Kip E. Meintzer - Check Point Software Technologies Ltd. Tal Payne - Check Point Software Technologies Ltd. Gil Shwed - Check Point Software Technologies Ltd..
Brad Alan Zelnick - Credit Suisse Securities (USA) LLC Michael Turits - Raymond James & Associates, Inc. John DiFucci - Jefferies LLC Andrew James Nowinski - Piper Jaffray & Co. Dan Ives - Wedbush Kenneth Talanian - Evercore ISI Gabriela Borges - Goldman Sachs & Co. LLC Walter H.
Pritchard - Citi Investment Research (Europe) Philip Winslow - Wells Fargo Securities LLC Sterling Auty - JPMorgan Securities LLC Jonathan F. Ho - William Blair & Co. LLC Erik Suppiger - JMP Securities LLC Fatima Boolani - UBS Securities LLC.
Greetings, and welcome to the Check Point Software Third Quarter 2018 Earnings Conference Call. At this time, all participants are in a listen-only mode. A brief question-and-answer session will follow the formal presentation. As a reminder, this conference is being recorded.
It is now my pleasure to introduce your host, Kip Meintzer, Head of Global Investor Relations. Thank you. You may begin..
Thank you. I'd like to thank all of you for joining us today to discuss Check Point's third quarter 2018 financial results. Joining me today, as always, on the call are Gil Shwed, Founder and CEO, along with our CFO, COO, Tal Payne. As a reminder, this call is webcast live on our website and is recorded for replay.
To access the live webcast and replay information, please visit the company's website at checkpoint.com. For your convenience, the conference call replay will be made available through October 31. If you'd like to reach us after the call, please contact Investor Relations by email at kip@checkpoint.com.
Before we begin with management's presentation, I'd like to highlight the following. During the course of this presentation, Check Point's representatives may make certain forward-looking statements.
These forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934 include, but are not limited to, statements related to Check Point's expectations regarding business, financial performance and customers; the introduction of new products and programs and the success of those products and programs; the environment for security threats and trends in the market; our strategy and focus areas, demand for our solutions, our expectations regarding the acquisition of Dome9 and its impact on our business and financial outlook, our business and financial outlook including our guidance for Q4 2018.
Because these statements pertain to future events, they are subject to various risks and uncertainties. Actual results could differ materially from Check Point's current expectations and beliefs.
Factors that could cause or contribute to such differences are contained in Check Point's earnings release press issued today, October 24, 2018, which is available on our website; and other factors and risks, including those discussed in Check Point's Annual Report on Form 20-F for the year ended December 31, 2017, which is on file with the Securities and Exchange Commission.
Check Point assumes no obligation to update information concerning its expectations or beliefs except as required by law. In our press release, which has been posted on our website, we present GAAP and non-GAAP results, along with a reconciliation of such results as well as the reasons for our presentation of non-GAAP information.
Now it's my pleasure to turn the call over to Tal Payne for a review of the financial results..
47% of revenues came from Americas; 37% of revenues came from Europe; and the remaining 16% came from Asia Pacific, Japan, Middle East and Africa region. From a deal size perspective, this quarter we had 58 customers with transactions over $1 million. This quarter, similar to last quarter, the total value of these transactions increased significantly.
Non-GAAP operating margin for the quarter was 53%, similar to the previous quarter. We continue to invest in our sales force and marketing efforts. The full effects of these will be reflected naturally in the next quarters. Effective non-GAAP tax rate for this quarter was around 18%.
Our Q4 tax rate is expected to be lower at 10% to 12% related mainly to expiration of tax provisions at the end of the year. GAAP net income for the third quarter of 2018 was $198 million, or $1.25 per diluted share, an increase of 7% from the third quarter of 2017.
Non-GAAP net income for the quarter was $219 million or $1.38 per diluted share, an increase of 6% from the third quarter of 2017 and towards the top end of our guidance. As the share price increased significantly during the quarter, the number of options included in the diluted outstanding shares increased.
Our cash balance continued to increase, reaching $4.072 billion as of September 30. Operating cash flow was $249 million. Collection from customers continues to be strong. Our cash payments increased in line with our continuing investment in sales and marketing.
In July 2018, we approved an increase of our buyback program to $2 billion and with quarterly amount that may vary but will not exceed $325 million. During the quarter, we purchased 2.6 million shares for $300 million at an average price of $113. Now, let's turn the call over for Gil for his comments..
the future is always hard to predict. There may be an upside and, obviously, the potential for downside. With that in mind, here are the fourth quarter projections that include the effect of the acquisition. We expect revenues between $500 million and $528 million, non-GAAP EPS in the range of $1.56 to $1.67.
GAAP EPS is expected to be approximately $0.20 lower than that. Now, I would like to open the call for your insightful question and feedback on our strategy. Thank you..
Thank you. Our first question is from Ben (sic) [Brad] Zelnick with Credit Suisse. Please proceed with your question..
Thanks very much. Brad Zelnick, Credit Suisse. Congratulations, guys, on a nice quarter. It's good to see billings growth back in the business and returning to market levels, and congrats on Dome9.
Gil, on Dome9, can you just talk a bit about why now? And as you think about integrating the offering into your management console, do you envision that this is going to be something seamless a year from now that we won't even notice was a separate entity? And what does that take? And then, I've got a follow-up for Tal. Thanks..
So first, I think now is a very good time to invest in the cloud, and use of cloud application is getting higher and higher. I don't know if it's getting too mainstream, but definitely, almost every enterprise in the world is expanding to the cloud.
And when they do that, they also tighten up security; and, I think security is becoming more important to them. We've been working and looking at Dome9 for a long time, so this is not something that happened overnight, and that's something that we've been doing for quite a long time.
I think the Dome9 capabilities are far better than anything else in the marketplace. They're the only company in the space to have active protection, network security, threat detection and better capabilities in compliance, in multi-cloud environment than everything else we've seen. So we are very happy to be working with them.
We've passed on several other companies that we look a long time and I think we are very fortunate that we've been able to pull this deal through. And hopefully, we will be able to integrate it quite quickly. All the Dome9 employees are now Check Point – are now part of Check Point. The deal is closed, so we are ready to act right now.
And it will probably take us a couple of months to integrate all the different departments and all the different – and all the employees and provide the true Infinity cyber protection for Gen V attacks and strengthening the cloud, which I think is more and more important..
Thanks, Gil. And just, Tal, in following up on the financial impact, it is – I trust it's all subscription revenue.
Can you just confirm for us, were these annual subscriptions paid in advance? Does it flow through to the balance sheet or just directly to the income statement on a consumption basis? And is it fair to say that the business was doing roughly $25 million run rate? And anything else that you can tell us to appreciate the impact would be great..
No. The run rate is not $25 million; it's less than $10 million, just to clarify. That's why we said it's immaterial. So you won't see an impact that is relevant from the revenue perspective in our size of company; so, that's one comment. And the fact that we talked about is relevant mainly as the result of expenses.
We continue to invest in the company as well. It's very exciting area. That's why the numbers – the range that we talked about is $0.02 to $0.04 on a non-GAAP and about $0.07 on the GAAP. And it is a (16:40)..
Got it. And the $0.02 to $0.04 – that's helpful.
And Tal, $0.02 to $0.04, I mean were they burning that much cash or do you intend to invest that much more in integrating the business?.
No. They have over 100 employees. They are spending cash. And it's an area that we would probably plan to expand as well..
Awesome. Thanks so much for taking my questions..
Our next question is from Michael Turits with Raymond James. Please proceed..
Thanks. First, Gil and Tal, can you talk about Dan Yerushalmi and what any changes might be in the strategic direction for what he'll be doing around sales, how you'll be improving? And again, say how that's changed. And then, I'll just drop my second question too. There are a lot of things taking place at a macro level in the world obviously.
To any extent, do you feel like you can look out into 2019, talk about how tariffs might impact you and any impact that other macro trends might have on security spending right now then and then macro?.
Okay. So first in terms of the sales strategy, I think our sales strategy is the right strategy and so our strategy is not something that we change very often. I think the main challenges that we have or the main opportunities that we have depending how we want to look at it is execution. We are focused on new customers.
We are focused on broader sale of our Infinity architecture, getting the higher level in the C-level in the organization. Dan is putting a lot of emphasis on better working with our partners to bring the products to market. And I think all these things that have been part of our strategy will continue. And hopefully, we will do them in a better way.
So I don't think that there's a huge change in strategy. I hope that there's going to be a change in the execution of the strategy.
Second part?.
And the second part was relating to macro changes in what area? Can you repeat the question?.
Well, it is bad semiconductor reports, and people are concerned about tariffs. So in general, general macro concern about next year and potential impact on tariffs, how do you think that, if it does, impacts you guys specifically and anything you could say about the impact on the security market..
So when you talk about tariffs, it's nothing that we expect that will affect us. In the macroeconomics, I will just say the general changes that you're familiar with, with the tax regulations in Europe and the tax regulation in the U.S., we're still waiting for the regulation to come out during Q4.
And based on that, we will see what do we believe is the effect on us..
Okay, guys. Thank you very much..
Our next question is from John DiFucci with Jefferies. Please proceed with your question..
Yes. I have a question for Gil and then a follow-up on Tal. Gil, for Dome9, I'm just trying to, in my mind anyway, figure out now what you have versus what you might need. I read something that Dome9 even has some identity technology.
Is there anything here that in the cloud area that you don't have that you'd have to partner with others or that you wouldn't go into? Normally you haven't gone into the identity space either..
I think we're not going to be a provider of pure identity software. We're going to connect that identity into making sure systems are locked. And that's what we've been doing. By the way, we've started that also in CloudGuard SaaS, our solution for SaaS. We will having now a little bit more of that in Dome9, but that's not our focus.
There are going to be more areas in the cloud that we will get into. The cloud is a very broad environment and very much more layered in specific areas which we can secure, and both of our Gen V and next year our sixth generation of security will also focus on that. But Dome9 is not just a feature.
Dome9, I think, is a platform that's very, very strategic to us because it does know how to manage security and enforce security in very large and very complicated and very heterogeneous cloud environment and that's critical because the cloud is not one entity that's simple to manage.
Actually if you look at the AWS cloud, there's probably around 300 different services. And when you activate any service, you want to make sure that automatically the security is applied to that service. Otherwise, that service becomes unintentionally the backdoor to the company to the enterprise data.
And I think that part of what Dome9 has a lot of automation to automatically set security policies on all the cloud, automatic detection when things go wrong, and automatic remediation which is even more important because if you think that if somebody – if some operator tries to do some maintenance to, let's say, a storage server on the cloud, they leave something open, they go home.
Tomorrow morning, you might get an alert that you left your data opened, but that's too late. During the night, somebody might have sucked all your database.
Somebody that's using Dome9, for example, automatically these permissions will be reset to the locks permission and whether you see the alerts or not, it should be in a good state, so which is one example of what Dome9 can do that nobody else in that industry is doing right now..
Okay, okay. Thank you. And Tal, the results were better than we had been looking for, anyway. And the subscription growth actually accelerated a little bit, about the same growth. But the product numbers are still coming down year-over-year.
And I'm just curious, is that more to do with sort of a transition to – within the sales just sort of push more the platform sales, the Infinity Total Protection type sales, like the selling motion, or is it just customers are buying more subscription at this point? And ITP is exciting, but it's still really early..
I would say in general when we look long term that it's obvious that the industry is an industry, is moving to providing new product as a subscription. So all the relevant product that we present, basically since 2010, is subscription mode of an additional layers. Cloud is subscription. Dome9 is subscription.
So it's clear that the new area – mobile – is subscription and so on. So everything, most of the new things are subscription. Having said that, product can and should be positive and that's what we're talking about continued improvement on the execution of the field..
Okay.
So we should hope or expect to start to see product not only to beat numbers, but actually turn positive at some point?.
That's our goal, definitely..
Okay. Okay, great. Thank you very much..
Our next question is from Andrew Nowinski with Piper Jaffray. Please proceed..
All right. Thank you and congrats on another good quarter. Maybe just starting with the Americas, growth was strong, I think up 8% this quarter, which I think you hinted at last quarter as well. Is that a reflection of share gains or is that a seasonal contribution from the Fed – U.S.
Fed or just an overall improvement in the market that drove that growth?.
No. Just remember that revenues and booking not always in the same timing, right? So revenue, there's a recognition over a period. So it's not necessarily an accounting movement vis-à-vis and so on.
So in general, you're right, you've seen America positive and Europe positive, and (24:43) had a few large deals in the previous quarter in terms of revenue recognition, so you see it actually in the – I think, in the small negative. So it's not necessarily a mirror of the booking..
I would say that I think we did have some slightly better metrics in the U.S. and I'm very happy about that, because we are focused on gaining share and on doing more things in the U.S., but we are far from over. I think our potential on what we can and should do in the U.S.
should be much better than what we are doing, and there's still a long road until I'll be here and say, we are getting everything that we need to from the U.S..
Okay. Very good. And then, just one quick question on your long-term deferred. Looks like it went up a little bit this quarter and your duration also went up.
Is that just a factor or is that attributable to the Infinity sales plan as more customers move to that sales model?.
Not necessarily. Of course, Infinity has an effect in the long term, but it's still not a big number that will affect it in that way. Remember, the long term can be just a fact of support or subscription contract that's signed for over a year. And then the over-a-year portion, in case it was invoiced, then you see it in the deferred long term.
But also short term was very healthy with a growth, if I recall, of about 9% year-over-year. So, that was quite healthy as well.
And remember also that some of the bookings you don't even see, because it's cumulated on invoice because some of the long-term deals, you issue an invoice only once a year and that portion is not reflected in the deferred revenues..
Okay. Got it. Keep up the good work..
Our next question is from Daniel Ives with Wedbush Securities. Please proceed with your question..
Yeah, hey, how are you? And congrats, again. I just – can you maybe just talk about Infinity just in terms of what you're seeing in the field in terms of how maybe the conversations are changing from kicking the tires to actually deal flow? And I'll just stop there and there is a follow-up question..
I think, first, Infinity does raise the conversation to not just product transaction, but how people actually think about security architecture. And in my mind, by the way, that's one of the key elements in building today's cyber security. It's not refreshing that product or adding another product.
It's the overall thinking about how to prevent threats; and, that gives us much better opportunity to present our vision and to challenge our customers and they challenge us about actually delivering that. I think Infinity, so far, is generating a very nice pipeline.
We're still closing only a small number of deals because it takes very long time for a company to make a decision about the long-term commitment and about change of an architecture, but we are seeing that change is starting to happen. And as I mentioned, it goes from midsize – last quarter we even had some small size.
This quarter, it's more midsize, going all the way to very large corporations that are willing to subscribe to that and see the potential in that.
So I think, long term, it should have a very good effect both on our, what we call, Infinity sales, Infinity Total Protection, but also on the general dialog and opening doors with customers that might lead to other product deals, but extend our footprint within a customer environment..
Okay. And just lastly, how do you view the cloud opportunity? I mean, you're a veteran of security and you've seen all different phases and facets.
How would you compare this, maybe over the last decade, versus other opportunities that some bear fruit, others didn't in terms of this cloud and how real this opportunity is and how Check Point is positioned? Thanks..
I think, first, predicting the future is always challenging, but I do think that the cloud is more real than other things we've seen, simply because enterprises are truly – I mean, we see that, unlike many trends in IT that some happened, some didn't happen, some remained very small. The cloud is already substantial.
Every company in the world is expressing interest in moving systems to the cloud. There is a new generation of companies that – it's called Boring to Cloud (sic) [Soaring], that only have cloud environment. And I think all these are potential. What will happen in 5, 10 years, it's really hard to predict.
It's really hard to predict if cloud sales will be a small percentage of the market, but still relevant, or the majority of the market. And I think we'll know that in 10 years. And for us, meanwhile, I think it's a quite substantial opportunity to get into..
Thanks..
Our next question is from Ken Talanian with Evercore ISI. Please proceed..
Hi, thanks for taking the question. So I was wondering if you could give us a sense for how the deferred growth was driven between either subscription or maintenance? Just trying to get a sense for what's driving that uptick..
So, naturally, the deferred revenues, most of it's relating to, as you said, subscription and support. I would say both been healthy and pretty much in line with what you see in the P&L. We had a very good booking in subscription as well. So I would say nothing abnormal. They both grew and they grew nicely.
Naturally, when you're talking about double-digit growth, then subscription is the only one that can do that. Support is typically single digit – low-single digit. You can see it in the P&L since it's a renewal of your installed base support. So majority of the growth is driven by subscription..
Great.
And I guess, around the Infinity deals, could you give us a sense for the kind of uplift you might be seeing in some of the initial deals versus the prior run rate for some of these customers?.
I think it's anything from 30% to 200%, depending on the customer and depending on how big they were and how much they are getting into that in the future. But I think that's the range that we've seen. It's a wide range, but in general, it's a quite substantial increase per customer..
But remember, it depends on what the customer had to start with, right? So if it's a new customer, obviously, all of it is an uplift. If it's a customer that had only, let's say, firewall and now we added the entire family, it will be a very significant increase.
And if you already had before, let's say, NGTX and threat prevention and threat extraction, then the lift will be smaller..
Great. Thank you very much..
Our next question is from Gabriela Borges with Goldman Sachs. Please proceed..
Thanks for taking my question. Tal, you commented last quarter on off-balance sheet bookings activity being particularly strong.
I know it's not something that you regularly comment on, so I wanted to ask a follow-up, which is how did that bookings activity compare this quarter versus last quarter for deals that may not necessarily show up in the balance sheet?.
So, again, we don't report it. But just so it doesn't look like I'm avoiding, I can tell you it's increased this quarter as well, but it's not an indication that I'm going to give – just because, remember, it can be very lumpy and depends on large transactions that are coming in that can be multi-year.
So if you look at the deferred revenues, you can see the growth there. I think it's a reflection of the run rate, which is better than just the fluctuations in the booking..
That's helpful. And a question for, Gil, if I may? Earlier comment on how it does take time to close Infinity Total Protect deals because it requires a change of architecture at the customer.
For your customers that are coming back to you and saying, thanks for presenting, it's really interesting, but we're not interested right now, we're going to buy on the old model.
What are the reasons that they give you for that?.
I think I don't know if that's the typical discussion that we have. The typical discussion and for us one of the challenges is actually how to go higher in the organization and to present to people that see the broader picture in that regard. And that's the opportunity with Infinity.
I don't see many cases that customers are saying we're not interested. They might say, you know, this is a project for next year, we are right now not evaluating big changes, but this is good.
In general, almost everything (33:08) customer was, either, yes, we are getting on and we'll – let's start the process or continue the process or let's evaluate and let's see how it would make sense to us. But I think the real challenge for us is simply presenting it to enough customers.
When I'm presenting, the feedback that I'm getting from customers, let's say, this is revolutionary. This is all by the way feedback that I got from a group of customers that spent a week with us here last week, a customer delegation like this, and their feedback was, it's fresh, it's new, nobody else is doing that.
The focus on prevention is unique to you. This is all good feedback.
It still doesn't end, but unfortunately from a very small list of customers that we're actually presenting, that's why we're saying that in terms of our execution, we need to learn how to take it to more places and then we need to translate that interest level and that acknowledgment on the strategy to actual deals..
That's very helpful. Thank you..
Our next question is from Walter Pritchard with Citi. Please proceed..
Hi, thanks. A question for Gil. Just on product revenue, I'm wondering if there's areas of the world or territories within the world that are doing consistently better than the down 8% or 6% (34:28) that you've had the last couple of quarters.
And I'm wondering what might be different about those areas as leading indicators of how your product revenue could get better as we look into future quarters..
First, I think it's very non-uniform. We have areas in the world or countries that are performing quite well. If I take eight quarters, the six out of eight, they show great metrics and they might have one quarter that's lagging behind and vice versa. So it's not that the (34:59) uniform.
As I said, when I look at some of these territories, the main element is field execution; it's focusing on new deals and on new customers.
And I think that's one of the things we need to expand and do better in our culture is how to approach more new customers and not just base our relationship about the existing customers – the existing relations with the existing customers..
And as a follow-up to that, do we – I mean, just from feet on the street perspective, if I look at sort of where your peers are spending, it just seems like spending quite a bit more from the sales and marketing perspective.
And I'm wondering do – is there a notion that just more feet need to go on the street or is it an efficiency or retargeting the folks that you already have in the organization? Thanks..
I think it's both. I always believe that the way to work is work efficiently and work smart. And if you build the right engine, it will have amazing results, so my focus is on that. Still I think we're going to add more feet in the street because there is more potential and because that will allow us to access more opportunities and more segments.
So we will do both and I think we'll keep doing that in the responsible manner..
Great. Thank you..
Our next question is from Philip Winslow with Wells Fargo. Please proceed..
Hey, thanks, guys, for taking my question.
Just wanted to get some color on the pricing environment that you're seeing during the second half year, anything that you note change-wise whether it'd be just from competitors on let's call the base product or maybe the out of subscriptions, just general color on sort of competitive environment and pricing..
I think the environment is quite competitive. There is price pressure. We have few competitors that their focus is on low price. And when they come to a deal, the prices are going down. We have others that are focusing on other attributes, so the market remains competitive.
I have seen that it became more competitive in the last quarter, put it in that perspective.
Tal, anything...?.
No, no. Phil, typically when you're in a transaction that is large and many competition that you see – many competitors and large bids and you see more competition naturally. Remember that product discounts different from subscription, different from support, so it can vary depends also on the mix on a specific order..
Got it. And then, just one follow-up for Gil from a previous question about the cloud.
I mean if you believe that the world is going to be hybrid going forward and you're going to see workloads both on-premise and in the cloud, could you talk about just from, I think, call it, a policy and management and sort of like the operations side of security, where you guys discussed about sort of having sort of a single pane across both cloud and on-premise versus let's say using Check Point on-premise and then let's say just a native product and, call it, a cloud vendor and having maintained two policies? What is your thought process? What are you hearing from customers on that?.
So, look, that's an excellent question. So, first, I think customers are more and more worried, Phil. Two, three years back, customers didn't have – their whole security thinking was very siloed.
Customers more and more understand that the role of the CISO needs to be on overall security policy management, on overall security policy enforcement and that's a new trend. Again you – which happened in the last maybe one or two years, but something which is changing in the world. In terms of managing the cloud, you're absolutely right.
There is an hybrid environment almost everywhere. Today, we do have that advantage from our SmartCenter console, we can manage our CloudGuard IaaS and have uniform management of whether your instance is a physical appliance or a virtual security gateway in the cloud. Dome9 addresses exactly that.
Dome9 is exactly getting to the point of how do I manage multi-cloud.
Our motivation here is to incorporate that into the Infinity architecture and give the customer a single pane of glass, but it doesn't – the single pane of glass, it's really the uniform thinking about I can know what's – in the cloud it's very important to know what are your assets, to know what is changing to automatically provision thing, and most importantly to enforce that policy everywhere.
And I think that's exactly the value of Dome9 and that's why we liked them and that's why it's worth for us doing that kind of deal..
Great. Thanks, guys..
Our next question is from Sterling Auty with JPMorgan. Please proceed..
Yeah. Thanks. Hi, guys. So, clearly, you saw a really good step up in execution in North America. This is actually the first quarter that Europe has slowed down underneath the growth of North America.
Anything in particular that maybe caused some deceleration in Europe?.
I think Tal indicated already that the revenues and the business trends that you are seeing underneath don't always correlate. And Europe is actually doing quite fine and we are pretty happy with the performance of Europe at this point..
Okay. And then, Gil, one trend that we're obviously seeing is the number of vendors in security plays into EDR, the endpoint detection response, and use of machine language to ingest a lot of data and then go out in either threat seek, threat hunt or protect their customers.
I'm curious now that you're making the Dome9 investment, is this another area that you think you're going to need to have a presence in, either through organic development or through acquisition?.
First, I think that we do have some presence in that. Our SandBlast agent for the endpoint does have many of these capabilities and does have amazing capabilities of EDR. I think the strategy on that looking forward is quite challenging, not because there's no technologies around or not because we don't have good capabilities.
Actually there was just a test now when we rated very, very high, far better than many vendors, both traditional vendors and new vendors, in terms of our endpoint security capabilities and specially these new ones. We got – I don't remember what was the score, but again it was one of the highest in the industry.
But the challenge for me strategically, I'll share it openly, the endpoint market itself is very fragmented. There are very large well-established vendors.
There are many tiny start-ups and there are even companies now in the middle, in the hundreds of millions of dollars of revenues that are midsized companies, but are quite sizeable in the high-tech world.
And the question is how to play in that game? Can any vendor just have an endpoint that's good and get a real important market share in that? And I think I do have a few ideas, I won't share all the ideas, I'll share the change and the strategic thinking. In terms of ideas, yes, we have a product and I think it's a great product.
We can also require more technologies and there are few interesting technologies that I've seen around. It's really unclear to me what's the right play in that market and what's the right way to provide that overall security.
Currently, I must say we're the only vendor that has everything connected and have the cloud, the endpoint, the mobile, the data center, the network all connected in one platform and we do have it now and we do have customers that are using it..
Thank you, Gil..
Thanks..
Our next question is from Jonathan Ho with William Blair. Please proceed..
Hi, good morning. I just wanted to maybe start out with the sales and marketing investments that you're talking about.
Can you maybe give us a sense of magnitude and maybe where you are making those investments in terms of what the sales force is asking for?.
I think the investments are quite uniform around the world. I mean let's take an example, this quarter, we had like 20 local conferences, which we call CPX. We have one big CPX – not one, three big CPXs regional in Europe, in the Americas, and in Asia at the beginning of the year.
We call it CPX 360, then we roll it into a local program of local conferences. This quarter, we had like 20 of them. It is all around the world. This quarter was actually more focused on North America, but again we had the huge one in Singapore. And actually, just this week we had a big one in Russia.
So I mean, it is all over and I think the potential is all over. In terms of sales investment, again, the potential is all over the world. The potential – there is a big potential, again, in the U.S., but I don't think that I can say that there's one area that is more important than the other.
In marketing expenses, there are spend on everything, on tradeshows, on conference and so on. In sales, the biggest investment is simply head count. That's the number one driving and that's, by the way, most of the spend that we have on sales and marketing..
Got it.
And then, just as a follow-up, can you talk a little bit about whether you're seeing an impact from SSL traffic increases, either drive people to purchase larger boxes or, potentially on installed base renewals, drive any type of upsell?.
Okay, that's a excellent one. And I think, technically, SSL is a very challenging thing because more traffic is moving to SSL and we need to inspect that and that requires much more horsepower. So, yes, we are seeing more demand for more performance and more computing power.
By the way, we came last quarter with a new model called the 23900, the high-end model, and that's exactly it's positioning. With more SSL traffic, you need more power to do more threat prevention. And actually, it's going quite well in that regard. I do believe, by the way, that the biggest differentiator is not just speeds.
Our SSL, our new capabilities in our latest version of R80.20 on SSL are far better than the competition. I don't want to go into the technicalities right now, but everybody is claiming to have SSL inspection.
We will show soon how can you – how we are doing the checks in a much more rigid way and in a way that doesn't let anything go unlocked when, if you're a malware developer, you can easily develop an SSL malware that will bypass other companies' SSL simply, because they say, yes, we have SSL, but it's easy to bypass their SSL security.
So these are things that we actually discussed in the last few weeks here internally that we can show the value of what we do.
And by the way, I'm amazed that every technology review that I'm doing to our people that they're working on the right stuff, we are providing the right security, and sometimes I am simply puzzled to see that a lot of the competition is very negligent on the level of security that they provide. And SSL was a perfect example from last week..
Thank you..
Our next question is from Erik Suppiger with JMP Securities. Please proceed..
Yeah. Two questions on Dome9. First off, I think Dome9 was used in a lot of environments where they were not using a third-party firewall, be it Check Point or anybody else.
Is the strategy here to get into environments that are not using firewalls or is the strategy to leverage Dome9 to bring Check Point into those environments and integrate Check Point into the broader security profile? And then, secondly, do you have any incentives to keep the management of Dome9 as part of the terms of the agreement?.
I'll start from the second one; it's easy. Yes, and I think, by the way, in all the acquisitions – the recent acquisition that we've done, we've put incentives for management to stay. And as far as I can say, they did stay.
I mean, I like what we see in the industry and what I've seen in our – I mean, historical past many years ago, here in the last few acquisitions that we've done, the management stayed three, four years and it's working well. So, that's for the second part. For the first part, I think you're right about the need for Dome9.
I think that we are able to get into environment that hasn't been using advanced security, like our CloudGuard IaaS or other gateways. So Dome9 clearly lets us get into that environment and provide their management. If you're not a Check Point customer, the value is there.
If you're a Check Point customer, it's easy to see why you have tools to manage your network security. Right now, you need to have similar tools for the cloud, so Dome9 should be an easy decision to extend your control. And once you have that, it's very easy to see with the visibility tool.
But here I am using, let's say, level 1 security; I want to go to level 5 and we can provide, also, the level 5 or the Gen V security with our advanced threat capabilities. But I think we need to start from securing the environment when the cloud is getting – and it is out of control in most enterprises today..
Very good. Thank you..
Our next question is from Fatima Boolani. Please proceed with your question..
Good morning. Thank you for taking the question. Tal, maybe to start with you, I wanted to follow up on your comments around product growth and your confidence that going forward this could and should stabilize and, in fact, grow.
Beyond focusing your execution and continuing to improve your execution, are there fundamental aspects that you see that maybe we don't that is underpinning your confidence in the form of maybe better appliance shipments than we can see or a better refresh opportunity within your installed base that we could see? And a follow-up for Gil, if I may..
Okay. Actually, I didn't say this, just to clarify. I said that when you look in the long run, then the more technologies you have that are subscription and virtual and cloud and mobile, then actually you will see less products.
So I think in the long term, there is a trend that is clear that everything moving to – or a majority is moving to subscription.
Even when you look at Infinity, then the more people will buy Infinity, the more portion of the deal is going to subscription and support and less on the product because the entire bundle has much more layers of service-orientated portions versus the clients and the products. So long term I actually think it's not.
But talking in the short term, once we continue and see the improvement and you can start to see the improvement on the execution, then I want to see also a growth in the product, but long run it's – I don't know whether the industry will go there..
All right, fair enough.
Gil, just as a segue just to ask that point, as Check Point endeavors to become essentially a Security-as-a-Service provider with Infinity Total Protection, what implication does that have from how you manage and build out your infrastructure because the onus of SLAs and delivery of the security service would be from you instead of the appliance that the customer would have to buy to enjoy the security subscriptions?.
So, some of the things we're doing and some of the future architecture that we will be speaking about will be like that. We'll provide more and more cloud services.
We have been doing that for quite few years in several areas and we will expand that like our sandboxing and threat emulation is done mostly on our cloud and we've been doing it quite effectively. And I think that's an area that we are building and growing and learning, and so far it's working well.
I believe that we are serving almost 7,000 customers today with security capabilities that we supply from the cloud. Today it's an hybrid environment. Eventually some of this might become not hybrid but full cloud, I think, but for the foreseeable future, it will all be an hybrid environment in that regard..
That's very helpful. Thank you..
Ladies and gentlemen, we have reached the end of our question-and-answer session. I would like to turn the floor back over to management for closing remarks..
Thank you, guys, for joining us today. We'll be looking forward to seeing you during the quarter. And also if you'd like to have a call back today, pop me an e-mail and we'll get you in the queue. Thanks and have a great day. Bye-bye..
Ladies and gentlemen, thank you for your participation. This does conclude today's teleconference. You may disconnect your lines, and have a wonderful day..