F5 is a multi-cloud application security and delivery company. We see a world where we enable our customers’ applications to adapt to changing environments, automating redundant processes for greater efficiencies, expanding and contracting based on performance needs, protecting themselves, and securing points of vulnerability. Adaptive applications bring intelligence and real-time changes to the world of application deployments, which today are mostly static and manual.
Our enterprise-grade solutions are available in a range of consumption models, from on-premises to managed services, optimized for multi-cloud environments. In connection with our solutions, we offer a broad range of professional services, including consulting, training, installation, maintenance, and other technical support services.
On January 25, 2021, we completed the acquisition of Volterra, a provider of edge-as-a-service platform solutions. The F5+Volterra platform will be designed to address challenges found with current edge solutions that are built on CDNs and have limited security features. F5’s new enterprise-focused edge will be security-first and app-driven, with unlimited scale.
Our customers include large enterprise businesses, public sector institutions, governments, and service providers. We conduct our business globally and manage our business by geography. Our business is organized into three geographic regions: Americas; Europe, the Middle East, and Africa (EMEA); and the Asia Pacific region (APAC).
Our revenue is comprised of services revenue and product revenue. While the majority of our product revenue today is derived from appliance sales, we are actively managing a transformation to a software- and SaaS-driven business with product revenue from software sales growing 40% in fiscal year 2021 and representing 40% of product revenue.
At the end of fiscal 2021, we had product backlog of approximately $124.9 million. Backlog is primarily systems-based and represents orders confirmed with a purchase order for products to be fulfilled and invoiced, generally within 90 days to customers with approved credit status. Orders are subject to cancellation, rescheduling by customers, or product specification changes by customers. Although we believe that the backlog orders are firm, purchase orders may be canceled by the customer prior to fulfillment without significant penalty. For this reason, we believe that our product backlog at any given date is not a reliable indicator of future revenues.
F5 was incorporated on February 26, 1996 in the state of Washington. Our headquarters is in Seattle, Washington, and our mailing address is 801 5th Avenue, Seattle, Washington 98104-1663. The telephone number at that location is (206) 272-5555. Our website is www.f5.com. We have 80 subsidiaries, branch offices, or representative offices worldwide. Through a link on the Investor Relations section of our website, we make available the following filings as soon as reasonably possible after they are electronically filed with or furnished to the Securities and Exchange Commission (SEC): our Annual Report on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, and any amendments to those reports filed or furnished pursuant to Section 13(a) or 15(d) of the Exchange Act. All such filings are available free of charge. The information posted on our website is not incorporated into this report.
Strategy and Priorities
F5 is focused on solving our customers’ most important application challenges and we have continued to evolve our business as our customer’s needs have changed. Today, our customers need to securely and cost effectively deliver extraordinary digital experiences to their end users, which include employees, consumers and partners. F5’s portfolio of multi-cloud application security and delivery technologies enables our customers to scale, secure and optimize both traditional and modern applications, making those amazing digital experiences possible. Adaptive applications utilize an architectural approach that can rapidly respond to changes in performance, global availability, or security problems across one or more infrastructure environments and with little to no human interaction. These apps are enabled by a near-real-time collection of live application telemetry, analyzed by machine learning and artificial intelligence techniques, and harnessed to automation toolchains to rapidly adjust infrastructure to new conditions.
Key components of our strategy include:
Bringing our adaptive application vision to life
F5 is uniquely positioned to deliver adaptive applications. Through our organic investments and the acquisitions of NGINX in May 2019, Shape Security in January 2020, and Volterra in January 2021, we have assembled the broadest portfolio of application security and delivery technologies in the market today. As a result of the continued evolution of our BIG-IP family, we enable customers to transition traditional applications from data centers to multi-cloud environments while maintaining private data center levels of security. At the same time, we are enabling modern application architectures with our NGINX technologies, F5 SaaS offerings, and Aspen Mesh. Our State of Application Strategy Report 2021 shows 87% of organizations are managing a complex application portfolio spanning traditional and modern architectures. F5 is unique in our ability to span both traditional and modern architectures, as a result, our customers are able to provision consistent, and industry-leading application security across their combined traditional and modern application portfolio. In addition, we are leveraging our access to application data and our analytics capabilities to enable automation and unlock business insights for our customers.
Transforming how customers experience F5
As we expand the role we play for our customers, we are also transforming how our customers experience F5. We have made it easier for our customers to procure, deploy, manage, and upgrade our technologies by introducing new consumption models and continuing to evolve our solutions’ capabilities.
As we have expanded our offerings, we are better able to solve a broader range of customer challenges and increasingly, customers are choosing a suite of F5 solutions. Going forward we will leverage and grow our foundational capabilities in data and insights, digital sales, and SaaS-delivered capabilities to deliver consistent world-class customer experiences, including simple, integrated and friction-free consumption of our technologies. We will continue to improve customer awareness and understanding of F5’s expanded portfolio with a focus on buying personas and business needs and intend to enhance our digital customer experiences to deliver both growth and efficiency.
Capturing growth in security and software
Our ability to serve both traditional and modern architectures means we are uniquely suited to provide consistent, industry-leading security across our customers entire application estate. Over the last ten years, enterprises were focused on protecting their networks from attack. Attacks are now focused on the applications with threats like malware, bots, and API penetration.
Our acquisition of Shape Security brings the leader in online fraud and abuse prevention, adding protection against automated attacks, bots, and targeted fraud, to F5’s world-class portfolio of application security and delivery technologies. Volterra’s SaaS platform will help detect threats more rapidly and reduce neutralization times. Together, F5’s portfolio provides maximum protection and reduced risk for all applications across data centers, cloud, and the edge. This reduces our customers’ total cost of application security by reducing standalone products and leveraging a unified portfolio of on-premises and SaaS-based controls.
In the last several years, we have significantly enhanced and expanded our software offerings. Our meaningful software growth over the last two years has largely been driven by steps we have taken to improve automation and orchestration in our BIG-IP software, making it easier to procure, deploy and upgrade, as well as the introduction of new flexible commercial models, including annual and longer-term subscriptions. We expect to drive continued software and SaaS growth from additional enhancements to our BIG-IP family, as well as advancements and continued customer adoption of NGINX, application security, Shape, and Volterra solutions.
F5 Products and Solutions
F5’s portfolio of multi-cloud application security and delivery technologies are enabling customers to address the challenges of delivering differentiated digital experiences to their customers.
Simplifying traditional app delivery for multi-cloud environments
Our BIG-IP family of offerings provides feature-rich, highly programmable and configurable application delivery solutions for traditional applications in enterprises and service providers. Traditional applications are based on monolithic, three-tier, or client-server architectures. Such traditional applications are the most ubiquitous application architecture today, and many organizations continue to rely exclusively on traditional applications to power the most mission-critical business applications, customer facing digital interfaces and internally used applications.
For most organizations, the priority around traditional applications is maximizing operational efficiency and minimizing the total cost of ownership. BIG-IP has established itself as the leading application security and delivery technology for traditional applications, providing load balancing, and DNS (domain name system) services. Many customers also use the advanced security capabilities of BIG-IP, including WAF (web application firewall), carrier-grade firewall and NAT (network address translation), identity-aware proxy, SSL-VPN, and SSL (securer sockets layer) offloading, that are available as tightly-integrated modules or extensions. Via the F5 Automation Toolchain, BIG-IP capabilities easily integrate into orchestration frameworks such as Ansible, HashiCorp Terraform, OpenShift, and Cloud Foundry as part of a CI/CD pipeline. BIG-IPs “best-of-suite” approach helps standardize and consolidate application delivery and security functions into a single solution, and enables automating the functions to reduce operational cost.
BIG-IP capabilities are available in software-only Virtual Editions (VEs) that deploy on any standard hypervisor in private and public clouds and are available in many performance throughput options. VEs can be deployed on public clouds, including Amazon Web Services, Microsoft Azure, and Google Cloud Platform, through Bring Your Own License (BYOL) and the public cloud marketplaces. VEs are available via utility pricing (via public cloud marketplaces), short- and long-term subscriptions, and perpetual licensing models. In addition, F5 offers customers additional licensing, consumption flexibility, and value via our flexible consumption program or multi-year subscriptions.
F5 BIG-IQ Centralized Management provides central management, analytics, and automation for BIG-IP instances. Available in virtual or physical form factors, BIG-IQ simplifies, enhances management of, and reduces customer operational costs associated with BIG-IP deployments.
F5’s physical systems are designed to enhance the performance of our software by leveraging a combination of custom FPGA logic and off-the-shelf silicon, providing a balance of cost and flexibility. Currently, we offer two types of physical configurations: BIG-IP iSeries appliances and chassis-based VIPRION and VELOS systems. Both BIG-IP iSeries and our chassis-based systems run the same BIG-IP software modules as are available in the Virtual Edition and are licensed on a perpetual basis or subscription basis. To help customers comply with regulatory requirements and protect sensitive data, our physical systems are certified up to NIST FIPS 140-2 Level 2 and Common Criteria Evaluation Assurance Level (EAL 4+). BIG-IP iSeries appliances and chassis-based systems differ primarily in their performance and size characteristics resulting from the hardware components and configurations that make up these systems. As we align to modern architectures, we also added the VELOS chassis-based system to our lineup. VELOS relies on a Kubernetes-based platform layer that is integrated tightly with F5’s TMOS software. In addition, going to a microservice-based platform layer allows VELOS to provide new and exciting features that were not possible in previous generations of F5 BIG-IP platforms.
Enabling modern app delivery at scale
To better address the needs of digitally transforming enterprises that have a mix of traditional, three-tier architectures and cloud-first microservices architectures, our NGINX technologies offer lightweight, agile ADC and API management software for container-built applications, CI/CD workflows, and microservices. Our NGINX technology enables developer and DevOps agility to get applications to market quickly, with security and automation closer to the code.
Our NGINX product offerings are:
•NGINX Plus, an all-in-one load balancer, web server, content cache, and API gateway for modern applications.
•NGINX Controller, which provides orchestration and analytics for NGINX Plus.
•NGINX Ingress Controller and NGINX Service Mesh, which provide traffic management for Kubernetes clusters.
•NGINX App Protect, which integrates F5’s market-leading WAF with the flexibility and performance of NGINX Plus.
We believe NGINX solutions help our customers enable adaptive applications in container, cloud-native, and microservices environments, providing the ease-of-use and flexibility developers require while also delivering the scale, security, reliability, and enterprise readiness network operations teams demand.
F5 SaaS offerings support modern cloud application delivery and security use cases for cloud-native applications, making it easier for developers and DevOps engineers to build in the application services required for production.
Securing applications and APIs everywhere
F5’s advanced application security services, including DDoS (distributed denial of service) mitigation, WAF (web application firewall), bot protection, SSL/TLS traffic decryption, and API discovery/control provide best-in-class protection for applications and infrastructure across any deployment model, from on-premises to multi-cloud to the network edge.
For protecting web applications from advanced threats and malware, F5 has several solutions. F5 Advanced WAF has been an industry-leading web application firewall for many years. It employs countermeasures to detect and stop evolving application-layer threats, integrating behavioral analysis and dynamic code injections as its two main mechanisms to more completely assess the threat associated with any given client session.
NGINX App Protect provides web application protection with self-service access and API-driven integration into automation and orchestration frameworks. Often referred to as “shifting security left,” this ensures security is applied earlier in the software development lifecycle and covers the full portfolio of modern and long-tail applications in the enterprise.
Shape's technology addresses the increasing sophistication of automated bot attacks as well as fraud and abuse. Shape’s artificial intelligence platform protects the largest banks, airlines, retailers, and federal agencies against bots and fraud which bypass best-practice industry security controls. Shape protects more than one billion accounts worldwide against credential stuffing attacks, the industry’s leading cybersecurity threat.
Volterra provides advanced machine learning (ML)-based API protection through API auto-discovery and control. Volterra VoltMesh automatically discovers all APIs in an application environment without the need for manual DevOps/DevSecOps actions. It then automatically allows only those APIs that are safe and required for a given workflow. It also baselines API activity and continually monitors for anomalous behavior to ensure ongoing protection in the often-dynamic environment of modern applications.
Silverline provides customers fully-managed application security. Current offerings include Silverline Web Application Firewall, Silverline DDoS Protection, and Silverline Threat Intelligence Services. These services provide enterprise and service provider customers with F5’s proven security technologies coupled with world-class security professionals. Silverline’s Security Operations Center experts set up, manage, and support each customer's application solutions as an extension to the customer’s staff. In F5’s third fiscal quarter, Shape technology was combined with F5's Silverline managed services platform to launch Silverline Shape Defense, creating a version of Shape’s technology platform capabilities for customers who prefer a managed service.
Depending on the level of protection required, customers can route traffic through the Silverline cloud-based platform 24/7 or only when an attack is detected. Silverline Managed Services also provides an affordable and straightforward deployment alternative for customers who want to minimize the upfront costs and expense of maintaining on-premises solutions. For large enterprises, subscribing to Silverline Managed Services in conjunction with our on-premises DDoS Hybrid Defender and Advanced WAF can provide the first line of defense against attacks, and prevent them from having a significant downtime impact on their application or network services.
Unlocking the value of application insights
Shape’s technology platform enables generalized AI-powered user analytics. While Shape has focused on using these capabilities to detect advanced fraud and abuse, going forward, the same technology is being integrated throughout F5 to create general AI-powered user analytics capabilities within and beyond cybersecurity use cases.
Service Provider Solutions
BIG-IP offerings also comprise our service provider solutions that address the complex requirements for enabling fast, secure, reliable communications among the elements of existing infrastructures such as 4G/LTE and evolving to newly designed cloud-native 5G networks, network functions virtualization (NFV) environments, and edge computing.
In addition to the solutions described above, F5 also offers solutions for fixed and mobile service provider customers to enable fast, secure, reliable communications in their networks. These solutions include intelligent traffic management services to classify and manipulate network traffic to successfully manage and migrate to newer technologies such as IPv4 to IPv6 and 4G to 5G. Our carrier-class network firewall services are used to secure the Gi/N6 interface, secure signaling threats and IoT applications, and detect and mitigate DDoS attacks. Our solutions are also used by our customers to secure complex signaling for mobility protocols like Diameter, SIP, and GTP, as well as IoT protocols. All F5 software solutions can be delivered on dedicated F5 hardware, as Virtual Network Functions (VNFs) that can use F5 VNF Manager or other industry solutions to deploy and manage VNF instances, and are evolving as Container Network Functions (CNF).
As F5 expands its reach and role into a broader set of multi-cloud solutions, the companies that we consider competitors evolves as well. In addition to server load balancing, traffic management, and other functions normally associated with application delivery, our suite of solutions has expanded our addressable market into security, and policy management, where we compete with a number of companies focused on niche areas of application security.
Within application delivery, we compete against Citrix Systems and a number of other competitors that have a smaller market presence or limited feature set, such as Amazon Web Services, HAProxy, Kemp Technologies, Microsoft Azure, and VMware.
We see emerging demand to support modern, container-based applications with new capabilities including managing APIs, optimizing Kubernetes traffic management, load balancing cloud-native and hybrid cloud applications and providing service mesh. For these use cases, we compete against emerging players like Apogee and Kong.
In application security, we compete with companies that provide web application firewalls, bot detection and mitigation, carrier-grade firewall, carrier-grade NAT, SSL orchestration, access policy management, DDoS protection, and fraud defense. Competitors include Akamai, Citrix Systems, Imperva, Juniper Networks, and Symantec/Blue Coat. With the addition of Shape, additional fraud, abuse, and analytics solutions become indirect competitors, including Akamai, Cloudflare, Imperva (Distil Networks), Fastly (Signal Sciences) and PerimeterX.
Volterra’s use cases include multi-cloud networking, as well as security offered as SaaS, competing with the likes of Imperva, Fastly, Akamai, and Cloudflare.
The principal competitive factors in the markets in which we compete include form factor, consumption model, ecosystem integrations, features and performance, customer support, brand recognition, scope of distribution and sales channels, and pricing. Some of our competitors have already tried or plan to adopt aggressive pricing policies to gain market share. However, because F5 offers superior performance, broad functionality, including lighter-weight options with NGINX and Volterra, we believe that we can and will compete effectively against such pricing policies.
Customer Services and Technical Support
In connection with our products, we offer a broad range of professional services including consulting, training, installation, maintenance, and other technical support services.
We believe that our ability to provide consistent, high-quality customer service and technical support is a key factor in attracting and retaining large enterprise and service provider customers. Accordingly, we offer a broad range of support services that includes installation, phone and online technical support, hardware repair and replacement, software updates, online tools, consulting, and training services.
We provide these services directly to end users and also utilize a multi-tiered support model, leveraging the capabilities of our channel partners. Our technical support staff is strategically located in regional service centers to support our global customer base.
We believe our future success depends on our ability to maintain technology leadership by continuing to improve our products and by developing new products to meet the changing needs of our customers and partners. Our engineering
organization uses standard processes for the development, documentation, and quality control of services, software, and systems that are designed to meet these goals. These processes include working with our business development and marketing teams, customers, and partners to identify technology innovation opportunities to better meet the evolving needs of our addressable markets.
Over 90 percent of our engineers are engaged in software, SaaS, and managed services development in several major locations including Seattle, Washington; Hyderabad, India; Tel Aviv, Israel; San Jose and San Francisco, California; Cork, Ireland; and Moscow, Russia.
Our hardware engineering team is located in Spokane, Washington; San Jose, California; and Tel Aviv, Israel.
Smaller development sites including Boulder, Colorado; Warsaw, Poland; and Billerica, Massachusetts also support the core development teams in the larger centers.
Members of all our engineering teams collaborate closely with one another to ensure the interoperability and performance of our solutions.
We believe that robust and constant innovation is a necessity for F5, so we are also innovating in new ways. For more than a year now, we have had dedicated teams focused on testing new disruptive innovations in technology, business models, or customer segments. We expect innovations resulting from the work of these teams will be complementary to our goal of delivering the broadest and most consistent portfolio of solutions across cloud and on-premises environments.
We rely on a combination of patent, copyright, trademark, and trade secret laws and restrictions on disclosure to protect our intellectual property rights. F5 holds 433 patents in the United States and has 59 international patents (with applications pending for various aspects of our technology). Our future success depends in part on our ability to protect our proprietary rights to the technologies used in our principal products. Despite our efforts to protect our proprietary rights, unauthorized parties may attempt to copy aspects of our products or to obtain and use trade secrets or other information that we regard as proprietary. In addition, the laws of some foreign countries do not protect our proprietary rights as fully as the laws of the United States. Any issued patent may not preserve our proprietary position, and competitors or others may develop technologies similar to or superior to our technology. Our failure to enforce and protect our intellectual property rights could harm our business, operating results, and financial condition.
In addition to our own proprietary software, we incorporate software licensed from several third-party sources into our products. These are generally term licenses which may renew annually and that generally provide for certain rights and licenses to support our customers post termination. While we may not be able to renew all of these licenses in the future, we believe that alternative technologies for these licenses are available both domestically and internationally.
During the fiscal years ended September 30, 2021, 2020 and 2019, we had research and product development expenses of $512.6 million, $441.3 million, and $408.1 million, respectively.
Sales and Marketing
Our customers include a wide variety of enterprises and service providers among Fortune 1000 and Business Week Global 1000 companies, including those in technology, telecommunications, financial services, transportation, education, manufacturing, healthcare, and government. In fiscal year 2021, sales outside of the Americas represented 44.0% of our net revenues. Refer to Note 16 of our consolidated financial statements included in this Annual Report on Form 10-K for additional information regarding our revenues by geographic area.
We sell our products and services to large and medium enterprise customers, including federal government entities, financial services customers and service providers through a variety of routes to market and channels. Our sales teams sell our products and services directly to customers by working closely with our channel partners including distributors, value-added resellers (VARs), managed service providers (MSPs), and systems integrators.
F5 sales teams. Our inside sales team generates and qualifies leads from marketing and helps manage accounts by serving as a liaison between the field and internal corporate resources. Our outside sales team works directly with partners and customers across the globe. Our field sales personnel are located in major cities in three sales regions: the Americas (primarily the United States); Europe, the Middle East, and Africa (EMEA); and the Asia Pacific region (APAC). Field sales personnel work closely with our channel partners to sell our products and services to their customers. We reward partners that identify new business and provide sales expertise for our portfolio of products and solutions through various incentive programs. Systems engineers, with deep technical domain expertise, support our regional sales account managers and channel partners providing pre-sale technical solution engineering and support, as needed.
Distributors, VARs, and MSPs. As a key component of our sales strategy, we have established relationships with a number of large national and international distributors, local and specialized distributors, VARs, and MSPs. We derive a majority of our product sales from VARs and MSPs, relying on our large distributors for fulfillment, training, and partner enablement.
Our agreements with our channel partners are not exclusive and do not prevent them from selling competitive products. These agreements typically have one-year terms with no obligation to renew, and typically do not provide for exclusive sales territories or minimum purchase requirements.
For fiscal year 2021, sales to two of our worldwide distributors, Ingram Micro, Inc. and Synnex Corporation represented 19.2% and 11.1% of our total revenues, respectively. Our agreements with distributors are standard, non-exclusive distribution agreements that renew automatically on an annual basis and generally can be terminated by either party with 90 days written notice prior to the start of any renewal term. The agreements grant certain distributors the right to distribute our products to resellers, with no minimum purchase requirements.
Systems integrators. We also market our products through strategic relationships with systems integrators, including Dell Services, DXC, HP Enterprise Services, and IBM Global Services, who include our products as core components of application deployments or network-based solutions they deploy for their customers. In most cases, systems integrators do not directly purchase our products for resale to their customers. Instead they typically recommend and/or manage our products as a part of broader solutions supporting enterprise applications and Internet facing systems that incorporate our technology for security, high availability, and enhanced performance.
Resellers and technology partners. Historically, our ability to compete with much larger companies has been strengthened through partnerships with large systems and software vendors. Currently, we partner with many technology partners and public cloud providers who resell our products. We have ongoing partnerships with the major cloud providers such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform and have expanded our reseller routes to market to include their public cloud marketplaces. F5 has recently signed a Strategic Collaboration Agreement (SCA) with AWS, and are actively engaged with Microsoft Azure on private offers levering our software on Azure. Our business development team manages these relationships and closely monitors adjacent and complementary markets for opportunities to partner with those whose solutions are complementary to ours and could enable us to expand our addressable market.
As we continue to expand our offerings and advance our range of consumption models (e.g., from on-premises to managed services), we continue to focus on driving a compelling and unique value proposition of F5 among our existing customers as well as new buying centers. In addition to revitalizing our brand in the market, our expansion into new buying centers among existing customers (DevOps for example), exploration of new routes to market (such as public cloud marketplaces), and acquisition of a host of net new customers, compels us to increase our focus and investments in more digitally-enabled, personalized and effortless experiences at scale.
We are increasing our focus on efforts to drive momentum behind our brand and reputation to deliver clarity, guidance and inspiration among our existing customers, future customers, partners, and employees around our evolving strategy behind F5’s unique offering. Additionally, to best support our growth as we transform our role in driving value for our customers, we are transforming marketing from a cost center to a revenue center to serve as a meaningful and predictable source of opportunities, customer growth and revenues. The critical success factors in this shift are increased investments in digital technologies, requisite competencies, and shifting our culture to adopt an agile mindset as we use data to constantly improve our contributions to our customers and ultimately our shareholders.
We outsource the manufacturing of our pre-configured hardware platforms to a third-party contract manufacturer, Flex Ltd. ("Flex"), for building, assembling, and testing according to our specifications at Flex's facilities in Guadalajara, Mexico and Zhuhai, China. Flex also performs the following activities on our behalf: material procurement, PCB assembly and test, final assembly, system test, quality control, and direct shipment.
We provide a rolling forecast that allows Flex to stock component parts and other materials, plan capacity, and build finished goods inventory in anticipation of end-user demand. Flex procures components in volumes consistent with our forecast, assembles the products, and tests them according to our specifications. Generally, we do not own the system components. Hardware components for our products consist primarily of commodity parts and certain custom components. Many of our components are purchased from sources which we believe are readily available from other suppliers. However, we currently purchase several hardware components used in the assembly of our products from a number of single or limited
sources. Lead times for these components vary significantly and are increasing in light of global shortages of critical components. Global supply chain constraints in the wake of the COVID-19 pandemic continue to decrease our visibility into component availability and lead times even for commodity components. Also, if the components are unused or the products are not sold within specified periods of time, we may incur carrying charges or obsolete material charges for components that our contract manufacturers purchased to build products to meet our forecast or customer orders.
Systems built in Guadalajara are shipped to the Flex fulfillment center in Milpitas, California for distribution primarily to distributors, value-added resellers, or end users in EMEA and the Americas. Systems built and fulfilled in Zhuhai are for distribution to partners and customers in APAC. Title to the products transfers from Flex to us and then to our customers upon shipment from a designated fulfillment location.
As of September 30, 2021, we had 6,461 employees – over 99% of whom were full time employees. Our employees are in 47 countries with 52% of employees in the United States. None of our employees are represented by a labor union. We have experienced no work stoppages and believe that our employee relations are in good standing, as evidenced by our bi-annual employee engagement survey results.
Culture and engagement
In 2018, we defined and launched BeF5. BeF5 conveys our Guiding Principle of “Do the right thing” and the five behaviors which unite F5ers and which we expect all employees to emulate. In early 2021, these behaviors were updated (updating “We choose speed” to “We make F5 more agile”) and language to describe each was refined based on employee feedback.
In 2019, we defined and created our principles for leadership, referred to as LeadF5.
Communications, performance management, development, and a number of other employee engagement activities connect and reinforce BeF5 and LeadF5.
F5 supports employees and our culture through competitive benefits, regular communications through formal (quarterly all hands with extensive question and answer sessions with execs) and informal (“Monday Minute” newsletter and company intranet) means, and a quarterly Zoom Out Day, dedicated to learning and exploring new ideas. During the current global crisis surrounding COVID-19, racial injustice, political uncertainty and natural disasters, we have provided employees and leaders with a variety of support and resources to help them thrive, including new wellness programs, educational series, and four additional days of time off dedicated to wellness.
F5 also provides flexible working opportunities through our Freedom to Flex program which allows employees to choose whether to work in an office, remotely or a blend of the two. Established in 2018, Freedom to Flex has provided the foundation for our flexibility throughout the pandemic and will continue to remain in place after it is safe to re-open all offices fully. Most of our workforce will have the option to remain working remotely some or all of the time. To support the increased use of the Freedom to Flex program going forward, resources and learning opportunities are available for managers and leaders to assist in effectively leading hybrid teams (defined as teams which have some employees in office and others remote from office), and technology to support ongoing connection and productivity among these hybrid teams.
Employee experience and sentiment is measured through global employee surveys at least twice each year, with Belonging (“I feel a sense of belonging at F5”) as our keystone measure. As of May 2021, employees reported high satisfaction on several key questions:
•81% of employees favorably rate “I feel a sense of belonging at F5."
•88% of employees favorably rate “I am proud to work for F5."
•87% of employees favorably rate “F5 really demonstrates a commitment to ‘We create a more diverse and inclusive F5’”
•87% of employees favorably rate “F5 has a great culture."
•94% of employees favorably rate “F5 has demonstrated that employee well-being and health is a priority during the coronavirus outbreak."
Growth and development
Ongoing development of our workforce is supported across multiple learning organizations within F5, providing opportunities to improve technical and professional knowledge, better understand our business and products, and strengthen management and leadership. Example opportunities include a mentoring program, LeadF5 Coaching, which provides an opportunity for several hundred employees to receive professional and personal coaching annually, and through learning paths created to support specific areas of knowledge, including deepening their knowledge of BeF5 and LeadF5. Employees have access to multiple third-party resources to enhance the learning opportunities developed internally.
Diversity and Inclusion
F5 believes our differences—when embraced with humility and respect—drive smarter decisions, increased innovation, stronger performance, and a culture where everyone can be themselves and reach their full potential.
Employee Inclusion Groups (EIGs) – F5 Ability, F5 Appreciates Blackness, F5 Connects Women, F5 Latinx e Hispanos Unidos, F5 Military Veterans, F5 Multicultural and F5 Pride – bring people together across F5 around the world. All seven EIGs are led by employees, with a dedicated annual budget and executive sponsor. F5’s EIG leaders participate in an F5 sponsored leadership development program with dedicated time toward cultivating their EIG and growing as a leader themselves. In fiscal 2021, our EIG leaders received an end of the year bonus for their contributions. Participation in these leadership roles will be bonus eligible going forward. In this way, F5 continues to invest in a thriving community of diverse individuals.
We have also steadily increased our transparency in both our actions and the accompanying results culminating in our inaugural F5 Diversity and Inclusion Report available at f5.com. Therein, you will see progress made on both our culture of belonging and representation at F5. We continue to actively build a culture where everyone feels they can be themselves and reach their full potential.
Compensation and Benefits
F5 offers a competitive Total Rewards package intended to attract, retain and motivate our employees. Our package includes market-competitive pay, incentive plans, restricted stock unit grants (RSUs), an Employee Stock Purchase Plan, retirement plans, healthcare, paid time off and family leave.
Environmental, Social & Governance
At F5, we care deeply not just about what we do, but how we do it. We consider this our “human-first” approach to the way we conduct our business, and it is reflected in our expanded commitment to Environmental, Social and Governance (ESG) – extending from the environmental sustainability of our products and operations to the well-being of our employees and our communities.
Environmental. F5 is committed to business practices that preserve the environment upon which our society and economy depend. As we develop a comprehensive program that recognizes F5’s full environmental impact, our focus is on: expanding the volume of our environmental data collection; increasing the breadth of our environmental disclosures; standardizing our carbon reporting processes and metrics; and exploring all options for carbon reduction, mitigation and removal. This will result in F5 disclosing science-aligned targets for Scope 1 and 2 in fiscal year 2022 and declaring 2030 Science-based targets with the Science Based Target Initiative (SBTi) in fiscal year 2023.
Social. In addition to the employee programs and benefits outlined in the Human Capital Management section above, we continue to prioritize F5 Global Good, the community development initiative that amplifies our employee engagement and diversity and inclusion programs. In fiscal year 2021, more than half of all worldwide employees participated in Global Good programs, volunteering over 6,000 hours and directing the entirety of F5’s donations, through both the company matching program and grant selection committees. F5 and its employees donated over $4.8 million to over 2,900 non-profits worldwide in fiscal year 2021.
Governance. Our guiding principle to do the right thing for each other, our customers, our shareholders, and our communities is set forth in F5’s Code of Business Conduct and Ethics, compliance training programs and most importantly, in the behaviors and principles we measure all employees on: BeF5 and LeadF5. In addition, F5 added oversight of our ESG programs by expanding the charter of the Nominating and Governance Committee of the board of directors, as well as expanded our ESG disclosures aligned to the Sustainability Accounting Standards Board (SASB) in our inaugural F5 ESG Report available at investors.f5.com.
Executive Officers of the Registrant
The following table sets forth certain information with respect to our executive officers as of November 16, 2021:
President, Chief Executive Officer and Director
Executive Vice President of Global Services and Chief Strategy Officer
Executive Vice President and Chief Technology Officer
Executive Vice President and Chief Financial Officer
Executive Vice President and General Counsel
Executive Vice President and General Manager, Security and Distributed Cloud
Executive Vice President and General Manager, App Delivery and Enterprise Product Ops
Executive Vice President of Worldwide Sales
Executive Vice President and Chief People Officer
Executive Vice President and Chief Marketing and Customer Experience Officer
François Locoh-Donou has served as our President, Chief Executive Officer and member of our Board of Directors since April 2017. Prior to joining F5, Mr. Locoh-Donou served as Senior Vice President and Chief Operating Officer of Ciena Corporation. During his more than 15 years at Ciena, Mr. Locoh-Donou served in several leadership positions. From August 2011 to October 2015, he served as Ciena’s Senior Vice President, Global Products Group. Previously, he served as Ciena’s Vice President and General Manager, Europe, Middle East and Africa from June 2005 to August 2011. He holds an M.B.A. from Stanford University, a 'Mastere' in Optical Telecommunications from the National Institute of Telecommunications of Paris (ENST), and a 'Diplome d'Ingenieur' in Physics Engineering from the National Institute of Physics in Marseille (ENSPM), France. Mr. Locoh-Donou serves on the board of Capital One Financial Corporation (NYSE: COF). He is also the co-founder of Cajou Espoir, a cashew-processing facility that employs several hundred people in rural Togo, 80 percent of whom are women. Cajou Espoir exports more than 400 tons of cashew kernels annually to the U.S. and Europe.
Tom Fountain has served as our Executive Vice President of Global Services and Chief Strategy Officer since June 2020. Mr. Fountain joined F5 in January 2018 as Executive Vice President and Chief Strategy Officer. Mr. Fountain is responsible for F5’s global services organization, including global support, consulting, and services teams. He is also responsible for F5’s corporate strategy, corporate development, technology partnerships, our service provider business, and new business incubations. From November 2012 to January 2018, Mr. Fountain served as Senior Vice President for Strategy and Corporate Development at McAfee LLC, Vice President of Strategy and Operations at Intel Corporation, and Senior Vice President for Strategy and Corporate Development at McAfee Incorporated. Previously, Mr. Fountain served as Vice President and General Manager of the Content and Media Business Unit at Juniper Networks from December 2011 to November 2012 and Vice President of Corporate Strategy at Juniper Networks from February 2009 to December 2011. Earlier in his career, Mr. Fountain was a venture capitalist at Mayfield Fund from June 2003 to February 2009 and co-founder and engineering leader at Ingrian Networks from December 1999 to June 2004. He holds an M.B.A., an M.S. in Computer Science, an M.S. in Electrical Engineering, and a B.S. in Computer Systems Engineering, each from Stanford University.
Geng Lin joined F5 as our Executive Vice President and Chief Technology Officer in July 2019. Mr. Lin is responsible for the technical vision for the company with a focus on next-generation technological capabilities through organic and inorganic innovation, including advanced research initiatives and strategic partnerships. Prior to joining F5, Mr. Lin was the Managing Director, Chief Development Officer and Head of Engineering for consumer and community banking for J.P. Morgan Chase from September 2017 to June 2019. Previously, he served as Head of Service Engineering for Next Billion Users, CTO of Corporate Networks at Google, CTO of Network Business at Dell and CTO of Cisco’s IBM Alliance. Mr. Lin is an industry-leading expert in distributed systems, software-defined infrastructure, and cloud services. He is a contributing author of two books on cloud and data-intensive computing and holds nine U.S. patents. Mr. Lin received B.Sc. and M.Sc. degrees in Computer Science from Peking University and a Ph.D. degree in Computer Science from the University of British Columbia.
Frank Pelzer has served as our Executive Vice President and Chief Financial Officer since May 2018. He oversees F5's worldwide financial planning, analysis, accounting, reporting, and internal auditing procedures, as well as investor relations. Prior to joining F5, Mr. Pelzer served as President and Chief Operating Officer of the Cloud Business Group at SAP, responsible for the execution of strategy and operations of the company's Software as a Service (SaaS) portfolio including Concur, Ariba, Fieldglass, SuccessFactors, and Hybris. Prior to that, he served as Chief Financial Officer of Concur Technologies, before it was acquired by SAP in 2014. Mr. Pelzer has also held senior leadership positions at Deutsche Bank and Credit Suisse Group. Mr. Pelzer serves on the board of directors for Benefitfocus, Limeade, and Modumetal. He holds a B.A. from Dartmouth College and an M.B.A. from the Tuck School of Business at Dartmouth College.
Scot Rogers has served as our Executive Vice President and General Counsel since January 2014. Mr. Rogers has held a variety of positions in F5's legal department since 2005, including most recently as Senior Vice President and Associate General Counsel immediately prior to his promotion to Executive Vice President. From 2002 through 2005, Mr. Rogers was the General Counsel for Xpediate Consulting, a healthcare technology and consulting company located in the San Francisco Bay Area. Prior to becoming a corporate counsel, he spent eight years in private practice as a commercial litigator. He is a graduate of the University of Texas and holds a J.D. from the Dedman School of Law of Southern Methodist University.
Haiyan Song joined F5 in 2021 as Executive Vice President and General Manager, Security and Distributed Cloud, responsible for the company’s security product and managed services portfolio. Previously, Ms. Song led Splunk’s Security business as Senior Vice President and General Manager of Security Markets. In her more than 20-year career, she has held several leadership positions, including Vice President and General Manager at HP ArcSight, Vice President of Engineering at ArcSight, and Vice President of Engineering at SenSage. Ms. Song started her career at IBM/Informix, building trusted relational database management systems for Federal customers. Ms. Song currently serves on the board of CSG, a provider of revenue management and digital payments. She holds an M.S. from Florida Atlantic University and studied Computer Science in Tsinghua University in China.
Kara Sprague is Executive Vice President and General Manager, App Delivery and Enterprise Product Ops. She is responsible for F5’s BIG-IP Application Delivery and Security product portfolio management, products and solutions. Prior to joining F5 in 2017, Ms. Sprague held various leadership positions across the technology practice of McKinsey & Company. Most recently she led the Technology, Media, and Telecom Practice for the Western Region. Prior to McKinsey, Ms. Sprague was on the engineering staff of Oracle, Agilent Technologies, and Hewlett-Packard. She holds a bachelor's degree and two master's degrees from Massachusetts Institute of Technology and serves on the board of Girls Who Code.
Chad Whalen has served as our Executive Vice President of Worldwide Sales since July 2018. He is responsible for F5’s global sales strategy and brings over 20 years of experience leading global teams across Europe, Asia, and North and South America in network infrastructure, security, and SaaS. Mr. Whalen joined F5 in 2017 to lead the Cloud Sales team. Prior to joining F5, he ran strategic alliances at Fortinet, worldwide sales and services at Jasper, Americas sales and field operations at Ciena and global sales and marketing at World Wide Packets (WWP). He holds a B.A. in Business Administration and Management from Eastern Washington University.
Ana White has served as our Executive Vice President and Chief People Officer since January 2018. She is responsible for the F5’s people, practices, and professional growth programs; recruiting; diversity and inclusion; organizational development; and employee advocacy initiatives. Ms. White comes to F5 from Microsoft, where she led global Human Resources teams for over 18 years across multiple business units. Most recently, she acted as General Manager, Human Resources for Microsoft’s Business Development, Finance, HR and Legal organizations with responsibility for their teams’ HR strategy, talent management, diversity and inclusion, and organizational capability as well as HR Business Insights across Microsoft. Prior to that, Ms. White led HR for the Marketing and Consumer Business organization. Prior to Microsoft, she was a Compensation and Benefits Consultant at Willis Towers Watson. She holds a B.S. in Mathematics from Seattle University, and serves on the taskforce for both the Seattle University Center for Science and Innovation and the board of Childhaven.
Mika Yamamoto joined F5 in May 2019 in the newly created role of Executive Vice President and Chief Marketing and Customer Experience Officer. In this role, she is responsible for leading the company’s marketing strategies across segments, channels, and geographies, and ensuring customers remain at the forefront of the company’s Digital Transformation initiative. Prior to joining F5, Ms. Yamamoto served as Global President of Marketo, where she led the company’s go-to-market strategy after it was acquired by Adobe. Ms. Yamamoto previously served as Chief Digital Marketing Officer and CMO for SAP. In addition, she has held senior leadership roles at Amazon Books, Microsoft Windows and Microsoft Stores, Gartner Research and Accenture. She holds a B.A. in Commerce, Economics and Marketing from Queen’s University in Canada and serves on the board of the Rainier Valley Food Bank.
Item 1A.Risk Factors
In addition to the other information in this report, the following risk factors should be carefully considered in evaluating our company and operations.
Our business could be adversely impacted by conditions affecting the information technology market
A substantial portion of our business depends on the demand for information technology by large enterprise customers and service providers. In addition to the challenges presented by new cloud computing models, we are dependent upon the overall economic health of our current and prospective customers and the continued growth and evolution of the Internet. International, national, regional and local economic conditions, such as recessionary economic cycles, protracted economic slowdown or further deterioration of the economy could adversely impact demand for our products. Demand for our products and services depends substantially upon the general demand for application delivery products and associated services, which fluctuates based on numerous factors, including capital spending levels and growth of our current and prospective customers, as well as general economic conditions. Moreover, the purchase of our products is often discretionary and may involve a significant commitment of capital and other resources. Future economic projections for the information technology sector are uncertain as companies continue to reassess their spending for technology projects and embrace new models for delivery of IT services, such as cloud computing and highly orchestrated software defined networking environments. As a result, spending priorities for our current and future customers may vary and demand for our products and services may be impacted. In addition, customer buying patterns are changing over time and more customers seek to rent software on a subscription basis and to reduce their total cost of ownership. These evolving business models could lead to changes in demand and licensing strategies, which could have a material adverse effect on our business, results of operations and financial condition.
Cloud-based computing trends present competitive and execution risks
Customers are transitioning to a hybrid computing environment utilizing various cloud-based software and services accessed via various smart client devices. Pricing and delivery models are evolving and our competitors are developing and deploying cloud-based services for customers. In addition, new cloud infrastructures are enabling the emergence of new competitors including large cloud providers who offer their own application security and delivery functionality as well as smaller companies targeting the growing numbers of "born in the cloud" applications. We are devoting significant resources to develop and deploy our own competing cloud-based software and services strategies. While we believe our expertise and investments in software and infrastructure for cloud-based services provides us with a strong foundation to compete, it is uncertain whether our strategies will attract the customers or generate the revenue required to be successful. In addition to software development costs, we are incurring costs to build and maintain infrastructure to support cloud-computing services. These costs may reduce the operating margins we have previously achieved. Whether we are successful in this new business model depends on our execution in a number of areas, including:
•continuing to innovate and bring to market compelling cloud-based services that generate increasing traffic and market share;
•maintaining the utility, compatibility and performance of our software on the growing array of cloud computing platforms and the enhanced interoperability requirements associated with orchestration of cloud computing environments; and
•implementing the infrastructure to deliver our own cloud-based services.
These new business models may reduce our revenues or operating margins and could have a material adverse effect on our business, results of operations and financial condition.
Industry consolidation may result in increased competition
Some of our competitors have made acquisitions or entered into partnerships or other strategic relationships to offer a more comprehensive solution than they had previously offered. We have also entered into large, strategic partnerships to enhance our competitive position in the marketplace. As IT companies attempt to strengthen or maintain their market positions in the evolving application delivery, mobility, cloud networking and cloud platform markets, these companies continue to seek to deliver comprehensive IT solutions to end users and combine enterprise-level hardware and software solutions that may compete with our solutions and which could negatively impact our partnerships. These consolidators or potential consolidators may have significantly greater financial, technical and other resources than we do and may be better positioned to acquire and offer complementary products and services. The companies resulting from these possible combinations may create more compelling product and service offerings and be able to offer greater pricing flexibility or sales and marketing support for such offerings than we can. These heightened competitive pressures could result in a loss of customers or a reduction in our revenues or revenue growth rates, all of which could adversely affect our business, results of operations and financial condition.
We may not be able to compete effectively in the emerging application delivery and security market
The markets we serve are new, rapidly evolving and highly competitive, and we expect competition to persist and intensify in the future. As we expand our reach and role into a broader set of multi-cloud solutions, the companies that we consider competitors evolves as well. In addition to server load balancing, traffic management, and other functions normally associated with application delivery, our suite of solutions has expanded our addressable market into security, and policy management, where we compete with a number of companies focused on niche areas of application security.
Within application delivery we compete against Citrix Systems and a number of other competitors that have a smaller market presence or limited feature set, such as Amazon Web Services, HAProxy, Kemp Technologies, Microsoft Azure, and VMware.
We see emerging demand to support modern, container-based applications with new capabilities including managing APIs, optimizing Kubernetes traffic management, and load balancing cloud-native and hybrid cloud applications. For these use cases we compete against emerging players like Apogee and Kong.
In application security, we compete with companies that provide web application firewalls, bot detection and mitigation, carrier-grade firewall, carrier-grade NAT, SSL orchestration, access policy management, DDoS protection, and fraud defense. Competitors include Akamai, Citrix Systems, Imperva, Juniper Networks, and Symantec/Blue Coat. With the addition of Shape, additional fraud, abuse, and analytics solutions become indirect competitors, including Akamai, Cloudflare, Imperva (Distil Networks), Fastly (Signal Sciences) and PerimeterX.
Volterra’s use cases include multi-cloud networking, as well as security offered as SaaS, competing with the likes of Imperva, Fastly, Akamai, and Cloudflare.
We expect to continue to face additional competition as new participants enter our markets. As we continue to expand globally, we may see new competitors in different geographic regions. In addition, larger companies with significant resources, brand recognition, and sales channels may form alliances with or acquire competing application services solutions from other companies and emerge as significant competitors. Potential competitors may bundle their products or incorporate an Internet traffic management or security component into existing products in a manner that discourages users from purchasing our products. Any of these circumstances may limit our opportunities for growth and negatively impact our financial performance.
Our success depends on our timely development of new products and features, market acceptance of new product offerings and proper management of the timing of the life cycle of our products
The markets for our products and services are characterized by:
•rapid technological change;
•evolving industry standards;
•consolidation of network and application functions into existing network infrastructure products;
•requirements that our products interoperate with those of other IT vendors to enable ease of management;
•fluctuations in customer demand;
•changes in customer requirements; and
•frequent new product and service introductions and enhancements.
Our continued success depends on our ability to identify and develop new products and new features for our existing products to meet the demands of these changes, and the acceptance of those products and features by our existing and target customers. In addition, our products must interoperate with our end customers’ IT infrastructure, which often have different specifications, deploy products from multiple vendors, and utilize multiple protocol standards. Our customers’ IT infrastructure is becoming more complex and we may be reliant on orchestration and interoperability with third party vendors on whom we are reliant for testing and support of new product versions and configurations. If we are unable to identify, develop and deploy new products and new product features on a timely basis, our business and results of operations may be harmed.
The current development cycle for our products is on average 12-24 months. The introduction of new products or product enhancements may shorten the life cycle of our existing products, or replace sales of some of our current products, thereby offsetting the benefit of even a successful product introduction, and may cause customers to defer purchasing our existing products in anticipation of the new products. This could harm our operating results by decreasing sales, increasing our inventory levels of older products and exposing us to greater risk of product obsolescence. We have also experienced, and may in the future experience, delays in developing and releasing new products and product enhancements. This has led to, and may in the future lead to, delayed sales, increased expenses and lower quarterly revenue than anticipated. Also, in the development of our products, we have experienced delays in the prototyping of our products, which in turn has led to delays in product introductions. In addition, complexity and difficulties in managing product transitions at the end-of-life stage of a product can create excess inventory of components associated with the outgoing product that can lead to increased expenses. Any or all of the above problems could materially harm our business and results of operations.
Our success depends on sales and continued innovation of our application security and delivery product lines
We expect to derive a significant portion of our net revenues from sales of our application security and delivery product lines in the future. Implementation of our strategy depends upon these products being able to solve critical network availability, performance and security problems for our customers. If our products are unable to solve these problems for our customers or if we are unable to sustain the high levels of innovation in product feature sets needed to maintain leadership in what will continue to be a competitive market environment, our business and results of operations will be harmed.
Security vulnerabilities in our IT systems or products as well as unforeseen product errors could have a material adverse impact on our business results of operations, financial condition and reputation
In the ordinary course of business, we store sensitive data, including intellectual property, personal data, our proprietary business information and that of our customers, suppliers and business partners on our networks. In addition, we store sensitive data through cloud-based services that may be hosted by third parties and in data center infrastructure maintained by third parties. The secure maintenance of this information is critical to our operations and business strategy. Our information systems and those of our partners and customers are subject to the increasing threat of intrusions by a wide range of actors including computer programmers, hackers or sophisticated nation-state and nation-state supported actors or they may be compromised due to employee error or wrongful conduct, malfeasance, or other disruptions. Despite our security measures, and those of our
third-party vendors, our information technology and infrastructure has experienced breaches or disruptions and may be vulnerable in the future to breach, attacks or disruptions. If any breach or attack compromises our networks, creates system disruptions or slowdowns or exploits security vulnerabilities of our products, the information stored on our networks or those of our customers could be accessed and modified, publicly disclosed, lost or stolen, and we may be subject to liability to our customers, suppliers, business partners and others, and suffer reputational and financial harm.
In addition, our products are used to manage critical applications and data for customers and third parties may attempt to exploit security vulnerabilities in our products as well as our internal IT systems. As we continue to focus on the development and marketing of security solutions, we become a bigger target for malicious computer hackers, including sophisticated nation-state and nation-state supported actors who wish to exploit security vulnerabilities in our products or IT systems.
We devote significant resources to addressing security vulnerabilities in our IT systems, product solutions and services through our efforts to engineer more secure solutions and services, enhance security and reliability features in our solutions and services, deploy security updates to address security vulnerabilities and seek to respond to known security incidents in sufficient time to minimize any potential adverse impact. Despite our efforts to harden our infrastructure and build secure solutions, from time to time, we experience attacks and other cyber-threats. These attacks can seek to exploit, among other things, known or unknown vulnerabilities in technology included in our IT infrastructure, solutions and services. While we have undertaken efforts to mitigate these vulnerabilities, they could render our internal systems, products, and solutions and services susceptible to a cyber-attack.
Our products may also contain undetected errors or defects when first introduced or as new versions are released. We have experienced these errors or defects in the past in connection with new products and product upgrades. As our products and customer IT infrastructures become increasingly complex, customers may experience unforeseen errors in implementing our products into their IT environments. We expect that these errors or defects will be found from time to time in new or enhanced products after commencement of commercial shipments. These problems may cause us to incur significant warranty and repair costs, divert the attention of our engineering personnel from our product development efforts and cause significant customer relations problems. We may also be subject to liability claims for damages related to product errors or defects. While we carry insurance policies covering this type of liability, these policies may not provide sufficient protection should a claim be asserted. A material product liability claim may harm our business and results of operations.
Our products must successfully operate with products from other vendors. As a result, when problems occur in a network, it may be difficult to identify the source of the problem. The occurrence of software or hardware problems, whether caused by our products or another vendor’s products, may result in the delay or loss of market acceptance of our products. The occurrence of any of these problems may harm our business and results of operations.
Any errors, defects or vulnerabilities in our products or IT systems could result in:
•expenditures of significant financial and product development resources in efforts to analyze, correct, eliminate, or work-around errors and defects or to address and eliminate vulnerabilities;
•remediation costs, such as liability for stolen assets or information, repairs or system damage;
•increased cybersecurity protection costs which may include systems and technology changes, training, and engagement of third party experts and consultants;
•increased insurance premiums;
•loss of existing or potential customers or channel partners;
•loss of proprietary information leading to lost competitive positioning and lost revenues;
•negative publicity and damage to our reputation;
•delayed or lost revenue;
•delay or failure to attain market acceptance;
•an increase in warranty claims compared with our historical experience, or an increased cost of servicing warranty claims, either of which would adversely affect our gross margins; and
•litigation, regulatory inquiries, or investigations that may be costly and harm our reputation.
We are dependent on various information technology systems, and failures of or interruptions to those systems could harm our business
Many of our business processes depend upon our IT systems, the systems and processes of third parties, and on interfaces with the systems of third parties. For example, our order entry system provides information to the systems of our contract manufacturers, which enables them to build and ship our products. If those systems fail or are interrupted, or if our ability to connect to or interact with one or more networks is interrupted, our processes may function at a diminished level or not at all. This would harm our ability to ship products, and our financial results may be harmed.
In addition, reconfiguring our IT systems or other business processes in response to changing business needs may be time-consuming and costly. To the extent this impacted our ability to react timely to specific market or business opportunities, our financial results may be harmed.
Our failure to adequately protect personal information could have a material adverse effect on our business
A wide variety of local, state, national, and international laws, directives and regulations apply to the collection, use, retention, protection, disclosure, transfer, and other processing of personal data. These data protection and privacy-related laws and regulations continue to evolve and may result in ever-increasing regulatory and public scrutiny and escalating levels of enforcement and sanctions and increased costs of compliance. Certain safe-harbor exemptions upon which the Company relies for data transfers have been challenged and may no longer be available to us in the future. Our failure to comply with applicable laws and regulations, or to protect such data, could result in enforcement action against us, including fines, imprisonment of company officials and public censure, claims for damages by end-customers and other affected individuals, damage to our reputation and loss of goodwill (both in relation to existing end-customers and prospective end-customers), any of which could have a material adverse effect on our operations, financial performance, and business. Changing definitions of personal data and personal information, within the European Union, the United States, and elsewhere, especially relating to classification of IP addresses, machine identification, location data, and other information, may limit or inhibit our ability to operate or expand our business, including limiting strategic partnerships that may involve the sharing of data. The evolving data protection regulatory environment may require significant management attention and financial resources to analyze and modify our IT infrastructure to meet these changing requirements all of which could reduce our operating margins and impact our operating results and financial condition.
Our success depends on our key personnel and our ability to hire, retain and motivate qualified executives, sales and marketing, operations, product development and professional services personnel
Our success depends, in large part, on our ability to attract, engage, retain, and integrate qualified executives and other key employees throughout all areas of our business. In order to attract and retain executives and other key employees in a competitive marketplace, we must provide a competitive compensation package, including cash- and equity-based compensation. If we do not obtain the stockholder approval needed to continue granting equity compensation in a competitive manner, our ability to attract, retain, and motivate executives and key employees could be weakened. Failure to successfully hire executives and key employees or the loss of any executives and key employees could have a significant impact on our operations. We have recently experienced changes in our senior leadership team and we expect to continue to see changes as we build the team that is needed to execute our strategy. Changes in our management team may be disruptive to our business, and any failure to successfully integrate key new hires or promoted employees could adversely affect our business and results of operations. The complexity of our products and their integration into existing networks and ongoing support, as well as the sophistication of our sales and marketing effort, requires us to retain highly trained developers, professional services, customer support and sales personnel. Competition for qualified developers, professional services, customer support and sales personnel in our industry is intense, especially in Silicon Valley and Seattle where we have substantial operations and a need for highly skilled personnel, because of the limited number of people available with the necessary technical skills and understanding of our products. Also, to the extent we hire personnel from competitors, we may be subject to allegations that they have been improperly solicited, that they have divulged proprietary or other confidential information, that they have violated non-compete obligations to their prior employers, or that their former employers own their inventions or other work product. Our ability to hire and retain these personnel may be adversely affected by volatility or reductions in the price of our common stock or our ability to get approval from shareholders to offer additional common stock to our employees, since these employees are generally granted restricted stock units. The loss of services of any of our key personnel, the inability to retain and attract qualified personnel in the future or delays in hiring qualified personnel may harm our business and results of operations. In addition, we recently announced a restructuring to re-align our workforce to match strategic and financial objectives and optimize resources for long term growth, including a reduction in force program impacting a number of employees. This restructuring could lead to increased attrition amongst those employees who were not directly affected by the reduction in force program.
We recently implemented a restructuring program, which we cannot guarantee will achieve its intended result
In the first fiscal quarter of 2020, we completed a restructuring program to match strategic and financial objectives and optimize resources for long term growth. We incur substantial costs to implement restructuring plans, and our restructuring activities may subject us to litigation risks and expenses. Our past restructuring plans do not provide any assurance that additional restructuring plans will not be required or implemented in the future. In addition, our restructuring plans may have other consequences, such as attrition beyond our planned reduction in workforce, a negative effect on employee morale and productivity or our ability to attract highly skilled employees. Our competitors may also use our restructuring plans to seek to gain a competitive advantage over us. As a result, our restructuring plans may affect our revenue and other operating results in the future.
The average selling price of our products may decrease and our costs may increase, which may negatively impact revenues and profits
It is possible that the average selling prices of our products will decrease in the future in response to competitive pricing pressures, increased sales discounts, new product introductions by us or our competitors, as well as the shift to more software consumption based and “as a service based” models, or other factors. Therefore, in order to maintain our profits, we must develop and introduce new products and product enhancements on a timely basis and continually reduce our product costs. Our failure to do so could cause our revenue and profits to decline, which would harm our business and results of operations. In addition, we may experience substantial period-to-period fluctuations in future operating results due to the erosion of our average selling prices.
Our business may be harmed if our contract manufacturers are not able to provide us with adequate supplies of our products or if a single source of hardware assembly is lost or impaired
We outsource the manufacturing of our hardware platforms to third party contract manufacturers who assemble these hardware platforms to our specifications. We have experienced minor delays in shipments from contract manufacturers in the past. However, if we experience major delays in the future or other problems, such as inferior quality and insufficient quantity of product, any one or a combination of these factors may harm our business and results of operations. The inability of our contract manufacturers to provide us with adequate supplies of our products or the loss of one or more of our contract manufacturers may cause a delay in our ability to fulfill orders while we obtain a replacement manufacturer and may harm our business and results of operations. In particular, we currently subcontract manufacturing of our products to a single contract manufacturer with whom we do not have a long-term contract. If our arrangement with this single source of hardware assembly was terminated or otherwise impaired, and we were not able to engage another contract manufacturer in a timely manner, our business, financial condition and results of operation could be adversely affected.
If the demand for our products grows, we will need to increase our raw material and component purchases, contract manufacturing capacity and internal test and quality control functions. Any disruptions in product flow may limit our revenue, may harm our competitive position and may result in additional costs or cancellation of orders by our customers.
Our business could suffer if there are any interruptions or delays in the supply of hardware components from our third-party sources
We currently purchase several hardware components used in the assembly of our products from a number of single or limited sources. Lead times for these components vary significantly and are increasing in light of global shortages of critical components. Global supply chain constraints in the wake of the COVID-19 pandemic continue to decrease our visibility into component availability and lead times. Despite efforts to mitigate the effects of supply chain constraints, the unavailability of suitable components, any interruption or delay in the supply of any of these hardware components or the inability to procure a similar component from alternate sources at acceptable prices within a reasonable time, may delay assembly and our ability to fulfill our sales of our products and, hence, our revenues, and may harm our business and results of operations.
It is difficult to predict our future operating results because we have an unpredictable sales cycle
Our products have a lengthy sales cycle and the timing of our revenue is difficult to predict. Historically, our sales cycle has ranged from approximately two to three months and has tended to lengthen as our products become increasingly complex. Also, as our distribution strategy is focused on a channel model, utilizing value-added resellers, distributors and systems integrators, the level of variability in the length of sales cycle across transactions has increased and made it more difficult to predict the timing of many of our sales transactions. Sales of our products require us to educate potential customers in their use and benefits. Sales of our products are subject to delays from the lengthy internal budgeting, approval and competitive evaluation processes that large enterprises and governmental entities may require. For example, customers frequently begin by evaluating our products on a limited basis and devote time and resources to testing our products before they decide whether or
not to purchase. Customers may also defer orders as a result of anticipated releases of new products or enhancements by our competitors or us. As a result, our products have an unpredictable sales cycle that contributes to the uncertainty of our future operating results.
We may not be able to sustain or develop new distribution relationships, and a reduction or delay in sales to significant distribution partners could hurt our business
We sell our products and services through multiple distribution channels in the United States and internationally, including leading industry distributors, value-added resellers, systems integrators, service providers and other indirect channel partners. We have a limited number of agreements with companies in these channels, and we may not be able to increase our number of distribution relationships or maintain our existing relationships. Recruiting and retaining qualified channel partners and training them in our technologies requires significant time and resources. These channel partners may also market, sell and support products and services that are competitive with ours and may devote more resources to the marketing, sales and support of such competitive products. Our indirect sales channel structure could subject us to lawsuits, potential liability, and reputational harm if, for example, any of our channel partners misrepresent the functionality of our products or services to customers or violate laws or our corporate policies. If we are unable to establish or maintain our indirect sales channels, our business and results of operations will be harmed. In addition, two worldwide distributors of our products accounted for 30.3% of our total net revenue for fiscal year 2021. A substantial reduction or delay in sales of our products to these distribution partners, if not replaced by sales to other indirect channel partners and distributors, could harm our business, operating results and financial condition.
A portion of our revenue is generated by sales to government entities, which are subject to a number of challenges and risks
Sales to U.S. and foreign, federal, state, and local governmental agency end-customers account for a significant portion of our revenues and we may in the future increase sales to government entities. Sales to government entities are subject to a number of risks. Selling to government entities can be highly competitive, expensive, and time consuming, often requiring significant upfront time and expense without any assurance that these efforts will generate a sale. The substantial majority of our sales to date to government entities have been made indirectly through our channel partners. Government certification requirements for products like ours may change, thereby restricting our ability to sell into the federal government sector until we have attained the revised certification. Government demand and payment for our products and services may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our products and services. Government entities may have statutory, contractual or other legal rights to terminate contracts with our distributors and resellers for convenience or due to a default, and any such termination may adversely impact our future operating results. Governments routinely investigate and audit government contractors’ administrative processes, and any unfavorable audit could result in the government refusing to continue buying our products and services, a reduction of revenue or fines or civil or criminal liability if the audit uncovers improper or illegal activities, which could adversely impact our operating results in a material way. Finally, for purchases by the U.S. government, the government may require certain products to be manufactured in the United States and other relatively high cost manufacturing locations, and we may not manufacture all products in locations that meet the requirements of the U.S. government, affecting our ability to sell these products to the U.S. government.
Misuse of our products could harm our reputation
Our products may be misused by end-customers or third parties that obtain access to our products. For example, our products could be used to censor private access to certain information on the Internet. Such use of our products for censorship could result in negative publicity and damage to our reputation. In addition, as many of our products are subject to export control regulations, diversion of our products to restricted third parties by others could result in investigations, penalties, fines, trade restrictions and negative publicity that could damage our reputation and materially impact our business, operating results, and financial condition.
Our quarterly and annual operating results may fluctuate in future periods, which may cause our stock price to fluctuate
Our quarterly and annual operating results have varied significantly in the past and could vary significantly in the future, which makes it difficult for us to predict our future operating results. Our operating results may fluctuate due to a variety of factors, many of which are outside of our control, including the changing and recently volatile U.S. and global economic environment, which may cause our stock price to fluctuate. In particular, we anticipate that the size of customer orders may increase as we continue to focus on larger business accounts. A delay in the recognition of revenue, even from just one account, may have a significant negative impact on our results of operations for a given period. In the past, a majority of our sales have been realized near the end of a quarter. Accordingly, a delay in an anticipated sale past the end of a particular quarter may
negatively impact our results of operations for that quarter, or in some cases, that fiscal year. Additionally, we have exposure to the credit risks of some of our customers and sub-tenants. Although we have programs in place that are designed to monitor and mitigate the associated risk, there can be no assurance that such programs will be effective in reducing our credit risks adequately. We monitor individual payment capability in granting credit arrangements, seek to limit the total credit to amounts we believe our customers can pay and maintain reserves we believe are adequate to cover exposure for potential losses. If there is a deterioration of a sub-tenant’s or a major customer’s creditworthiness or actual defaults are higher than expected, future losses, if incurred, could harm our business and have a material adverse effect on our operating results. Further, our operating results may be below the expectations of securities analysts and investors in future quarters or years. Our failure to meet these expectations will likely harm the market price of our common stock. Such a decline could occur, and has occurred in the past, even when we have met our publicly stated revenue and/or earnings guidance.
Reliance on fulfillment at the end of the quarter could cause our revenue for the applicable period to fall below expected levels
As a result of customer buying patterns and the efforts of our sales force and channel partners to meet or exceed their sales objectives, we have historically received a substantial portion of sales orders and generated a substantial portion of revenue during the last few weeks of each fiscal quarter. In addition, any significant interruption in our information technology systems, which manage critical functions such as order processing, revenue recognition, financial forecasts, inventory and supply chain management, and trade compliance reviews, could result in delayed order fulfillment and decreased revenue for that fiscal quarter. If expected revenue at the end of any fiscal quarter is delayed for any reason, including the failure of anticipated purchase orders to materialize, our third party contract manufacturers’ inability to manufacture and ship products prior to fiscal quarter-end to fulfill purchase orders received near the end of the fiscal quarter, our failure to manage inventory to meet demand, our inability to release new products on schedule, any failure of our systems related to order review and processing, or any delays in shipments based on trade compliance requirements, our revenue for that quarter could fall below our expectations, resulting in a decline in the trading price of our common stock.
Changes in financial accounting standards may cause adverse unexpected revenue fluctuations and affect our reported results of operations
A change in accounting policies can have a significant effect on our reported results and may even affect our reporting of transactions completed before the change is effective. New pronouncements and varying interpretations of existing pronouncements have occurred with frequency and may occur in the future. Changes to existing rules, or changes to the interpretations of existing rules, could lead to changes in our accounting practices, and such changes could adversely affect our reported financial results or the way we conduct our business.
If we are unable to maintain effective internal control over financial reporting, the accuracy and timeliness of our financial reporting may be adversely affected
As a public company, we are required to design and maintain proper and effective internal controls over financial reporting and to report any material weaknesses in such internal controls. Section 404 of the Sarbanes-Oxley Act of 2002 requires that we evaluate and determine the effectiveness of our internal controls over financial reporting and provide a management report on the internal controls over financial reporting, which must be attested to by our independent registered public accounting firm. We have an ongoing program to review the design of our internal controls framework in keeping with changes in business needs, implement necessary changes to our controls design and test the system and process controls necessary to comply with these requirements. If in the future, our internal controls over financial reporting are determined to be not effective resulting in a material weakness, investor perceptions regarding the reliability of our financial statements may be adversely affected which could cause a decline in the market price of our stock and otherwise negatively affect our liquidity and financial condition.
We may have exposure to greater than anticipated tax liabilities
Our provision for income taxes is subject to volatility and could be affected by changes in our business operations, including acquisitions, new offerings, and changes in the jurisdictions in which we operate. The provision for income taxes may also be impacted by changes in stock-based compensation, changes in the research and development tax credit laws, earnings being lower than anticipated in jurisdictions where we have lower statutory rates and being higher than anticipated in jurisdictions where we have higher statutory rates, transfer pricing adjustments, not meeting the terms and conditions of tax holidays or incentives, changes in the valuation of our deferred tax assets and liabilities, changes in actual results versus our estimates, or changes in tax laws, regulations, accounting principles or interpretations thereof, including changes to the tax laws applicable to corporate multinationals. Our results of operations and cash flows could be affected by future guidance implementing the provisions of the Tax Cuts and Jobs Act. In addition, we may be subject to examination of our income tax
returns by the U.S. Internal Revenue Service and other tax authorities. While we regularly assess the likelihood of adverse outcomes from such examinations and the adequacy of our provision for income taxes, there can be no assurance that such provision is sufficient and that a determination by a tax authority will not have an adverse effect on our results of operations and cash flows.
We are subject to governmental export and import controls that could subject us to liability or impair our ability to compete in international markets
Our products are subject to U.S. export controls and may be exported outside the U.S. only with the required level of export license or through an export license exception because we incorporate encryption technology into our products. In addition, various countries regulate the import of certain encryption technology and have enacted laws that could limit our ability to distribute our products or our customers’ ability to implement our products in those countries. Changes in our products or changes in export and import regulations may create delays in the introduction of our products in international markets, prevent our customers with international operations from deploying our products throughout their global systems or, in some cases, prevent the export or import of our products to certain countries altogether. Any change in export or import regulations or related legislation, shift in approach to the enforcement or scope of existing regulations or change in the countries, persons or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential customers with international operations. Any decreased use of our products or limitation on our ability to export or sell our products would likely adversely affect our business, operating results and financial condition.
We may not be able to adequately protect our intellectual property, and our products may infringe on the intellectual property rights of third parties
We rely on a combination of patent, copyright, trademark and trade secret laws, and restrictions on disclosure of confidential and proprietary information to protect our intellectual property rights. Despite our efforts to protect our proprietary rights, unauthorized parties may attempt to copy or otherwise obtain and use our products or technology. Monitoring unauthorized use of our products is difficult, and we cannot be certain that the steps we have taken will prevent misappropriation of our technology, particularly in foreign countries where the laws may not protect our proprietary rights as fully as in the United States.
Our industry is characterized by the existence of a large number of patents and frequent claims and related litigation regarding patent and other intellectual property rights. In the ordinary course of our business, we are involved in disputes and licensing discussions with others regarding their claimed proprietary rights and cannot provide assurance that we will always successfully defend ourselves against such claims and such matters are subject to many uncertainties and outcomes are not predictable with assurance. We expect that infringement claims may increase as the number of products and competitors in our market increases and overlaps occur. Also, as we have gained greater visibility, market exposure and competitive success, we face a higher risk of being the subject of intellectual property infringement claims. If we are found to infringe the proprietary rights of others, or if we otherwise settle such claims, we could be compelled to pay damages or royalties and either obtain a license to those intellectual property rights or alter our products so that they no longer infringe upon such proprietary rights. Any license could be very expensive to obtain or may not be available at all or may require us to make royalty payments which could adversely affect gross margins in future periods. The actual liability in any such matters may be materially different from our estimate, if any, which could result in the need to adjust the liability and record additional expenses. Similarly, changing our products or processes to avoid infringing upon the rights of others may be costly or impractical. In addition, we have initiated, and may in the future initiate, claims or litigation against third parties for infringement of our proprietary rights, or to determine the scope and validity of our proprietary rights or those of our competitors. Any of these claims, whether claims that we are infringing the proprietary rights of others, or vice versa, with or without merit, may be time-consuming, result in costly litigation and diversion of technical and management personnel or require us to cease using infringing technology, develop non-infringing technology or enter into royalty or licensing agreements. Further, our license agreements typically require us to indemnify our customers, distributors and resellers for infringement actions related to our technology, which could cause us to become involved in infringement claims made against our customers, distributors or resellers. Any of the above-described circumstances relating to intellectual property rights disputes could result in our business and results of operations being harmed.
We incorporate open source software into our products. Although we monitor our use of open source closely, the terms of many open source licenses have not been interpreted by U.S. courts, and there is a risk that such licenses could be construed in a manner that could impose unanticipated conditions or restrictions on our ability to commercialize our products. We could also be subject to similar conditions or restrictions should there be any changes in the licensing terms of the open source software incorporated into our products. In either event, we could be required to seek licenses from third parties in order to continue offering our products, to re-engineer our products or to discontinue the sale of our products in the event re-engineering cannot
be accomplished on a timely or successful basis, any of which could adversely affect our business, operating results and financial condition.
Many of our products include intellectual property licensed from third parties. In the future, it may be necessary to renew licenses for third party intellectual property or obtain new licenses for other technology. These third party licenses may not be available to us on acceptable terms, if at all. The inability to obtain certain licenses, or litigation regarding the interpretation or enforcement of license rights and related intellectual property issues, could have a material adverse effect on our business, operating results and financial condition. Furthermore, we license some third party intellectual property on a non-exclusive basis and this may limit our ability to protect our intellectual property rights in our products.
Our operating results are exposed to risks associated with international commerce
As our international sales increase, our operating results become more exposed to international operating risks. Additionally, our international sales and operations are subject to a number of risks, including the following:
•greater difficulty in enforcing contracts and accounts receivable collection and longer collection periods;
•the uncertainty of protection for intellectual property rights in some countries;
•greater risk of unexpected changes in regulatory practices, tariffs, and tax laws and treaties;
•risks associated with trade restrictions and foreign legal requirements, including the importation, certification, and localization of our products required in foreign countries;
•greater risk of a failure of foreign employees, partners, distributors, and resellers to comply with both U.S. and foreign laws, including antitrust regulations, the U.S. Foreign Corrupt Practices Act, and any trade regulations ensuring fair trade practices;
•heightened risk of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of, or irregularities in, financial statements;
•increased expenses incurred in establishing and maintaining office space and equipment for our international operations;
•greater difficulty in recruiting local experienced personnel, and the costs and expenses associated with such activities;
•management communication and integration problems resulting from cultural and geographic dispersion;
•fluctuations in exchange rates between the U.S. dollar and foreign currencies in markets where we do business;
•economic uncertainty around the world, including continued economic uncertainty as a result of sovereign debt issues in Europe; and
•general economic and political conditions in these foreign markets.
In addition, on January 31, 2020, the United Kingdom withdrew from the European Union (commonly referred to as Brexit). Brexit could lead to economic and legal uncertainty, including volatility in global stock markets and currency exchange rates, and increasingly divergent laws, regulations, and licensing requirements. Any of these effects of Brexit, among others, could adversely affect our operations and financial results.
We must hire and train experienced personnel to staff and manage our foreign operations. To the extent that we experience difficulties in recruiting, training, managing, and retaining an international staff, and specifically staff related to sales management and sales personnel, we may experience difficulties in sales productivity in foreign markets. We also enter into strategic distributor and reseller relationships with companies in certain international markets where we do not have a local presence. If we are not able to maintain successful strategic distributor relationships internationally or recruit additional companies to enter into strategic distributor relationships, our future success in these international markets could be limited. Business practices in the international markets that we serve may differ from those in the United States and may require us in the future to include terms other than our standard terms in customer contracts. We intend to continue expanding into international markets. Sales outside of the Americas represented 44.0% and 44.0% of our net revenues for the fiscal years ended September 30, 2021 and 2020, respectively.
These factors and other factors could harm our ability to gain future international revenues and, consequently, materially impact our business, operating results, and financial condition. The expansion of our existing international operations and entry into additional international markets will require significant management attention and financial resources. Our failure to successfully manage our international operations and the associated risks effectively could limit the future growth of our business.
We are exposed to fluctuations in currency exchange rates, which could negatively affect our financial condition and results of operations
Our sales contracts are denominated in U.S. dollars, and therefore, substantially all of our revenue is not subject to foreign currency risk. However, a strengthening of the U.S. dollar could increase the real cost of our solutions to our end customers outside of the United States, which could adversely affect our financial condition and operating results. In addition, an increasing portion of our operating expenses is incurred outside the United States, is denominated in foreign currencies, and is subject to fluctuations due to changes in foreign currency exchange rates. If we become more exposed to currency fluctuations and are not able to successfully hedge against the risks associated with currency fluctuations, our operating results could be adversely affected. To date, we have not entered into any hedging arrangements with respect to foreign currency risk or other derivative instruments.
Changes in governmental regulations could negatively affect our revenues
Many of our products are subject to various regulations promulgated by the United States and various foreign governments including, but not limited to, environmental regulations and regulations implementing export license requirements and restrictions on the import or export of some technologies, especially encryption technology. Changes in governmental regulation and our inability or failure to obtain required approvals, permits or registrations could harm our international and domestic sales and adversely affect our revenues, business and operations.
New regulations related to conflict minerals may force us to incur additional expenses and could limit the supply and increase the costs of certain metals and minerals used in the manufacturing of our products
In August 2012, the SEC adopted new requirements under the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (or the Dodd-Frank Act) for companies that use certain minerals and derivative metals (referred to as conflict minerals, regardless of their country of origin) in their products, whether or not these products are manufactured by third parties. The Dodd-Frank Act requires companies to perform due diligence and disclose whether or not such minerals originate from the Democratic Republic of Congo or adjoining countries. We filed a report on Form SD with the SEC regarding such matters on May 27, 2021. These requirements could adversely affect the sourcing, availability and pricing of minerals or metals used in the manufacture of our products and the numerous components that go into our products all of which could adversely affect our business, financial condition, and operating results. In addition, we will incur additional costs to comply with the disclosure requirements, including costs related to determining the source of any relevant minerals and metals used in our products. We have a complex supply chain and many components are sourced through our contract manufacturer and we may not be able to sufficiently verify the origins for these minerals and metals used in our products through the due diligence procedures that we implement. As a result, we may face reputational challenges with our customers and other stakeholders and possible regulatory risk.
We face litigation risks
We are a party to lawsuits in the normal course of our business. Litigation in general, and intellectual property and securities litigation in particular, can be expensive, lengthy and disruptive to normal business operations. Moreover, the results of complex legal proceedings are difficult to predict. Responding to lawsuits has been, and will likely continue to be, expensive and time-consuming for us. An unfavorable resolution of these lawsuits could adversely affect our business, results of operations or financial condition.
Acquisitions present many risks and we may not realize the financial and strategic goals that are contemplated at the time of the transaction
With respect to our past acquisitions, as well as any other future acquisitions we may undertake, we may find that the acquired businesses, products or technologies do not further our business strategy as expected, that we paid more than what the assets are later worth or that economic conditions change, all of which may generate future impairment charges. Our acquisitions may be viewed negatively by customers, financial markets or investors. There may be difficulty integrating the operations and personnel of the acquired business, and we may have difficulty retaining the key personnel of the acquired business. We may have difficulty in integrating the acquired technologies or products with our existing product lines. Our ongoing business and management’s attention may be disrupted or diverted by transition or integration issues and the complexity of managing geographically and culturally diverse locations. We may have difficulty maintaining uniform standards, controls, procedures and policies across locations. We may experience significant problems or liabilities associated with product quality, technology and other matters.
Our inability to successfully operate and integrate newly-acquired businesses appropriately, effectively and in a timely manner, or to retain key personnel of any acquired business, could have a material adverse effect on our ability to take
advantage of further growth in demand for integrated traffic management and security solutions and other advances in technology, as well as on our revenues, gross margins and expenses.
Anti-takeover provisions could make it more difficult for a third party to acquire us
Our Board of Directors has the authority to issue up to 10,000,000 shares of preferred stock and to determine the price, rights, preferences, privileges and restrictions, including voting rights, of those shares without any further vote or action by the shareholders. The rights of the holders of common stock may be subject to, and may be adversely affected by, the rights of the holders of any preferred stock that may be issued in the future. The issuance of preferred stock may have the effect of delaying, deferring or preventing a change of control of our company without further action by our shareholders and may adversely affect the voting and other rights of the holders of common stock. Further, certain provisions of our bylaws, including a provision limiting the ability of shareholders to raise matters at a meeting of shareholders without giving advance notice, may have the effect of delaying or preventing changes in control or management of our company, which could have an adverse effect on the market price of our common stock. Similarly, state anti-takeover laws in the State of Washington related to corporate takeovers may prevent or delay a change of control of our company.
Our stock price could be volatile, particularly during times of economic uncertainty and volatility in domestic and international stock markets
Our stock price has been volatile and has fluctuated significantly in the past. The trading price of our stock is likely to continue to be volatile and subject to fluctuations in the future. Some of the factors that could significantly affect the market price of our stock include:
•Actual or anticipated variations in operating and financial results;
•Analyst reports or recommendations;
•Rumors, announcements or press articles regarding our competitors’ operations, management, organization, financial condition or financial statements; and
•Other events or factors, many of which are beyond our control.
The stock market in general and the market for technology companies in particular, have experienced extreme price and volume fluctuations. These fluctuations have often been unrelated or disproportionate to operating performance. The fluctuations may continue in the future and this could significantly impact the value of our stock and your investment.
If securities or industry analysts publish inaccurate or unfavorable research about our business, or discontinue publishing research about our business, the price and trading volume of our securities could decline
The trading market for our common stock is influenced by the research and reports that industry or securities analysts publish about us, our business, our market or our competitors. If one or more of the analysts who cover us downgrade our common stock or publish inaccurate or unfavorable research about our business, the price of our securities would likely decline. If one or more of these analysts cease coverage of us or fail to publish reports on us regularly, demand for our securities could decrease, which might cause the price and trading volume of our securities to decline.
We face risks associated with having operations and employees located in Israel
We have offices and employees located in Israel. As a result, political, economic, and military conditions in Israel directly affect our operations. The future of peace efforts between Israel and its Arab neighbors remains uncertain. There has been a significant increase in hostilities and political unrest in Israel in the past year. The effects of these hostilities and violence on the Israeli economy and our operations in Israel are unclear, and we cannot predict the effect on us of further increases in these hostilities or future armed conflict, political instability or violence in the region. In addition, many of our employees in Israel are obligated to perform annual reserve duty in the Israeli military and are subject to being called for active duty under emergency circumstances. We cannot predict the full impact of these conditions on us in the future, particularly if emergency circumstances or an escalation in the political situation occurs. If many of our employees in Israel are called for active duty for a significant period of time, our operations and our business could be disrupted and may not be able to function at full capacity. Current or future tensions and conflicts in the Middle East could adversely affect our business, operating results, financial condition and cash flows.
Our business is subject to the risks of earthquakes, fire, power outages, floods, and other catastrophic events, and to interruption by man-made problems such as terrorism
A significant natural disaster, such as an earthquake, a fire, a flood, or a significant power outage could have a material adverse impact on our business, operating results, and financial condition. We have an administrative and product development office and a third party contract manufacturer located in the San Francisco Bay Area, a region known for seismic activity. In addition, natural disasters could affect our supply chain, manufacturing vendors, or logistics providers’ ability to provide materials and perform services such as manufacturing products or assisting with shipments on a timely basis. In the event our or our service providers’ information technology systems or manufacturing or logistics abilities are hindered by any of the events discussed above, shipments could be delayed, resulting in missed financial targets, such as revenue and shipment targets, for a particular quarter. In addition, cyber-attacks, acts of terrorism, or other geo-political unrest could cause disruptions in our business or the business of our supply chain, manufacturers, logistics providers, partners, or end-customers or the economy as a whole. Any disruption in the business of our supply chain, manufacturers, logistics providers, partners or end-customers that impacts sales at the end of a fiscal quarter could have a significant adverse impact on our quarterly results. All of the aforementioned risks may be further increased if the disaster recovery plans for us and our suppliers prove to be inadequate. To the extent that any of the above should result in delays or cancellations of customer orders, or the delay in the manufacture, deployment or shipment of our products, our business, financial condition and operating results would be adversely affected.
Climate change may have an impact on our business
Risks related to climate change are increasing in both impact and type of risk. We believe there will not be significant near-term impacts to our offices worldwide due to climate change, but long-term impacts remain unknown. However, there may be business operational risk due to the significant impacts climate change could pose to our employees’ lives, our supply chain, or electrical power availability from climate-related weather events. In addition, rapidly changing customer and regulatory requirements to reduce carbon emissions present a risk of loss of business if we are not able to meet those requirements.
The effects of a pandemic or widespread health epidemic such as the coronavirus outbreak could have a material adverse effect on our business and results of operations
The COVID-19 pandemic has disrupted the U.S. and global economies and put unprecedented strain on governments, healthcare systems, educational institutions, businesses, and individuals around the world, the impact and duration of which is difficult to assess or predict. It is especially difficult to predict the impact on the global economic markets, which have been and will continue to be highly dependent upon the actions of governments, businesses, and other enterprises in response to the pandemic, as well as the effectiveness of those actions.
While our analysis shows COVID-19 did not have a significant impact on our results of operations for the fiscal year ended September 30, 2021, the impacts of the global pandemic on our business and financial outlook are currently unknown. Areas that may or may not be adversely disrupted or impacted by the COVID-19 pandemic include, but are not limited to: customer demand for our products and services, reductions in customer spend, delayed or the inability to collect from our customers, disruptions to our supply chain that could result in delays, shortages or increased costs of our products, disruptions to our operations in servicing our customers as a result of working remotely or business location closures, which all may adversely impact our business, results of operations and overall financial performance in future periods.
In addition to other risks listed in this “Risk Factors” section, factors that may affect our operating results include, but are not limited to:
•fluctuations in demand for our products and services due to changing market conditions, pricing conditions, technology evolution, seasonality, or other changes in the global economic environment;
•changes or fluctuations in sales and implementation cycles for our products and services;
•changes in the mix of our products and services, including increases in subscription-based offerings;
•changes in the growth rate of the application delivery market;
•reduced visibility into our customers’ spending and implementation plans;
•reductions in customers’ budgets for data center and other IT purchases or delays in these purchases;
•changes in end-user customer attach rates and renewal rates for our services;
•fluctuations in our gross margins, including the factors described herein, which may contribute to such fluctuations;
•our ability to control costs, including operating expenses, the costs of hardware and software components, and other manufacturing costs;
•our ability to develop, introduce and gain market acceptance of new products, technologies and services, and our success in new and evolving markets;
•any significant changes in the competitive environment, including the entry of new competitors or the substantial discounting of products or services;
•the timing and execution of product transitions or new product introductions, and related inventory costs;
•variations in sales channels, product costs, or mix of products sold;
•our ability to establish and manage our distribution channels, and the effectiveness of any changes we make to our distribution model;
•the ability of our contract manufacturers and suppliers to provide component parts, hardware platforms and other products in a timely manner;
•benefits anticipated from our investments in sales, marketing, product development, manufacturing or other activities;
•impacts on our overall tax rate caused by any reorganization in our corporate structure;
•changes in tax laws or regulations, or other accounting rules; and
•general economic conditions, both domestically and in our foreign markets.
Item 1B.Unresolved Staff Comments
We lease our principal administrative, sales, marketing, research and development facilities, which are located in Seattle, Washington and consist of approximately 515,000 square feet. In May 2017, we entered into a lease agreement for the building in Seattle, Washington that now serves as our corporate headquarters. This lease will expire in 2033 with an option for renewal.
We believe that our existing properties are in good condition and suitable for the conduct of our business. We also lease additional office space for product development and sales and support personnel in the United States and internationally. We believe that our future growth can be accommodated by our current facilities or by leasing additional space if necessary.
Item 3.Legal Proceedings
See Note 13 - Commitments and Contingencies of the Notes to Financial Statements (Part II, Item 8 of this Form 10-K) for information regarding legal proceedings in which we are involved.
Item 4.Mine Safety Disclosures