Allot Ltd. (ALLT) on Q1 2021 Results - Earnings Call Transcript
Barry Spielman: Hello, everyone and welcome to the Allot Investor Day 2021. It’s a big day for us. Today, we are going to share a lot about our company and where we are headed and we are very excited about the future. I am Barry Spielman, Director of Product Marketing for Cybersecurity. And you are going to hear quite a bit about Cybersecurity over the next couple of hours and how it’s becoming a central pillar in the company’s growth strategy. In that context, this virtual Investor Day and the information we will be sharing marks an important milestone on this journey and we are thrilled to have you with us for the ride. Today, I am joined by Allot’s senior management, our Chief Executive Officer, Erez Antebi; our Senior Vice President for Cybersecurity and Head of the Cybersecurity Business Unit, Dr. Yael Villa; and Allot’s Chief Financial Officer, Ziv Leitman.
Barry Spielman: Before I turn over the microphone, I want to quickly go through the agenda and what we have planned for you today. We will start with a briefing by our CEO, Erez Antebi, who will show you how Allot is revolutionizing consumer cybersecurity. He will describe the huge business opportunity for both CSPs and for Allot. We will then share with you a discussion our CEO recently had with Marc Rouanne, Executive Vice President and Chief Network Officer at DISH. Allot recently signed a deal with DISH to provide end-to-end user plane protection against DDos and botnet attacks on DISH’s cloud-native OpenRAN-based 5G network as well as to provide cybersecurity threat protection for DISH consumer, MVNO and SMB customers. We will then move on to Dr. Yael Villa, our SVP for Cybersecurity, who will give an overview on the technology, that makes it all happen. Following Yael’s presentation, we will share a couple of additional short testimonials from our customers, who will discuss how Allot Solutions help them achieve significant growth. And finally, Ziv Leitman, our CFO, will discuss Allot’s revenue sharing business model. We will have plenty of time to answer your questions during the Q&A session. If you have any questions, feel free to send them via the questions tab on the platform at any time and we will answer them during the Q&A.
Erez Antebi: Thank you, Barry. Good day, everyone. Welcome to Allot Investor Day. Thank you very much for joining us. I want to talk today about Allot and how we are revolutionizing consumer cybersecurity. So Allot, in general, as a company, we are a software company and we are selling software to communication service providers or CSPs globally. We have hundreds of customers, operators around the world. Many of them are Tier 1 operators. Allot has been growing nicely. We have been growing with a CAGR of 18% during the last few years and last year, $23 million out of our $136 million of revenue were cybersecurity revenues. We have a strong management team with proven experience in the areas of both service providers and cybersecurity. Later today, you will hear from Ziv Leitman, who is our CFO and from Yael Villa, who is our Senior Vice President for Cybersecurity. The technology that Allot uses, the heritage of the company, if you will, is extremely mature. Our technology is deployed with operators around the world, with Vodafone in Europe, Telefónica in both Europe and Latin America, with Rakuten in Japan, with Jio in India, Optus in Australia and many, many others. We have – as a company we have a telco grade software. This is different than enterprise software. This technology heritage coming from the telco world is an extremely significant barrier to entry for many competitors from around the enterprise software world. Because we come from the telco world, our software is capable of handling extremely high throughputs, multi-tenancy having millions of customers that can each have different profiles, different logics, joining the service coming off of the service and with extremely high quality. We operate in 5G networks, we operate in a cloud-native environment, and we are based to a large degree on AI technology. As we will see later today and during this presentation and in the presentation from Yale, this is an extremely important factor. When we look at the Allot Secure platform, which is our cybersecurity platform that too is deployed worldwide with many customers. Many Tier 1 and Tier 2 operators, both in Europe, Latin America, United States, Asia, customers like Vodafone, Hutchison, Telefónica, Rakuten and many others. More than 20 million subscribers globally are protected by Allot Secure. Tier 1 operators really do trust us. We believe today there is a big challenge in protecting the consumer and small business environment. Most cybersecurity companies today focus on protecting large enterprises. They built their technology and solutions with the enterprises in mind. We are taking a look at consumers and small businesses, really the small businesses, the guys without an IT department. If you like, the smile lawyers office or the restaurant, small businesses that don’t have extensive IT knowledge.
Ziv Leitman: Thank you, Erez. Now, let’s join a conversation Erez recently had with Marc Rouanne, Executive Vice President and Chief Network Officer at DISH, following the announcement of the recent deal between our two companies.
Barry Spielman: We are pleased to share with you now a few of our customer testimonials.
Barry Spielman: I want to now introduce Dr. Yael Villa, our Senior Vice President for Cybersecurity. Yael also heads the company’s Cybersecurity Business Unit. Yael?
Yael Villa: Thank you, Barry. Hi, everyone. My name is Yael Villa. I joined Allot 6 months ago to lead the Cybersecurity BU. Today, I would like to share with you a deep dive into the technological backdrop of Allot’s consumer cybersecurity offering. We will start with an overview of our consumer security concept, which is unique in the market. Next, we will briefly describe our security assets and how are we prepared for tomorrow’s challenges. The cyber world is very dynamic and sophisticated and we need always to be ahead of the bad guys. The main difference between existing solutions, mainly for enterprises and financial institutes and Allot solutions is that existing solutions are extremely hard to manage. Different alert systems coming from different applications, very long logs and basically, enterprises and financial institutes have a CSO to manage the security within the organization. In the consumer world, this is not happening and nobody is expecting the consumer to be it’s own CSO. Therefore, the solution should be seamless and easy to use. Otherwise, it will simply not work. Consumers actually don’t know anything about security vulnerabilities they just want to be protected. Some of you can ask, if Allot can have a comprehensive solution, why can’t the big cyber companies, if they are willing to, do the same in no time? Well, it’s not that easy and we will discuss why. Finally, we will talk a little about the road ahead. What do we need to start thinking today to be always ahead of our competitors and constantly bringing value to our customers? Allot solution is based on the 360-degree security concept. What is 360-degree protection? Consumers are looking to have a complete end-to-end protection anywhere, at their network, at their home, at their offices, at the coffee bar, at the bus station, everywhere. They are looking to be protected by any threat phishing, Trojan, ransomware, everything. They are looking to be protected in any device they are using phone, laptop, iPad. They want the same protection in all their devices. This is the 360 security protection. And we need all of these to be easy, zero touch. The user basically doesn’t have to do anything, client less and self management. If they want to do something, they need to be able to do it by themselves. Our research shows that 90% of the consumers believe that the CSP should provide them security. So, they expect to have the CSP as the single provider of security solution. So what is Allot Secure 360 concept all about? The solution is built around the ASM, Allot Secure Management. The Allot Secure Management is designed to provide a unified seamless security experience, not only for the end user, but also for the CSPs to be able to be the single security provider. We have different enforcement points, home secure, business secure, IoT secure, network secure, DNS secure and endpoint secure. Network secure is a network-based security for mobile consumers and SMBs that includes threat protection and parental control, with frictionless onboarding, mass activation up to 50% penetration, inline customer engagement tools and everything, basically. Home secure is a CPE-based security, protecting all devices, including IoT devices in smart home and offices, home router protection, full home office network visibility. The different enforcement points are getting the input from our Allot cloud. All the up-to-date threat intelligence, web categorization and device finger print data are stored and constantly updated in our Allot cloud. The design of the ASM was done under the unification concept, the same capabilities and the same look and feel for all the enforcement points. Therefore, we developed all our capabilities once and no need to develop again and again for each enforcement point. For example, if we want to add a new anti-bullying algorithm, we develop it once and it will work for all the enforcement points. We have the same reporting system to all the different products. Due to the flexible architecture, if Allot decided to introduce a new service like privacy protection or the customer wants to use its own enforcement point like McAfee, these additional solutions can easily be integrated in our management system and gain reporting, notification, account management, without the need to develop anything. It’s the same you can feel, for the end user and for the operator. This user adopted the entire 350 threat protection solution. He can be blocked within the network, if he is at home, or if he is at his coffee bar. The same protection regardless worries, the same blocking page, one seamless security experience. One policy, unified reporting and unified event handling, regardless which enforcement point is active. The user will get a reporting, summarizing all the malicious activities he had, like in this example, more than 300 – 3,000 blocks, most of them phishing malware analytical spyware. Robust security is the core of our business. Our comprehensive security comprises URL-based filtering for HTTP and HTTPS traffic, anti-malware, anti-phishing, antivirus and anti bot, up to 3 antivirus engines to scan files downloaded, Kaspersky, BitDefender and/or Sophos. We have a dedicated threat intelligence research team to analyze new threats and variance of existing threats. We developed machine learning algorithms, including deep learning, anomaly detection, classifiers, analytics and clustering. To optimize our detection performance, meaning high detection rate with low false positive. In addition, we developed machine learning algorithms aimed to serve tomorrow’s challenges, for example, phishing detection when all the traffic is encrypted. Allot’s deployments are in hundreds of CSPs worldwide. And since strength spread over different markets, we develop a global information sharing platform to share patterns between different deals and different type of customers, allowing us to detect new type of malicious activities earlier. In our parental control solution, we have more than 120 URL categories. The CSP typically exposes macro categories to the subscribers applicable to HTTP and HTTPS traffic. We have the ability to completely shutdown Internet access for a device during a specific amount of time. The customer or the end user can create a list of allowed and block domains anywhere else. Any good threat protection solution is based on a diversity of data elements and good algorithms that can classify and inspect all sources of information. In our cloud-based intelligence database, we aggregate data coming from multiple data sources. We have regular classification analysis from top website list, unclassified URLs received from existing deployments, categorization requests from our customers, external feeds, carefully selected under concept examination, regular classification exercised by CSPs, automated tool to find new URLs and get them classified. Third, research team dedicated to investigate new threats and content analysis engine for dynamic and real-time analysis of malicious URL in more than 120 categories for detection and from our detection and parental control. Consolidation of threat intelligence from many different sources, internal and external to Allot is imperative to reach high detection rates with low false positive. This is unique to Allot as aggregator of threat intelligence even from competing vendors. For a consumer cybersecurity solution to succeed it should be seamless and easy to use, easy to use for the end user as well as easy to use for the operator. The key of this simplicity is the ASM Allot Secure Management. The ASM provides unification of all Allot secured products under a single management, same profile, same protection, same control access to all of different enforcement points. A unified IT, rest APIs for portals and applications, single integration point, unified provisioning, map subscribers to APIs, not endpoint to subscribers. All of this done very, very easily. In addition, the ASM provides a framework to integrate additional security products, either Allot or customer products. Therefore, this unified management platform empowers the CSP as the single provider of holistic digital security solutions for consumers. On top of the functionality needed to maintain our solution, there is significant additional value Allot is given to the CSP. Flexible and powerful management and monitoring tools, like full integration with Prometheus, which is our monitoring and alerting tool kit and Grafana, which is an interactive visualization tool, collection of KPIs and system behaviors, user activity, global threats and many more, advanced reports providing visibility into subscribers’ usage of the Internet, behavior attacks, devices, patterns that can allow targeted product offering and marketing as a source of additional revenue stream for the CSP. The solution should be really easy to use by the end user. The average consumer doesn’t understand anything about security. And our goal is to give him good protection without the concern of onboarding or maintaining its security solution. So first of all, there is no need for any application download. If you want to use the system as is, you can use it from day 1. The onboarding is seamless. If the consumer wants to do minimal configuration, it’s very easy and intuitive due to the multi-tenant architecture of the solution, the user receives personalized reports of free security status in which you can appreciate the value of the service. What is the consumer experience unification? Unified reporting and notification, block threats across all its enforcement points, the distribution, periodic reports, what we did for you report from all users in your family plans. The management Ui/UX is built to prove the value of the service, including security rating, in this case, a very high security level and overall this word like here in the last 24 hours there were three threats detected and zero files infected. Another aspect of the consumer experience unification is a user-centric management. Forget about the complexity of managing devices, products and technology and focus on user’s personal self reporting tools as an additional mechanism to show value. This report can be proactively sent to the user. And the unified policy activate the activate malware protection, allow block list, activate the activate categories, assign devices to users, you can choose which categories to glow. You can easily choose the quiet time you want for your kids. A layered management approach, simple configuration in one click. Usually, we will ask how long it will take for one competitor to build a solution like ours, which is unique today in the market. And the answer will be quite a long time. Why, the reasons can be divided in 2 categories because we have a very rich telco background and because we have a quite robust security experience. So what assets does our telco background give us? Scalability, we are able to process more than 50 terabytes per second – 15 terabytes per second, sorry. Experience to integrate solutions in complex CSP network and visibility, existing in line Allot deployments in major CSPs worldwide gives Allot a privileged understanding on Internet trends, which can drive product evolution to stay ahead of the market. What asset does our securities experience give us, unified end-to-end security for the consumer market, multi tenancy, personalized configuration and reports for unlimited number of users, existing deployments with more than 7 million active subscribers where each one has its own configuration and personalized reports. Go-to-market support, we partnered with the CSP to succeed in adoption rates Allot’s experience and the tools to create the right market in Germany. And our proven categorization and threat intelligence, our rich data component that takes a long, long time to compile. In order to stay leaders in the consumer cybersecurity market, we need to constantly think what’s next. We should continue adding value to our existing offering. Our privacy protection solution, which is a measure conserved these days, broaden our offering in the SMB market. A lot of businesses don’t have an IT department at all. And some of them have an IT department, but not the right skills to manage security controls. And many of them will be happy to get security services from the CSP. The 5G new world, together with the increase of IoT devices may offer new use cases like securing connected vehicles, mission-critical applications to be secure and much more. From the other hand, we at Allot, we sit in the network, and we see the network traffic. Therefore, we can offer additional data-driven security services like encrypted traffic analysis, insider fire protection. And we can identify new trends, allowing Allot the first to market with new product offerings. In summary, our current solution is strong, mature and with top-notch technology. 360-degree security, any place, any threat, any device bridge threat intelligence, sophisticated machine learning, algorithms and automation, global share sharing of patterns, our unified management, zero-touch personalization due to the multi-tenancy architecture. It will not be easy for other companies to close those gaps. Our wide experience in the telecom market, including scalability and understanding of CSP’s network, and our extensive experience in security, include multi tenancy, go-to-market, give us a great advantage. And finally, we have a significant strategic expansion opportunities, privacy protection, SMB, cybersecurity 360, 5G new use cases, data-driven security services and much more. Thank you very much for your time, and hope you are a little bit more knowledgeable about our cybersecurity offering.
Barry Spielman: Thank you, Yael. We are pleased to share with you now a few of our customer testimonials. At this time, I would like to hand it over to Ziv Leitman. Allot’s Chief Financial Officer, to discuss the revenue sharing business model, which has created a win-win situation for both CSPs and Allot and a significant opportunity. Ziv?
Ziv Leitman: Thank you, Barry. Hi, everybody. Thank you for attending our event. I would like to share with you a few slides, which will better explain our business model. Security is already an integral part of our offerings, and we have security revenues from our current installed base. In 2020, the total security revenues were $23 million which were 17% out of total revenues, $2 million out of these were SECaaS revenues. The balance of $21 million came from 3 sources; security CapEx deals, security and maintenance of CapEx deals from previous years, and CapEx deals of distributed denial of service or DDoS for short, which is a security product for protecting the CSP network itself. Our 2025 goal is that more than 50% of Allot’s total revenue will be derived from security and our Op is that almost all the security revenues will come from SECaaS type deals. In the coming slides, I will walk you through an example of how we are going after this very large total addressable market, which we presented before, so we can understand the process and the time it will take to build and ramp up the revenues. For internal and external purposes, we use a metric by the name of MAR, which stand for maximum annual revenues. The MAR represent total potential revenues from security as a service or SECaaS, under the assumption, of the 100% and customer penetration rate, which, of course, will never likely happen. Based on our past experience, the penetration rate after few years can vary form anything from single-digit percentages to more than 50%. And we find that this mainly depends on the go-to-market strategy executed by the CSP. In order to make sure that everybody understands the MAR mechanism I will use a simple example. Let’s assume that we are engaging with the mobile operator, which has 5 million subscribers. This CSP intends to offer the security service for an additional $1 per month, which is 5% of ARPU of about $20. As part of the revenue share agreement, let’s assume that Allot will receive one-third of the CSP revenues, which is a third of the $12 yearly fee, amounting to $4 per sub. So, if we multiply the yearly fee of Allot of $4 by the 5 million subscribers, we get to an MAR of the CSP of $20 million, which means if eventually, the penetration rate will be 25%, we will get yearly recurring revenues of $5 million. I want to stress that the sales cycle of these deals is rather long and can take up to 2 years after signing the contract, the implementation period can take even up to 1 year after the commercial launch, we should see a ramp-up in the penetration rate. So, if you look at the graph, we see an average penetration rate of approximately 4% in the first year, about 12% in the second year and about 20% in the third year. The accelerated growth in revenues will generally continue until we get to the $5 million, which represent in this simplistic example, a steady state penetration rate of 25%. The accumulated MAR of all deals signed by the end of 2020 was $280 million. More than 50% out of it will start generating revenues at the beginning of 2022 due to the long implementation process, as I just explained. I would like also to remind you that we provided guidance for additional MAR in 2021 of $180 million. Perhaps, we can also look at it from a different angle. If we take the expected cumulative MAR of 460 at the end of 2021 and assume a steady state penetration rate of 25%, then in a few years, we can expect just from this MAR figure, yearly SECaaS revenues of $150 million, which is the 25% out of the $460 million. The actual SECaaS revenues in 2020 were $2 million. The surprising last wave of COVID and the associated lockdowns around the world might push a little the timetable of some projects, implementations. However, we believe that despite these delays, we can still achieve annual SECaaS revenues of at least $6 million, of which most should come in the second half of the year. When applying project cycle mechanism, as described previously, keep adding each year, MAR of $180 million which identical to the guidance of 2021 and reaching penetration rate of 25% after 3 years. We get the following simulation. So for instance, in 2024, we should already come close to the magic number threshold of yearly recurring security revenues of $100 million. Most of our current recurring revenues for the entire company are coming from support and maintenance. So in 2022, we are expecting more than $60 million in recurring revenues due to the expected accelerated growth of SECaaS revenues, we anticipate that in a few years, the recurring revenues of the entire company will be more than 50% of total revenues. Of course, the proportion of the SECaaS revenues out of total recurring revenues will increase dramatically to more than two-third in a few years from now. I have just one slide regarding the entire company’s revenues. As in the last few quarters, we can see the perfect chart of revenues, steady growth. Q1 2021 revenues were $31 million and the gross margin of 70%, both in line with our expectations. Please remember that traditionally, Q1 is the weakest quarter in the year, while Q4 is the strongest. The Q1 OpEx was $24 million, which was lower than our plan due to R&D open positions, which we haven’t recruited for yet, and we hope to fill them in the near future. We would like to reiterate that our 2021 non-GAAP guidance is for revenues between $145 million to $150 million, gross margin of 70% and operating loss of $6 million to $8 million. Let me remind you that even though we were able to grow our DPI revenues in the last 3 years with a CAGR of 19%, we expect that in the future, the growth of our DPI revenues will be just in single digits. As explained, the accelerated growth of the company is expected to come from the SECaaS business. So now in order to sum up, there is a huge addressable market for our SECaaS business in the magnitude of billions of dollars, as Allot presented, we feel comfortable that we can overcome the challenges of the long sales and deployment cycle, and choosing the right go-to-market strategy. We are very excited about the opportunity to show accelerated growth in the recurring revenue starting next year and really turn Allot into a large cybersecurity company with a strong SECaaS model. As my last slide, I would like to share with you a regression simulation of Allot security valuation versus other security companies. In this graph, the x-axis represents projected revenue growth from 2021 to 2022, which is the independent variable. The y-axis represents the ratio of the current enterprise value to projected 2022 revenues, which is the dependent variable. We placed on the graph the data of 14 selected cybersecurity companies. Please note that we took their total revenue even though for some of the companies, a portion of their revenues are not considered recurring revenues. In addition, this revenue projection for 2022 were not issued by the companies, but by estimates from third-party sources. As a comparison, we placed Allot total projected revenue and the current enterprise value. As you can see in the lower left side of the graph. When we use just the projected SECaaS revenues growth of Allot, on the regression line, which mean calculating the dependent variable, we get a much higher theoretical valuation of Allot. As you can see on the upper right side, of the slide. By the way, the R square of this regression is 81%, which is relatively high. However, this simulation is just one metric and shouldn’t be considered as a comprehensive comparison or a formal recommendation regarding Allot valuation. Thank you.
Barry Spielman: Thank you, Ziv. So now we move on to the final part of our program, the Q&A session. We already have a few questions that were sent in.
A - Erez Antebi: Thank you, Barry. Thank you, everyone. Okay. We have a few questions already. I’ll read the questions out loud, and then we will try to answer. What caused the big rise in deferred revenue this quarter. Ziv?
Ziv Leitman: The deferred revenue this quarter, it was $51 million compared to $36 million. In the previous quarter. The increase is due to payments that we got from customers. For deals which were not recognized yet. Traditionally, in the past few years, the deferred revenues were between $30 million to $40 million. So the current level is rather high, and we expect that in the future, it will be a little bit lower as it was in the previous years.
Erez Antebi: Okay. Does your mobile security product, screen robo calls? No, it does not. The product we provide, like Yael explained, his is doing anti malware, anti-phishing antivirus but it does not provide at this stage at least. We do not provide anti-robocall. Okay. Can you elaborate on the impact of COVID to Allot business and has it changed in the last few months? Yes, I can. There has been – as you know, there is been the last few months, there has been a rise in COVID in the COVID, I would say, crisis actually throughout Europe. Asia Pacific and Latin America. Israel is in a really good situation from COVID and the United States is gladly getting there. But there were many lockdowns in the rest of the world during the last few months. So to some extent, it’s also delaying some of the launches that were planned by a bit more. And probably as a result of that, we may have some impact, but we still believe we will make our $6 million of recurring security revenue for 2021, like Ziv explained earlier. Okay. Was the Colonial pipeline hack? Is there an opportunity for you to partner with another cybersecurity provider to capture this market? Yael, do you want to take this?
Yael Villa: So definitely, we are partnering with customers. We don’t believe in having an organic solution for every type of malicious activity. And this is not something that we are considering right now, but we are going to consider in the future.
Erez Antebi: Okay. Thank you. Before developing the SaaS model, you did perpetual software license deals with some large carriers, are they eventually candidates for the SaaS model? I think by and large, the answer is no. There may be some exceptions, but customers who have bought perpetual license really have very little incentive to move to another model where they would actually pay us more money. I think the fundamental of the SaaS model is that we, as a look, take a very significant part of the risk upfront. And therefore, the operator does not have to take any risk score. It takes a very, very low risk. And therefore, if the service succeeds, we get paid a lot more and over time. Those who have bought perpetual licenses have already taken that risk. So the switch between those is not I do not expect that there may be specific cases, but in general, I do not expect that to happen. When will the DISH deal start to hit your revenue line? Look, DISH is planning to launch their 5G network this year. And I do not expect them to have too many customers this year. So I don’t expect there to be too much of that during 2021. But it’s yet to be seen. We will see how the launch goes, we will see the exact timing, and this will depend on that. Since signing the deal with DISH, has there been more interest in your 5 G business? And if so, can you enlighten us? Well, I’m glad to say that there has been there is ongoing interest in our 5G business. That started before we signed the deal with DISH and it’s continuing and actually growing after that. I think there are several accounts that we are currently in active engagement, and I hope to be able to share some news once we hopefully close such an account. We will share that with you. But I think in general, I think the outlook is positive. What is the – what do you think is the size or potential size for the 5G net protect market? Look, it’s okay continue – what I said before. 5G networks are getting launched around the world. And like we talked about during the presentation, there is a need to secure 5G networks. That is larger than was the need even on 4G network. So I think there is a growing interest in our ability to protect the 5G network data plan. I believe that this is potentially a business of hundreds of millions of dollars, not necessarily for Allot, but as a market, I think it is not that size today because 5G networks are very small still, but as it will grow and the need for to protect them will be large. If we look at the size of protection for current 4G networks, and we are we look at where this will end up being for 5G in several years. I think there is a total addressable market that should be in a few hundreds of millions of dollars for that business. You talked about security for SMB and consumer. Why doesn’t Allot provide security also for enterprises? Well, I think like we try to explain it’s a totally different market, okay? It’s – the enterprise market is one where the bank persona is an IT department in an enterprise. They are trying to protect the company or that enterprise itself from many times, not just generic attacks at any times direct attacks on the enterprise, try and focused on them trying to get information or other things out of the company. Now there are many security companies that are dealing with us. Check Point, Paulo Alto, CrowdStrike, many security companies that are developing technology to exactly focus on protecting enterprises from those kinds of very, very significant attacks. Comparable to that, consumers, SMBs are also under attack, but not so much under individual targeted attack. It’s more sort of blanket attacks across the board were where the attacker is growing sort of think of it as a phishing net and trying to catch from whomever they can. And that is where we excel. We know how to take the technology and massify it in a way that protects the mass market of consumers and SMBs. And it’s different capabilities and is required to protect the enterprise market. So we are trying to focus on what we are good at and what the other companies in the security market, the vast majority of them are less good at. So they are good at targeted attacks for enterprise. We are good at massive attacks on consumer and SMBs, and we are focusing on that area. How much latency does your security solution add to subscribers traffic? Yael?
Yael Villa: I think – yes, I feel from almost non-secured to our – basically doesn’t perceive any latency issues do.
Erez Antebi: Who do you compete with on 5G net protect? In protecting the network itself the 5G network itself, we’re competing, I think, with the companies that are providing DDoS protection for the 4G networks. These would be companies like Arbor, for example, a Radware, etcetera. I would expect to find them, what you expect. I am finding them as the competitors in this area. There may end up having more competitors in the future, but those are the main ones. Can you discuss any progress you are making with the Broadcom relationship? What are your future expectations for these products? I’ll remind everyone that the Broadcom relationship, it’s a deal that we signed approximately 1 year ago with Broadcom, where Broadcom had a product line, Packeteer, which is a DPI traffic management product line for enterprises. And we were in our DPI business. We were competing with them with our DPI product. And we signed a deal a year ago with Broadcom, where they – where Broadcom basically did end-of-life for the Packeteer platform and agreed to steer customers, distributors and so on. That are – we are interested in continuing with the onsite traffic management like Packeteer and Allot, to bring them to Allot and – or sorry, refer them to Allot. And recommend that they buy the Allot product. I can say that it’s going very well. We are signing up more and more value-added resellers and distributors. That were formally distributing Broadcom product. We are gaining market share, and we are growing our bookings and revenues in that business. And I believe that this year, we should be growing significantly the enterprise – the enterprise portion of our business to a very large extent due to the Broadcom deal that we did. Okay, a bit of a long question. Thank you for providing very helpful analysis and revenue build for future years. Is the assumption of $180 million MAR per year conservative. It seems possible that a single large operator could represent $300 million or even $500 million of MAR using even the low end of your assumptions. In connection with this, could you elaborate on traction in North America market outside the recent win with DISH? Look, I think it’s – I would like the $180 million to be conservative, but I honestly don’t know. I think we’re taking a realistic target for this year. If – I hope that we will be able to exceed it, but I don’t know and the – what is going to be the MAR for any individual customer, depends to a large degree on exactly what is the deal that we will sign with them. Is it possible that a single large operator could present a larger MAR of several hundred millions of dollars, it could very well be. But also remember that the larger the operator there is also a larger leverage in the – from their part in striking the deal with us, including the possibility to put some sort of cap at on very, very high and very high penetration numbers cap in terms of what they will pay us. So I think we’re taking a realistic number with $180 million. We hope to be able to do better than that, but we don’t want to create sort of illusions on this. Traction in North America market, I think, is now very good. I think I talked about it in the previous earnings call, what we are seeing now that we did not see a year ago even is significant interest from several North American operators to provide security as a service to their customer base. This provide network-based security as a service to their customer base. This was not the case 1 year or 1.5 years ago. We’re engaged with several operators in North America. The first one we signed the deal with the – on protecting the network itself was with DISH, like we announced, and we expect to sign a deal with DISH also on the security as a service, on network-based security as a service for their customers. We are in active engagement and this, I mean, and some of it in trials, some of it in even in commercial discussions with other operators. So I am optimistic, but yet to be seen if we close the turn up. I am hopeful. Can you elaborate on the difference between your offering to DISH and Palo Alto’s offering to them in terms of the 5G solution? Palo Alto, I’m not an expert on Palo Alto, so I’ll phrase it in general terms. Palo Alto is basically offering a firewall that is protecting sort of the entry and exit from the network, mostly the entry into the network from various types of attacks, but this is a firewall. What we provide is the ability to do real-time analysis of the traffic that is going on the network and identifying attacks that have managed to pass the firewall. They could have passed it because they were abrupt. They could have passed it because it’s an unknown source. There are various reasons why things do pass firewall. To a large extent, we’re also the main protection from a tax that originate inside the network such as bots that are connected to the network and are not trying to attack the network itself whether actually trying to use the network as a means to attack someone else, which is also very important. So it’s really – these are, I would say, these are solutions that complement each other. What accounts for gross margin declining from 74% to 70%? Ziv?
Ziv Leitman: So in the last few years, the average gross margin was around 70%. Specifically, in the first quarter of last year, there was an extraordinary one-time favorable mix of products, but it was something unusual. So we can expect that the average would be around 70% as it was in this quarter.
Erez Antebi: Is DISH, your other U.S. providers seriously looking at your recurring revenue technology? The answer is, absolutely yes. And I think I answered a similar question. Yes. There is a lot of interest today in the North American market for this. And it’s very different than what we saw previously. So I think I’m positive – I have a positive outlook on what I expect to happen in North America on this. Security as a service seems like a no-brainer for any operator. Why don’t all operators launch this service immediately, okay? We would like them too. They are taking their time. Look, I think it’s for a few reasons. First of all, let’s face it, communication service providers, operators, are relatively, I would call it, slow-moving entities. They have large networks to take care of. They have many millions of customers they are concerned of disrupting the current business that they have. So things take time with operators. And I think anybody who’s worked with operators can appreciate it. That’s why it takes between 1 to 2 years to close a deal of the implementation, testing, integration, etcetera, etcetera, would take between 9 to 12 months easily until the service is actually launched. Even though technically, we could launch it much, much faster. There – it’s not that much work, but there is a lot of testing, making sure and so it’s going into. I think that one of the things that operators are looking at today is that they have launched over the years many different value-added services. And when you talk to operators worldwide, they typically think that the value-added service is something that is – that will provide a 2%, 3%, 4% penetration, just like security apps that they are selling, right? That’s about what the penetration rates they expect to see. And here we are coming with a different security solution, and that says, no, this is – you can sell this to the market as a value-added service, but you are able to get if you have the right go to market, you’re able to get much, much higher penetration rates. So this is a relatively new concept. And being a bit more conservative, taking time to make such decisions tends to make their decisions a little more prolonged and more delayed than we would like them. However, having said that, I think that there are more and more operators that are saying today that this is indeed a significant service. They are seeing the success that other operators are enjoying, started out with a small number of our other operators. It’s growing slowly, gradually, but slowly. So more and more operators are starting to be convinced that, yes, indeed, they should launch such a service. So I talked earlier that we – that in answer to a different question that we are seeing North American operators interested in this in a way that we did not see a year, 1.5 year ago, in – throughout Europe, for example, we are seeing RFPs to launch for a technology company such as ourselves, to partner with the operator and launch security as a service to the consumer and SMB market. And there are many more RFPs now than there were 2 years ago. So it’s taking time. It’s taking them more time than I would like. But slowly, but surely, I believe they are getting there. We talked about – Does 5G NetProtect revenue depend on customers. No, it does not. The NetProtect is a product that protects the 5G network itself. So that is a deal that we did with DISH to protect the network itself and our revenues does not depend on customers. It’s really the protecting network itself. The other deal that we hope and believe we will sign with DISH for launching security as a service to their consumer and small businesses. Customers, that will be a recurring revenue deal, like we talked about today during the presentations that will depend our revenue will depend on the number of customers that sign up on. What type of indemnity agreements do you have in place with your CSP partner and the event there is a network outage that the CSP partner could not be held liable? It varies. But generally, we’ve been working with operators for many years as a company. We’ve been working with them and putting in line technology for many years in DPI and recently more and more for security. We are, of course, we do have liability clauses in the contract we cause major disruptions and so on. We have clauses of penalties, etcetera, but they are – I would say they are the standard in the industry. It’s not something that suddenly all the revenues of the operator reliable for that. That’s not the kind of things. It’s you normally sign a deal for a certain amount. We are – we stand behind our product. There are penalties to pay if we do not meet our obligations, and I believe that I wouldn’t say never ever, but it’s not – we don’t pay penalties as a general sentence, we’re okay. How do you secure connectivity into the network via other means, for example, the laptop connecting over the Wi-Fi at a coffee bar, i.e., not via the in-home router.
Yael Villa: So we have an enforcement point exactly for that use case in which there is no mobile connection of the CPE connection, but Wi-Fi connection, our endpoint secure solution is taking care of that.
Erez Antebi: And it’s under the same umbrella?
Yael Villa: Under the same umbrella, same look and feel, same management system, everything the same.
Erez Antebi: I would add to that just a comment that while we have the capability, most people, even when they buy a combined package of network-based security and endpoint security, most people don’t download the endpoint. For the same reasons we talked about today. They just don’t bother to do it. So it’s there, technically. We provide a full suite solution, but the same inhibitor to actually downloading exist here as well. What do you guys lose sleep over? Okay. Personally, I try to sleep well. It helps me work the next day. I think – look, I think the – I think we explained what we’re going up, right? We want to sign up more operators. We want these operators to go aggressively into the market and sign up and get more and more customers using the network. By not sure losing sleep is the right phrase to use. But if you ask, what we are focusing our efforts on, it’s that. Ziv?
Ziv Leitman: Think we have, as was presented we have a huge addressable market. There is a need to flow for our product, for our solution. And the challenge is, the execution and the execution is the long sales cycle, the long implementation cycle. And this is our challenges. That’s we are focusing. But we are very optimistic that we will overcome those challenges.
Erez Antebi: You mentioned your hope is that future revenues in security would be largely SECaaS, will 5G UPP, user claim protection, CapEx deals fall in DPI or security revenues and given your view of a multi-hundred million dollar TAM in 5G. Could this represent upside to growth in non-SECaaS. CapEx deals, UPP is a security product. So we count it as security revenues. And yes, this is an upside to growth in our non-SECaaS security revenues. Is the revenue model for the deal with DISH recurring also is for? Again, two deals with DISH, one that we signed and closed, which is NetProtect to protect the network itself, user plane protection. That’s a CapEx deal. Not recurring revenue, that is signed and done. We have another deal pending with DISH that we’ve both announced together that we fully expect to sign it, for – but we have not signed it yet for recurring revenue – sorry, for security as a service for their consumers and SMBs that will be a recurring revenue deal for us. When will your company be sustainably EBITDA positive? How much cost investment do you need going forward? Ziv?
Ziv Leitman: So according to our guidance this year, we will have a negative EBITDA of a few millions of dollars. Currently, our main priority is to focus on growth. But we know that growth, it’s just a mean in order to provide profitability because the – our goal to provide profitability and positive EBITDA and positive cash flow. But the mean is to grow the company. So we didn’t provide guidance for next year. But definitely, in the next few years, we will have – will be EBITDA positive.
Erez Antebi: I think I’m going through the questions here. I think many of them are repeating questions we already answered. Okay, okay. Thank you – I want to thank everyone for participating on this day. I really appreciate the time, and I appreciate everyone who stayed we stayed on until now. It’s not trivial. And it’s not taken for granted. So thank you for your interest in Allot. And I really, really hope to meet with you definitely in the next earnings call, but hopefully, with some of you before that and hopefully even face-to-face. Thank you very much.
