Check Point Software Technologies Ltd. (CHKP) Q1 2016 Earnings Call Transcript
Published at 2016-04-20 17:00:00
Greetings, and welcome to the Check Point Software Technologies First Quarter 2016 Financial Results. [Operator Instructions] As a reminder, this conference is being recorded. I would now like to turn the conference over to your host, Kip E. Meintzer, Head of Global Investor Relations for Check Point Software Technologies. Thank you. Mr. Meintzer, you may now begin.
Thank you. I’d like to thank all of you joining us today to discuss Check Point's 2016 first quarter financial results. Joining me on the call today from the French Riviera are Gil Shwed, Founder and CEO, along with our CFO and COO, Tal Payne. As a reminder, this call is webcast live on our website and is recorded for replay. To access the live webcast and replay information, please visit the company's website at checkpoint.com. For your convenience, the conference call replay will be available through April 27. If you would like to reach us after the call, please contact Investor Relations by email at kip@checkpoint.com, or by phone at +1-650-628-2040. Before we begin with management's presentation, I'd like to highlight the following. During the course of this presentation, Check Point representatives may make certain forward-looking statements. These forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities and Exchange Act of 1934 include, but are not limited to, statements related to Check Point's expectations regarding business, financial performance, customers and products, including its expectations for product introductions and enhancements; our expectations regarding the introduction of new products, programs and success for those products and programs; our intention to broaden our cyber security program and expand into additional markets; our expectations regarding demand for our solutions; our expectations regarding the results from expanded investments in our business; and our expectations regarding our business and financial outlook, including our guidance for Q2 2016 and full-year 2016. Because these statements pertain to future events, they are subject to various risks and uncertainties. Actual results could differ materially from Check Point's current expectations and beliefs. Factors that could cause or contribute to such differences are contained in Check Point's earnings release issued on April 20, 2016, which is available on our website, in Other Factors and Risks, including those discussed in Check Point's annual report on Form 20-F for the year ended December 31, 2014, which is on file with the Securities and Exchange Commission. Check Point assumes no obligation to update information concerning its expectations or beliefs, except as required by law. In our press release, which has been posted on our website, we present GAAP and non-GAAP results, along with a reconciliation of such results, as well as the reasons for our presentation of non-GAAP information. With that, I'd like to turn the call over to Tal Payne for a review of the financial results.
Thank you, Kip. Good morning and good afternoon to everyone joining us on the call today. I'm pleased to begin the review of the first quarter. Revenues for the quarter increased by 9% year over year, while non-GAAP EPS grew 11% to $1.06, exceeding the top end of our guidance. Before I proceed further into the numbers, let me remind you that our 2016 first quarter GAAP financial results includes stock-based compensation charges, amortization of acquired intangible assets and acquisitions-related expenses, and the related tax effects. Keep in mind that non-GAAP information is presented excluding these items. Now let's take a look at the financial highlights for the quarter. Our revenues reached $404 million, an increase of 9% compared to the first quarter of 2015. Total revenues from products and software blades grew by 12% year over year. This quarter, we launched our new data center in high-end appliances, the 15000 and 23000 families. The new appliances penetrated very quickly and showed healthy growth. We continued to experience great success with our software blades, which grew by 19%. The growth was led by our next generation threat prevention and next generation threat extraction packages. Specifically, we had great success with our advanced threat prevention blades, including threat emulation blade, anti-bot application control, and so on. During the quarter and yesterday, we announced the release of Check Point’s 1400, 3000, 5000, 15000, and 23000 series of appliances. These new threat prevention optimized appliances give organization of any size from small business to the largest data center deployments the power to run advanced threat prevention capabilities such as inspection of encrypted data without compromising performance. The new appliances are bundled with next generation threat prevention package as a default. We have seen already the great potential software blade has to enhance customer security and as a result increase the renewed subscription the year after. Software blades reached already 22% of our total revenues in the first quarter of 2016. As you know, according to accounting rules, the fair value of software blades is separated from the appliance price, deferred and recognized over the service period, typically a year. Every new bundled package includes more blades than before. The fair value allocated to it is expected to increase and shift between $5 million to $10 million from product revenues to software blades. Our software update and maintenance revenues reached $193 million, representing 5% growth year over year. Deferred revenues as of March 31, 2016 reached $883 million, an increase of $111 million or 14% over March 31, 2015. The revenue growth was across all regions during the quarter. Revenue distribution by geographies for the quarter was as follows: 50% of revenues came from the Americas; 35% of revenues came from Europe; and the remaining 15% came from Asia Pacific, Japan, Middle East, and Africa region. From a deal size perspective, the number of customers with transaction over $1 million reached to 43 customers this quarter, the same as last year. Transactions greater than $50,000 accounted for 69% of total order, similar to 68% in the first quarter of 2015. Operating margin reached 55% compared to 58% last year. Our operating expenses increased as a result of our accelerated investments in sales and marketing and R&D we started last year. In 2016, we see naturally the full effect of these investments. GAAP net income for the first quarter of 2016 was $167 million or $0.95 per diluted share, an increase of 10% from the first quarter of 2015. Non-GAAP net income for the quarter was $187 million or $1.06 per diluted share, up from $179 million or $0.95 per diluted share in the same period a year ago. Non-GAAP earnings per share grew by 11% and exceeded our guidance. Our cash balances reached $3,729 million at the end of the quarter. Our cash from operations this quarter continued to be strong and reached $324 million. We continued implementing our expanded share buyback program during the quarter and repurchased approximately 3.1 million shares for a total cost of $247 million. Now, let's turn the call over to Gil for his thoughts on the first quarter.
Thank you, Tal, and good morning to all of you joining us on the call today. We are holding this call from our European Check Point Experience Conference in Nice, France, where we have an all-time record attendance of customers and partners. During the conference, we’ve shared our vision and focus. Customers today deploy large number of point solution for many security vendors, mostly focusing on the detection of attacks. Unfortunately, detection doesn't solve the problem and it’s very clear that cyber security has to be dealt differently than traditional detection methods. Check Point today delivers an integrated cyber security platform with a focus on real time prevention of next generation threat. Our cyber security platform extends from the network and endpoint protection into the data center, cloud and mobile space. In the future, we tend to broaden our cyber security platform and expand into additional markets like defending the evolving market of Internet of Things, critical infrastructure, and national security, all presents significant security challenges and opportunities. All of these solutions focus on preventing the known and unknown effects before they can cause damage to the organization. We began 2016 with an important product supporting this strategy. We’ve launched new security appliances that are optimized for threat prevention. We started with the data center and high end solution, the 15000 and 23000 series last quarter, and yesterday we launched the small and mid range appliances, the 1400 series, 3000, and 5000 series. The new appliances all come with our full threat prevention suite enabled. Our security management is one of the key differentiators and has been known to be a generation ahead of the market for over 20 years. We just released R80 and expanded our leadership even further. R80 management is revolutionary in the marketplace and enabled unified quality for all security functions and to the most sophisticated environment. While our vendors might talk about prevention, there is a huge gap in the ability to actually prevent the attack and deliver this multi-vector protection. This is reflected in third party tests, where Check Point is the only vendor to consistently win the highest level of recognition for our advanced protection. For example, we’ve just received our eleventh NSS recommended rating where some competing vendors have failed in many of these tests. As you’ve heard from Tal, we completed the first quarter with decent financial results. We are seeing great traction and double digit growth from our new threat prevention technologies that underscore the success of our strategy. For the second quarter, we’re seeing healthy activity, yet there are two primary factors that should be taken into account. First, the introduction of our new product can influence adoption rate and buying fashion. Second, while we see a healthy buying environment in cyber security, we’re slightly cautious in regards to the overall IT industry spending. We haven’t seen big effect on our business so far, but with our large dependence in existing installed base, any changes in spending can have an impact on anticipated growth rates. As a result, this can make it hard to predict the future and there are many additional factors that can lead to outperformance or underperformance that must be taken into consideration. With that in mind, for the second quarter financial outlook, we expect revenues in the range of $405 million to $435 million and non-GAAP EPS in the range of $1.02 to $1.09 per share. GAAP EPS is expected to be approximately $0.13. This includes the effect of recent acquisition. There is no change in the full year outlook. With that, I’d like to thank you once again for joining us on the call today and open the call for your insightful questions.
[Operator Instructions] Our first question is coming from the line of Walter Pritchard with Citi.
Tal, I'm wondering if you can talk about – we’ve seen the annuity revenue growth rates actually decelerate during a period that we've seen your license revenue accelerate and we've seen your long term deferred growth faster than your short term and I now you offer some multi-year discounts. I'm just trying to figure out if that might explain the deceleration in some of the annuity lines namely the blades and the updates and maintenance?
So actually our booking – we don’t talk about booking in general, but I can tell you that booking of software blade is very strong and accelerated in the last two quarters. There is some timing effect obviously in software blades. If I recall correctly, last quarter, it’s actually accelerated in the P&L, Q4 which is typically the higher. So it moved from 19% to 22% and I would say it’s around 19% which is quite strong for the first quarter. So I’d say as a whole, when we talk about software blades, it’s a pretty steady rate, I’d say, averaging around 20%. And you can see that as a percentage of our total revenues, it's moved up from – I think it was 20% on average last year and in this quarter it was around 22%. So software blades are very strong. And I can give you some color into the blades in it; all the blades related to advanced threat prevention are doing very well. We see anti-bot doing great. We see threat emulation higher than our internal plan, even they are executing very well, this team, and we’re seeing that it’s a great opportunity when it comes to the new unknown and known attack packages. And that’s why we decided to bundle some of those blades in the new appliances. So that’s one. As to the long term deferred revenues, you’re absolutely correct and that's why I always say that deferred revenues can fluctuate. Deferred revenues are affected by customer wishes, sometimes there can be a few large transactions as the customer brings a deal of three, four, sometimes even five years, and it can easily fluctuate the number because it's quite a small portion out of our total dollars of deferred revenues. So it can fluctuate, and yes, it's expected that it can be here before deferred revenues in the long term increase significantly, it can reduce the year after.
Our next question is from the line of Ralph Eyal with Oppenheimer.
Quick two questions, so Tal, the Americas this quarter, can you talk about North American versus Latin American performance and how did foreign exchange impact the business?
So I can tell you that Latin America was very weak; it was negative actually, as expected. We looked at the currencies, the currencies were – if you look at Columbia, Mexico, Brazil, currencies year over year were between 20% to 30% devaluated versus the dollar. Remember, our price list is in dollars, so it affected significantly the buying pattern and also the discount rates in Latin America. And as a result, it pulled the numbers of total America down.
Correct me if I’m wrong, this is probably the first time in a while when we discussed the accounting implications and classification of blades versus product. Is it fair to assume that but for this classification the actual core growth probably of the product front is higher than the current consensus expectation?
The reason I talked about it is actually, remember the effect in Q1 was smaller because we launched just the 15000 and the 23000 and we just started to transition. But I stated as a caution measure, when we look forward, we launched this quarter just yesterday, the remainder of the family that starts all the way from small, which is the 1400 all the way to 3000 and 5000 family on top of the 15000 and 23000. So it's across the board from the lowest end to the highest end. And as we bundle this with the next generation threat prevention package, which carries a higher dollar value, then it will create a shift between the product recognition which is immediate in software blades that can be further recognized over the years. So that's why I mentioned it. I would say it’s probably a very small effect this quarter, but it can be larger in the next two to three quarters and that’s why I thought it’s relevant to put it on the table.
Our next question is from the line of Rob Owens with Pacific Crest Securities.
Tal, remind us on the maintenance line, it was down sequentially and I know that happens often in Q1. Is this timing of renewals around maintenance contracts or is this a professional services component that doesn't show through relative to how the numbers look?
You’re talking about the revenues, right?
So updates and maintenance is naturally affected by the product line and the renewals. The renewals are very healthy, but we see some increase in the discount as we talked about in the previous two quarters. So we talked about the currency, we talked about European currency, we talked about Latin American currency and so on. So as you see pressures that come to pricing, be it competitive or currency effects, then it affects the growth of the update and maintenance line.
And then second for Gil, I know you’ve had the question for years now about the firewall upgrade cycle, replacement cycle, and I think you've seen relatively consistent revenue growth for six quarters of about the same 9%. If we look at products and blades, it’s been even longer, around this 11%, 12%, so help us understand are we beyond just that concept of a firewall refresh cycle and seeing just healthy steady demand in the marketplace?
I think we have a combination of new projects, new customers, and renewal of appliances and renewal of firewall with customers, refresh of equipment with customers. I don’t have any very good statistics or prediction as to the timeline of the expectation. I think we are very excited about the opportunity because we've just launched a major product line across the entire product line update, a huge update. If you remember, the last update – there has been few things in the middle, but the last update was 2012. So this is a great opportunity. And I think our new appliances are right on target in terms of their ability to be optimized for the new threat prevention capabilities. And I think the main factor for customers to get them is the fact that they actually want to enable more security capabilities. I think it’s a huge opportunity, I think it is also a challenge. I mean, some of our markets is still thinking traditionally and say I want just a firewall, in which case, by the way, our new products are also exciting, but our old products are also working quite well. So we're not – we have good product for many, many years. And I think the main opportunity, a challenge here is to educate the customers, not just to educate, it’s to really fulfill the need to protect from future threat and really enable all the advanced threat prevention capabilities and enable them on the equipment. We are still in a small percentage of adoption there. So there is still a big opportunity for customers to enable that. And if they do, I think it's – first and foremost, it’s the security value that customer gets and that’s the most important. From the financial perspective, it’s actually quite good because a lot of the revenue is going to be on the annuity revenue. All the new threat prevention capabilities, all the software blades which are now pretty sizable part of our business or approximately 20% from our overall business invest in the annuity business. So I think we are going in the right direction in terms of moving more and more revenue into annuity business.
Our next question is from the line of Michael Turits with Raymond James.
The guide for 2Q is growth of 6% year over year, we've been doing 9%, it’s 4% sequentially, that's below your seasonal pattern, which is a little bit stronger at 5% or 6%. So why is that? How much of that is from this impact from greater revenue deferral and how much of it is from other things, whether it's macro caution or whatever else is going on?
I’ll first start with the blades. So you can see, I gave you the numbers, between 5% to 10% is moving the result of the split of the fair value, I think the next generation threat prevention to the package and I said it’s between $5 million to $10 million. Obviously I can't know the exact number because, A, I don't know what would be the transition from the old product to the new product and B, I don’t know which appliance will the customer opt as a replacement of buying the old versus a new. So it can create a change in mix of appliances between high end appliance, mid end appliance, and data center appliance. So that’s one question mark that I cannot predict. And the second one is one they will choose it and will be the effect of the allocation between the appliance which is product revenue and the software blade which is deferred and then recognized into the P&L over a year. And that’s basically what’s that’s relating to.
So just to clarify, are you saying there's a $5 million to $10 million impact on next quarter from the change, are you saying it's $5 million to $10 million, that's a shift in a way to do the math in terms of the deferral on that?
No, $5 million to $10 million on the product revenues...
Is the potential – again, what will happen next quarter, we still don’t know, but it can be better, it can be worse. But I mean, the potential based on the current model is a shift of about – between $5 million to $10 million.
Do you feel like you've built any additional caution for macro or any other factors relating to this end user demand?
I don’t think that we’ve built any caution or not. We are taking our financial modeling, we’re taking the [indiscernible] sales force and that’s what we are delivering to you guys. That’s where it is.
The next question is from the line of John DiFucci with Jefferies.
Tal, I have a question on margins. We understand that in prior quarters as the US dollar strengthened relative to other currencies, operating margin experienced a little bit of a tailwind from your non-US dollar operating expenses. Can you talk a little bit about foreign exchange or foreign currency impact, if any, to operating margins for the first quarter? And what about the rest of the year given what is probably going to be a reversal in foreign exchange effects?
I would say first the effect on the expenses year over year was pretty minimum, so we didn’t benefit much and we didn’t lose much. That’s in the expense side. I mentioned it on the revenue because Latin America had a big effect on the revenues, right, because it affected the whole pattern of acquiring and refreshing – or update and maintenance in Latin America because they suffered a huge effect. When you look at our expenses, the Israeli shekel didn't move much, but you're right, it can affect the next quarter because they start to have a move towards the end of the quarter. And when you talk about the euro, again, it was pretty steady average Q1 versus Q1 last year, but I think [indiscernible] towards the end of the quarter bit of a move. So it all depends on what the currencies will do when we look at into the next quarter. So far it looks like the dollar is weakening slightly in the last few weeks, so we would have to see where it will average.
So it sounds like, I mean within the guidance and you didn't – and you do actually maintain guidance for the year, so I mean we should feel pretty confident at least with rates where they are right now that that's implied, even though they've moved since the last time you gave guidance?
Yes, you’re right. Just because it didn't move dramatically, but if they would have moved 10%, I would have asked you to check more deeply into that.
Our next question is coming from the line of Gabriela Borges with Goldman Sachs.
Gil, my question is a follow up on the commentary on an uncertain environment for some of security customers. I know we’ve talked already a little bit about FX, but if we just leave the FX aside from a moment, anecdotally is there any difference in the conversation that you’re having with customers and their intention to spend on security this year? And has that changed at all over the last quarter?
I think the discussion with customers is actually quite positive. I think we are – there is a big universal security need there and I think we are very well positioned to fulfill that. I think we are active enough and we are finding the right opportunities, there is plenty of opportunities in all the places I spoke about, whether it’s critical infrastructure or it’s augmenting the existing security infrastructure. Everybody in the world speaks about the advanced threat, yet the level of adoption of technologies that prevents them is still very, very low. So I think overall the discussion in the security space remains quite positive. But I think as I said, there are still reasons to be cautious about the overall economy. But at the end of the day when an IT buyer says last year I paid X amount of dollars for renewal of my support contract, next year I want to spend less or I want to not spend more and maybe spend less. And again, with our big installed base and with the big annuity revenues that we have, that can be something that limits us, even though there is plenty of nice opportunities and people are willing to invest in new projects, basically the feeling that I get from speaking to many, many customers.
And maybe just a quick follow up if I could, you mentioned a large installed base, I know adding new customers is also a parity for the company. So if you could just give us a quick update on the traction you’re seeing on the new customer side and what’s some of the key factors that you think might be driving new customer additions or customers to switch to Check Point this year versus last year?
We are putting a lot of focus on adding new customers and I think we’re starting to see that they are improved. In this conference here, for example, we see a nice number of new customers, new projects more than we’ve seen before and I think that’s a direct result of our focus on new customers and new projects. I think we will do more of that, but it takes a lot of time. Let’s remember we have a great sales force, we have – but they see also a lot of opportunity with the existing installed base. So sometimes it’s a little bit challenging to go outside of our comfort zone and approach new customers. Now, when we do, we do have a very nice number of wins with new customers and we are doing constant surveys and constant checks about the reason for winning and what makes us win. So I think in most cases, we’ve been in a competitive situation and we win. We are seeing that the main reasons for winning, there is two main factors. One is the quality of our security, customers that are simply running our products against advanced threats and see that our catch rate is much higher than other products and that we actually block the attack, not just detect and block it a day later or two days later or a month later, so that’s the level of security that we consistently hear from customers is the big differentiator. The second big differentiator is our security management. Again, that’s also on almost every deal. And we are tracking that and I think these two factors are the ones that we repeat all over. So I think these are the most important elements and I think we’re doing well on those.
Our next question is from the line of Sterling Auty with JPMorgan.
Maybe just to follow on a little bit on that line of questioning. If we look at the heads that you added last year and the investment to go after those new customers, how should we think about the incremental investment that you are targeting this year? If the environment may be perhaps a little more challenging, is the intention to maybe scale back a little bit and drive a little bit more margin?
I think the environment that we are in is a good environment, yet on the same time it’s a very competitive environment. And as we invest in augmenting our sales force and in being – an in having more people on the street so do our competitors. So we have no intention to scale that down. We think the potential is big, we think that we want to invest more and I think that’s the right thing to do. I think we enjoy very, very healthy margins and what we need to do here is focus about winning on new customers, expanding the projects that we are doing and then in the long-term future I think also gaining market share and accelerating the growth.
And as a follow-up, Gil, in your prepared remarks that you talked about I think expansion of the security offerings. You mentioned IoT and a few other areas, but I'm curious if part of that is also some of the products that you are looking to offer. Is some of the thoughts that you would expand further beyond just the core firewall and blades and perhaps consider some other security technologies?
I think the answer is generally yes. We do offer more products and even today we have mobile products which run on mobile phones, we have endpoint products and just last quarter we launched Sandblast Agent which basically brings all the advanced threat prevention capabilities that we have to the endpoint and we are seeing even more places where we can bring our technology.
Our next question is from the line of Philip Winslow with Credit Suisse.
I think it was last year you touched on the robot market, office, your branch office, I guess it was about five quarters ago. Any update on any traction that you have been seeing there? And just one quick follow-up question to that.
We have nice traction to that and I think we’ve just released last quarter and actually new models for our branch office appliances and we are also very interested in terms of their ability to deliver advanced threat prevention. I think we’re seeing good traction. We are seeing nice growth in terms of units and I think also in terms of revenues. But it’s still a small portion of our business and high end appliances, even though they are much smaller in quantity, deliver very nice results financially. I think over time, I want to balance that. I want to see the growth from all product lines and to see higher contribution from the lower point of the market. I do believe it's very important for the future strategy.
And then also from a vertical perspective, anything stand out from a vertical standpoint this quarter versus your expectations in terms of industries or versus anything that you saw last year?
I can’t see any big differences. I mean, it’s amazing to see when I meet with customers, because usually when you analyze customer segments, you see, for example, financials are very important sector. But on the other hand, when I meet with customers and projects, it’s from all over, from critical infrastructure, industrial companies, healthcare, I mean, local government and of course the same financial organization and big customers that we are used to see all the time. So it’s quite fascinating when I meet with customers to learn about their environment and what we are doing. It’s a very wide variety of different types of customers.
I can just say that we saw – like Gil said, in general, it’s keeping the same breakdown, we’ve seen a nice increase in the technology industry this quarter, but remember it’s a small number, so it can fluctuate quite easily. And I can say we see many PLCs that have to do with the threat emulation solution and quite a lot of wins in that area. So I think product vertical, I would say that the threat emulation solution is doing very well.
Our next question comes from the line of Robert Breza with Wunderlich Securities.
Just touching on the geographic environment, I was wondering, Gil, if you could comment if you saw any slow down or push-outs in the last couple weeks of the quarter in Europe? And if the unfortunate results over there had any effect on the last couple of weeks of the quarter?
Europe was actually our best geography this quarter. We’ve seen pretty much all the big countries in Europe deliver very good results. So I think we're pretty happy with Europe performance in the first quarter.
Our next question is from the line of Gregg Moskowitz with Cowen and Company.
I had a follow-up to Michael's question. Tal, you helped explain the top-line guidance in Q2 being a function of variability around new versus old appliance demand and product mix. But you are still forecasting about 4% sequential revenue growth at the midpoint. Conversely, if I look at the bottom line, your Q2 EPS guidance at the midpoint does not reflect any growth. And historically, your EPS has grown $0.04 to $0.05 sequentially in the second quarter. Just wondering if you could speak to the EPS forecast specifically?
Actually the EPS makes sense. I think the midpoint is about $0.03 below analyst expectation and if you look at the revenues, they are about $7 million less, $7 million less in revenue is equal to about $0.03. So the logic if I am trying to do it quickly on the phone call, I think there's nothing dramatic there, remember that Q2 always have higher marketing expenses. So typically Q2 margins are lower than the margins of Q1 as a result of the CPX events that we have across the world. So there is nothing dramatic there actually.
And just for Gil, so R80 has a lot of feature improvements. I know maintenance-paying customers get it for free. But what do you think this is going to do for Check Point going forward?
And by the way maybe just to make sure that you have the right number, the guidance for EPS was $1.02 the lower end and the higher end is $1.09. So the midpoint is $1.06, which is a growth year over year of 7%, just to make sure we're on the same numbers.
Yes, Tal, I did actually have that, thanks. I was actually just referring to the sequential growth, which was flattish. But do appreciate your response on that. And then Gil, if you had any commentary on R80, that would be great.
I think our management has been a big differentiator for us especially in winning large deals. I think it goes even further the ability manage very sophisticated network and security environment, the ability to get segmentation, compartmentization, and a lot of features that are designed to make the management of complex environment much easier and actually some of them also apply to the lower end of the market, the ability to have one security policy that unify that you can see pretty much all the security capabilities presented in one way I think is appealing to large customers and small customers. So I think it can be a very important – will continue to be a very important competitive advantage for us. I think it can have an impact on – even though customers do get it in annuity based on support and maintenance payment, it can have an effect on revenues too because more and more customers are buying security management appliances from us. And the security appliance management are part of the new purchase, the new product and the refresh cycle. And we are seeing pretty healthy growth overall in the security management appliances. So I think R80 can be a nice opportunity for customers to buy more of these security management appliances. They see the new features, they see the need and will buy the integrated hardware, software solution.
Our next question is coming from the line of Ken Talanian with EVERCORE.
First one, are your channel partners still offering a pay-as-you-grow leasing model? And does that have any impact on the deferred revenue?
I think it is offered in some rare cases. I think I’d like to encourage it actually. I think we're very open to these kind of business models that will shift more revenue to annuity and mainly meeting the customer needs. I think we are relatively healthy on our cash flow and I think if we can get more long term growth and more long term commitment as opposed to short term revenue from customers, that’s overall a positive thing for us. Again, it’s the right thing for customers. It’s not the biggest threat these days. So in relatively small cases, if you find customers or opportunities that would like to get the [indiscernible] be very happy to accommodate that.
I will just add, just to – maybe what you mean is that we do have transactions that is sort of like an operating lease, right, and therefore you don’t see it in the deferred revenues, but it’s – we get a large order but we invoice once a month and therefore you don’t see the booking in the deferred revenues and you miss it from the booking. And on that regard, you are right, there is quite a big bulk of those accumulated deals in a significant amount that was off balance sheet and it’s still off the balance sheet since the invoice was not invoiced and it’s not part of the deferred revenue.
Could you frame quantitatively how much that is?
It’s quite large, it’s high tens of millions of dollars.
And then one last question. You mentioned some progress on the high-end appliances getting off to a great start. I was wondering, does that reflect your progress with ongoing sales engagements or actual sales of the appliances?
No, this is actual sales of the appliances.
Our next question is coming from the line of Matt Hedberg with RBC.
Gil, with the growth in AWS, and Azure, I'm curious from your perspective, how do you see on-premise network security spending priorities changing in a world where more of this workload moves outside of the four walls of the customer's traditional data center?
I think that's one of the big strengths that we have in Check Point. We know how to secure the traditional network, which is by the way still very important, still growing and will be more of that. And we know how to put our software on the cloud and data center environment. Our entire vSEC product family which we are updating and upgrading and augmenting every quarter and every month, I think, is a great solution for that. That can be a very important differentiator for us because our base is on software, we can run it on almost every environment and I think we are building everything that’s needed for the cloud environment, like automation of the provisioning of a new network, a new security. In traditional networks, you put a box, you do a lot on the process manually and it takes time. In the virtual world, people want to make automated processes, so when they do create a new virtual environment, they automatically get the security with it and automatically it’s being added to their policy and all of the connections are being made. So I think we are very, very strong in that and we have a huge competitive advantage on that side. As I said, because everything we do is software and it's not dependent on specific hardware customization, it's much easier for us to bring it to new environment. And I think it all ties at the end to our management that can manage all these environments from one single console. So overall, we are seeing nice level of interest in that. Still the revenues are relatively small, but in terms of how do we feel about the interest level and the position that we have in that marketplace, I think we believe that we are positioned very, very well into the future. And if that market ever become significant in terms of dollars, I think we’re there to serve it.
Maybe just a quick one for Tal. You called out the strength in North America and Europe. Asia-Pac looked a little slower versus historic trends. Was there any country in Asia-Pac that was weak this quarter?
No, actually remember, you’re looking at the revenues, so Q1 can shift easily by revenue recognition accounting rule. So I would say Asia actually had a very nice quarter. They had strong, Japan strong, India strong, Singapore strong, China, it was quite a nice quarter in Asia.
Our next question is from the line of Erik Suppiger with JMP.
First off, just in the US, can you talk about linearity at all? There were certainly concerns at the beginning of the quarter about the macro environment. Secondly, as you look at your threat prevention opportunity how many of your existing customers already have a third-party threat-prevention solution? And do you position yours as a replacement to those existing solutions that are deployed?
Probably have both. Maybe I will start with – actually I forgot the beginning of the question. But relating to emulation, I would say we see both. We are bidding head to head with players in the threat prevention and winning very nice transactions. As Gil said, if you look at the NSS report, our catch rate is by far the best there. So when a customer is serious in doing a PLC, we can show our significant leadership in that area and we saw very nice wins both with large and mid-sized organizations. In terms of the penetration to the install base, it's very small right now, because if you recall the whole threat prevention just started – or at least advanced threat prevention and emulation just started in the last few years. So still it’s a Greenfield, majority of the customers don’t have a solution. And in some places, if you go to the higher level of customers, you see customers that already have a solution and replace them because it’s just more convenient managing a centralized way and a much higher catch rate. When you talk about the linearity, I would say, no, it’s Q1, so I don’t think we saw anything dramatically change. I think the first one was slightly stronger and then the second weaker and then the third stronger. So I think – but again, it’s Q1, so it’s a small number, so I wouldn't conclude anything out of that.
Our next question is from the line of Gray Powell with Wells Fargo Securities.
I just wanted to follow-up on the shift from product revenue to blades, which goes into deferred. And make sure that I understand that correctly. So the bundling of advanced threat blades is going to have a $5 million to $10 million impact on Q2 product revenue. How does that impact full-year 2016 guidance where revenue targets were unchanged?
You can see, if you take every quarter, you take the $5 million to $10 million more and put it in deferred revenues and recognize it, then obviously Q1, majority of it already will go into the revenues in 2016. In Q2, you will have about two and a half quarters and Q3 we will have about one and a half quarter, and Q4 we will have only half. So that’s the effect. So it’s probably accumulated. If you do the numbers, you can have an effect of, I don't know, probably around $20 million. I didn’t do actually the accumulated number, but...
Again, we’re just starting with that model, so it’s too premature to say right now how it will shape up and so on. Long term, I think at the end of the day, we will recognize all these revenues and even more important than that I think it creates a very nice opportunity to renewal of that revenue in the next year. So the overall lifetime revenue is bigger than the amount that we are deferring. So we’re not shrinking anything in the revenue line. I think we’re growing in this area.
Our next question is coming from the line of Brent Thill with UBS.
This is Fatima on for Brent. Thanks for taking the questions. You are now seven years into your Blade strategy. Historically, you have said a majority of your base still doesn't have most of your blades. So I'm wondering if you can refresh us and remind us on what the current levels of penetration are? And what really needs to happen to get through the 50% mark of adoption? And then a follow-up, if I could.
First, I think the blade strategy has been very successful for us. We’ve built a business from very low amount of revenue in the same technology areas to now a business that’s around 20% of our revenues that's running at a run rate of at least $400 million a year. So that’s pretty significant. If you look at how many businesses, in product threat prevention, the threat prevention technology has been built in the last few years to that level of $400 million, I think we are doing very, very well. And all of that is new business, new technologies and annuities. So I’m very happy with that. If you look at the penetration rate, that really varies. When we started with it seven years ago, the main blade was IPS; IPS today is I think at approximately 50% of our installed base. I’m not sure if I have the correct data, but – and if I’m wrong, we might correct it, but I think we are at the 50% range of customers that are adopting that. If I look at threat emulation, which is about two years into the market, we're still at the single digit percentage of penetration into customers, which is by the way quite nice, where already thousands of customers that are using threat emulation and this is nice number compared to the industry, but still very small compared to the hundreds of thousands of gateway that we can run and to the tens of thousands of customers that we have. So I think overall I'm very happy with the strategy and I think the nice thing about this strategy is it evolves. Every year, we bring new blades to the marketplace and we are – additional opportunity for growing with these blades.
Just to switch gears into the announcement you made about the release of some of the lower-end SKUs for the branch office and remote offices. Can you help us think better about how you view the SNB, or the lower mid-market appliance opportunity versus what we might intuitively think that this market would maybe gravitate toward the managed security service provider solutions? Why would they opt for an appliance when they could theoretically outsource it? Just would love to hear your thoughts on that. That's it for me.
It's a very interesting field. So first I would differentiate between two appliance series that we have that are similar in many aspects, but are different than others. We have the 700 series which is new and that’s the small business appliances and we have the 1400 which is [indiscernible] appliances that’s similar to the 700, but it has enterprise management capability. So if I do look at the 700 series, which I think is more where – the 1400 are designed so big enterprise that may have I don’t know 1,000 branches, that’s a bank or it’s a retail chain, small shops, or anything like that can easily use the same security, the same quality, the same management and scale it to a large number with very easy set up, but with the same centralized control, same centralized management. The 700 series is more focused about small businesses that want to manage it on their own, do not want the sophistication and the complexity of the full Check Point smart sensor R80 management. So we have a very simple web user interface that they can do the security management capabilities and that product by the way you can see the reviews it’s got on the previous release, it’s way, way ahead of the market in terms of the completeness of the product set and mainly the ease of use, so you can get really, really sophisticated security features, very easy to use. It is not against managed services, because actually these products fit very well into a managed services environment and big numbers of them do operate in a place where there is a managed service provider, who provides the service, the update, the upgrades and the user can still do the basic configuration, changes of the parameters that they want and so on. So it’s actually designed and works very well in a managed environment. We have tens of thousands of these devices managed. So both of them present different opportunities and I think in both of them we have a nice opportunity in the market place and I think it fits very well to the direction of the market.
Thank you. At the time, I would like to turn the floor back to management for closing remarks.
Thank you all for joining us today. We appreciate your participation. We’ll be taking calls a little later today and I'll be taking even more calls later in the week. Thanks a lot and have a great day. Bye-bye.
This concludes today's teleconference. Thank you for your participation and you may now disconnect your lines at this time.