hapabapa
This article was prepared by Eranda Kalhara, CFA in collaboration with Dilantha De Silva.
Fortinet, Inc. (NASDAQ:FTNT), a provider of network security appliances and Unified Threat Management network security solutions, has developed a centralized cybersecurity management plane while being at the forefront in the cybersecurity sector with its software-defined wide-area networking offerings with a global client base. Fortinet Security Fabric, cloud and Software-defined Wide Area Network (SD-WAN) offerings have been hailed by the users as a user-friendly system covering various security concerns. With higher spending on IT infrastructure development during the pandemic period combined with continuous deal wins, Fortinet witnessed significant revenue growth in 2020 and 2021, and this led to surging stock prices as well (FTNT stock is up 710% in the last 5 years).
With intensifying competition in the cybersecurity sector with substantial investments required to be in the game amid low traction on the work-from-home concept, the question is whether Fortinet will be able to expect the same growth momentum in the future. In this article, we will try to answer this important question.
During the pandemic, the normal business operations of many companies were affected. The pandemic expedited slow-paced digital transformations with a huge disruption of the normal workload. Many employees were required to log in to company networks through personal networks to access sensitive information, and this unexpected, unforeseen development exposed confidential data to potential attackers. While cybersecurity may have been seen as a nice-to-have luxury or a reactive measure put in place if something goes wrong, the disruption caused by the pandemic propelled cyber security to be recognized as a necessity for companies of every size and scale where the constantly evolving array of cyberattacks require the latest protection measures. Gartner estimates that spending on information security will total $172 billion in 2022. This spike is putting pressure on security teams to deliver more for every dollar invested. A survey conducted by Deloitte noted an increase in cybersecurity spending, with identity and access management, cyber monitoring and operations, and endpoint network security receiving bigger shares of the pie.
Exhibit 1: Budget allocation across cybersecurity domains
Deloitte
With the expected global economic slowdown, many companies will likely be taking a hard look at whether they need to cut expenses across the board. However, with the growing trend of companies having to deal with protecting sensitive data, applications, and users across on-premises and remote sites, public clouds, private clouds, and edge locations combined with the rising number of legal and social standards on cybersecurity will likely lead to robust long-term demand for cybersecurity solutions.
Fortinet is well positioned to benefit from this increase in global cybersecurity spending with a network of more than 20,000 channel partners worldwide, including distributors, resellers, value-added resellers, and managed service providers. In our opinion, the partner ecosystem supports Fortinet to penetrate smaller economies (the partner may provide value-added services including but not limited to customer onboarding services, post-customer acquisition services, maintenance, and updates). The company caters to more than 450,000 customers worldwide including most of the Fortune 100 companies.
In the tech space, especially in the ERP and cybersecurity sectors, the ecosystem around the products of a company matters a lot as it will support end users to become familiar with one developer, in return enjoying the ability to use the shared information with the developer in multiple locations. According to McKinsey, the bigger the ecosystem (in the sense of the number of different applications and ease of use, and the number of approved third-party vendors) the more likely the product is to attract and retain clients. As Fortinet’s firewall and UTM portfolio evolved to meet the higher demands of enterprises and service providers, Fortinet also expanded its offerings to include security products for networking, switching, sandboxing, security information, event management, and virtual instances. These different products are unified through the security fabric of Fortinet operating as a centralized management plane for a network's security products.
In addition to the above, Fortinet has expanded its business to cloud security, endpoint security, identity and access, and IoT security, providing a more vibrant ecosystem where existing and potential clients have the freedom to expand their operations without changing vendors. Fortinet has also become a leading player in the software-defined wide-area networking, or SD-WAN market, which is rapidly growing as companies move away from routers with expensive connections rented from telcos to SD-WAN which directly connects users to their requests via generic Internet connections. Today, there are only limited operators providing the same services in the SD-WAN market where the expected growth is expected to grow mid-double digits.
Exhibit 2: Fortinet's SD-WAN segment stats
Company presentation
Source: Company presentation
Considering the deep root connections of the security component of the overall cybersecurity system of any given product and heavy costs in implementing a new cybersecurity solution while maintaining the existing defense solutions, we believe leading cybersecurity companies can benefit from switching costs. In addition, the learning curve in getting used to a new system combined with potential operational disruption will further increase the switching costs. Despite the growth of network cybersecurity solutions which are sold as virtual and as-a-service offerings that reduce the burden of installing security appliances on-premises, we believe that switching costs will remain high, providing more leverage to established companies such as Fortinet. The company has established customer switching costs alongside its ability to upsell and cross-sell products to the existing customer base and has a nice runway for growth through its holistic approach to network and cloud cybersecurity.
Fortinet has identified its limitations and the substantial investments required to maintain organic growth, and the company is focused on acquiring smaller peers that could add value to its ecosystem in the long run. This is a strategy that we believe will help Fortinet maintain the stellar growth rates seen in the last few years. Overall, Fortinet has closed 17 deals with the most latest acquisition being Sken.ai on Jul 7, 2021. The acquisition of AccelOps helped the company in correlating visibility and threat intelligence to its entire network security ecosystem and simultaneously has extended it to third-party vendor solutions. Intending to expand the cloud services as well as its solution portfolio, Fortinet acquired Meru Networks while the acquisitions of Coyote Point and XDN have not only helped it broaden the product offerings but also the customer base and geographic reach.
Exhibit 3: Fortinet's notable acquisitions
Tracxn
Source: Tracxn
The acquisition of Sken.ai, a privately held startup, will help the company accelerate its penetration of the DevSecOps market and the acquisition of ShieldX will enable the company to gain a more comprehensive view of end users, workstations, and OT devices. These strategic acquisitions support the hypothesis that the company is seeking tuck-in acquisitions to increase its capabilities in areas such as cloud-based security technologies, Machine Learning, and automation.
Fortinet provides subscription-based services. The continuous revenue stream resulting from the addition of new customers and the steady subscription revenue will support the company in generating stable revenue while leaving room for margin expansion through repeat revenue from a single customer which increases the customer lifetime value. Subscription-based service is a high gross margin business (approximately 80%) compared with the hardware-centric model. The high attach rate of subscription-based services, including technical support and the latest threat prevention updates, have helped spur billings growth (revenue plus the change in deferred revenue) and provide recurring revenue streams to the company. We have to appreciate the efforts of the management to increase the customer base which has rippling effects on the growth of subscription-based revenue. We believe that this strategy will continue to Strengthen the company’s top and bottom-line performances with subscription revenue remaining a larger portion of overall revenue compared with products. In Q1, security subscription services revenue was up 23% to $313 million].
Fortinet has become a globally recognized brand with a customer base of over 450,000. This vast customer base presents the company with an opportunity to upsell products within its installed user base. Fortinet’s count of deals worth at least $500,000 grew from 425 in 2018 to 639 in 2020 (and 602 through the first three quarters of 2021) and 41% of 2021 FortiGate firewall billings came from high-end solutions versus 51% from midrange and 27% from entry-level. Management expects bookings in the range of $1.325 billion to $1.385 billion for the second quarter of this year, which at the midpoint represents bookings growth of 40%. The company derives a significant portion of total sales from its top 10 biggest distributors, of which Exclusive Networks Group has the highest share and accounted for 31% of 2021 total revenue followed by Ingram Micro’s 12%.
With the increasing popularity of the working from home concept opening the corporate infrastructure to more spam and malicious attacks combined with growing complexities requested and expected by clients, every cybersecurity company must continuously invest in broadening its capabilities to survive in this highly competitive market. Over the last few years, Fortinet has invested heavily to enhance its sales and marketing capabilities, particularly by increasing the sales force. This has put pressure on operating margins.
Exhibit 4: EBITDA margin has pulled back in the last 12 months
Seeking Alpha
Source: Seeking Alpha
In contrast to what we have seen in the last couple of years, the growing fears of a global recession have led to a change in consumer behavior where they are not likely to go ahead with full-fledged investments in their cyber-security infrastructure. Most of Fortinet’s peers have noticed that companies have been breaking their cybersecurity investment plans into passes and implementing the initial plans over longer periods instead of making a single large investment. Even though we are certain that growing subscription levels will support stable growth for Fortinet, we believe now is not the time to be overly optimistic about what is in store for the company in the next couple of years.
Despite the high switching costs we discussed earlier, Fortinet faces competition from its peers which forces the company to ensure prompt delivery of products and invest in product development, which may lead to an erosion in operating margins in the short run too.
When it comes to high-growth companies, we often see stellar revenue growth but disappointing earnings. More often than not, we do not see any profits at all, which makes investing in these high-growth companies a high-risk/high-reward bet. Fortinet, although growing fast, is a profitable company. In fact, the company has been GAAP profitable in each of the last 10 years. The company, however, is valued at a premium in the market compared to the information technology sector. The forward P/E of 71 at which the company is valued today certainly suggests that years of growth is already baked into the current market value of the company. This is neither a good thing nor a bad thing, in our opinion, but given the margin pressure we expect in the coming quarters, we are not comfortable investing in Fortinet today. This does not mean that Fortinet is not an attractive company, and we will pounce on any opportunity to invest in Fortinet at a cheaper valuation or if company fundamentals materially change, suggesting that the current valuation is not a stretch.
Fortinet is one of the very few cybersecurity companies that we follow at Leads From Gurus, and we believe the company has a lot to offer both its customers and shareholders in the long run. Through strategic investments and deals, the company seems well-positioned to make the most of the positivity surrounding the global cybersecurity industry.
The Fortinet Certified Trainer (FCT) assessment is a trainer evaluation process in which each candidate has to prove their training delivery skills. The FCT assessment is a two-day assessment that evaluates the FCT candidate's ability to maintain Fortinet's quality standards in technical knowledge, skills and instructional abilities.
Who can apply?
The FCT assessment candidate should be a Fortinet employee or a candidate sponsored by an ATC who has submitted proof of reference, along with an online application form. An FCT candidate who wants to apply for an FCT assessment must meet the following knowledge and experience eligibility requirements:
If you meet all of these requirements you can apply for the FCT assessment!
Please contact for queries and suggestions.
Training InstituteThis Saturday, August 6th, 2022 at 9AM EDT until 3PM we will be performing scheduled maintenance. During this time, the Fortinet Training Institute and lab platform will be unavailable.
FortiGate Security
Learn at your own pace or choose a format that suits you best.
Course Description
In this course, you will learn how to use the most common FortiGate features, including security profiles.
In interactive labs, you will explore firewall policies, the Fortinet Security Fabric, user authentication, and how to protect your network using security profiles, such as IPS, antivirus, web filtering, application control, and more. These administration fundamentals will provide you with a solid understanding of how to implement basic network security.
Who Should Attend
Networking and security professionals involved in the management, configuration, administration, and monitoring of FortiGate devices used to secure their organizations' networks should attend this course.
You should have a thorough understanding of all the subjects covered in the FortiGate Security course before attending the FortiGate Infrastructure course.
Prerequisites
Agenda
Objectives
After completing this course, you will be able to:
The Fortinet Certified Trainer (FCT) assessment is a trainer evaluation process in which each candidate has to prove their training delivery skills. The FCT assessment is a two-day assessment that evaluates the FCT candidate's ability to maintain Fortinet's quality standards in technical knowledge, skills and instructional abilities.
Who can apply?
The FCT assessment candidate should be a Fortinet employee or a candidate sponsored by an ATC who has submitted proof of reference, along with an online application form. An FCT candidate who wants to apply for an FCT assessment must meet the following knowledge and experience eligibility requirements:
If you meet all of these requirements you can apply for the FCT assessment!
Please contact for queries and suggestions.
Training InstituteThis Saturday, August 6th, 2022 at 9AM EDT until 3PM we will be performing scheduled maintenance. During this time, the Fortinet Training Institute and lab platform will be unavailable.
Public Cloud Security
Learn at your own pace or choose a format that suits you best.
Course Description
In this course, you will learn about the different components that make up the infrastructures of the top public cloud providers, and the security challenges these environments present, including high availability (HA), auto-scaling, software-defined network (SDN) connectors, and how to manage traffic in the cloud with Fortinet products.
Who Should Attend
Anyone who is responsible for the deployment or day-to-day management of Fortinet solutions on cloud vendors.
Prerequisites
Agenda
Objectives
After completing this course, you will be able to:
System Requirements
If you take an online format of this class, you must use a computer that has the following:
Enroll Now
Access the latest self-paced training version
Purchasing Process
Find an Instructor-Led Class
Browse our schedule for upcoming classes delivered by Fortinet.
Endpoint Protection Platforms (EPP) , Endpoint Security , Intrusion Prevention Systems (IPS)
Fortinet Says Price Hikes Have More Than Offset Supply Chain, Geopolitical IssuesFortinet has raised prices on products and services to address macroeconomic challenges including shipping delays, longer activation timelines and the suspension of sales in Russia.
See Also: OnDemand | Zero Tolerance: Controlling The Landscape Where You'll Meet Your Adversaries
The Silicon Valley-based platform security vendor says price hikes have more than offset supply chain and geopolitical headwinds in latest months, allowing Fortinet to increase both product gross margins and short-term deferred revenue from a year ago, according to CFO Keith Jensen. Service gross margins dropped since it will take longer for that side of the business to benefit from higher prices, Jensen says (see: Fortinet CEO Ken Xie: OT Business Will Be Bigger Than SD-WAN).
"Our goal is really to try over a longer period of time to just match the cost increases and maintain a consistent margin," Jensen tells investors Wednesday. "It's not that we're really trying to take down more margin."
Fortinet has found that higher prices don't tend to result in lost business since the company has historically offered 30% to 40% better performance at the same price as products from competitors, Jensen says. Fortinet tracks "very religiously" in its CRM tool why it loses competitive deals and hasn't seen any uptick in deals being lost on price since the company began charging customers more, he says.
"The question is always, 'How far can you push the envelope?'" Jensen says. "We know we come into the conversation with a significant price performance advantage."
The company has even raised prices around products that are no longer shipping since higher labor costs mean the expense associated with providing services and renewals on older products has increased, according to CEO Ken Xie. Although the price of the older product itself hasn't changed, Xie says customers now have to spend more to service and support that product.
Channel partners receive 60 days advanced notice before a price increase takes effect, and Jensen says the impact of price hikes is felt fairly quickly from both a product revenue and billings perspective. The trickle-down effect is much slower when it comes to service revenue, but Jensen expects growth to accelerate there as well in late 2022 and 2023 thanks to the price increases.
"You're going to see the benefit over a much longer period of time on the service revenue line," Jensen says. "You will see the benefit in billings much sooner. That's a very good leading indicator of where service revenue growth is going to go in the future."
Price hikes are just one way Fortinet has attempted to address supply chain challenges alongside increasing inventory purchase commitments, redesigning products and qualifying additional suppliers, according to Jensen. But even with those actions, Jensen says demand continues to outpace supply, meaning that Fortinet's backlog is expected to increase throughout the rest of 2022.
"As we balance our pricing actions with the opportunity for continued market share gains, we have passed along most but not all cost increases," Jensen says.
Fortinet's backlog increased yet again in the quarter ended June 30 by $72 million to $350 million, but the rate of increase is down from $120 million in the first quarter of 2022, according to Xie. Networking equipment accounted for 50% of Fortinet's backlog due to continued challenges sourcing raw materials for switches and access points, while the company's FortiGate firewalls accounted for 40% of backlog.
"Our operation and R&D teams did an excellent job navigating the tough supply chain environment," Jensen says. "Nonetheless, we still expect supply chain constraints to be challenging throughout the remainder of the year."
Fortinet's gross margins have been affected not only by price increase but also the product mix from one quarter to the next, Jensen says. The company earns more profit on high-end firewalls as compared with entry-level firewalls, meaning that if Fortinet introduces a high-end firewall in a specific quarter or ends up with more high-end firewall shipments, the company's margins are likely to be higher, he says.
The impact of the economic downturn on Fortinet has thus far been brief and relatively insignificant, Jensen says. Fortinet saw a dip in field closure rates during the first half of June as well as the addition of an approver or negotiator on the customer side in larger deals to ensure the client was making the right decision, according to Jensen. But despite the pause, close rates actually increased slightly last quarter.
"For whatever reason, there was a slight pause there for a couple weeks in June," Jensen says. "But everybody came back and got the deal done that last week in June."
Category | Q2 2022 | Q2 2021 | % Change |
---|---|---|---|
Total Revenue | $1.03B | $801.1M | 28.6% |
Service Revenue | $629.4M | $502.68M | 25.2% |
Product Revenue | $400.7M | $240.7M | 34.3% |
Americas Revenue | $413.6M | $337M | 22.7% |
EMEA Revenue | $391.8M | $306.2M | 28% |
APAC Revenue | $224.7M | $157.9M | 42.3% |
Net Income | $173.5M | $137.5M | 26.2% |
Earnings Per Diluted Share | $0.21 | $0.16 | 31.3% |
Non-GAAP Net Income | $194.1M | $158.7M | 22.3% |
Non-GAAP Earnings Per Share | $0.24 | $0.19 | 26.3% |
Fortinet's revenue of $1.03 million in the quarter ended June 30 was in line with Seeking Alpha's sales estimate. Meanwhile, the company's non-GAAP earnings of $0.24 per share edged out Seeking Alpha's non-GAAP estimate of $0.22 per share.
The company's stock is down $5.88 - 9.35% - to $57 per share in after-hours trading Wednesday. That's the lowest Fortinet's stock has traded since July 26.
The Americas accounted for 40.2% of Fortinet's revenue in the second quarter, while Europe, the Middle East and Africa, or EMEA, delivered 38% of revenue and Asia-Pacific, or APAC, was responsible for the remaining 21.8% of revenue.
For all of 2022, Fortinet expects non-GAAP net income of $1.01 to $1.06 per share on revenue of between $4.35 billion and $4.4 billion. Analysts had been expecting non-GAAP net income of $1 per share on sales of $4.38 billion.
Fortinet introduces the FortiGate 4800F. The company describes the device as the fastest compact firewall for hyperscale data centers and 5G networks. For this purpose, the 4800F series offers appliances with 2.4Tbit/s capacity in a 4U chassis.
According to Fortinet, the firewall is the only 4U chassis on the market with 400GbE, 200GbE and 50GbE ports. This allows large data centers and network operators to scale without disrupting operations. “The combination of performance and scalability packed into our latest firewall will help future-proof organizations’ investments in hyperscale data centers, especially with the rise of 5G and as the volume and velocity of data continues to accelerate at an unprecedented pace”, Fortinet said.
Fortinet mentions fast, secure and privacy-friendly connectivity as the 4800F’s differentiating factor for hyperscale data centers. “Enterprises with ultra-performance needs can converge multiple firewalls into a single unified system, host on-premises applications, and deliver the required user experience”, the company states. The 400GbE interfaces for hyperscale firewalls should allow for the most demanding applications.
In addition, Fortinet points out the importance of SSL inspection for securing the network. The company mentions encryption, which is intended to secure traffic, but also allows cybercriminals to hide malicious activity. Fortinet promises to inspect all encrypted traffic while meeting the speed requirements of modern networks. “FortiGate 4800F offers the industry’s highest SSL-inspection performance as well as support for the industry’s latest TLS 1.3 standard. This also ensures network blind spots are eliminated by enabling full visibility of clear-text and encrypted network flows”, the company said.
The 4800F offers specific features for hybrid IT environments. The firewall enables Virtual Extensible LAN (VXLAN) segmentation and fast communications for computing, storage and applications co-hosted on physical and virtual platforms.
In addition to data centers, Fortinet is targeting 5G networks with its 4800F firewalls. The FortiGate 4800F enables network operators to realize secure IP connectivity to remote networks and domains, including carrier-grade NAT (CGNAT) performance and hardware logging. The firewall supports 25 million connections per second.
Furthermore, the 4800F plays into the scale of 5G radio and operators that share radio access networks (RAN) to reduce costs. “The FortiGate 4800F provides a cost-effective security gateway (SecGW or SEG) to handle 5G’s RAN scalability and security requirements for both user and control planes”, Fortinet said.
Tip: Fortinet guarantees secure network access with Zero Trust
Fortinet on Wednesday introduced a compact Next-Generation Firewall (NGFW) targeted at hyperscale data centers and 5G networks. The FortiGate 4800F occupies four rack units while providing up to 2.4 terabits per second (2 Tbps) throughput. It includes 400 gigabit per second Ethernet (GbE), 200 GbE and 50 GbE ports for scalability depending on need, the company said.
“The combination of performance and scalability packed into our latest firewall will help future-proof organizations’ investments in hyperscale data centers, especially with the rise of 5G and as the volume and velocity of data continues to accelerate at an unprecedented pace,” said John Maddison, executive vice president of products and chief marketing officer at Fortinet.
Next-Generation Firewalls (NGFWs) build on traditional firewall capabilities like packet filtering, network address translation (NAT) and virtual private network (VPN) capabilities with deep packet inspection, intrusion prevention and other techniques to maintain more performant and secure connections.
Specific to 5G, Fortinet said the 4800F enables massive machine-to-machine (M2M) connection that requires secure IP connectivity to untrusted environments like the Internet, edge sites, and cloud services. It can support 25 million connections per second. The 4800F also secures 5G RAN traffic and core connectivity with IPsec-based VPN performance that Fortinet clocks at 19x faster than previous models.
The secret behind the 4800F’s horsepower is the presence of 16 NP7 processors, according to the company. The NP7 is a purpose-designed Network Processing Unit (NPU) developed by Fortinet that accelerates network functions that would otherwise slow CPUs, like IPv4, IPv6, unicast and multicast, IPsec decryption, VXLAN termination and network address translation.
“With the increased scale of 5G radio and the sharing of RAN between operators to reduce costs, the FortiGate 4800F provides a cost-effective security gateway to handle 5G’s RAN scalability and security requirements for both user and control planes,” said the company.
When it comes to hyperscale and large enterprise data center installations, Fortinet claims to be the only vendor delivering 400GbE interfaces on a hyperscale firewall. The company said the 4800F has been designed to deliver significantly faster Secure Socket Layer (SSL) inspection compared to industry averages, and offers Transport Layer Security (TLS) 1.3 protocol support. It supports Virtual Extensible LAN (VXLAN) segmentation, to create massively scalable virtual overlay networks.
The device is managed using FortiGuard, Fortinet’s AI-driven security framework. FortiGuard provides real-time threat detection and security enforcement using context-driven policy management designed to support hybrid deployments in the cloud, on the enterprise network, and at endpoints. The company noted that the firewall also implements universal Zero Trust Network Architecture (ZTNA) support.
“Setting up universal ZTNA with an on-prem or virtual FortiGate ensures that consistent policies and controls span across all operating environments, including across multiple clouds,” said Fortinet.
Text size
Software company Fortinet lowered its forecast for fiscal-year service revenue and the stock dropped sharply early Thursday.
Fortinet (ticker: FTNT) said it expects adjusted earnings for the fiscal year of $1.01 to $1.06 a share, vs. analysts’ estimates of $1.03. Revenue was predicted at $4.35 billion to $4.4 billion, vs. estimates of $4.39 billion. But the company lowered its forecast for service revenue to $2.62 billion to $2.67 billion, down from previous expectations of $2.64billion to $2.7 billion.
The stock fell 7.8% in premarket trading to $58. Coming into Thursday, the shares have declined 12.5% this year.
Fortinet reported second-quarter adjusted earnings late Wednesday of 24 cents a share, higher than 19 cents a share a year earlier and above Wall Street forecasts of 22 cents. Revenue rose 29% to $1.03 billion.
Analyst Dan Bergstrom at RBC Capital Markets said Fortinet’s forecast “remains mindful of the macro and set-up into year-end.” Bergstrom rates the stock at Sector Perform, with a price target of $69.
Bergstrom noted that the largest change in Fortinet’s service revenue guidance was the “removal of service revenue from Russia that is already sitting in deferred revenue” and wasn’t previously removed from guidance when the company stopped doing business in Russia in early March.
“Beyond this, there remains some impact from linearity with customers receiving product later in the quarter and some deferral around turning service contracts on,” the analyst added.
Citi analysts reiterated their Buy rating on the stock and price target of $78. The analysts said in a note that “still robust backlog growth expectations, steady aging, and stable (low) cancellation rates herein provide us confidence growth + profitability execution momentum remains solid.”
Write to Joe Woelfel at joseph.woelfel@barrons.com
Summary
Fortinet is a cybersecurity vendor that sells products, support, and services to small and midsize businesses, enterprises, and government entities. Its products include unified threat management appliances, firewalls, network security, and its security platform, Security Fabric. Services revenue is primarily from FortiGuard security subscriptions and FortiCare technical support. At the end of 2021, products were 38% of revenue and services were 62% of sales. The California-based company sells products worldwide.
Subscribe to Yahoo Finance Plus Essential for full access
Exclusive reports, detailed company profiles, and best-in-class trade insights to take your portfolio to the next level