Jonathan Doros - Symantec Corp. Gregory S. Clark - Symantec Corp. Thomas J. Seifert - Symantec Corp..

Andrew James Nowinski - Piper Jaffray & Co. Shaul Eyal - Oppenheimer & Co., Inc. (Broker) Matthew George Hedberg - RBC Capital Markets LLC Sarah Hindlian - Macquarie Capital (USA), Inc. John DiFucci - Jefferies LLC Brent Thill - UBS Securities LLC Keith Eric Weiss - Morgan Stanley & Co. LLC Walter H. Pritchard - Citigroup Global Markets, Inc. (Broker).

Good afternoon. My name is Ian and I will be your conference operator today. At this time, I'd like to welcome everyone to the Fiscal Second Quarter 2016 Earnings Call. At this time, I will now turn the call over to Mr. Jonathan Doros, Head of Investor Relations..

Good afternoon and thank you for joining our call to discuss our second quarter fiscal year 2017 earnings results. We've posted the earnings materials and prepared remarks to our Investor Relation events webpage. Speakers on today's call are Greg Clark, Symantec CEO and Thomas Seifert, Executive Vice President and CFO.

This is a live call that will be available for replay via webcast on our website. I'd like to remind everyone that all references to financial metrics are non-GAAP unless otherwise stated. We provide year-over-year constant currency growth rates in our prepared remarks for revenue. All non-GAAP revenue and expenses exclude the impact of Veritas.

However the continuing operations deferred revenue on the balance sheet includes a portion of Veritas deferred revenue from Symantec and Veritas bundled contracts entered in to prior to operational separation. The Veritas deferred revenue from those contracts will amortize into discontinued operations.

As a result, implied billings growth calculated from the change in deferred on the balance sheet will not be representative of standalone Symantec's performance, as it will include an impact from Veritas.

Please note, non-GAAP financial measures referenced during this call are reconciled to their comparable GAAP financial measure in the press release and supplemental materials posted on our website. Today's call contains forward-looking statements based on the environment as we currently see it.

Those statements are based on current beliefs, assumptions and expectations, speak only as of the current date and as such involve risk and uncertainties that may cause actual results to differ materially from our current expectations. Please refer to the cautionary statement in our press release for more information.

You will also find a detailed discussion about our risk factors in our filings with the SEC and in particular on Form 10-K for the year ended April 1, 2016. And now I'd like to introduce our CEO, Greg Clark. Go ahead, Greg..

Thank you for joining us today. We were pleased with our performance during the second quarter as our results exceeded our guidance across all metrics. Our cost savings and synergy initiatives are tracking ahead of schedule. Within the first 10 weeks of closing Blue Coat, we've made multiple meaningful product improvements and integrations.

The feedback on our product roadmap from customers, partners and third-party influences has been overwhelmingly positive. Product integrations are already having a significant impact on our ability to better protect customers and further validates the rationale and power of our combination.

In my prepared remarks today, I will review some of the key product integrations, highlight the exciting innovation underway within Symantec, discuss some market validation in our enterprise segment and review our Consumer Security business.

Protecting customers in the cloud generation against a multi-faceted adversary requires an integrated cyber defense platform. Symantec is best positioned in the cloud generation as one of the only vendors to deliver cyber defense solutions across users, information, web and messaging.

In support of that effort, I'd like to discuss significant advancements delivered since closing the Blue Coat acquisition on August 1. First, I'm particularly proud of the value we are providing our existing customers by integrating artificial intelligence with two of the largest threat databases in the world.

This integration has improved our existing products, which are now blocking an additional 500,000 attacks per day across the endpoint and network. In a press release last week we provided the market with insight into two attack campaigns that had we not innovated in this way, may have remained hidden.

The first of the campaigns is a cyber espionage group called Buckeye, which targeted Hong Kong political organizations leading up to the elections. And second, we discovered a campaign impacting approximately 100 financial institutions worldwide, stealing millions of dollars across various methods, including the SWIFT wire transfer system.

These examples of detections were made possible due to the power of integrating endpoint, email and network threat telemetry. Moving on, we just completed a major integration of DLP and CASB, which combines the gold standard in data protection with the leading edge CASB solution provided by the Blue Coat acquisition.

This integration extends DLP's advanced artificial intelligence-based content detection to cloud applications for shadow IT analysis, granular visibility, encryption and access controls. Further innovation on the CASB solution occurred from integrating Symantec's authentication solution.

This integration allows any sensitive transaction within cloud apps to call for a second factor authentication, eliminating key loggers and password-based hacks. For example, any company that places sensitive data inside of cloud applications can easily apply strong authentication to both users and data.

This offering differentiates itself and it requires no on-premise solution. It's a pure cloud security technology enabling our customers to securely adopt cloud technology without delay from internal IT.

Finally, two of our largest product lines, SEP and ProxySG, have been integrated to ensure advanced malware protection is coordinated between endpoint and network. This integration nearly eliminates the dwell time between detection and containment, thus limiting damaging propagation of zero-day infections. Now turning to the market.

Part of the industrial logic of combining Symantec and Blue Coat was the immense cross-sell and up-sell opportunity. Let me provide two customer wins during the quarter that demonstrate our teams working together to close highly competitive cross-sell transactions for meaningful outcomes.

First, a large healthcare company, an existing Symantec DLP customer, had a multi-vendor environment in the network that was in search of a partner that could help them embrace the cloud and simplify their infrastructure.

The value proposition of integration between the secure gateway and DLP, along with our vision for an integrated cyber defense resulted in the customer making a multi-million dollar purchase of Symantec's network and cloud solutions.

In another example, one of the world's largest departments of education, upon realizing the strategic nature of Symantec in its goal of delivering cloud-based learning, made a sizable commitment to the integrated stack, which included Symantec's network and endpoint technologies.

Shifting back to R&D and the product side of the business, let me now discuss the organic innovation that is thriving across Symantec. Just a few days ago, we launched SEP 14, which is the most complete next-generation endpoint security solution available in the market.

From a single lightweight agent, SEP 14 combines traditional and next-generation functionality such as machine learning, zero-day exploit prevention and emulation. For the first time, these next-generation capabilities are available in one scalable enterprise platform.

I'm also proud to share that based on recent third-party tests, SEP provides the best security in the industry beating competitors and blocking real-world threats and minimizing false positives. Along with SEP 14, last quarter we launched SEP Cloud, which is a fully cloud delivered version of Symantec endpoint protection.

We now stand as the only company with endpoint, gateway, email, DLP, CASB and encryption solutions for the cloud. Let me switch gears to our Consumer business. Our Norton solutions deliver secure Internet safety for consumers and their families as they transact and communicate across the web, whether on a desktop, laptop or mobile device.

Not only do our combined threat intelligence databases improve our Enterprise Security products, but they also significantly improve our Consumer Security solutions by adding Blue Coat's best-of-breed URL data set into the Norton threat prevention engines.

During the second quarter, the traditional Consumer Security business continued to stabilize with slower declines and improving retention rates both year-over-year and sequentially.

We have now fully repositioned the solution to a subscription offering and are focused on acquiring new customers, while improving renewal rates and cross-selling new solutions in order to maximize customer lifetime value.

Accordingly, although in its early stages, we are very pleased with the growth in mobile and the strong interest from service providers. We are extending the Norton value proposition well beyond the PC platform and look forward to some exciting product launches in the near future.

We believe the market opportunity for protecting consumers is larger than what our current consumer products address today. As we move to further penetrate these opportunities, we expect the Consumer Security business to improve its growth trajectory as we move beyond the PC. In conclusion, we are very pleased with the second quarter results.

The Blue Coat integration is going very well. The fiscal responsibility and cost savings commitment remains on track. Innovation is alive and prospering at Symantec. We acknowledge the strong results in Q2, however we believe it is prudent to maintain our fiscal 2017 top line guidance for the year.

Given the overachievement in Q2, we are raising our full year fiscal 2017 operating margin and EPS expectations accordingly. In addition, we are reaffirming our fiscal year 2018 EPS guidance from $1.70 to $1.80, despite a headwind of approximately $0.10 from a higher share count.

Finally, today we announced that Thomas Seifert has decided to step down as CFO at the end of the month. Thomas has been a tremendous asset to Symantec and an integral part of establishing our solid financial foundation.

As CFO, Thomas led a number of key strategic initiatives for the company, including the acquisition of Blue Coat, the $7 billion divestiture of Veritas, and the implementation of Symantec's $5.5 billion capital return program and the execution of our $400 million cost efficiency initiative.

As we prepare for this transition, we're fortunate to have such an incredible finance leader as Nick Noviello, who will succeed Thomas as Symantec's CFO. I've had the pleasure of working with Nick both at Blue Coat where he served as CFO, and throughout the integration process here at Symantec, and I've been continually impressed by his leadership.

In addition to his technology background and leadership experience, Nick brings an acute understanding and appreciation for Symantec's outstanding people and the critical threat protection we provide to our customers in today's increasingly complex security landscape.

I'm confident he'll be an excellent CFO for Symantec during our next phase of growth. To ensure a smooth transition, Thomas will work closely with Nick on the transfer of responsibilities, which will occur on December 1. Thomas will remain with us in an advisory role until March 2017.

While Thomas' departure is bittersweet, we all congratulate him on his many successes as Symantec's CFO and wish him the very best in his next chapter. I will now turn the call to Thomas to provide additional financial details and outlook..

Thank you, Greg, for the kind words. And good afternoon, everyone. It's been an honor to serve as Symantec's CFO during such a pivotal time in the company's history. I joined Symantec in order to lay the groundwork for our strategic and financial transformation. And I'm proud of the incredible progress we have made over the past two and a half years.

Symantec is now the leading pure play cyber security company and in a strong financial position, and this is the right time for me to take on my next challenge. I'm confident Nick will be a strong CFO for the company and echo Greg's sentiment.

I look forward to continuing to work with them over the next month and in an advisory role for the company until March of next year. Before I move to our second quarter results, I want to express my gratitude for the support of our board, our executive team and, of course, my finance team.

I look forward to maintaining our strong momentum throughout the transition process. Now turning to our results. Today I will provide an overview of our second quarter results, update on our $500 million cost efficiencies and Blue Coat integration synergies and conclude with our financial outlook.

Additional details are provided in our CFO commentary, which is available on our Investor Relations website. Our second quarter non-GAAP revenue was $1.015 billion, $25 million above the high end of our guided range of $960 million to $990 million, driven across both Consumer and Enterprise Security.

Non-GAAP operating margin for the second quarter was 29.2% and 520 basis points above the high end of our guided range of 21% to 24%. The upside was driven by top-line leverage and faster than expected realization of cost savings. Fully diluted earnings per share was $0.30 and above our guidance of $0.18 to $0.21.

Our fully diluted share count of 644 million was above our expectations of 640 million, due to higher than expected dilution from our convertible debt related to the increase in the share price. Cash flow from operations during the quarter was $55 million and included $45 million in cash outflows related to restructuring and separation.

Let me now provide further detail on our performance by segment. Enterprise Security revenue, which includes two months' contribution from Blue Coat following the closing on August 1, was $610 million and increased 24% year-over-year, which exceeded the high end of our guidance of up 14% to 20%. Enterprise Security operating margin was 12%.

Within Enterprise Security, both organic revenue performance and revenue from Blue Coat exceeded our expectations. Endpoint security grew in low-single digits and user authentication grew double-digit. Cyber security services had another solid quarter, growing in the high-single digits. Website security continues to grow in low-single digits.

And for the two months' period, Blue Coat contributed $124 million compared to our estimate of $100 million. We were pleased with the sales execution from the Symantec sales force given the shorter than normal close period for Blue Coat products. Now on to the Norton Consumer Security segment.

Consumer Security revenue was down 5%, an improvement from our guidance of down 7%, and Consumer operating margin was 55%. Let me now review some additional performance metrics for the business. Our renewal metrics continue to improve as we benefit from the shift to subscription and a focus on acquiring new customers.

At the end of the September quarter, we reached the international one year anniversary of the shift to subscription. In regards to mobile, we are seeing good momentum, with total active mobile users up 56% year over year. This momentum is encouraging, as it takes us beyond the PC form factor.

We also had over 1 million downloads of our 30-day free trial of mobile WiFi privacy app and plan to launch a multi-device version next year. However, WiFi privacy is still not material to our Consumer revenue. Turning to the balance sheet and capital allocation.

We have $5.6 billion in cash and short-term investments and $7.2 billion in total debt including $1.75 billion of convertible notes. We continue to expect to delever our balance sheet over the medium term. Our previous $1 billion ASR completed today on November 3. And lastly, we remain committed to maintaining our regular quarterly dividend.

Turning to the $550 million cost savings initiative and the Blue Coat integration synergies. As of the end of September on a run-rate basis, we have recognized just over $100 million of cost savings and synergies, mainly across the areas of procurement and organizational effectiveness, while maintaining a strong investment in our products and R&D.

For example, the procurement work stream contributed more than $65 million total run-rate by optimizing our supplier network.

We are on track for more than $200 million of run rate net cost efficiencies exiting fiscal year 2017 and continue to expect to meet our goal of $550 million of net cost efficiencies and integration synergies by the end of fiscal year 2018. Now I will provide our updated financial outlook. We are encouraged by our Q2 top line results.

However, as Greg indicated, we believe it's prudent to maintain our full year 2017 revenue guidance at this time. The integration of our offerings is resulting in more cross-selling of permanent licensed product with the subscription products, resulting in increased ratable revenue recognition.

As a result, we continue to expect fiscal 2017 revenue to be up 11% to 13% to $4.040 billion to $4.120 billion. From a cost perspective, we are tracking ahead of schedule on our cost efficiency and synergies initiatives. Due to lower expenses in Q2, we now expect our fiscal 2017 operating margin to be 27% to 29%, up from 26% to 28%.

With respect to fiscal 2017 EPS guidance, we are benefiting from the $0.10 EPS upside from second quarter, however that increase is partially offset by changes in our full year fully diluted share count between previous guidance and our current forecast.

Our prior guidance for fully diluted shares outstanding for fiscal 2017 was 616 million shares and our current guidance is now 640 million shares.

The difference in fully diluted shares outstanding is partially due to an additional 9 million shares of dilution from the convertible debt due to the increase in share price to approximately $25 from $21 at the time of previous guidance. You can find tables on the Investor Relations site related to the convertible debt dilution.

The remaining difference is primarily related to the timing of share repurchases across the remainder of fiscal 2017. We continue to evaluate the method and timing of future share repurchases. Assuming our current forecast of a fully diluted average share count of 640 million, we are increasing our EPS guidance by $0.04 to $1.12 to $1.18.

For the fiscal third quarter, we expect our non-GAAP revenue to be up 15% to 18% in constant currency to $1.070 billion to $1.090 billion We expect Enterprise Security to be up 34% to 37% in constant currency to $675 million to $690 million. We expect Consumer revenue to be down approximately 6% to $395 million to $400 million.

And we expect an operating margin of 27% to 28%. We expect non-GAAP EPS of $0.27 to $0.29, with a tax rate of 29% and fully diluted average share count of just over 650 million shares. As Greg stated, for fiscal 2018, we continue to expect $1.70 to $1.80 in EPS, despite a headwind of $0.10 from a higher share count.

We continue to expect a non-GAAP operating margin of 30% as we enter fiscal 2018. Thank you..

All right, operator, please open the call for questions..

Certainly. Our first question is from the line of Andrew Nowinski..

Okay. Thanks. Thomas, just want to start off by saying it's been a pleasure working with you. I thought you did a great job navigating the acquisitions and the spinoff and the cost cutting initiatives..

Thank you..

All right, so first question, I guess Blue Coat has been integrated now. It's essentially complete, and you've got a comprehensive security platform covering network, endpoint and email, which is similar to a few other vendors like Palo Alto and Check Point.

I guess, can you give us your high level views on how you'll differentiate from those other platforms?.

Yes, I think that's a good question, Andrew. There is a substantial number of differences. One is that the threat telemetry that is sitting behind the Symantec threat platform is gargantuan.

It comes from well over 100 million endpoints that are in production across the consumer threat telemetry as well in the enterprise, in addition to 15,000 Internet egresses coming in from the Blue Coat network points. That gives us telemetry and some of the examples that I mentioned earlier in the call.

It gives us telemetry into things that we believe we are unique in our ability to detect cyber problems from that.

In addition to that, I'd like to point out that for cloud generation, you can get the Symantec threat platform and a pure cloud instantiation, which means if you are a company that is using a bunch of cloud applications that are out there, whether it be Salesforce.com, SuccessFactors, all the things we know, that you can instantiate the cyber defense for the users that are using that, the data that's in it and get that without even purchasing an appliance or running a wire.

And that's really differentiated between what you could get from the vendors that you mentioned. And so we really also have spent a ton of time in making sure that we keep the platform open.

Our customers do rely on best-of-breed products and being able to integrate those into the Symantec integrated cyber defense platform is a huge competitive advantage. And so that's something we're committed to with our ISV partners as well..

Okay got it. And then digging in a little deeper on the products side, I saw the integration of DLP with your CASB is now complete.

Can you just give us any color on the proprietary advantages that that product will have over the competition and why others can't replicate that?.

Yeah, that's a good question. Our CASB has a piece of it called Content IQ, which goes out into the cloud properties that an organization is using in shadow IT, and using machine learning techniques, can actually detect the data that is inside of the cloud applications that may have compliance problems.

We then use the data protection technology from the Symantec side to go after those problems and cure them so that that data can be allowed to still be in the cloud but be protected in a way where you don't have risk of compliance problems or other data loss.

In addition to that, we have integrated the CASB technology with the product called VIP, which allows us to add a second factor of authentication to the cloud properties.

And what that means is if you are logging into Salesforce.com and you're worried about making sure that it's Greg logging into Salesforce.com, I have a second factor application on my phone or a fob that I use and plugged into my computer, and then it adds that factor of authentication to all of those cloud applications without the organization's IT having to do anything.

This is extremely powerful as a lot of the password and key loggers breaches that happen across these technologies is solved by that problem. So we've integrated those two things.

And I'd just like to point out that that and the threat telemetry integration that we've been talking about, we closed the acquisition on August 1, and our engineering teams are working together extremely well. We've got some rapid delivery there and real proof points in the market..

Okay..

Thank you. Next question..

And our next question is from the line of Shaul Eyal..

Thank you. Hi, good afternoon, guys. Congrats in the upside to quarterly results. Let me also extend best wishes to Thomas going forward, was a pleasure working with you..

Thanks..

So I want to start and ask on the endpoint front, what's the early feedback you are hearing from customers on Symantec Endpoint 14? An in what way is it differentiated from a next-generation provider say like a Cylance, some of the other players out there?.

So that's a very good question. So we've been working very hard on SEP 14. It's a real major advancement for us over here at Symantec. We have tested it with over 400 beta customers that are using it already. And we announced a GA for it this week.

It contains the advanced machine learning and behavioral analysis technology that you hear about from what the market calls nex-gen endpoint or signature list endpoint technology.

So we have definitely delivered all of the defenses that work on zero-day attacks and signature list things, the machine learning behavioral analysis, reputational detection technology. So we believe that we have now leapfrogged the current advanced endpoint competition.

And one of the major advantages of ours is ours has a very low false positive rate in the space and think of it as converged endpoint that includes all of the stuff that you need from traditional endpoints with the next-generation capabilities. And we really have dramatically reduced the footprint size, bandwidth usage, and we're very optimistic.

Feedback on the initial use of SEP 14 is extremely positive. So we think that this will definitely have a major impact in the market..

Got it. Got it. And just as a follow up, so also encouraging upside to the Consumer division results.

Can you talk to us about some of the trends you're seeing on that front? What's driving the upside? Is it the shift to subscription, the turning on of auto renewals, progress with telcos, moderating PC declines or just all of the above? Or any unique reason behind the positive result?.

So that's a very good question. So it is a mix of all of the above. We actually have performed extremely well in our consumer sector. We have finished the transition to a subscription and auto renewal framework in the Norton business. This has definitely helped with the traction.

In addition to that, we have a very strong set of results coming in from some of the new offerings. In the last 30 days, we brought out our Wi-Fi protection for mobile users. That has seen a substantial uptake and great feedback from that.

In addition to that, our mobile platforms, as Thomas mentioned in his remarks, have been growing at strong double-digit period compares on units. We've seen the service provider market really start to produce some fantastic deployments of the mobile side of what we're doing.

So those are a couple of proof points where we're executing well in the PC space. Again, we won the Editor's Choice for the most effective malware protection on the PC again, and the auto renewals is helping. The move to subscription is helping. So we feel good about maintaining our position in there.

And then moving to markets that are off the PC, we have some exciting pure mobile endpoint growth and also we have some things that we'll be launching in the future that will continue to move us into addressable markets that are off the PC value proposition.

So we feel good about our future prospects on the Consumer side and the value that we're bringing. As many of us are aware, there is plenty of malware on mobile and there is plenty of malware on Apple platforms, and so we feel good about the future of our Consumer business..

And our next question is from the line of Matt Hedberg..

Yeah, thanks, guys. Thomas, I'll offer my congrats as well. It was certainly great working with you over the years, and best of luck on your next endeavor. Greg, I think it was actually maybe in Thomas' prepared remarks, talking about a change in the product mix in conjunction with the integration.

I'm wondering if you could you expand on that a little bit more? What are you seeing in the pipeline and how might this impact revenue going forward?.

Yes, very good question, Matt. Thanks for asking it. We've brought together two of the broadest portfolios in security software and we're going to package our products in the manner in which our customers want to buy it.

If you think about what we would do walking into a large enterprise, we would offer with the combination of products, different bundles and different packagings of our products. When we do that, this could result in less upfront revenue recognition and, therefore, we're being conservative in our guidance..

Okay. That's great. And then maybe one more on the Consumer side. I'm wondering if you can just give us an update on some of the consumer telco deals. I think you started in India, Germany, maybe Japan.

And any thoughts about rolling that program out to other geos?.

Yeah, so we've had great results with our mobile defense platforms in some of the markets that you mentioned. India is a particular standout. We also have, I would say, outstanding interest in our capabilities for most of the world's Tier 1 service providers.

What we've seen I think this year with all of the wallets and easy to charge on peoples mobile platforms, we've seen malware showing up there in significant quantities. And I think Symantec is very focused on protecting our customers in this area. And service providers are definitely very interested in it.

We will be addressing that route to market in a much more aggressive way in the coming quarters. Early results are very promising..

And our next question is from the line of Sarah Hindlian..

Hi. Thank you so much. Congratulations on your first quarter, Greg. And, Thomas, thank you for all the help you provided us. We really appreciate it. I had a couple questions for you, Greg. One of the things we've been focused on is the partner ecosystem, given how important it is to the business.

So we'd appreciate hearing from you a little bit about how partners are reacting to the integration, and what opportunities you're seeing there to potentially drive revenues to the partners.

And then second, how are you thinking about protecting IoT in light of all these recent (34:16) denial of service attacks? Do you think consumers are going to start to protect their IoT and where do you see yourself playing into that market?.

Yes, they're two very good questions. Sarah. So let me start off with the partner one, yeah, we are very focused on maintaining our strong relationship with the channel.

I think myself and Mike Fey have great reputations as taking care of what is that very large, extended sales force we have around the world at the Tier 2 VAR and also in the excellent Tier 1 value added distributors that we use. Nothing is going to change there.

And we had an excellent partner conference earlier this month where we recommitted to the channel. I think we have a good trusted relationship there and right now we're doing the same thing in APAC and also in EMEA this week.

So we feel good about our relevance to the VARs and resellers out in the world, whether it be in the small/medium-size business, the mid-market, or in the enterprise. And we continue to be a substantial element of the economics in the channel.

We are the largest pure play security vendor and the combination between Blue Coat and Symantec really does make this a very meaningful part of the channel economics. And I think without very strong middle-market story – we released a product in the last quarter which was called SEP Cloud.

That is extremely powerful for that middle-market, SMB part of the world, and we feel good about that. And we think we continue to deliver market relevance to the part of the market where those VARs and resellers are essential, which we think will drive up interest in continuing to do business with them and more revenue for both them and us.

Moving on to your next question, which was about the IoT situation. IoT is, as we saw a couple of Fridays ago when some of the DNS and the Internet stopped working and had significant knock on effects.

It's a wake-up call for the power of when you bring a bunch of unmanned devices to the Internet and don't protect them properly, that creates a weapon that can be quite difficult. We are coming after that from two points.

One, we do have some solid technology that will be coming out through our Norton brand to help protect that from the actual consumer electronic devices in the home.

And we're also working hard to be able to bring some network protection to this world also and be able to use some of our behavioral analysis technologies to realize some these things are not doing what they're supposed to be doing.

So this is an area that will be a long battle between the adversaries in the industry as people weaponize IoT and consumer electronics. We believe we are an essential technology in the fight against that, and it will take governments and consumer electronics manufacturers and security vendors to sort it out.

I'd also like to point out in terms of securing IoT and being able to build secure infrastructure, we are a market leader in the tools that you need to do that, with our Managed PKI, our code signing technologies and what we do in that part of the fabric of the Symantec portfolio.

So in terms of relevant vendors to come after this IoT problem, we are definitely one of them, and we think that will lead to tailwinds for us as that becomes more of essential and potentially even policy mandates from governments about it. So good question, big problem, and we're definitely working on it..

And our next question is from the line of John DiFucci..

Thank you. I have a question, Greg, about the Consumer business. Can you just sort of give a refresh on how you think about this strategically? On one hand, it's a really high margin business, but on the other hand we've seen this, continual revenue declines for some time here.

Is this something where you're going to focus on? I know you talked a little bit about trying to turn that business in some way, but if you do that, is it going to have a material effect on profitability if you really start to invest there?.

Yeah, so it's a really good question, John. And I think this is something that we work on a lot because we have a strategy that we believe can turn it around and return it to growth. And that strategy is really anchored in moving the value proposition that we have from PC malware to a larger super set of PC malware, which is really Internet safety.

The consumer is really interested in safety while using the Internet, safety for the family, a piece of which is the malware on the endpoint. So we are going after all endpoints, whether it be Apple endpoints, mobile telephone devices, tablets and PCs.

And we're also going after other value propositions that a consumer, when they're using the Internet, considers necessary. And we have some announcements coming out on that soon.

I won't announce them on this call, but we are definitely working hard on real P times Q, based on real market data that can turn that business around and return it to growth. There are elements that are off the PC declines, which are kind of the natural forces happening in the industry.

So everybody who wants to mark us down because Consumer's going to melt, we're working really hard to make sure that around so it doesn't melt. And we have very strong brand recognition in Norton.

People trust us, and we think we can deliver substantial value to the consumer through that brand for things that are adjacencies to the PC malware decision. So, hang on..

Would this?.

It's going to get better..

Yeah, okay..

Our guidance is conservative, John. Our guidance is conservative on the Consumer guide..

Okay.

But the kind of investment that that might require, you've already done some, but is this something we should continue to expect, similar profitability in that business going forward at least for the foreseeable future? Or would this kind of, if in order to turn around the top line, could it have a material effect, a negative effect on the margin? Yeah..

Yeah, so a couple of examples. We already have released a pretty substantial Wi-Fi protection capability under the Norton brand. We did that while maintaining the margin contribution that we have in the business already. That was a not insignificant R&D investment.

One of the things about Symantec is we have many thousands of engineers, so we can move 50 of them around to a problem like that without any issues.

So we feel good about our ability to continue to deliver that at the margin, and we are reaffirming our margin commitments in the guidance that we're putting out for FY 2018 with those plans on board, okay. And our EPS range in 2018, that's with the engineering efforts and marketing efforts planned in Consumer..

Okay..

The answer is I think we're going to be okay, and being able to do that at the margin we're at..

Next question, please..

And our next question is Brent Thill..

Greg, the Enterprise Security did very well during the quarter, I think we all look at that business and see there's a lot of opportunity both on top line and bottom line.

Where do you see the nearest opportunity just on the revenue side when you look at the joint Blue Coat/Symantec team? And then on the bottom line can you just talk a little bit about the margin structure at 12%, clearly a lot of the peers are a lot higher.

Where do you think you can drive that to over time?.

So let me just clarify something I said answering John's question. I think you have the FY 2018 guidance is EPS only on the $1.70 to $1.80 range. And my comments around the FY 2017 margin guide were doing those things with the plans we have in Consumer baked in.

Coming back to your question, can you ask it for me again, just to make sure I got it right?.

Yeah, just as it relates to the Enterprise Security business, the low hanging fruit that you see in front of you just on the top line and then on the bottom line at the 12% op margin, your competitors are considerably higher.

Where do you think you can drive that margin to over time?.

So the opportunities on the top line, as we talked about on prior calls, we have not really cooked a whole bunch of revenue synergies, cross-sell and up-sell, into our thinking.

Where they live is we do believe that in the network area where we're selling the gateway technologies that are highly adjacent to email and to DLP, we have a great opportunity for cross-selling the combined solutions there.

Also, the power that you get when you hook up our networks with endpoint results in substantial enhanced cyber defense, and we do think that there are a bunch of cross-sell and up-sell opportunities.

We mentioned on the prior remarks a couple of examples of DLP customers where we were strongly advantaged with the network technologies and endpoint technologies, that we're strongly advantaged from the network technologies.

We feel good about what we can put together in terms of product bundles that the market's going to like, customers are going to like. And in outlying years, I think we'll be able to lead the market with the enterprise solution set for cyber defense.

Margin-wise, I think at this point in time we are committed to taking out the $550 million of sustainable run rate expenses. We've given you guidance on the FY 2017 margin numbers. And at this point in time, it's too early for us to guide the top line for 2018..

But I think it's fair to say that all the additional cost take-out is primarily going to benefit the Enterprise business from a profitability perspective. So we are not at $100 million run rate improvement so far. We said we're going to be north of $200 million by the end of the fiscal year.

Still there's plenty to be implemented until we get to $550 million, and the delta really primarily towards the Enterprise margin..

Exactly.

Next question, please?.

Our next question is from the line of Keith Weiss..

Thank you, guys, for taking the question and nice quarter. Two questions I wanted to ask.

One about distribution in terms of how far into the integration of Blue Coat sales people are we? And vice-versa, how well are we into the integration of the Symantec sales guys? Or who's proper being able to sell the Blue Coat portfolio? How much further do we have to go on that side of the equation?.

So we've made a ton of progress there, Keith, and we've picked the leadership for those organizations across the world in the channel, in the mid-market, in the enterprise. And that is going extremely well. We have had our integrated sales force kick-off.

We brought them all to Las Vegas and had a week's worth of getting everything lined up and planned out. And the regional teams are out now executing. We feel really good about where we're at on the integration of our go-to-market teams.

Keith, I'd also like to point out that the initial results from Q1, if we were going to have problems, we'd be seeing them. And we feel really good about that integrated sales force and how we're coming out of the blocks on that..

Got it. And the second question is more along the lines of how should we track the business on a going-forward basis. You're talking a little bit about mix shift in terms of revenues, more coming through as attrition versus perpetual. At times, we've looked at Symantec on a billings basis, looking at billings growth as an indicator of overall growth.

That's hard right now with the acquisition accounting.

Maybe just looking for some guidance from you guys in terms of, what do you think is the best indicator of the underlying demand trends? Is there some adjusted billings number we should be looking to? Or is it just we have to fall back on revenues and just take into account the subscription versus perpetual adjustments that are going to be going on?.

At this point, Keith, I think we want to stay on the revenue reporting that we have and we give you the cash flow information and the balance sheet, and I think you'll be able to put it back together. We do feel that that's a good question for as we get into Q3 and Q4..

Operator, next question?.

And our next question is from the line of Walter Prichard..

Hi. Thanks. Question for Thomas on the Blue Coat contribution, the $124 million that you saw in the quarter.

Can you talk about the delta there between the $100 million you were expecting? Was it just simply timing of business that came in? Or was that business indeed better than expected if you look at it on maybe a full quarter basis or whatever makes sense to calibrate?.

Yeah, I'm not even sure we want to be this granular. First of all, we are really pleased that our sales team was able to provide that in the short period of time we had to close. I think there for sure is a combination of both elements in that number. But overall I think what we said in the prepared remarks holds true.

We are encouraged by the momentum that we see and by the momentum that the sales force brought into our first combined quarter from an execution perspective. But it's one data point and that's why we think it's still prudent to be very conservative in the outlook we provide..

And then, Thomas, just similar to that question on the billings from Blue Coat. Could you help us understand, did the billings exceed the revenue for the $124 million in the quarter or were they less? Or any sort of color you could give us around that would be helpful as well..

Yeah, as you know, we've got a lot of moving parts, and that's why we wanted to stay away from giving that granular business guidance. We have to digest the integration. We still have some noise in our billings numbers from a Veritas separation perspective.

From an overall billings performance, I think if you look for a proxy, look at our GAAP revenue and the change in deferred and that gives you an approximation of how billings have performed quarter-over-quarter for the combined company. If you do your math, it's going to be approximately 12%.

But for the time being in the short term, we'd like to focus and less the attention on revenue, on margin and EPS..

And ladies and gentlemen, this does conclude today's conference call. We thank you for your participation today, and you may now disconnect..