evaluation and testing process, if we identify one or more material weaknesses in our internal control over financial reporting that we are unable to remediate before the end of the same fiscal year in which the material weakness is identified, we will be unable to assert that our internal controls are effective. If we are unable to assert that our internal control over financial reporting is effective, or if our auditors are unable to attest to the effectiveness of our internal controls or determine we have a material weakness in our internal controls, we could lose investor confidence in the accuracy and completeness of our financial reports, which would cause the price of our common stock to decline.


If securities or industry analysts do not publish research or reports about our business, or publish inaccurate or unfavorable research reports about our business, our share price and trading volume could decline.
 
The trading market for our common stock, to some extent, depends on the research and reports that securities or industry analysts publish about us or our business. We do not have any control over these analysts. If one or more of the analysts who cover us should downgrade our shares or change their opinion of our shares, our share price would likely decline. If one or more of these analysts should cease coverage of our company or fail to regularly publish reports on us, we could lose visibility in the financial markets, which could cause our share price or trading volume to decline.
 
Our charter documents and Delaware law could discourage takeover attempts and lead to management entrenchment.
 
Our amended and restated certificate of incorporation and amended and restated bylaws contain provisions that could delay or prevent a change in control of our company. These provisions could also make it difficult for stockholders to elect directors that are not nominated by the current members of our board of directors or take other corporate actions, including effecting changes in our management. These provisions include:

a classified board of directors with three-year staggered terms, which could delay the ability of stockholders to change the membership of a majority of our board of directors;
the ability of our board of directors to issue shares of preferred stock and to determine the price and other terms of those shares, including preferences and voting rights, without stockholder approval, which could be used to significantly dilute the ownership of a hostile acquiror;
the exclusive right of our board of directors to elect a director to fill a vacancy created by the expansion of our board of directors or the resignation, death or removal of a director, which prevents stockholders from being able to fill vacancies on our board of directors;

- 31 -

Table of Contents

a prohibition on stockholder action by written consent, which forces stockholder action to be taken at an annual or special meeting of our stockholders;
the requirement that a special meeting of stockholders may be called only by the chairman of our board of directors, our president, our secretary, or a majority vote of our board of directors, which could delay the ability of our stockholders to force consideration of a proposal or to take action, including the removal of directors;
the requirement for the affirmative vote of holders of at least 66 2/3% of the voting power of all of the then outstanding shares of the voting stock, voting together as a single class, to amend the provisions of our amended and restated certificate of incorporation relating to the issuance of preferred stock and management of our business or our amended and restated bylaws, which may inhibit the ability of an acquiror to effect such amendments to facilitate an unsolicited takeover attempt;
the ability of our board of directors, by majority vote, to amend the bylaws, which may allow our board of directors to take additional actions to prevent an unsolicited takeover and inhibit the ability of an acquiror to amend the bylaws to facilitate an unsolicited takeover attempt; and
advance notice procedures with which stockholders must comply to nominate candidates to our board of directors or to propose matters to be acted upon at a stockholders’ meeting, which may discourage or deter a potential acquiror from conducting a solicitation of proxies to elect the acquiror’s own slate of directors or otherwise attempting to obtain control of us.
 
In addition, as a Delaware corporation, we are subject to Section 203 of the Delaware General Corporation Law. These provisions may prohibit large stockholders, in particular those owning 15% or more of our outstanding voting stock, from merging or combining with us for a certain period of time.

ITEM 1B.    UNRESOLVED STAFF COMMENTS

None.

ITEM 2.    PROPERTIES

Our corporate headquarters is located in Santa Clara, California where we currently lease approximately 105,664 square feet of space under a lease agreement that expires in March 2018. On September 20, 2012, we entered into two lease agreements for an aggregate of approximately 300,000 square feet of space in Santa Clara, California to serve as our new corporate headquarters beginning in November 2013. In July 2013, we entered into a sub-lease agreement for the current corporate headquarters with a lease inception date of January 2014. We have an additional technical support center in Plano, Texas under a lease agreement that expires in October 2016. We also lease space for operations and sales personnel in locations throughout the United States and various international locations, including the Netherlands, Singapore, the United Kingdom, Japan, Australia, Canada, and France. We believe that our current facilities are adequate to meet our current needs. We intend to expand our facilities or add new facilities as we add employees and enter new geographic markets, and we believe that suitable additional or alternative space will be available as needed to accommodate ongoing operations and any such growth. However, we expect to incur additional expenses in connection with such new or expanded facilities.

ITEM 3.    LEGAL PROCEEDINGS

The information set forth under the "Litigation" subheading in Note 6. Commitments and Contingencies of Notes to Consolidated Financial Statements in Part II, Item 8 of this Annual Report on Form 10-K is incorporated herein by reference.

ITEM 4.    MINE SAFETY DISCLOSURES

Not applicable.


- 32 -

Table of Contents

PART II
ITEM 5.
MARKET FOR REGISTRANT'S COMMON EQUITY, RELATED STOCKHOLDER MATTERS AND ISSUER REPURCHASES OF EQUITY SECURITIES

Market Information
Our common stock, $0.0001 par value per share, began trading on the New York Stock Exchange on July 20, 2012, where its prices are quoted under the symbol “PANW.”
Holders of Record
As of September 10, 2013, there were 190 holders of record of our common stock. Because many of our shares of common stock are held by brokers and other institutions on behalf of stockholders, we are unable to estimate the total number of stockholders represented by these record holders.
Price Range of Our Common Stock
The following table sets forth the reported high and low sales prices of our common stock for the periods indicated, as regularly quoted on the New York Stock Exchange:
 
Year Ended July 31, 2012
High
 
Low
Fourth Quarter (from July 20, 2012)
$
62.07

 
$
51.10

Year Ended July 31, 2013
 
 
 
First Quarter
$
72.61

 
$
53.27

Second Quarter
$
57.65

 
$
47.00

Third Quarter
$
62.19

 
$
50.29

Fourth Quarter
$
56.60

 
$
39.08

Dividend Policy
We have never declared or paid, and do not anticipate declaring or paying in the foreseeable future, any cash dividends on our capital stock. Any future determination as to the declaration and payment of dividends, if any, will be at the discretion of our board of directors, subject to applicable laws and will depend on then existing conditions, including our financial condition, operating results, contractual restrictions, capital requirements, business prospects, and other factors our board of directors may deem relevant.

Stock Price Performance Graph
This performance graph shall not be deemed “filed” for purposes of Section 18 of the Securities Exchange Act of 1934, as amended (the Exchange Act), or incorporated by reference into any filing of Palo Alto Networks, Inc. under the Securities Act of 1933, as amended, or the Exchange Act, except as shall be expressly set forth by specific reference in such filing.
This performance graph compares the cumulative total return on our common stock with that of the NYSE Composite Index and the NYSE Arca Tech 100 Index. This performance graph assumes $100 was invested on July 20, 2012, in each of the common stock of Palo Alto Networks, Inc., the NYSE Composite Index and the NYSE Arca Tech 100 Index, and assumes the reinvestment of any dividends. The stock price performance on this performance graph is not necessarily indicative of future stock price performance.
 
 

- 33 -

Table of Contents


Company/Index
7/20/2012
 
7/31/2012
 
10/31/2012
 
1/31/2013
 
4/30/2013
 
7/31/2013
Palo Alto Networks, Inc.
$
100.00

 
$
107.55

 
$
103.48

 
$
104.20

 
$
101.83

 
$
92.11

NYSE Comp
$
100.00

 
$
101.34

 
$
105.95

 
$
114.63

 
$
119.55

 
$
123.19

NYSE Arca Tech 100
$
100.00

 
$
101.35

 
$
101.94

 
$
113.77

 
$
118.29

 
$
127.39


ITEM 6.
SELECTED CONSOLIDATED FINANCIAL DATA

The selected consolidated statement of operations data for fiscal 2013, 2012, and 2011 and the consolidated balance sheet data as of July 31, 2013 and 2012 are derived from our audited consolidated financial statements included elsewhere in this Annual Report on Form 10-K. The selected consolidated statement of operations data for fiscal 2010 and 2009 and the consolidated balance sheet data as of July 31, 2011, 2010, and 2009 are derived from audited financial statements not included in this Annual Report on Form 10-K. Our historical results are not necessarily indicative of the results that may be expected in the future. The selected consolidated financial data below should be read in conjunction with the section entitled “Management’s Discussion and Analysis of Financial Condition and Results of Operations” included in Part II, Item 7 of this Annual Report on Form 10-K and our consolidated financial statements and related notes included in Part II, Item 8 of this Annual Report on Form 10-K.
 

- 34 -

Table of Contents

 
Year Ended July 31,
 
2013
 
2012
 
2011
 
2010
 
2009
 
(in thousands)
Selected Consolidated Statements of Operations Data:
 
 
 
 
 
 
 
 
 
Revenue:
 
 
 
 
 
 
 
 
 
Product
$
243,707

 
$
174,462

 
$
84,800

 
$
36,789

 
$
10,110

Services
152,400

 
80,676

 
33,797

 
11,993

 
3,242

Total revenue
396,107

 
255,138

 
118,597

 
48,782

 
13,352

Cost of revenue:
 
 
 
 
 
 
 
 
 
Product(1)
63,412

 
44,615

 
21,766

 
10,822

 
3,952

Services(1)
46,344

 
25,938

 
10,507

 
4,812

 
2,324

Total cost of revenue
109,756

 
70,553

 
32,273

 
15,634

 
6,276

Total gross profit
286,351

 
184,585

 
86,324

 
33,148

 
7,076

Operating expenses:
 
 
 
 
 
 
 
 
 
Research and development(1)
62,482

 
38,570

 
21,366

 
12,788

 
8,208

Sales and marketing(1)
199,771

 
115,917

 
62,254

 
29,726

 
15,372

General and administrative(1)
42,719

 
26,207

 
13,108

 
11,291

 
2,536

Total operating expenses
304,972

 
180,694

 
96,728

 
53,805

 
26,116

Operating income (loss)
(18,621
)
 
3,891

 
(10,404
)
 
(20,657
)
 
(19,040
)
Interest income
484

 
18

 
3

 
4

 
52

Other expense, net
(519
)
 
(1,110
)
 
(1,651
)
 
(424
)
 
(5
)
Income (loss) before income taxes
(18,656
)
 
2,799

 
(12,052
)
 
(21,077
)
 
(18,993
)
Provision for income taxes
10,590

 
2,062

 
476

 
56

 
12

Net income (loss)
$
(29,246
)
 
$
737

 
$
(12,528
)
 
$
(21,133
)
 
$
(19,005
)
Net income (loss) attributable to common stockholders, basic and diluted
$
(29,246
)
 
$

 
$
(12,528
)
 
$
(21,133
)
 
$
(19,005
)
Net income (loss) per share attributable to common stockholders, basic and diluted
$
(0.43
)
 
$

 
$
(0.88
)
 
$
(1.78
)
 
$
(2.01
)
Weighted-average shares used to compute net income (loss) per share attributable to common stockholders, basic and diluted
68,682

 
19,569

 
14,201

 
11,901

 
9,435

(1)
Includes share-based compensation expense as follows:


- 35 -

Table of Contents

 
Year Ended July 31,
 
2013
 
2012
 
2011
 
2010
 
2009
 
(in thousands)
Cost of product revenue
$
765

 
$
121

 
$
27

 
$
9

 
$
6

Cost of services revenue
3,586

 
653

 
179

 
46

 
9

Research and development
9,931

 
3,733

 
1,020

 
318

 
126

Sales and marketing
20,493

 
4,267

 
1,133

 
364

 
186

General and administrative
9,101

 
5,151

 
2,374

 
132

 
47

Total share-based compensation
$
43,876

 
$
13,925

 
$
4,733

 
$
869

 
$
374

 
 
 
 
 
 
 
 
 
 
 
July 31,
 
2013
 
2012
 
2011
 
2010
 
2009
 
(In thousands)
Selected Consolidated Balance Sheet Data:
 
 
 
 
 
 
 
 
 
Cash and cash equivalents
$
310,614

 
$
322,642

 
$
40,517

 
$
18,835

 
$
21,366

Investments
126,321

 

 

 

 

Working capital
323,597

 
259,651

 
9,739

 
7,000

 
18,246

Total assets
585,606

 
407,804

 
91,172

 
38,119

 
28,213

Preferred stock warrant liability

 

 
2,068

 
491

 
68

Redeemable convertible preferred stock

 

 
64,491

 
64,491

 
64,491

Common stock including additional paid-in capital
381,710

 
309,099

 
9,311

 
2,589

 
1,200

Total stockholders’ equity (deficit)
272,420

 
229,071

 
(71,454
)
 
(65,648
)
 
(45,904
)


- 36 -

Table of Contents

ITEM 7.     MANAGEMENT’S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION
AND RESULTS OF OPERATIONS
 
You should read the following discussion and analysis of our financial condition and results of operations together with the consolidated financial statements and related notes that are included elsewhere in this Annual Report on Form 10-K. This discussion contains forward-looking statements based upon current expectations that involve risks and uncertainties. Our actual results may differ materially from those anticipated in these forward-looking statements as a result of various factors, including those set forth under “Risk Factors” included in Part I, Item 1a or in other parts of this Annual Report on Form 10-K.
 
Overview
 
We have pioneered the next generation of network security with our innovative platform that allows enterprises, service providers, and government entities to secure their networks and safely enable the increasingly complex and rapidly growing number of applications running on their networks. The core of our platform is our Next-Generation Firewall, which delivers application, user, and content visibility and control as well as protection against cyber threats integrated within the firewall through our proprietary hardware and software architecture. Our products and services can address a broad range of our end-customers’ network security requirements, from the data center to the network perimeter, as well as the distributed enterprise, which includes branch offices and a growing number of mobile devices.
 
     
We derive revenue from sales of our products and services, which together comprise our platform. Product revenue is primarily generated from sales of our Next-Generation Firewall which is available in hardware and virtualized platforms. All of our products incorporate our proprietary PAN-OS operating system, which provides a consistent set of capabilities across our entire product line. These capabilities include: application visibility and control (App-ID), user identification (User-ID), site-to-site VPN, remote access SSL VPN, and Quality-of-Service (QoS). Our products are designed for different performance requirements throughout an organization which range from the PA-200, which is designed for enterprise remote offices, to the PA-5060, which is designed for high-speed data centers. The same firewall functionality that is delivered in the hardware platforms is also available in the VM-Series virtual firewalls which secure virtualized and cloud-based computing environments. Multiple firewalls can leverage the WildFire appliance, WF-500, which identifies, analyzes, and blocks known and unknown malware in a private cloud-based environment. Our platform can be centrally managed in both virtualized and hardware platforms across an organization with our Panorama product.

Services revenue includes sales of subscriptions and support and maintenance. Our Threat Prevention, URL Filtering, GlobalProtect, and WildFire subscriptions provide our end-customers with real-time access to the latest antivirus, intrusion prevention, web filtering, and modern malware prevention capabilities across fixed and mobile devices. When end-customers purchase a product, they typically purchase one or more of our subscriptions for additional functionality, as well as support and maintenance in order to receive ongoing security updates, upgrades, bug fixes, and repairs. Sales of these services increase our deferred revenue balance and contribute significantly to our positive cash flow provided by operating activities.

We maintain a field sales force that works closely with our channel partners in developing sales opportunities. We use a two-tier, indirect fulfillment model whereby we sell our products and services to our global distributor channel partners, which, in turn, sell our products and services to our reseller network, which then sell to our end-customers. Our channel partners purchase our products and services at a discount to our list prices before reselling them to our end-customers. Our channel partners generally receive an order from an end-customer prior to placing an order with us and generally do not stock appliances.
 
For the fiscal year 2013, we added more than 4,800 new customers, including leading government organizations, large healthcare organizations, technology leaders and some of the largest Fortune 100 companies in the world. We had more than 13,500 end-customers in over 120 countries as of July 31, 2013. Our end-customers represent a broad range of industries including education, energy, financial services, healthcare, Internet and media, manufacturing, public sector, and telecommunications. During fiscal 2013, 63% of our revenue was generated from the Americas, 23% from Europe, the Middle East, and Africa (EMEA), and 14% from Asia Pacific and Japan (APAC). As of July 31, 2013, we had 1,147 employees.
 
We have experienced rapid growth in recent periods. For fiscal 2013, 2012, and 2011, revenues were $396.1 million, $255.1 million, and $118.6 million, respectively, representing year over year growth of 55% for fiscal 2013 and 115% for fiscal 2012, despite continued uncertainty in the macroeconomic environment, in particular, weakness in EMEA and a slowdown in spending by the U.S. Government. These macroeconomic factors may continue to impact overall spending in information technology (IT) by our customers, which could adversely affect our revenues and operating results.

We continue to invest in innovation and strengthening our product portfolio, which resulted in several new product offerings during fiscal 2013. These new product offerings include: the VM-Series, an all-software virtualized next-generation firewall platform that brings next-generation network security into the virtualized data center environment; the paid subscription service for

- 37 -

Table of Contents

WildFire, our cloud-based modern malware prevention service platform; the WF-500 appliance which provides the ability to deploy WildFire in a customer's private cloud; the PA-3000 Series firewalls that provide mid-range appliance options for enterprise customers; and lastly, the M-100 management appliance, which offers an easy to deploy, high-performance, dedicated appliance for our Panorama management system.

Fiscal 2013 Financial Highlights

We added over 4,800 new end-customers during fiscal 2013 and we had more than 13,500 end customers in over 120 countries as of July 31, 2013.

Total revenue increased 55% to $396.1 million during fiscal 2013 from $255.1 million during fiscal 2012.

Revenue increased 53% in Americas, 48% in EMEA and 82% in APAC during fiscal 2013 compared to fiscal 2012.

Service revenue increased 89% to $152.4 million during fiscal 2013 from $80.7 million during fiscal 2012.

Service revenue as a percentage of total revenue increased to 38% during fiscal 2013 from 32% during fiscal 2012, which reflected the increasing recurring revenue in the business model and the rapid adoption of higher margin subscriptions services in our customer base.

As of July 31, 2013, we had $436.9 million in cash, cash equivalents, and investments.

Cash flow provided by operating activities increased 48% to $114.5 million during fiscal 2013 from $77.4 million during fiscal 2012.

Deferred revenue increased 84% to $249.2 million as of July 31, 2013 from $135.8 million as July 31, 2012 reflected the increased adoption of our support and maintenance and all our subscriptions services.

We completed the reorganization of our corporate structure and intercompany relationships to more closely align with the international nature of our business activities. Through changes in international procurement and sales operations, our corporate structure may cause short-term volatility but is expected to reduce our overall effective tax rate over the long term.

We believe that the growth of our business and our short and long term success are dependent upon many factors, including our ability to extend our technology leadership, grow our base of end-customers, expand deployment of our platform within existing end-customers, and focus on end-customer satisfaction. While these areas present significant opportunities for us, they also pose challenges and risks that we must successfully address in order to sustain the growth of our business and improve our operating results.
 
To manage any future growth effectively, we must continue to improve and expand our information technology and financial infrastructure, our operating and administrative systems and controls, and our ability to manage headcount, capital, and processes in an efficient manner. Additionally, we face intense competition in our market, and to succeed, we need to innovate and offer products that are differentiated from existing infrastructure products, as well as effectively hire, retain, train, and motivate qualified personnel and senior management. If we are unable to successfully address these challenges, our business, operating results, and prospects could be adversely affected.

Key Financial Metrics
 
We monitor the key financial metrics set forth below to help us evaluate growth trends, establish budgets, measure the effectiveness of our sales and marketing efforts, and assess operational efficiencies. We discuss revenue, gross margin, and the components of operating income (loss) and margin below under “—Financial Overview” and “—Results of Operations.” Deferred revenue, cash flow provided by operating activities, and free cash flow(non-GAAP) are discussed immediately below the following table.

 
July 31,
 
2013
 
2012
 
(in thousands)
Total deferred revenue
$
249,230

 
$
135,808

Cash, cash equivalents, and investments
$
436,935

 
$
322,642


- 38 -

Table of Contents

 
 
Year Ended July 31,
 
2013
 
2012
 
2011
 
(dollars in thousands)
Total revenue
$
396,107

 
$
255,138

 
$
118,597

Year over year percentage increase
55.3
 %
 
115.1
%
 
143.1
 %
Gross margin percentage
72.3
 %
 
72.3
%
 
72.8
 %
Operating income (loss)
$
(18,621
)
 
$
3,891

 
$
(10,404
)
Operating margin percentage
(4.7
)%
 
1.5
%
 
(8.8
)%
Cash flow provided by operating activities
$
114,519

 
$
77,368

 
$
32,102

Free cash flow (non-GAAP)
$
92,077

 
$
62,803

 
$
19,102

 
Deferred Revenue. Our deferred revenue consists of amounts that have been invoiced but that have not yet been recognized as revenue as of the period end. The majority of our deferred revenue balance consists of subscription and support and maintenance revenue that is recognized ratably over the contractual service period. We monitor our deferred revenue balance because it represents a significant portion of revenue to be recognized in future periods.
 
Cash Flow Provided by Operating Activities. We monitor cash flow provided by operating activities as a measure of our overall business performance. Our cash flow provided by operating activities is driven in large part by sales of our products and from up-front payments for both subscriptions and support and maintenance. Monitoring cash flow provided by operating activities enables us to analyze our financial performance without the non-cash effects of certain items such as depreciation, amortization, and share-based compensation costs, thereby allowing us to better understand and manage the cash needs of our business.
 
Free Cash Flow (non-GAAP). We define free cash flow, a non-GAAP financial measure, as cash provided by operating activities less purchases of property, equipment, and other assets. We consider free cash flow to be a liquidity measure that provides useful information to management and investors about the amount of cash generated by the business that, after the purchases of property, equipment, and other assets, can be used for strategic opportunities, including investing in our business, making strategic acquisitions, and strengthening the balance sheet.

 
Year Ended July 31,
 
2013
 
2012
 
2011
 
(in thousands)
Cash Flow:
 
 
 
 
 
Cash flow provided by operating activities
$
114,519

 
$
77,368

 
$
32,102

Less: purchase of property, equipment, and other assets
22,442

 
14,565

 
13,000

Free cash flow (non-GAAP)
$
92,077

 
$
62,803

 
$
19,102

Net cash used in investing activities
$
(151,565
)
 
$
(14,565
)
 
$
(13,000
)
Net cash provided by financing activities
$
25,018

 
$
219,322

 
$
2,580

 
Financial Overview
 
Revenue
 
We derive revenue from sales of our products and services. As discussed further in “—Critical Accounting Policies and Estimates—Revenue Recognition” below, revenue is recognized when persuasive evidence of an arrangement exists, delivery has occurred, the fee is fixed or determinable, and collectability is reasonably assured.
 
Our total revenue is comprised of the following:
 
Product Revenue. The substantial majority of our product revenue is derived from sales of our appliances. Product revenue also includes revenue derived from software licenses of Panorama, Virtual Systems Upgrades, and the VM-Series. We recognize product revenue at the time of shipment, provided that all other revenue recognition criteria have been met. As a percentage of total revenue, we expect our product revenue to vary from quarter to quarter based on seasonal and cyclical factors.

- 39 -

Table of Contents

 
Services Revenue. Services revenue is derived primarily from Threat Prevention, URL Filtering, GlobalProtect, and WildFire subscriptions and support and maintenance. Our subscriptions are priced as a percentage of the appliance’s list price. Our contractual subscription and support and maintenance terms are typically one to five years. We recognize revenue from subscriptions and support and maintenance over the contractual service period. As a percentage of total revenue, we expect our services revenue to remain at consistent levels or increase over the long term as we introduce new subscriptions, renew existing services contracts, and expand our end-customer base.
 
Cost of Revenue
 
Our total cost of revenue consists of cost of product revenue and cost of services revenue. Our cost of revenue includes personnel costs, which consist of salaries, bonuses, and share-based compensation associated with our operations and global customer support organizations. Our cost of revenue also includes allocated costs, which consist of certain facilities, depreciation, benefits, recruiting, and information technology costs that we allocate based on headcount.
 
Cost of Product Revenue. Cost of product revenue primarily includes costs paid to our third-party contract manufacturer. Our cost of product revenue also includes product testing costs, allocated costs, warranty costs, shipping costs, and personnel costs associated with logistics and quality control. We expect our cost of product revenue to increase as our product revenue increases.
 
Cost of Services Revenue. Cost of services revenue includes personnel costs for our global customer support organization, allocated costs, and URL filtering database service fees. We expect our cost of services revenue to increase as our end-customer base grows.
 
Gross Margin
 
Gross margin, or gross profit as a percentage of revenue, has been and will continue to be affected by a variety of factors, including the average sales price of our products, manufacturing costs, the mix of products sold, and the mix of revenue between products and services. For sales of our products, our higher throughput firewall products generally have higher gross margins than our lower throughput firewall products within each product series. For sales of our services, our subscriptions typically have higher gross margins than our support and maintenance. We expect our gross margins to fluctuate over time depending on the factors described above.
 
Operating Expenses
 
Our operating expenses consist of research and development, sales and marketing, and general and administrative expense. Personnel costs are the most significant component of operating expenses and consist of salaries, benefits, bonuses, share-based compensation, allocated costs, and with regard to sales and marketing expense, sales commissions. We expect operating expenses to increase in absolute dollars, although they may fluctuate as a percentage of revenue from period to period, as we continue to grow in response to demand for our products and services. As of July 31, 2013, we expect to recognize approximately $133.6 million of share-based compensation expense over a weighted-average period of three years, excluding additional share-based compensation expense related to any future grants of share-based awards. Share-based compensation expense, net of forfeitures, is recognized on a straight-line basis over the requisite service periods of the awards.
 
Research and Development. Research and development expense consists primarily of personnel costs. Research and development expense also includes prototype related expenses and allocated costs. We expect research and development expense to increase in absolute dollars as we continue to invest in our future products and services, although our research and development expense may fluctuate as a percentage of total revenue.
 
Sales and Marketing. Sales and marketing expense consists primarily of personnel costs including commission costs. We expense commission costs as incurred. Sales and marketing expense also includes costs for market development programs, promotional and other marketing costs, travel costs, office equipment and software, depreciation of capital equipment, professional services, and allocated costs. In the last 12 months, we have significantly increased the size of our sales force and have also substantially grown our sales presence internationally. We expect sales and marketing expense to continue to increase in absolute dollars as we increase the size of our sales and marketing organizations to increase touch points with end-customers and to expand our international presence, although our sales and marketing expense may fluctuate as a percentage of total revenue.
 
General and Administrative. General and administrative expense consists of personnel costs as well as professional services. General and administrative personnel include our executive, finance, human resources, and legal organizations. Professional services consist primarily of legal, auditing, accounting, and other consulting costs. We

- 40 -

Table of Contents

expect general and administrative expense to increase in absolute dollars due to additional legal costs related to ongoing IP litigation, and additional costs associated with accounting, compliance, insurance, investor relations, and other costs associated with being a public company, although our general and administrative expense may fluctuate as a percentage of total revenue. Refer to the discussion under “Legal Proceedings” included in Part I, Item 3 of this Annual Report on Form 10-K for information related to pending litigation.
 
Interest Income
 
Interest income consists of income earned on our cash and cash equivalents and investments. We expect interest income will increase as we grow our cash and investments portfolio depending on our average investment balances during the period, types and mix of investments, and market interest rates.
 
Other Expense, Net
 
Other expense, net consists primarily of foreign currency remeasurement gains and losses, foreign currency transaction gains and losses, and the change in the fair value of our convertible preferred stock warrant liability. Convertible preferred stock warrants were classified as a liability on our consolidated balance sheets and remeasured to fair value at each balance sheet date with the corresponding change recorded as other expense. These warrants were exercised during the second quarter of fiscal 2012, and therefore, no charges related to these warrants were incurred after that date. We expect other expense to fluctuate depending on foreign exchange rate movements.
 
Provision for Income Taxes
 
Provision for income taxes consists primarily of federal and state income taxes in the United States, income taxes in foreign jurisdictions in which we conduct business, and foreign withholding taxes. We maintain a full valuation allowance for domestic deferred tax assets, including net operating loss carryforwards and research and development and other tax credits. We expect the provision for income taxes to increase in absolute dollars in future years.
 
We have reorganized our corporate structure and intercompany relationships to more closely align with the international nature of our business activities. This corporate structure may cause volatility to our overall effective tax rate in the short term but is expected to reduce our overall effective tax rate over the long term through changes in international procurement and sales operations.

Results of Operations

The following tables summarize our results of operations for the periods presented and as a percentage of our total revenue for those periods. The period to period comparison of results is not necessarily indicative of results for future periods.

- 41 -

Table of Contents

 
 
Year Ended July 31,
 
2013
 
2012
 
2011
 
(in thousands)
Consolidated Statements of Operations Data:
 
 
 
 
 
Revenue:
 
 
 
 
 
Product
$
243,707

 
$
174,462

 
$
84,800

Services
152,400

 
80,676

 
33,797

Total revenue
396,107

 
255,138

 
118,597

Cost of revenue:
 
 
 
 
 
Product
63,412

 
44,615

 
21,766

Services
46,344

 
25,938

 
10,507

Total cost of revenue
109,756

 
70,553

 
32,273

Total gross profit
286,351

 
184,585

 
86,324

Operating expenses:
 
 
 
 
 
Research and development
62,482

 
38,570

 
21,366

Sales and marketing
199,771

 
115,917

 
62,254

General and administrative
42,719

 
26,207

 
13,108

Total operating expenses
304,972

 
180,694

 
96,728

Operating income (loss)
(18,621
)
 
3,891

 
(10,404
)
Interest income
484

 
18

 
3

Other expense, net
(519
)
 
(1,110
)
 
(1,651
)
Income (loss) before income taxes
(18,656
)
 
2,799

 
(12,052
)
Provision for income taxes
10,590

 
2,062

 
476

Net income (loss)
$
(29,246
)
 
$
737

 
$
(12,528
)
 

- 42 -

Table of Contents


 
Year Ended July 31,
 
2013
 
2012
 
2011
 
(as a percentage of revenue)
Consolidated Statements of Operations Data:
 
 
 
 
 
Revenue:
 
 
 
 
 
Product
61.5
 %
 
68.4
 %
 
71.5
 %
Services
38.5
 %
 
31.6
 %
 
28.5
 %
Total revenue
100.0
 %
 
100.0
 %
 
100.0
 %
Cost of revenue:
 
 
 
 
 
Product
16.0
 %
 
17.5
 %
 
18.4
 %
Services
11.7
 %
 
10.2
 %
 
8.8
 %
Total cost of revenue
27.7
 %
 
27.7
 %
 
27.2
 %
Total gross profit
72.3
 %
 
72.3
 %
 
72.8
 %
Operating expenses:
 
 
 
 
 
Research and development
15.8
 %
 
15.1
 %
 
18.0
 %
Sales and marketing
50.4
 %
 
45.4
 %
 
52.5
 %
General and administrative
10.8
 %
 
10.3
 %
 
11.1
 %
Total operating expenses
77.0
 %
 
70.8
 %
 
81.6
 %
Operating income (loss)
(4.7
)%
 
1.5
 %
 
(8.8
)%
Interest income
0.1
 %
 
 %
 
 %
Other expense, net
(0.1
)%
 
(0.4
)%
 
(1.4
)%
Income (loss) before income taxes
(4.7
)%
 
1.1
 %
 
(10.2
)%
Provision for income taxes
2.7
 %
 
0.8
 %
 
0.4
 %
Net income (loss)
(7.4
)%
 
0.3
 %
 
(10.6
)%
 
 
Comparison of Fiscal 2013 and 2012
 
Revenue

 
Year Ended July 31,
 
 
 
 
 
2013
 
2012
 
Change
 
Amount
 
% of
Revenue
 
Amount
 
% of
Revenue
 
Amount
 
%
 
(dollars in thousands)
Revenue:
 
 
 
 
 
 
 
 
 
 
 
Product
$
243,707

 
61.5
%
 
$
174,462

 
68.4
%
 
$
69,245

 
39.7
%
Services
152,400

 
38.5
%
 
80,676

 
31.6
%
 
71,724

 
88.9
%
Total revenue
$
396,107

 
100.0
%
 
$
255,138

 
100.0
%
 
$
140,969

 
55.3
%
Revenue by geographic theater:
 
 
 
 
 
 
 
 
 
 
 
Americas
$
247,616

 
62.5
%
 
$
161,873

 
63.4
%
 
$
85,743

 
53.0
%
EMEA
91,496

 
23.1
%
 
61,994

 
24.3
%
 
29,502

 
47.6
%
APAC
56,995

 
14.4
%
 
31,271

 
12.3
%
 
25,724

 
82.3
%
Total revenue
$
396,107

 
100.0
%
 
$
255,138

 
100.0
%
 
$
140,969

 
55.3
%

Product revenue increased $69.2 million, or 39.7%, for fiscal 2013 compared to fiscal 2012. Approximately two-thirds of the increase was driven by our newly introduced PA-3000 Series firewalls and M-100 management appliance. The remaining increase was driven by a greater than 50% increase in product unit volume attributable to sales of our PA-5000 Series and PA-200 firewalls.

Service revenue increased $71.7 million, or 88.9%, for fiscal 2013 compared to fiscal 2012. Approximately half of the increase was related to support and maintenance as a result of an increase in total end-customers to more than 13,500 at July 31, 2013 from more than 9,000 at July 31, 2012. The remaining increase was due to an increase in subscriptions from new and existing

- 43 -

Table of Contents

end-customers. The relative increases in revenue from subscriptions and support and maintenance will fluctuate over time, depending on the mix of services revenue and the introduction of new services offerings.

With respect to geographic theaters, the Americas contributed the largest portion of the increase in revenue for fiscal 2013 compared to fiscal 2012 due to its larger and more established sales force compared to our other theaters. Revenue from both EMEA and APAC increased during fiscal 2013 compared to fiscal 2012 due to our investment in increasing the size of our sales force and number of partners in these theaters.

Cost of Revenue and Gross Margin
 
 
Year Ended July 31,
 
 
 
 
 
2013
 
2012
 
Change
 
Amount
 
Gross
Margin
 
Amount
 
Gross
Margin
 
Amount
 
Gross
Margin
 
(dollars in thousands)
Cost of revenue:
 
 
 
 
 
 
 
 
 
 
 
Product
$
63,412

 
 
 
$
44,615

 
 
 
$
18,797

 
 
Services
46,344

 
 
 
25,938

 
 
 
20,406

 
 
Total cost of revenue
$
109,756

 
 
 
$
70,553

 
 
 
$
39,203

 
 
Gross profit:
 
 
 
 
 
 
 
 
 
 
 
Product
$
180,295

 
74.0
%
 
$
129,847

 
74.4
%
 
$
50,448

 
(0.4
)%
Services
106,056

 
69.6
%
 
54,738

 
67.8
%
 
51,318

 
1.8
 %
Total gross profit
$
286,351

 
72.3
%
 
$
184,585

 
72.3
%
 
$
101,766

 
 %

Product cost increased $18.8 million, or 42.1%, for fiscal 2013 compared to fiscal 2012 due to an increase in product unit volume, including sales of our newly introduced PA-3000 Series firewalls and M-100 management appliance.

Service cost increased $20.4 million, or 78.7%, for fiscal 2013 compared to fiscal 2012 due to an increase in personnel costs of $9.5 million, including share-based compensation of $2.9 million. The remaining increase was attributable to other costs incurred to expand our customer service capabilities to support our growing end-customer base.

 Gross margin for fiscal 2013 remained consistent with fiscal 2012. The decrease of 40 basis points in product margin was due to an 80 basis point decrease as a result of the introduction of our PA-3000 Series firewalls, WF-500 appliance and our M-100 management appliance, which will have lower product margins until volume and related cost savings increase, partially offset by decreases in manufacturing costs for other appliances. The increase of 180 basis points in services margin was due to an increase in subscription, support and maintenance without a proportionate increase in our global customer service organization costs. The mix in services revenue was largely unchanged on a period over period basis.

Operating Expenses
 
 
Year Ended July 31,
 
 
 
 
 
2013
 
2012
 
Change
 
Amount
 
% of
Revenue
 
Amount
 
% of
Revenue
 
Amount
 
%
 
(dollars in thousands)
Operating expenses:
 
 
 
 
 
 
 
 
 
 
 
Research and development
$
62,482

 
15.8
%
 
$
38,570

 
15.1
%
 
$
23,912

 
62.0
%
Sales and marketing
199,771

 
50.4
%
 
115,917

 
45.4
%
 
83,854

 
72.3
%
General and administrative
42,719

 
10.8
%
 
26,207

 
10.3
%
 
16,512

 
63.0
%
Total operating expenses
$
304,972

 
77.0
%
 
$
180,694

 
70.8
%
 
$
124,278

 
68.8
%
Includes share-based compensation of:
 
 
 
 
 
 
 
 
 
 
 
Research and development
$
9,931

 
 
 
$
3,733

 
 
 
$
6,198

 
166.0
%
Sales and marketing
20,493

 
 
 
4,267

 
 
 
16,226

 
380.3
%
General and administrative
9,101

 
 
 
5,151

 
 
 
3,950

 
76.7
%
Total
$
39,525

 
 
 
$
13,151

 
 
 
$
26,374

 
200.5
%

- 44 -

Table of Contents


Research and development expense increased $23.9 million, or 62.0%, for fiscal 2013 compared to fiscal 2012 due to an increase in personnel costs of $16.1 million related to increasing our headcount and share-based compensation, an increase in allocated costs of $3.7 million, and an increase in development costs of $2.8 million to support continued investment in our future product and service offerings.

Sales and marketing expense increased $83.9 million, or 72.3%, for fiscal 2013 compared to fiscal 2012 due to an increase in personnel costs of $58.0 million largely due to an increase in headcount, share-based compensation, and commission costs, an increase in allocated costs of $10.7 million, and an increase in marketing activity of $5.6 million related to demand generation activities, trade shows, and other marketing activities. The remaining increase was due to an increase in travel and entertainment costs of $5.6 million, professional service costs of $2.0 million, and office equipment and software costs of $1.9 million in support of our sales efforts.
 
General and administrative expense increased $16.5 million, or 63.0%, for fiscal 2013 compared to fiscal 2012 due to an increase in professional services costs of $6.9 million, including expenses related to ongoing IP litigation with Juniper of $3.6 million. We expect that these litigation expenses will increase in fiscal 2014 as we approach the February 2014 trial date. The remaining increase was due to an increase in personnel costs of $6.6 million, and an increase in allocated costs of $2.3 million related to overall growth to support the business and building our infrastructure to meet the regulatory requirements of being a public company.

Other Expense, Net

 
Year Ended July 31,
 
 
 
 
 
2013
 
2012
 
Change
 
Amount
 
Amount
 
Amount
 
%
 
(dollars in thousands)
Other expense, net
$
519

 
$
1,110

 
$
(591
)
 
(53.2
)%

Other expense, net consisted primarily of foreign currency remeasurement losses for fiscal 2013 and the change in fair value of our preferred stock warrant liability for fiscal 2012. The decrease in other expense, net was due to the elimination of the expense related to preferred stock warrant liability as a result of exercise of these warrants by the holders in December 2011 and January 2012, partially offset by an increase in foreign currency remeasurement loss.

Provision for Income Taxes
 
 
Year Ended July 31,
 
 
 
 
 
2013
 
2012
 
Change
 
Amount
 
Amount
 
Amount
 
%
 
(dollars in thousands)
Provision for income taxes
$
10,590

 
$
2,062

 
$
8,528

 
413.6
%
Effective tax rate
(56.8
)%
 
73.7
%
 
 
 
 

 We recorded an income tax provision for fiscal 2013 due to U.S. federal income taxes, state income taxes, foreign income taxes, and foreign withholding taxes. We have a valuation allowance for our domestic deferred tax assets. The provision for income taxes increased for fiscal 2013 compared to fiscal 2012 due to a significant increase in domestic taxable income after full utilization of federal net operating loss carryforwards.  In addition, our global operations and foreign presence expanded year over year giving rise to additional foreign income taxes and foreign withholding taxes.

During the fourth quarter of fiscal 2013, we completed the reorganization of our corporate structure and intercompany relationships to more closely align with the international nature of our business activities. Our corporate structure may cause volatility to our overall effective tax rate in the short term but is expected to reduce our overall effective tax rate over the long term through changes in international procurement and sales operations.

Comparison of Fiscal 2012 and 2011

- 45 -

Table of Contents

 
Revenue

 
Year Ended July 31,
 
 
 
 
 
2012
 
2011
 
Change
 
Amount
 
% of
Revenue
 
Amount
 
% of
Revenue
 
Amount
 
%
 
(dollars in thousands)
Revenue:
 
 
 
 
 
 
 
 
 
 
 
Product
$
174,462

 
68.4
%
 
$
84,800

 
71.5
%
 
$
89,662

 
105.7
%
Services
80,676

 
31.6
%
 
33,797

 
28.5
%
 
46,879

 
138.7
%
Total revenue
$
255,138

 
100.0
%
 
$
118,597

 
100.0
%
 
$
136,541

 
115.1
%
Revenue by geographic theater:
 
 
 
 
 
 
 
 
 
 
 
Americas
$
161,873

 
63.4
%
 
$
73,145

 
61.7
%
 
$
88,728

 
121.3
%
EMEA
61,994

 
24.3
%
 
32,504

 
27.4
%
 
29,490

 
90.7
%
APAC
31,271

 
12.3
%
 
12,948

 
10.9
%
 
18,323

 
141.5
%
Total revenue
$
255,138

 
100.0
%
 
$
118,597

 
100.0
%
 
$
136,541

 
115.1
%

Product revenue increased $89.7 million, or 105.7%, for fiscal 2012 compared to fiscal 2011. The increase was primarily driven by an aggregate increase of more than 75% in product unit volume and the introduction of our higher-end PA-5000 Series as opposed to increases in the average selling prices of our other products, which remained relatively flat.

Service revenue increased $46.9 million, or 138.7%, for fiscal 2012 compared to fiscal 2011. The increase was primarily driven by new end-customers and, to a lesser extent, additional sales of subscription services to our existing end-customer base. Our total number of end-customers increased to over 9,000 at July 31, 2012 from approximately 4,700 at July 31, 2011.

With respect to geographic theaters, the Americas contributed the largest portion of the increase in revenue for fiscal 2012 compared to fiscal 2011 due to its larger and more established sales force compared to our other theaters. Revenue from both EMEA and APAC increased during fiscal 2012 compared to fiscal 2011 due to our investment in increasing the size of our sales force and number of partners in these theaters.

Cost of Revenue and Gross Margin
 
 
Year Ended July 31,
 
 
 
 
 
2012
 
2011
 
Change
 
Amount
 
Gross
Margin
 
Amount
 
Gross
Margin
 
Amount
 
Gross
Margin
 
(dollars in thousands)
Cost of revenue:
 
 
 
 
 
 
 
 
 
 
 
Product
$
44,615

 
 
 
$
21,766

 
 
 
$
22,849

 
 
Services
25,938

 
 
 
10,507

 
 
 
15,431

 
 
Total cost of revenue
$
70,553

 
 
 
$
32,273

 
 
 
$
38,280

 
 
Gross profit:
 
 
 
 
 
 
 
 
 
 
 
Product
$
129,847

 
74.4
%
 
$
63,034

 
74.3
%
 
$
66,813

 
<