Thank you, Karen. Hello everyone. I know Walter Pritchard, you are listening in. Enjoy your last earnings call from the other side.
Next quarter, Walter will join us at this end as our new Senior Vice President of Investor Relations and M&A Finance.
Moving onto the quarter.
Let me start with SolarStorm which many of you are describing as one of the most serious and sophisticated cyber attacks in history. The SolarStorm attacked highlighted that enterprises need a comprehensive up to date map of their full IT infrastructure environment, including understanding their own networks as well as external attack services and supply chains. In order for security teams to have an edge over the adversaries, they need to embrace next generation technologies that leverage AI, machine learning and automation. To help our customers, we set rapid response program and when I say rapid it was rapid.
Our acquisitions of Expanse and Crypsis almost felt pre-assigned. The teams swung into action. We updated XDR for all the new threat vectors. We offered free assessments from our Crypsis team.
We also evaluated the attack surfaces from the outside in for Expanse and discovered that there were dozens of affected customers including major government agencies and large companies. Many of which were actively communicating a Solarstorm malware commenting to full infrastructure.
So far we’ve received over 1,000 assessment requests and have completed over 500. We believe that the SolarStorm attacked raises the mid and long-term criticality of the cyber security industry as a whole. This resulted more awareness and focus of cyber security which an in all candor is the need of the hour, given the complete reliance of technology in these times.
We expect that this attack will be a wakeup call to all enterprises to modernize cyber security and will serve as a net incremental tailwind not just for us but also for the industry.
Before I turn to our fiscal Q2 2021 results, I have an admission to make. Perhaps I was too cautious to the outset of the pandemic. The current sustained performance, resilience of our teams and execution has been turning more optimistic. We had a great second quarter with strong business momentum as the organization executed across all platforms and strategies.
As a result, we beat Q2 guidance and consensus.
Here are some highlights. We delivered billings of $1.2 billion, up 22% year-over-year with strong growth across the board.
Let me give you some additional context. Due to COVID, we have provided billing plans to a select number of impacted customers. When adjusting for these billings within the reported 22% year-over-year growth. This trend has been in place and has been growing over the last few quarters. Consequently, our revenue growth is higher than billings growth and accelerated to 25% reaching $1 billion for the first time ever. Yes, our first billion dollar revenue quarter with accelerating revenue growth. The strength has been across the board. And as we continue down the path of more and more of a subscription-based model, the revenue predictability will continue to rise. Non-GAAP EPS was $1.55, up $0.36 from last year. EPS expansion was driven by revenue growth and operating expense leverage.
While there continues to be beneficial impacts due to lower travel due to COVID, we do continue to hire resources to support our product expansion, which we expect to continue. Free cash flow margin for the quarter was 32.7% and in the first half of fiscal year 2021, we generated $838 million of free cash at a margin of 42.7%. We still expect free cash flow to normalize for the year around our full year guidance due to some seasonality we see in the second half. Last quarter, we started the dialogue around network security in cloud and AI and shared the P&L for both businesses. We received great feedback on the additional transparency and we want to continue to drive more transparency to unlock shareholder value.
Let’s first take a deep dive into the Network Security business which we are calling NetSec.
Our NetSec business is undergoing a transformation towards software and SaaS making it more predictable and sustainable. Starting with our hardware firewall business and associated services, rather than building solutions only as hardware we’ve chosen to offer security services software subscriptions.
Over the last two years, we have doubled our security subscriptions from four to eight with the introduction of DNS, SDRAM, IoT and DLP.
We are seeing great progress with DNS, which has acquired nearly 5,000 customers since launch. The new subscriptions, along with the introduction of higher tier support, Platinum support has allowed us to increase our next-generation firewall support and security subscription revenue as a percentage of next-generation firewall hardware revenue over the last year.
As you can see, we have sustained a 15% CAGR in hardware, subs and support and our hardware contribution has gone from 39% to 29% in that time. To continue drive software growth, we have made these subscriptions available across all form factors, firewall FLEX and Prisma access 2.0. We just recently completed the process of making it available on our product Prisma access 2.0 which is our firewall in the cloud.
Turning to our software firewalls, we continue to see a transformation in software form factors.
With the introduction of advanced features, cloud-native integrations of the development of industries first containerized next-generation firewall, we continue to see product market share.
As a result, VM and CN-Series goal was 60% in this first half of FY 2021. We recently launched Firewall FLEX, another industry first, the unique approach in how we offer virtual firewalls in CM Series to increase customer flexibility and enable a consumption model to drive additional growth. This new flexible consumption model features credit-based licensing that lets you consume VM and CN-Series firewalls, choose the number of CPUs needed and add any or all of our eight security subscriptions which was previously limited to five. We believe that by providing data flexibility to our customers, we will continue to drive growth and achieve greater subscription attach rates. To highlight how our software firewalls are transforming, how our customers approach security, we closed a deal with a leading telecommunications company to secure their 5G network. The transition to 5G is driving a number of very important architectural changes, including a highly distributed design, containers as a foundation and security for enterprise customers as a critical business driver.
We are first to deliver enterprise and service provider class 5G in container security. In doing so, we empower our customers to provide a secure 5G service to their customers and provide managed security offerings to their enterprise and customers.
Now let’s talk about Prisma Access. When COVID dramatically changed how work gets done, the companies across industries around the world, the need for securing a remote workforce have also changed. No longer is it sufficient to have partial access to applications, or what are sometimes called good enough security. Overnight, connectivity to every application was needed, security became business critical, and user experience determines the difference between maintaining productivity are falling behind. Even before COVID accelerated this change, we were already working on turning Prisma Access into an industry-leading solution for enabling a secured remote workforce. What initially started is a GlobalProtect Cloud Service, started to transform in 2019 with the launch of Prisma Access. In the last year-and-a-half, we built out industry-leading capabilities and in that timeframe, Prisma Access has gone from less than 150 customers to now nearly 1,000 customers and 30% of the Fortune 100. Last week, we announced Prisma Access 2.0. The biggest update since introducing this service. Prisma Access is a full security platform for the cloud, a machine learning based security, preventing all known threats in line at line speed, a full firewall delivered to the service and includes features like zero trust network access, secure web gateway, CASB, DLP and IoT security. Prisma Access secures both web and non-web apps.
As an example, conventional web security approach to cloud delivered security misses 53% of all remote workforce threats that tried over non-web apps. Those threats cannot be ignored and unlike ultimate solutions to the market we proven that with Prisma Access.
We have completely reimagined the way customers manage Prisma Access with an entirely new cloud-based UI that delivers better security outcomes for builder security assessments. The new digital experience management add-on provides native end-to-end visibility and insights for SASE and the ability to self field when digital experiences problems occur. Prisma Access is built on a low latency and highly scalable infrastructure with Google Cloud as backbone.
Lastly, Prisma Access, along with the Prisma SD-WAN, our rebranded product from CloudGenix delivers a complete SASE offering.
With the recent addition of CloudBlades, we now have a SASE platform which allows for an API platform for seamless third-party service integration. Prisma Access securely enables access to all applications, best-in-class security to meet enterprise security needs without compromise and enables a new experience that maintains or even improves worker productivity. In Q2, we closed an eight figure deal with a leading technology company with over 100,000 employees with businesses over 100 countries, as part of the digital transformation, the company would launch a new remote work initiative. In order to realize their vision, they need a secure and optimized network that will support a flexible remote work environment, Palo Alto Networks was ultimately chosen ahead of several of our security peers as the customers saw us as the only vendor that was offering a true SASE solution. Ultimately, Prisma Access was a key product given their goal to rapidly enable remote work, but the customer also purchased next-generation firewalls, CN-Series Firewalls, enhance their store capabilities through Cortex XDR and XSOAR. This was definitely across platform deals we caught up and we look forward to a great partnership with the customer going forward.
Lastly, several of you have asked in the past about a software transition in the associated knowledge.
While the first phase of VM and Prisma Access purchases have mostly been incremental use cases, we put together a few key examples on what we see in the market, what a customer does choose to replace a hardware-based security solution with software and SaaS.
Our used cases are VMs replace hardware firewalls, like this example of a local retail store running software firewalls and third-party hardware, along with other software applications, we estimate that the five year revenue over the VM series deal is roughly equal to that of deals at place in separate physical firewall.
For used cases, our Prisma Access replaces hardware firewalls. We took a typical branch office used case and estimated the five year revenue of a Prisma Access deal is two-times larger than a next-generation firewall deal. From a customer perspective, we estimate that the customers’ total cost of ownership is generally reduced as they move to a virtual and cloud delivered form factors.
As you know, Prisma Access is only year old.
So our gross margins aren’t as favorable as hardware, but we expect them to improve over time.
Now moving over, and looking at our Cloud & AI results. We started this call by discussing Solarstorm, but didn’t talk about our own experience with an attempted Solarstorm attack. Back in December, we shared with the broader security community that Cortex XDR instantly blocked a Solarstorm attempt on Palo’s networks, thanks to its behavioral threat protection capability.
We continue to be bullish around the rapid pace of innovation that is going into our Cortex XDR product.
In fact, Cortex XDR was recently recognized by AV-Comparatives as a strategic leader in their latest endpoint prevention and response evaluation while still delivering lower total cost of ownership than several endpoint security peers.
Importantly, last month, Cortex XDR and Data Lake achieved FedRAMP modernization, which should make it a key piece of technology in the Federal space.
As further validation of our vision, we see more and more players in the endpoint security space rushing to jump on the XDR route that we have established two years ago. Overall, we continue to see the Cortex portfolio developing as an industry’s first proactive security platform and they see penetration into the largest companies continue to grow. 35% of the Global 2000 and 66% of the Fortune 100 are now Cortex customers indicating that automation advanced threat protection are top of mind for these customers. In Q2, we closed a deal with a retailer, the company chose Cortex XDR to increase its ability to control and protection of the endpoints by adopting a more complete solution with XDR rather than using ADR. With Cortex XDR support for mobile, the customers are also able to easily extend Cortex XDR to additional devices leveraged on-site at their stores to unify the endpoint security policy across the entire enterprise. We then expanded the conversation to adjust SOX operational challenges by demonstrating how Cortex explores out of the box pre-processing rules and alert de-duping could reduce volumes dramatically.
With the combination of announcements ability, production in total, with an entire endpoint state coupled with automating and orchestrating alert volume, the Cortex platform will have an immediate impact from its new customers. Switching to Prisma Cloud. Prisma Cloud is building the most comprehensive and best-of-breed cloud-native security platform and we continue to see strong customer interest. Prisma Cloud has now acquired over 2,000 customers with 74% of Fortune 100 and secures 2.5 billion cloud released workloads.
We also continue to see an increase of Prisma Cloud customers while using both cloud security posture management and cloud workload protection for containers and servers with applications now at 50%.
Additionally, last month, Prisma Cloud also achieved FedRAMP modernization, along with Cortex XDR and Data Lake as we said. This allows U.S. government customers to leverage our visibility compliance and governance capabilities for securing multi-cloud and gov cloud deployments.
Lastly, I’d like to highlight as a largest Prisma Cloud deal that we’ve ever closed. An eight figure deal with a leading SaaS company. Like many in the industry, they are moving from a private cloud environment to the public cloud.
As part of this shift, they are moving to a containerized application architecture. The customer had unique scalability, availability and vulnerability requirements for securing their containers across AWS, GCP and Azure clouds. The maturity, the superior vulnerability detection of the container security capabilities and the scalability of run time protection of Prisma Cloud help convince the customer to choose Prisma Cloud as their container security platform of choice. Last week, we announced our intent to acquire Bridgecrew, an early pioneer of security for the developer community.
So, next the challenge we are taking on in cloud security is what is known as shiftless security. Developers are playing an increasingly important role in cloud security, both in terms of what products are used and how they are operationalized. Today, a single error in development can be replicated hundreds of times over resulting in 1,000 security list to be faced. This drags down productivity and increases the likelihood of security issues and production application. These issues upfront where they are easy and quick to shape is a win for developers and a win for security. Bridge could recognize a need for shiftless security and pioneering approach the infrastructure scored designed for developers. To engage the developer community, they released an open source product called Checkout that was downloaded over million times in the last year and a paid for product gaining early traction. When we bring network security and cloud together, we see tremendous synergies to power platform of the partners.
We are looking at our Global 2000 customers, we see that these customers are increasingly adopting Strata, Prisma and Cortex. 68% of our Global 2000 customers have purchased more than one platform, up from 62% a year ago and 56% two years ago.
Given the momentum that we are seeing, we are raising guidance for the full fiscal year.
For fiscal 2021, and at the midpoint of guide, we expect total revenue growth of 22%, up 200 basis points from our prior guide. Total billings was at 20%, up 100 basis points from our prior guide, slightly lower than our revenue impact of billings plans as we discussed earlier.
We continue to expect next-generation security ARR at $1.15 billion, up 77% year-over-year. Product revenue is flat year-over-year, unchanged from our prior guidance.
Lastly, non-GAAP operating margin of 50 basis points and adjusted free cash flow of 29%, unchanged from our prior guidance as we continue to invest to capture the opportunities in market.
Now let’s review our fiscal year projections for NetSec and ClaiSec. Overall, we are confirming our ClaiSec projection, while raising NetSec billings by 100 basis points and revenue by 200 basis points given the strong performance of SASE and CN-Series.
Moving on to adjusted free cash flows, we expect Network Security will deliver a free cash flow margin of 41% in FY 2021, up from 38% in FY 2020.
We expect Cloud and AI free cash flow margin of negative 43% in FY 2021 and improve from negative – improvement from negative 59% in 2020.
As mentioned last quarter, for the next few years, we expect Cloud and AI to achieve gross operating and free cash flow margins in line with industry benchmarks as we gain scale and our customer base matures and becomes more efficient.
As you can see, we have been able to dig deeper on our resources further with our business areas of ClaiSec and NetSec. And as I noted earlier, there are committed set of tremendous synergies in the power of the path forward for Palo Alto Networks. At the same time, we’ve also been increasing our focus on our software transformation and hardware firewalls while building new cloud and AI business. To continue this transformation and strengthen our financial profile, we feel that we can create more focus by aligning the teams in our NetSec and ClaiSec.
So we are officially going from three speed both at aligning our efforts around these two business areas with six focused efforts as we force into our next fiscal year.
Next, we are focused on transformation from hardware to software and delivering a best-of-breed hardware solution as required.
As you saw, this transformation is actually financially neutral to net positive for us and always beneficial to our customers. The speed – firewalls, including virtual firewalls, SASE, and our growing security subscriptions. ClaiSec, the business area where we drive cloud security and our Cortex efforts have proven that with focus and an opportunistic, organic and inorganic strategy, we can create an industry leading self solution for cloud security and solutions like XSOAR and XDR and AI and ML.
Here we need continued investments for us to drive customer scale and for us to continue to invest in both continued product development and customer launch.
We will do so by continuing our focus on Cortex, Prisma Cloud and Palo Alto Networks incident response services. The newly formed team combining Crypsis and Unit 42 which Wendi Whitmore has joined to help lead.
We are also excited to announce that with the Board’s consent, we have finalized in the filing needed for an equity structure for the ClaiSec business.
Our goal is to make sure that the value of the ClaiSec business is more transparent.
In addition, the Board has approved the development of a vehicle from voice to invest in such ClaiSec equity, strengthening the alignment of shareholders and the interest of employees regarding success of our ClaiSec business.
Lastly, I am also proud to say that Palo Alto Networks recently made a commitment to address climate change.
As Luis will go over in more detail around how we will be carbon neutral by 2030. With that, let me turn the call over to Luis.