Jonathan Doros - Vice President-Investor Relations Greg S. Clark - Chief Executive Officer & Director Thomas J. Seifert - Chief Financial Officer & Executive Vice President.

Brent Thill - UBS Securities LLC Andrew James Nowinski - Piper Jaffray & Co. (Broker) Matthew George Hedberg - RBC Capital Markets LLC Gregg Moskowitz - Cowen & Co. LLC Keith Eric Weiss - Morgan Stanley & Co. LLC John DiFucci - Jefferies LLC Shaul Eyal - Oppenheimer & Co., Inc. (Broker).

Good afternoon. My name is Jennifer and I would like to welcome everyone to the Symantec First Quarter Earnings Call. And I would like to turn the call over to Jonathan Doros. Sir, you may begin..

Good afternoon and thank you for joining our call to discuss our first quarter fiscal year 2017 earnings results. We posted the earnings material and prepared remarks to our Investor Relations Events web page. Speakers on today's call are Greg Clark, Symantec's CEO and Thomas Seifert, Executive Vice President and CFO.

This is a live call that will be available via replay on our website. I'd like to remind everyone that all references to financial metrics are non-GAAP unless otherwise stated. We provide year over year constant currency growth rates in our prepared remarks, except for statements about net income and EPS.

All non-GAAP revenue and expenses exclude the impact of Veritas, however the continuing operations deferred revenue on the balance sheet includes a portion of Veritas deferred revenue from Symantec and Veritas bundled contracts entered into prior to operational separation.

The Veritas deferred revenue from those contracts will amortize into discontinued operations. As a result, implied billings growth calculated from the change in deferred revenue on the balance sheet will not be representative of standalone Symantec's performance, as it will include an impact from Veritas.

Implied billings referred to in our prepared remarks and provided in the supplemental materials reflect revenue plus the change in sequential deferred revenue excluding the portion of deferred Veritas revenue.

Please note, non-GAAP financial measures referenced during this call are reconciled to their comparable GAAP financial measures in the press release and supplemental materials posted on our website. Today's call contains forward-looking statements based on the environment as we currently see it.

Those statements are based on current beliefs, assumptions and expectations, speak only as of the current date and as such involve risk and uncertainties that may cause actual results to differ materially from our current expectations. Please refer to the cautionary statement in our press release for more information.

You will also find detailed discussion about our risk factors in our filings with the SEC, and in particular on Form 10-K for the year ended April 1, 2016. And now I'd like to introduce our CEO, Greg Clark Go ahead, Greg..

Thank you. Thank you for joining us today. It is an exciting time for the new Symantec and I'm proud to lead the company that will define the future of cyber security. We are already off to a great start by closing the Blue Coat acquisition earlier than expected, in under two months since announcement.

This has allowed us to move rapidly into the execution of our integration strategy. Since the announcement of the acquisition, we have pressure tested our financial assumptions and continue to remain confident in achieving fiscal 2018 EPS guidance of $1.70 to $1.80 which we disclosed when we announced the acquisition in June.

Our combined product portfolio separates us as the most strategic security player in the industry, with a portfolio of solutions that addresses over 50% of the Enterprise Security budgets, or an approximate $40 billion of total available market.

Furthermore, we are the only security company that has the scale and vision to be considered by the CIO as one of their most strategic technology partners. As you saw from Dimension Data's quote in our closing press release earlier this week, partners are extremely optimistic about the technology the combined company can bring to market.

In addition to great support from our partners, we have had outstanding feedback from the customer base. I'll provide more customer feedback later in my remarks. First, Thomas will begin by providing an overview of the Symantec Q1 results and our financial outlook.

Then I will address why we are confident that we have the deep leadership expertise in place to integrate the two companies and deliver upon our financial targets.

I'll wrap up by describing major cyber security challenges enterprises are facing, and how Symantec is best positioned to usher in a new era of cyber security solutions to solve these multibillion dollar opportunities..

Thank you, Greg. Nearly two years ago we announced our intention to become the leading pure play cyber security company. With the close of the Blue Coat acquisition, we've accelerated that strategy and now are positioned to execute on our integration road map while we define the future of private security.

Today I will provide an overview of our first quarter results, update you on our $550 million cost efficiencies and Blue Coat integration synergies, and conclude with our combined financial outlook. Additional details are provided in our CFO commentary, which is available on our Investor Relations website.

Our first quarter total revenue was $884 million, above the midpoint of our guided range driven by improved performance within Enterprise Security and continued in line results from consumer security.

From a macro and security spending standpoint, we did not see any incremental weakness in Europe related to Brexit, however we continue to monitor our European pipelines very closely. Deferred revenue was $2.4 billion, which includes $243 million of deferred revenue from Veritas.

Implied billings excluding Veritas were $788 million and declined 1.6% on the reported basis. Non-GAAP operating margin for the first quarter was 28.6% and 210 basis points above the high end of our guided range of 24.5% to 26.5%. The upside was evenly split by an early start to our cost efficiency savings and some one-time expense benefits.

Fully diluted earnings per share were $0.29 and above our guidance of $0.24 to $0.26. Our non-GAAP tax rate and share count were in line with guidance.

Cash flow from continuing operations during the quarter was a negative $742 million which included a tax payment of $887 million related to the gain from the sale of Veritas, and a $39 million in cash outflows related to restructuring in the Veritas separation. Let me now provide further detail on our performance by segment.

Enterprise security revenue was $481 million and declined 1% year-over-year which was at the high end of our guidance of down 4% to down 1%, driven by strength in both information protection and cyber security services. Now I'll review the product areas within our Enterprise Security segment.

Threat protection revenue was down 5%, however endpoint security including ATP were low single digits year-over-year. Our newly launched ATP solutions showed continued momentum in what is a seasonally slower quarter.

During Q1 we sold ATP subscriptions to 115 customers, and importantly, two thirds of the Q1 ATP deals were sold independent of a renewal. Overall we continued to maintain the value of our SEP and our cloud recurring revenue, and in some cases expand our footprint within the account. Since its launch in December, we've sold ATPs to 270 customers.

Within the installed base, there remains significant opportunity for additional ATP module cross-sell or seat expansion. Information protection revenue grew 4%. DLP revenue grew 18% and is benefiting from a tailwind of strong prior quarter deferred revenue growth, and a favorable prior year compare.

Looking forward, we have a solid pipeline for DLP, driven by data protection requirements, as our customers adopt cloud based applications. In addition, we are excited about the future of our data protection growth, as we package DLP with our market leading Secure Web Gateway.

Cyber security services and other services grew 9%, marking the fourth consecutive quarter of year over year growth with solid performance across managed security services, incident response, threat intelligence, and other security-focused professional services.

Underlying these results, we continue to see strong demand for actionable cyber threat intelligence. Website security revenue grew 1% and performed in line with our expectations. We continue to see good performance from the higher end of our website security portfolio, where our complete website security offering is gaining traction.

At the low end of the market, we expect our Encryption Everywhere solution to provide a tailwind to results in fiscal 2018 as we begin to benefit from the conversion of this premium offering. Now on to the Norton Consumer Security segment.

Consumer Security revenue was down slightly less than 8% which was at the lower end of our guidance of down 8% to down 5%. The underlying fundamentals of our consumer business continue to improve, driven by the move to subscription and online customer acquisition.

We are also seeing early pipeline building for new solutions such as Wi-Fi privacy and home IoT offerings. Let me now review some additional performance metrics for the Norton business. During Q1, retention rates continued to increase on a year over year basis following the anniversary of our transition to a subscription model in the US.

We will reach the one year anniversary internationally at the end of the fiscal Q2. We continue to grow our online acquisition of customers, which grew new subscriptions 4% during the first quarter. Finally, earlier this summer we launched our Wi-Fi privacy offering. This solution provides a secure connection while connected to an unsecured network.

We are targeting this solution as both an up-sell into our current installed base and as a standalone solution to attract new Norton subscribers. Turning to the balance sheet and capital allocation. On August 1, we added $2.8 billion of new debt and $1.25 billion of convertible notes.

We have $5.6 billion in cash and $7.3 billion in total debt, including the $1.75 billion of convertible notes. As we've previously said, we expect to delever our balance sheet over the medium term. As of last Friday, our current ASR is 58% complete and we expect it to finish in the fall of this year.

We remain committed to maintaining our quarterly dividend. Shifting gears to our $550 million of cost savings initiative and the Blue Coat integration synergies. We've already made progress achieving savings across the areas of procurement, organizational effectiveness, and to a lesser extent real estate.

On an annualized basis we have realized approximately $50 million of run rate net cost efficiencies. In addition to efficiency savings, we expect to achieve synergies from the Blue Coat acquisition by the end of fiscal 2018. The earlier close provides us a head start achieving these.

Before providing our guidance, let me walk through the underlying mechanics. We will be referring to the non-GAAP performance of the business, and please see the CFO commentary for more detailed description. Going forward, Blue Coat will be reported as part of our Enterprise Security segment, given our plans to integrate multiple product solutions.

It is important to note that historically Blue Coat's fiscal second quarter has ended on October 31, therefore our fiscal second quarter guidance will include two months of contribution from Blue Coat from August 1 to September 30. It is also important to note that Blue Coat's revenue linearity is heavily weighted to the last month of the quarter.

Therefore, embedded in our Q2 guidance is up to 50% of Blue Coat's prior Q2 non-GAAP revenue forecast. However, from a cost standpoint, we'll be burdened by approximately two thirds of Blue Coat's second quarter spending with only half the revenue.

From a reporting standpoint, this linearity difference puts an abnormal burden on our operating margin in Q2. We are focused on maintaining strong sales execution during our integration. However, we believe it's prudent to set conservative top line guidance for Q2 and fiscal 2017 as we combine the two companies.

We expect second quarter non-GAAP revenue to be up 4% to 8% to $960 million to $990 million. We expect consumer revenue to be down approximately 7% to $395 million to $400 million. We expect Enterprise Security, which includes a two month contribution from Blue Coat, to be up 14% to 20% to $565 million to $590 million.

We expect an operating margin of 21% to 24%.

To reiterate, a portion of the headwind to margins is due to a burden from two thirds of the spend, but only 50% of revenue benefits from Blue Coat and we expect approximately $30 million of the headwind to non-GAAP operating margin related to retention payments and salesforce incentives put in place to ensure stability during our integration.

We expect non-GAAP EPS of $0.18 to $0.21 with a tax rate of 29% and a fully diluted average share count of 640 million. Now on to fiscal 2017 guidance. As a reminder, our fiscal 2017 outlook only includes eight months of revenue contribution from Blue Coat. We expect fiscal 2017 revenue to be up 11% to 13% to $4.040 billion to $4.120 billion.

Fiscal 2017 operating margin is expected to be in the range of 26% to 28%. We expect approximately $45 million of one-time expense related to retention payments and salesforce incentives put in place to ensure stability during our integration.

We expect EPS of $1.08 to $1.14 with a tax rate of 29% and a fully diluted average share count of 616 million. For our fiscal 2018 outlook, we plan to enter fiscal 2018 with an operating margin of 30%. For fiscal 2018, we continue to expect EPS in the range of $1.70 to $1.80. Now let me turn the call back to Greg..

Thank you, Thomas. Let's begin with why I'm confident we have the leadership team in place to deliver the leading cyber defense portfolio while integrating our two companies and achieving our financial targets. With the Veritas divestiture behind us, we're focused on removing the remaining stranded costs and further improving our operating efficiency.

This is an important step to deliver our commitment to the $550 million in savings and synergies. When I joined Blue Coat in 2011, the company had multiple quarters of revenue declines with below average profitability. While at Blue Coat, we delivered a substantial improvement in operating effectiveness.

Acquisitions were fully integrated, and the company returned to growth. This experience is highly relevant to delivering process efficiencies at Symantec.

We focused the product strategy to cyber security, rebuilt the go-to-market engine, and improved profitability, and thoughtfully leveraged our balance sheet to successfully acquire market-leading technologies. Blue Coat today is a clear leader in cloud security, with the number one market share at the secured gateway.

Organic revenue growth is now in the mid teens with operating margins in the high 20s.

When we combine the Blue Coat leadership team with the many talented executives from Symantec, the outcome is a deep bench across all functions, with a technology portfolio that is market leading, backed by substantial development talent totaling over 4,000 engineers. Let me turn to some early feedback from customers and our channel.

I was recently visiting the CIO of a global financial institution that said the combination of Symantec and Blue Coat not only makes us their most strategic security partner, but we are now considered one of the top overall strategic technology partners.

This type of recognition is not taken for granted, offers a clear advantage versus our competition.

Many other large enterprise customers have proactively reached out to us, and not only to express excitement about the further integration of our product lines, but are even more enthusiastic about our longer term vision and our relevance in their migration and adoption to cloud solutions.

Furthermore, our channel providers that service the mid-market have expressed excitement around the power of our endpoint solution integrated into our cloud security platform. It is in the mid-market where securely adopting cloud applications is essential.

Now I will comment on how we plan to maintain strong sales execution while we realize the $550 million in cost efficiencies and Blue Coat synergies. As previously announced, Mike Fey has been appointed as COO and President.

Mike's organization was instrumental in leading the Blue Coat salesforce and channel and consistently meeting or beating our sales plans and taking market share. We plan to maintain our combined quota carrying sales capacity. Together, we have the largest dedicated security salesforce with deep technical strength to bring our products to market.

Combined sales capacity is substantially increased in the enterprise market. As we outlined at the acquisition announcement, we found less than expected customer overlap during our due diligence, which over the medium term offers us a meaningful cross-sale opportunity and provides tailwinds for fiscal 2018.

We are also excited about working with our many channel partners across the globe and bringing differentiated value to our joint customers. Let me touch on our plans beyond sales. The Consumer Security team will remain a standalone unit from an operational standpoint and report directly to me. The management team in this business unit is excellent.

We are pleased with the stability of the business, encouraged by the product road map. We will continue to make investments that extend the Norton value beyond the traditional PC to return this segment to growth. These include new products such as Wi-Fi privacy and home IoT.

From an Enterprise Security standpoint, during the planning process we jointly reviewed product roadmaps with respective teams. I am truly impressed with the level of game changing product leadership our development teams are pursuing. We'll be sharing many of these in the upcoming quarters.

With regards to operational integration, we have worked diligently to put an integration plan in place that is led by seasoned executives and we are on track to achieve our targets. We expect to be substantially operationally integrated by the end of our fiscal year, March 2017. Turning to Blue Coat's fiscal Q1 performance.

As many of you know, Blue Coat's historically has been a July month ending first quarter. While we are still closing our books – we do not yet have official results – I'm pleased to share that from an overall performance standpoint, that our Q1 results were ahead of expectations and we saw strong momentum across all products.

Now let's switch gears to address how our combined portfolio can help solve the biggest security problems that our customers are facing. First, the largest opportunity we see in the market is securing enterprises, governments and consumers from advanced attacks and securing our customers as they adopt the cloud.

When it comes to staying ahead of advanced threats, a key differentiator is the speed at which one can identify and mitigate malicious activity across a functionally rich set of products. Together, Symantec and Blue Coat have the broadest and deepest set of threat intelligence data in the industry, combined with the fastest threat propagation time.

Symantec for years has been focused on identifying malicious content and Blue Coat has been categorizing, mapping and fingerprinting the internet with a purview to the darkest parts of the web and malware tradecraft.

Together, Symantec with Blue Coat will have the most powerful combination of threat intelligence as well as an open platform in which to deliver and cyber defense anchored in threat intelligence.

Within the coming months, we'll have integrated many aspects of the threat intelligence including Symantec's endpoint and email solutions ecosystem with Blue Coat's intelligence network. These combined intelligence database and detection engines will allow our current products to become more robust and outperform the competition.

The capabilities of the combined portfolio work towards a world of automated discovery with an integrated advanced threat protection dashboard that identifies, correlates and remediates threats beyond what any solution is capable of today.

While we will lead with an integrated solution, on a standalone basis, we will continue to deliver best-of-breed security at the enforcement points, including the web gateway, CASB, email and endpoint, and are committed to our open platform for customers and ISVs.

For enterprises that are adopting the cloud, our combined solutions provide the best defense in depths for the cloud generation. We remain very optimistic about the progress we're making with our managed security service. This is an important offering for customers that have difficulty hiring and retaining experienced security professionals.

We're also committed to empowering our managed security service partners and committed to empowering this important sector, as service providers and SIs are important players in the migration to the cloud. The second major opportunity we see in the marketplace is protecting the mobile workforce.

The traditional IT perimeter is expanding as employees are doing more work outside the network firewall and are accessing cloud services and corporate data directly from a variety of devices.

In addition, there has been a significant rise in nontraditional internet connected devices within the enterprise, such as medical devices and industrial equipment, automobiles, office equipment and other next-generation endpoints and IoT devices. Now many of these nontraditional devices are unprotected from modern threats.

Proxies are essential in protecting these technologies in the cloud generation. This evolution in workforce computing creates gaps in the traditional security architecture, which lead to infiltration of bad actors and insider threats.

We're bringing a more secure and scalable architectural solution that combines the Symantec endpoint with the cloud generation security from Blue Coat. As a result, the Symantec endpoint will have a continuous coverage inside the perimeter or while roaming, protecting users and data.

We have already begun integration of the SEP endpoint security client with the cloud security proxy, email, DLP and CASB, which provides complete security coverage no matter where enterprise devices travel. In addition to this, our managed security service can assist our customers and partners in reducing costs related to incident response.

For example, the SEP agent will direct all outbound traffic through the Blue Coat security cloud for inspection. If a threat is found, a cloud security proxy from Blue Coat can quickly quarantine the user and remediate. We will auto-remediate via the SEP endpoint, removing substantial cost for incident response.

This remediation also includes forensic recordings for the breach and can isolate the endpoint device as well as a user's cloud based application identities via our web gateway and CASB. This sets a new bar for next generation endpoints.

This is where many next-gen endpoint vendors come up short, as they only focus on traditional means of protecting laptops, desktops and servers.

Blue Coat acquisition allows us to bring many crucial aspects of the endpoint inspection into the cloud and open the aperture to protect any type of enterprise device, its users, and the user's cloud applications. We further augment our ability to protect customers via our security analytics technology.

This technology keeps a recording of activity from an endpoint and enables advanced machine learning techniques such as behavioral analysis to identify previously undetected malware. This also allows us to improve our threat detection by true root cause analysis of the vulnerability and malware tradecraft.

This is a large market and our solution will be disruptive to alternatives. For our customers, our solutions improve cyber defense and reduce cost of remediation.

No other security provider in the market today has our unique capability of deep functionality on the endpoint combined with visibility and time to remediation capabilities inherent in our cloud security platform. We believe the work we are doing is important enough to redefine cyber defense.

The third major opportunity is helping customers securely embrace the cloud as they increase the use of cloud based applications and services. As customers access more cloud applications and leverage the cloud for their IT infrastructure, they are still responsible for securing their users and enterprise data.

We believe our cloud generation security platform uniquely delivers the ability to achieve this and enables a defense in depth via our open platform and the many security vendors and technologies that can be incorporated. This defense in depth future proofs an organization against attack vectors in years to come.

A portion of the functionality needed to protect cloud services are referred to by the industry analysts as cloud security access brokers.

We believe the market opportunity goes beyond the CASB functionality to what we consider a cloud generation security stack, which includes CASB, data protection, encryption, cloud instant response and elements of web security. Developing a cloud generation security stack requires three major components.

First, enterprises must discover, categorize, and instrument policies for cloud applications. Blue Coat's Elastica solution combined with the policies enforced at the Blue Coat proxy is a clear leader in discovering and defining these policies.

Next, enterprises must monitor and enforce how data can be moved and accessed as it migrates around the cloud. Blue Coat's web gateway and Symantec's data protection are the market leaders controlling the access and movement of data and are already integrated into many customer environments today.

Finally, enterprises will decide based on their data policy, whether to encrypt or tokenize critical information. Together, we have the leading encryption and tokenizing technology. In the market today, Symantec is the only provider that can deliver this end-to-end solution.

To assemble the same level of protection through multiple vendors will result in costly, loosely integrated security architecture, and a dependence on retaining the people that built it. Our customers are telling us that these sustainment costs and risks are a substantial problem. In conclusion, let me reiterate the following points.

We have a seasoned executive team with deep cyber security experience, as well as the operational expertise for turning around, operating and growing technology businesses at scale. The product portfolios from Symantec and Blue Coat are highly complementary and positioned well for where the market is moving.

Our solutions are defining the future of cybersecurity by securing consumers, enterprises and governments from advanced attacks, protecting the workforce of the future and helping customers embrace the cloud generation.

And I will end with that we are confident in hitting the guidance Thomas outlined earlier in his remarks and the ability to deliver our commitments for fiscal 2018. Thank you for your time. Operator, we'll now open up the call for Q&A..

And our first question comes from Brent Thill with UBS..

Good afternoon. Greg, just on the endpoint traction I was wondering if you would give us your thoughts around the new ATP solution. Clearly you have a big installed base with corporate endpoints – where you're at on that journey, what you think the next steps are and I had a quick follow-up after that..

Yes so, good question, Brent; thanks for asking. First of all I'd just like to give the team at Symantec excellent marks for delivering the ATP solution integrated with the endpoint that is in the market right now. That product is really proving to be very effective at advanced malware detection.

And the customers – as Thomas mentioned, we closed a good clip of customers in Q1 with that technology and the point that he mentioned in his remarks I think is really important, is two thirds of those customers were not at an endpoint renewal.

They bought it in advance threat needs that they had and added it to the environment that was already there. So I think that's a really good show of faith there. The roadmap on that product is excellent.

The threat database that it is sitting on is phenomenal and we are really excited about our ability to also integrate that in the network via the web gateways, both in the cloud and on premise.

We already have through our content analysis system the ability to execute that advanced threat platform as one of the choices that we give customers for how to fight those same threats as they manifest in the network.

Again, the telemetry that that platform is sitting on is we believe the deepest in the industry, taking everything from the consumer world at Norton, everything from the enterprise endpoints and very shortly everything from the Blue Coat world and applying that against all the various threat detection engines.

And we feel very good about the ability to up-sell that, both from the endpoint route to market and also from our network point of presence that also provides Advanced Threat..

And just as a follow up, Greg, you have a sizable ownership in Symantec.

Can you remind investors what the size is today?.

Yes, so there is a number of filings on it. If you sum them up, it's over $100 million that I've personally invested into Blue Coat – or Symantec..

Great. Thank you..

Next question, operator..

Our next question comes from Andrew Nowinski with Piper Jaffray..

Great, thanks for taking the question.

So I guess first, are there any specific issues or challenges that customers have asked you to solve that you couldn't solve prior to the acquisition or through a partnership?.

I think one of the key things that I've heard from our larger customers, which I think is very interesting, is just the cost of what they have to stitch together to deliver what we're up to.

If you take an endpoint and you have one that's dealing with sort of the essential needs of keeping up with antivirus, then you put some of the next generation things on it that we have in CIDS 14, and then you go and put in the integration of that to any of these SoCs, and then you stitch that up with any of the remediation technologies, you create a very expensive and fragile world that customers have said, if you can just put that together for us – we've all had to build that ourselves.

It's very expensive for us to own it, and through life sustain it, and that has been something. They've said we do believe you have an open platform we can integrate other vendors in here, Symantec. That's great.

If you can put these pieces together for us, it really delivers value that is very helpful – difficult to keep that stuff going on through all the releases and all of the folks you have to employ and retain to make it continue to work. That's been consistent feedback. We've got a great story there. That's doing well.

The other piece is really in the integration of the endpoint to the cloud. Everyone wants to adopt the cloud. We still have to protect the endpoint. People are very bullish about solving problems when desktops – you know, we're all mobile these days. Everyone has laptops; they want to carry them in and out of the office.

When that's auto-connected to the cloud, always connected to the cloud across messaging, web use, anything in your internal data centers, also all of the cloud applications, cloud infrastructure, that resonates consistently through customers, I think.

So two things, complexity of building a really advanced cyber defense, and a true life sustainment of that. The second thing is really adoption of the cloud generation, really making the endpoint work with the cloud security platform we've developed. Those are the two major things..

Got it. And then just a quick follow-up on your ATP products, specifically on the two thirds of the deals that you won that were not at a renewal stage, just can you give us any color whether those customers are buying the full suite of endpoint, e-mail and network products? Or are they just mostly focusing on your endpoint? Thanks..

So a bunch of those are actually in the e-mail, and they're adding the Advanced Threat to the e-mail dial tone, which is really a highly competitive world. Everyone tests everything there. And so when you break those two things off, we end up stopping more of the harder problems to find that the other guys are having trouble with.

We've had a great set of results in hotly contested e-mail deals. That's going very well. And we've also had of course a great attach rate to the endpoint. So in terms of the future, we think we can add this technology to a great majority of the e-mail customers as well as the endpoint..

Your next question comes from Matt Hedberg with RBC Capital Markets..

Yeah, thanks guys. Thanks for taking my questions. Greg, it sounds like Blue Coat had nice performance in your quarter ending July.

I'm curious, could you give us a little bit more color on which products saw strength?.

You know I think, yeah, good question. We saw a strong demand across the entire product set at Blue Coat and that's really encouraging.

Because we've been able to sell in line with where we used to sell some web proxies, we sell pretty much everything into those deals now, which is pulling through our encrypted traffic management, content analysis system. And in many cases, also our security analytics products all at the same time.

That's been really good news for us, really driving a lot of growth, as we have a huge installed base at the proxy and being able to attach those products to it is just continuing to do very well.

So, if you can imagine what happens after we announce a combination like we did last call, people like myself and Mike Fey and many of the other executives go to work on a bunch of other things, and the strength of the go-to-market machine and customer demand still delivered above expectations across those product lines.

And would I say even in EMEA, where there were substantial headwinds with Brexit, we saw good news, even in troubled territories..

That's great. And then, Thomas, I wanted to see if you could give us a little bit more color on the revenue contributions you're expecting for Blue Coat in Q2.

If we assume maybe around $100 million for the two month period, is that in the right neighborhood?.

That's a good guess. So we included the first two months of the Blue Coat quarter. The second quarter normally comes with the linearity that 50% of the revenue happens in the last month. And the assumption that we took 50% of that $100 million into our guidance is a good assumption..

Your next question is from Gregg Moskowitz with Cowen & Company..

Thank you very much and good afternoon.

Greg, with respect to cloud security, how are customers buying today? In other words, is it still mostly componentized? And if so, how significantly and how quickly can you help them pivot and act more holistically by buying broader solutions encompassing CASB, DLP, encryption, et cetera?.

Thanks, Gregg, good question. One of the things that is really exciting about the cloud security stack is if I just take a look at our own company, when we deployed the cloud security stack against something like Box.com, no one had to do anything. No one had to run a wire. No one had to deploy a system.

And we were up and running with a defense in depth and content inspection on a pretty substantial piece of collaboration infrastructure in a couple of days.

And that kind of time to value where you can get what used to take a lot of energy to go get all that stuff and plug it into the network, our cloud generation security platform allows you to deliver that in an extremely rapid time to value. So we're seeing a lot of that, people that are embarking on this vision in the PSCs.

It takes something like that or like an Office 365. We see those pilots go very well. And then we have a bunch of modules that then coming out onto those sales over time. So as we land in an account with a cloud generation security stack, we do see the other modules quickly get tested and get deployed.

And this is across the content inspection also, the various blades that bring the value from the CASB. So I think adoption curves are great. This is also products that we've seen come into the pipeline and close in the same quarter, opportunities that are very rapid.

So we are very optimistic about what we think we can do in the cloud generation security stack going forward. When that is something that is connected to the endpoint, we're even more optimistic that that is extremely powerful. So we like this a lot.

Does that help any?.

Very helpful, Greg, thanks. And then just a follow-up, if I could, for Thomas.

On the restructuring front, is the plan still for a little more than half of the cost to hit cash flow in fiscal 2017 with the balance in 2018? And then also if you had any other thoughts to share with us on fiscal 2018 cash flow relating to your net income just as part of the $1.70 to $1.80 guidance, that would be helpful..

Yes, all good questions. So first of all, we are quite pleased that we not only completed the acquisition successfully, but also quickly, and have now an early start lifting the synergies. The assumptions on the restructuring costs and how they appear, our thoughts have not changed. 50% in this fiscal year is a good assumption at this point.

And we have deployed good operational plans. We have a confident executive team in place working on those plans, so our confidence in delivering the EPS of between $1.70 and $1.80 in fiscal year 2018 is strong..

Great thank you..

Your next question comes from Keith Weiss with Morgan Stanley..

Excellent. Thank you for taking the question. I want to talk a little bit about sort of timelines and plans on some of the integration on a go-forward basis. You talked about, in terms of sales, keeping your raw sales capacity on the enterprise side for both Blue Coat and Symantec intact.

What exactly will they be selling? Will it be one salesforce selling across the portfolio for Enterprise Security products, or will the guys be in their own lanes for a while? Can you help us understand how the sales capacity extends across the entire portfolio?.

Yeah, no, exactly. So, a couple of things are really good tailwinds for us as we bring the two salesforces together. First of all, Symantec had a pretty strong presence in the mid-market; Blue Coat was primarily focused on the higher end of the enterprise.

So if we sort of take the salesforce component that dealt with named account selling at the higher end of the enterprise, the combination of the two salesforces is actually very complementary. So we were, on the Blue Coat side, looking for a bunch of capacity expansion anyway because we had really strong demand.

And we have enough of that demand that as we look towards 2018, we do not need to make any reductions in that sales capacity. And also, so in between now and us assigning all of those territories, we came up with a compensation model.

And we have really invested in making sure that we can compensate both account reps that are calling on the same account in a way that keeps their interests aligned and if there was a Blue Coat sale, someone at Symantec gets some. If there was a Symantec sale, someone at Blue Coat gets some.

And if there was a new sale the new thing that wasn't in there before, everyone wins in a bigger way.

So we put a ton of work in the last number of months in how we would do that, and really taken that all the way down and pressure testing that in the big territories that matter like around the Eastern Seaboard of the US where you can have a large bank that's carrying a big chunk of commission and making sure that that's going to work with those folks and even getting right through to talking to them all about it.

So we are way down range on that discussion and have made those things clear in our organization and we feel really good, Keith, about how that's going to go. In the mid-market, Symantec already had a strong presence and we didn't at Blue Coat, so that's an easy one.

That's a great piece of the puzzle that is just getting a better solution to go into those partners and customers in the mid-market. So net-net, I think we're pretty good at this topic on both the Symantec and Blue Coat side.

How to think about it is we just increased our sales capacity and we have enough demand that we do believe we have makeable plans for all of the selling teams across the territories, And we feel really good about that.

The cross-sell and up-sell opportunity we think once that sales force is ramped and both sides can sell a lot of the other's products, that we should see some nice tailwinds in 2018 as that becomes productive. So we feel really good about the top line six to nine months from now as that really starts to fire.

And the other piece I think is also really key is that many of the Blue Coat salesforce which we grew substantially over the last couple of years has sold endpoint and has sold the other like solutions that Symantec has, such as DLP and things like that.

And the Blue Coat salesforce is excellent at selling DLP because their ProxySG orchestrates most of the enterprise DLP in the market anyway. So we feel really good about the two really big market leading Symantec endpoint and DLP products and those being able to be executed by the named account reps on the Blue Coat side.

We're optimistic about having some good calls with you throughout 2018..

Got it. And then, maybe one for Thomas on the debt side of the equation. You talked about wanting to pay down that debt relatively aggressively.

Anything you can give in terms of how to think about the timeline and how that debt gets paid down?.

Yeah, what we said before is that we try to deliver aggressively over the midterm with both cash on hand as well as cash that is already on the balance sheet. I think that is a good way how to think about that..

Okay. Thank you..

Our next question comes from the line of John DiFucci with Jefferies..

Thank you. I have a question for Thomas and a follow-up for Greg. Thomas, the question is on the consumer business. You've spoken of a recovery based on the good visibility you have especially with your subscription model. That doesn't really seem to be happening here.

Yes, you did hit the low end of your guidance range but I guess, what is happening there? Why aren't we seeing it improve a little bit better than, at least I guess I would have thought?.

Yeah, it's a fair question. But to be very honest, the Norton business came in right in line in expectations that we had where it would come out, maybe at the low end of our guidance but still within the guidance. There's some in-quarter revenue components that can fluctuate and that hit us this quarter.

But overall, we are still on the plan that we outlined and that's why we also affirmed our thoughts around top line for the remainder of the year. So I understand that your question, why is the low end, but we are still in line with our expectations, how this business is recovering and moving forward..

Okay. Okay, thanks. And Greg I guess a follow-up, I'm going to stick with consumer. I had a couple, but I'll just stick with this one because we're on it. We've heard of talk about strategic synergies with the remaining parts of the security platform with the consumer business.

I guess at this point, and how do you think of that? I mean is that something that is just very, very compelling right now, and consumer just adds a ton of value to the rest of the business? Realizing consumer adds a lot of profit to the company and I think investors like that but it's always – you know, there's certainly a lot of secular pressure there..

Yeah so, John, that's something that you can imagine I've got my eye on close. And I really like the differentiation we get from other enterprise security vendors, in that we're actually getting threat telemetry from a completely consumer and a completely sort of private web experience which really shows up a lot of shady parts of the Internet.

So, let's sort of say that's really goodness that really helps us out. And the reason why some of our enterprise endpoints and why we are much better in effectiveness tests is we know a lot about what the bad guys are doing and a lot of that information comes from people that browse things at home. So we like that.

So, and then we say okay, this is a big piece of our business and we would like it to grow. Just like you would imagine, we would like it to grow.

So in our comments before, we're really extending what we're doing in the consumer brand to get more value than just on the endpoint and really start to look at the network and the use of the Internet by the consumer.

And we are already – we're working on a bunch of things that are really going out to really excite consumers more about wanting to make a decision around Norton for their consumer security needs because it's more than just the PC. So getting off that PC platform is important.

We actually know a lot about it because we've been working with telecom providers for many years at Blue Coat and we know technologies we have and our quality of service, and being able to do things like measure screen time and we've already been in content control for a long time.

And so we actually really want to extend the value of Norton off the PC platform, off the other kind of just sort of technical endpoints more into of what that user is doing and helping them with some of the new challenges that they have in the Internet.

So, you'll be hearing more from us over time, but we definitely have technology in this space and we have the networking cred to get in and help out on that part of the story for consumers. What we're doing in Wi-Fi and some of the home IoT is also impressive. And so, John, we don't want to sit around and watch an outgoing tide on the PC platform.

Really, we want to address that part of the business also..

And appreciate that, but the – and the telemetrics that you spoke about, that's very logical, right, theoretically. But do you actually get – have you seen any measured success that translates into the corporate side of the business from that? And then I'll stop there..

Yeah, absolutely. We do a lot of work internally on attribution of where these platforms and this sort of malware tradecraft that I mentioned in my prior remarks – where it comes from.

We learn so much about it from what happens in consumer, because people will warm stuff up on consumers rather than warm it up on somebody with a really big security infrastructure. Also, people want to beat there and walk it back into the enterprise. There is a big tie-up between how this stuff works, and in many cases it's the same criminals.

So we get a lot there, John, from consumer that benefits enterprise, definitely, and that telemetry is for real. It matters..

Our next question comes from Shaul Eyal with Oppenheimer..

Hey guys, I think we have time for one more question, just before you start, Shaul. Okay? Go ahead..

Sure, thank you. Hi, and good afternoon guys. Greg, so endpoint undoubtedly taking center stage. What is it you guys are doing differently versus the Silent's, the SentinelOne, the Palo Alto's? What is it you're doing differently, because these guys are going to go after your vast customer base.

What are you offering? What is it that you're telling your customers which is different from the competition?.

Yeah, so I think this is a great question.

So first of all, when we talk about a next-gen endpoint and we actually think about what's going on on the platform, we're seriously competitive against all of the other folks that are there right now – things like flight recorders, things like being able to have behavioral analysis, machine learning algorithms.

They all exist and serious tech in terms of very experienced people that are working on them here at Symantec. I'd say if I was going to give us a ding on something, I'd say we don't talk about it enough. But we have a very powerful platform, and the latest release of SEP, it has – just very competitive against the next-gen endpoints.

And we've been able to win with that next-gen endpoint integrated with the ATP stuff we were just talking about. We've been taking out some of those guys who market well into that next-gen endpoint, and some of them have some good tech and they're good competitors.

But I tell you we have a very good competitive offering just head to head on modern techniques, what they call modern techniques, which means the old techniques. I can tell you the old techniques are all seriously still needed. Modern techniques are also useful.

And there will always be the next modern techniques because the bad guys are smart and they change the way they do things. But being able to defend against what are the most advanced, advanced threats today, we do well in that space. And we do have a good platform there. We don't market it as well as we should. We will change that.

And in addition to that, the number of technologists that are very good at what they do that we are investing in this space is substantial, and we will continue to do that. And we will grow that. And we are after the best and brightest all the time in the industry to do that.

One of the things of my reputation, in every company I've ever been involved with I've gone after the best experts and retained the best ones we have and getting more. And we are setting our crosshairs on this ownership of this next-gen endpoint.

So then we move to, what are we doing that the other guys aren't doing, and that the other guys will have a big problem doing. It's very difficult to think about protection of users when you don't think about protection of those users in the SaaS applications that they are using.

When the applications used to be all inside the data center, you could isolate an endpoint and protect that identity and the associated data. Half of those applications left the building.

If you can't isolate the user's identity in the cloud applications, and to do that you need logic like a CASB, it's difficult to really go into a company and say, I've isolated Greg.

Did I really get Greg isolated at salesforce.com, at ServiceNow? Did I get his NetSuite stuff locked out? What about all that renewal database over there at ServiceNow, whatever it happens to be? So we are right now the only next-gen endpoint vendor that can address the isolation of the user.

And then if you really want to get into the bowels of it, if we start talking about multi-phased attacks, the network assist that we give our endpoint in multi-phase attacks, then being able to vaccinate those from the messaging layer, from the web dial tone, we feel really good about competing against the endpoint vendor.

And then the final point I'd like to make, is when you move to the cloud you don't get to pick your next-gen firewall. When you're not picking your next-gen firewall, the tie out between the next-gen firewall and the advanced endpoint breaks.

So we feel really good about our cloud platform connected to the Symantec next-gen endpoint and our ability to really change the game on the next-gen endpoint. So we will really work hard to make sure the industry understands what I was just talking about. There's a lot there.

And that that architecture and our ability to execute it and deliver it is well understood. And I feel pretty good about our ability to stem the tide of what I'd say had been maybe a better execution from Symantec that would have taken some of the tailwind out of some of the next gen-endpoint folks..

Talking about the -- sorry..

One more point, which is one of the most important points. We have a very strong balance sheet. And this next-gen endpoint party is going to go on for a long time. And we're going to be there, and we're going to be there with a strong investment all the way through it. And I'm not so sure that's the case in many of the others.

So that's hopefully helpful..

Okay guys, I think that's it. I think we're running out of time. But I'd just like to thank all of you for taking some time to talk to us today and your support of Symantec. Thank you very much..

Thank you..

Thank you for your participation. This does conclude today's conference call and you may now disconnect..