Company Quick10K Filing
Quick10K
A10 Networks
Closing Price ($) Shares Out (MM) Market Cap ($MM)
$6.85 75 $514
10-K 2018-12-31 Annual: 2018-12-31
10-Q 2018-09-30 Quarter: 2018-09-30
10-Q 2018-06-30 Quarter: 2018-06-30
10-Q 2018-03-31 Quarter: 2018-03-31
10-K 2017-12-31 Annual: 2017-12-31
10-Q 2017-09-30 Quarter: 2017-09-30
10-Q 2017-06-30 Quarter: 2017-06-30
10-Q 2017-03-31 Quarter: 2017-03-31
10-K 2016-12-31 Annual: 2016-12-31
10-Q 2016-09-30 Quarter: 2016-09-30
10-Q 2016-06-30 Quarter: 2016-06-30
10-Q 2016-03-31 Quarter: 2016-03-31
10-K 2015-12-31 Annual: 2015-12-31
10-Q 2015-09-30 Quarter: 2015-09-30
10-Q 2015-06-30 Quarter: 2015-06-30
10-Q 2015-03-31 Quarter: 2015-03-31
10-K 2014-12-31 Annual: 2014-12-31
10-Q 2014-09-30 Quarter: 2014-09-30
10-Q 2014-06-30 Quarter: 2014-06-30
10-Q 2014-03-31 Quarter: 2014-03-31
8-K 2019-02-07 Earnings, Exhibits
8-K 2019-01-08 Amend Bylaw, Exhibits
8-K 2018-11-07 Amend Bylaw, Shareholder Vote, Exhibits
8-K 2018-10-30 Earnings, Exhibits
8-K 2018-08-31
8-K 2018-08-30 Earnings, Exhibits
8-K 2018-07-02 Amendment, Exhibits
8-K 2018-04-03 Exhibits
8-K 2018-03-14 Enter Agreement, Officers, Exhibits
8-K 2018-02-26 Amend Bylaw, Other Events
8-K 2018-01-30 Other Events, Exhibits
8-K 2018-01-16 Earnings, Exhibits
Z Zillow Group 7,810
EVBG Everbridge 2,320
DLPH Delphi Technologies 2,300
WPG Washington Prime Group 897
MGIC Magic Software Enterprises 455
RMNI Rimini Street 335
MOTS Motus Gi Holdings 82
BCOM B Communications 73
BSRC Biosolar 0
COOL Cool Technologies 0
ATEN 2018-12-31
Part I
Item 1. Business
Item 1A. Risk Factors
Item 1B. Unresolved Staff Comments
Item 2. Properties
Item 3. Legal Proceedings
Item 4. Mine Safety Disclosure
Part II
Item 5. Market for Registrant's Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities
Item 6. Selected Financial Data
Item 7. Management's Discussion and Analysis of Financial Condition and Results of Operations
Item 7A. Quantitative and Qualitative Disclosures About Market Risk
Item 8. Financial Statements and Supplementary Data
Item 9. Changes in and Disagreements with Accountants on Accounting and Financial Disclosure
Item 9A. Controls and Procedures
Item 9B. Other Information
Part III
Item 10. Directors, Executive Officers and Corporate Governance
Item 11. Executive Compensation
Item 12. Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters
Item 13. Certain Relationships and Related Transactions, and Director Independence.
Item 14. Principal Accounting Fees and Services
Part IV
Item 15. Exhibits, Financial Statement Schedules
Item 16. Form 10-K Summary
EX-10.4 a12312018exhibit104.htm
EX-21.1 a12312018exhibit211.htm
EX-23.1 a12312018exhibit231.htm
EX-31.1 a12312018exhibit311.htm
EX-31.2 a12312018exhibit312.htm
EX-32.1 a12312018exhibit321.htm
EX-32.2 a12312018exhibit322.htm

A10 Networks Earnings 2018-12-31

ATEN 10K Annual Report

Balance SheetIncome StatementCash Flow

10-K 1 a1231201810-k.htm 10-K Document
 
UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
 
 
Form 10-K
 
 
(Mark One)
x
ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
For the fiscal year ended December 31, 2018
OR
¨

TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
For the transition period from              to             
Commission file number: 001-36343
 
A10 NETWORKS, INC.
(Exact Name of Registrant as Specified in its Charter)
 
 
Delaware
 
20-1446869
(State or Other Jurisdiction of
Incorporation or Organization)
 
(I.R.S. Employer
Identification No.)
3 West Plumeria Drive, San Jose, California 95134
(Address of Principal Executive Offices and Zip Code)
(408) 325-8668
(Registrant’s Telephone Number, Including Area Code)
 
 
Securities registered pursuant to Section 12(b) of the Act:
Title of Each Class
 
Name of Each Exchange on Which Registered
Common Stock, $.00001 Par Value
 
New York Stock Exchange
Securities registered pursuant to Section 12(g) of the Act:
None.
Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act.     Yes  ¨    No   x
Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act.     Yes ¨    No   x
Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.     Yes  x    No   ¨
Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§ 232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files).     Yes  x    No   ¨
Indicate by check mark if disclosure of delinquent filers pursuant to Item 405 of Regulation S-K (§ 229.405 of this chapter) is not contained herein, and will not be contained, to the best of registrant’s knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-K or any amendment to this Form 10-K. x
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and "emerging growth company" in Rule 12b-2 of the Exchange Act.
Large accelerated filer
¨
Accelerated filer
x
Non-accelerated filer
¨
Smaller reporting company
¨

 
 
Emerging growth company
x
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. x
Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act).  Yes   ¨   No   x
The aggregate market value of the registrant’s common stock held by non-affiliates of the registrant as of June 29, 2018 (the last business day of the registrant’s most recently completed second fiscal quarter) was approximately $254.7 million, based upon the closing sale price of such stock on the New York Stock Exchange. For purposes of this disclosure, shares of common stock held or controlled by executive officers and directors of the registrant and by persons who hold more than 5% of the outstanding shares of common stock have been treated as shares held by affiliates. However, such treatment should not be construed as an admission that any such person is an “affiliate” of the registrant. The registrant has no non-voting common equity.
As of February 28, 2019, the number of outstanding shares of the registrant’s common stock, par value $0.00001 per share, was 75,050,848.

DOCUMENTS INCORPORATED BY REFERENCE

Portions of the registrant’s definitive Proxy Statement for the 2019 Annual Stockholders’ Meeting, which the registrant expects to file with the Securities and Exchange Commission within 120 days of December 31, 2018, are incorporated by reference into Part III (Items 10, 11,12, 13 and 14) of this Annual Report on Form 10-K.
 



A10 NETWORKS, INC.
ANNUAL REPORT ON FORM 10-K
FOR THE YEAR ENDED DECEMBER 31, 2018
TABLE OF CONTENTS
 
 
Page
 
 
 
 
 
Item 1.
Item 1A.
Item 1B.
Item 2.
Item 3.
Item 4.
 
 
 
 
 
Item 5.
Item 6.
Item 7.
Item 7A.
Item 8.
Item 9.
Item 9A.
Item 9B.
 
 
 
 
 
Item 10.
Item 11.
Item 12.
Item 13.
Item 14.
 
 
 
 
Item 15.
Item 16.

1


FORWARDLOOKING STATEMENTS

This Annual Report on Form 10-K contains forwardlooking statements made pursuant to the provisions of Section 21E of the Securities Exchange Act of 1934. These forwardlooking statements are based on management’s current expectations and beliefs, including estimates and projections about our industry. The following discussion and analysis contains forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. The words “believe,” “may,” “will,” “potentially,” “estimate,” “continue,” “anticipate,” “intend,” “could,” “would,” “project,” “plan,” “expect,” and similar expressions that convey uncertainty of future events or outcomes are intended to identify forward-looking statements.

These forward-looking statements include, but are not limited to, statements concerning the following:
our ability to provide customers with improved benefits relating to their applications;
our ability to maintain an adequate rate of revenue growth;
our ability to successfully anticipate market needs and opportunities;
our business plan and our ability to effectively manage our growth;
our ability to timely file financial, periodic and current reports required by the Exchange Act;
loss or delay of expected purchases by our largest end-customers;
our ability to further penetrate our existing customer base;
our ability to displace existing products in established markets;
continued growth in markets relating to network security;
our ability to timely and effectively scale and adapt our existing technology;
our ability to innovate new products and bring them to market in a timely manner;
our ability to expand internationally;
the effects of increased competition in our market and our ability to compete effectively;
the effects of seasonal trends on our results of operations;
the timing and amount of our subscription revenue;
our expectations concerning relationships with third parties;
the attraction and retention of qualified employees and key personnel;
our ability to achieve or maintain profitability while continuing to invest in our sales, marketing and research and development teams;
variations in product mix or geographic locations of our sales;
fluctuations in currency exchange rates;
increased cost requirements of being a public company and future sales of substantial amounts of our common stock in the public markets;
the cost and potential outcomes of litigation;
our ability to maintain, protect, and enhance our brand and intellectual property;
future acquisitions of or investments in complementary companies, products, services or technologies;
our ability to effectively integrate operations of entities we have acquired or may acquire; and
actions relating to the remediation of identified material weaknesses.

These forward-looking statements are subject to a number of risks, uncertainties, and assumptions, including those described in Item 1A Risk Factors and elsewhere in this Annual Report on Form 10-K. Moreover, we operate in a very competitive and rapidly changing environment, and new risks emerge from time to time. It is not possible for our management to predict all risks, nor can we assess the impact of all factors on our business or the extent to which any factor, or combination of factors, may cause actual results to differ materially from those contained in any forward-looking statements we may make. In light of these risks, uncertainties, and assumptions, the forward-looking events and circumstances discussed in this Annual Report on Form 10-K may not occur and actual results could differ materially and adversely from those anticipated or implied in the forward-looking statements.


2


You should not rely upon forward-looking statements as predictions of future events. Although we believe that the expectations reflected in the forward-looking statements are reasonable, we cannot guarantee that the future results, levels of activity, performance or events and circumstances reflected in the forward-looking statements will be achieved or occur. Moreover, neither we nor any other person assumes responsibility for the accuracy and completeness of the forward-looking statements. We undertake no obligation to update publicly any forward-looking statements for any reason after the date of this Annual Report on Form 10-K to conform these statements to actual results or to changes in our expectations, except as required by law. 

Our investor relations Web site is located at https://investors.a10networks.com. We intend to use our investor relations Web site as a means of disclosing material non-public information and for complying with our disclosure obligations under Regulation FD. Accordingly, investors should monitor this portion of our Web site, in addition to following press releases, Securities and Exchange Commission, or SEC, filings and public conference calls and webcasts. We also make available, free of charge, on our investor relations Web site under “SEC Filings,” our Annual Reports on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K and amendments to these reports as soon as reasonably practicable after electronically filing or furnishing those reports to the SEC.

3


PART I

Item 1. Business

Overview
We are a leading provider of secure application solutions and services that enable a new generation of intelligently connected companies with the ability to continuously improve cyber protection and digital responsiveness across dynamic Information Technology (“IT”) and network infrastructures. Our portfolio of software and hardware solutions combines industry-leading performance and scale with advanced intelligent automation, machine learning, data driven analytics, and threat intelligence to ensure security and availability of customer applications across their multi-cloud and mobile infrastructure networks, including on-premise, private and public clouds. As the cyber threat landscape intensifies and network architectures evolve, we are committed to providing customers with greater connected intelligence to improve the security, visibility, automation, availability, flexibility, management and performance of their applications. Our customers include leading cloud providers, web-scale businesses, service providers, government organizations, and enterprises.

Industry Trends & Market Drivers
The digitization of business has made applications a critical ingredient in virtually every aspect of operations. How safely and efficiently applications perform determines how businesses perform, how they compete, grow, and stand out in the marketplace. The application networking and security industry is experiencing dynamic shifts in the way applications are developed, delivered, monetized and protected. Our corporate strategy and technology address these evolving needs of our customers and industry, including:

Increased Adoption of Cloud Applications. For decades, businesses operated with applications based in physical, appliance-based data centers. While these traditional applications remain central to businesses around the world, a new genre of cloud-based applications is emerging, presenting new opportunities and challenges that require organizations to reassess the visibility, performance and security of their applications. Some of these challenges relate to how a business effectively manages secure application services across various data centers and cloud types - whether private, public or hybrid clouds. Over time, more and more applications may be born in the cloud, while some applications that existed in traditional data centers may migrate to clouds as well. To address this shift, businesses will need solutions that bridge both traditional and cloud-based application environments and centrally manage all secure application services holistically in this multi-cloud world.

Increased Network Complexity and New Infrastructure Paradigms. Traditional IT vendors may need to shift from hardware-centric models to software-defined approaches to improve agility for critical applications, and subsequently, their business operations. Ensuring product portfolios adapt and diversify to include newer virtualized software, container based software and cloud-based offerings are key factors determining future market leadership and competitive landscapes.

Growing Importance of Automation and Orchestration. As applications increasingly move to a multi-cloud environment, the deployment of orchestration and automation tools has become essential to efficiently automating the deployment and operations of security and application services. There is a need for increased operational efficiency and agility, improved detection and reporting of security anomalies, enhanced end-user experiences and reduced total cost of ownership (“TCO”), simplified management of distributed application services, improved capacity planning and optimized multi-cloud software lifecycle management. By deploying newly developed secure application delivery automation and predictive analytics tools, enterprises are able to visualize their application performance, detect anomalous trends and fully automate their application delivery and network security.

The Rise of DDoS Attacks. The cyberthreat landscape continues to intensify and grow. Malicious actors and cybercriminals such as hacktivists, amateur hackers, and foreign military and intelligence organizations target data centers of every type. Distributed Denial of Service (“DDoS”) attacks are increasing in size, frequency, complexity and notoriety. IT defenders are faced with the increasing sophistication of adversaries who are responsible for the size and frequency of these attacks.

A DDoS attack seeks to render a target network or website unavailable by orchestrating coordinated attacks from massive worldwide networks of compromised endpoints, called botnets. Compromised endpoints can be computing

4


devices or “Internet of Things” driven devices like video cameras. Any internet-connected device can be vulnerable to hackers and utilized as part of a botnet.

Rapid growth of TLS/SSL, Encrypted Applications, and Hidden Threats. Many applications use Transport Layer Security (TLS) and Secure Sockets Layer (“SSL”) protocols. Cyber criminals exploit the protocol to hide malicious malware within encrypted channels and carry out attacks against businesses and users. This malicious trend drives demand for greater visibility within SSL-encrypted channels. Businesses need a way to decrypt traffic and apply outbound security policies efficiently, and require an effective way to inspect, identify, and remediate malicious traffic, then re-encrypt traffic and deliver it quickly to its destination. Conducting this process efficiently without placing a “security performance tax” on the user experience is a critical requirement.

The Advent of 5G Networks and a Smart World. The growing deployment of commercial 5G networks will bring massive increases in network throughput and significant new business opportunities for mobile carriers. It will also require a new generation of security infrastructure capable of handling the growing capacity requirements and complex management needs of 5G networks. Capacity requirements increase dramatically in 5G networks due to substantial increases in concurrent sessions, lower packet size and higher connections per second. Operators must dramatically lower latency, reduce total cost of ownership, and improve efficiency which may require advanced consolidation of network functions at the core. Meanwhile, the scope and size of DDoS attacks may also increase dramatically with the proliferation of connected devices and traffic, due in large part to the expansion of IoT/Machine-to-Machine traffic coming from new 5G-delivered Smart World applications. To address these requirements, mobile operators will need new solutions that provide hyperscale and increased performance, richer feature sets, and rich automation, analytics and threat intelligence.

Need for Advanced Multi-Cloud Secure Application Service Solutions. To address these challenges, advanced and integrated solutions for managing secure application services across businesses’ application environments are needed. Of the many solution requirements, some of the more critical include:

Ability to Centrally Manage Traditional and Cloud Environments. As more applications are born in the cloud, and they operate alongside traditional applications supported by on-premise and appliance-based data centers, application delivery and security solutions will be called upon to span traditional and cloud-based environments. In doing so, solutions must centrally control and manage secure application services across any combination of traditional data centers and a myriad of different clouds. To support data centers and different cloud types, solutions require a variety of form factors; hardware, software (i.e. virtual, bare metal and containers) and cloud-based offerings.
Clear Visibility and Sophisticated Analytics. The effectiveness of application performance and security depends greatly on the level of visibility a business has into its application traffic. That visibility must be able to span any number of data centers and cloud types to ensure a holistic view of security threats and performance issues affecting applications. The deeper and clearer the visibility, the better the analytics and actionable information that can be applied to enhancing application performance and protection. Secure application service solutions must be driven by solid visibility and per-app analytics.
Ability to Scale. Performance and security at scale are paramount in today’s dynamic application environments. Solutions need to analyze application traffic quickly and enhance performance and security in traditional and cloud-based application environments in a centrally managed manner. With the rapid adoption of IoT devices, and the advent of 5G, we believe scale will become imperative.
Sophisticated Security Functionality. Secure application service solutions must detect and mitigate sophisticated cybersecurity threats, such as malicious threats hiding in encrypted traffic and DDoS attacks. To defend against the rising volume of sophisticated cyber-attacks, solutions require exceptional performance and scale without dramatically increasing footprint and total cost of ownership.

Product Portfolio
Our product portfolio seeks to address many of the aforementioned challenges and solution requirements. The portfolio consists of six secure application solutions and two intelligent management and automation tools.


5


Our software solutions are available to be delivered in a variety of form factors, such as embedded in optimized hardware appliances, as bare metal software, containerized software, virtual appliances and cloud-native software. While our revenue to date has predominantly derived from delivery of our proprietary software, on a perpetual license basis, embedded in optimized hardware, this model has begun to evolve in various ways, including, among others, term licenses, subscriptions, and software-only models. Our comprehensive and flexible application solutions portfolio, combined with our Harmony Controller positions the Company to address the growing need for shifting workloads to a mix of private clouds and public clouds. A10 Harmony Controller is built on microservices and container technologies and offers a multi-tenant, highly scalable controller architecture that incorporates real-time and predictive analytics at a per-app level and central management and orchestration of secure application services across hybrid environments - from physical data centers to public, private and hybrid clouds. 

The following is an overview of our portfolio:

Secure application solutions:
1.Thunder Application Delivery Controller (“ADC”)
2.Lightning Application Delivery Controller (“Lightning ADC”)
3.Thunder Carrier Grade Networking (“CGN”)
4.Thunder Threat Protection System (“TPS”)
5.Thunder SSL Insight (“SSLi”)
6.Thunder Convergent Firewall (“CFW”)

Intelligent management and automation tools:
1.Harmony Controller
2.aGalaxy TPS

The following is a further overview of our portfolio:

Secure Application Solutions
1.
Thunder Application Delivery Controller. Thunder ADC provides advanced server load balancing, including global server load balancing, high availability, aFleX scripting, aVCS, ADP multi-tenancy, SSL, offload, acceleration, caching and compression, web application firewall (“WAF”), domain name server (“DNS”) application firewall (“DAF”) and others. ADCs are typically deployed in front of a server farm within a data center, including web, application and database servers.

2.
Lightning Application Delivery Controller. Lightning ADC services ADC functionality in the cloud, increasing the agility and reducing costs for customers. Introduced after the acquisition of Appcito, Inc. (“Appcito”) in 2016, Lightning ADC is a cloud-native software-as-a-service (“SaaS”) platform designed to boost the delivery and security of applications and microservices across public, private and hybrid clouds, enabling ADC-as-a-service. Central to the Lightning ADC is the SaaS-based A10 Harmony Controller, which provides central management, policy configuration, and a big data repository and analytics engine.

3.
Thunder Carrier Grade Networking. Thunder CGN extends the life of increasingly scarce IPv4 address blocks and their associated infrastructure using Carrier-Grade network address translation (“CGNAT”), and also provides translation solutions to the IPv6 addressing standard. Our CGN solution is typically deployed in service provider networks to provide standards-compliant address and protocol translation services between varying types of IP addresses, and has been successfully implemented by many large service providers around the world.

4.
Thunder Threat Protection System. Thunder TPS solution provides high-volume, large-scale protection for customers’ networks and server resources against massive DDoS attacks. TPS is typically deployed at the perimeter of the networks to protect internal network resources from large-scale, volumetric and multi-vector attacks. In 2017, we enhanced the TPS solution with the launch of a dedicated detector function, improved workflow and automation in aGalaxy TPS. In 2018 we enhanced our TPS detection capabilities with the One-DDoS solution, which enables Thunder ADC, CGN, and CFW solutions to act as in-line detectors, to enhance application and infrastructure detection. We also added TPS Dynamic Attack Pattern Recognition (DAPR) for

6


automatic attack learning, to identify and thwart zero-day attacks, and enhanced machine learning (ML) with always-on adaptive learning. TPS is augmented by the A10 Threat Intelligence Service which can block known bad connections (i.e., IP addresses) from entering protected networks. This service is based on software licensed from ThreatSTOP, Inc. and A10 threat research.

5.
Thunder SSL Insight. Thunder SSLi eliminates the inherent blind spots created by SSL encryption by offloading CPU-intensive SSL decryption functions that enable security devices to inspect and remove malware within encrypted traffic. Thunder SSLi decrypts SSL-encrypted traffic and forwards it to a third-party security device, such as a firewall, for deep packet inspection (“DPI”). Once the traffic has been analyzed and scrubbed, Thunder SSLi re-encrypts the traffic and forwards it to its intended destination.

6.
Thunder Convergent Firewall. Thunder CFW addresses multiple critical security capabilities in one package by consolidating multiple security and networking functions in a single appliance, helping customers significantly lower capital and operating expenses. Its performance and scale deliver superior value to customers, all within a small form factor, and streamlines customer operations with a cloud-ready programmable platform.

Thunder CFW includes:
A high-performance Secure Web Gateway with integrated explicit proxy, URL filtering and SSL visibility, enabling security policy enforcement for outbound HTTP/HTTPS client traffic. Our solution includes an Office 365 proxy to provide scalability, performance, and security to overcome deployment and operational challenges.
A high-performance data center firewall with integrated network denial-of-service protection and server load balancing, and provides a Layer 4 stateful firewall and Layer 7 application-level gateway functionality for protecting data center applications from emerging network and DDoS threats.
A high-performance Gi/SGi firewall with integrated network DDoS, CGNAT, ADC and application visibility. The Gi/SGi firewall protects the mobile operator infrastructures from Internet-based DDoS and other security threats.
A high-performance IPsec site-to-site VPN that helps businesses secure application traffic between data centers and enables customers to securely transport application traffic over public networks.

Intelligent Management and Automation Tools
1.
Harmony Controller. Harmony Controller provides intelligent management, automation and analytics for secure application delivery in multi-cloud environments. Our Harmony Controller simplifies operations. Infrastructure and application operations teams can centrally manage and automate configuration and application policies for our Thunder and Lightning application and security services, such as load balancing, application delivery, web application firewall, SSL decryption, Gi/SGi firewall, Carrier Grade NAT and Office 365 solutions. Configuration and control can also be automated via application program interface (“API”) and integrated with orchestration systems used within organizations. In addition, the controller provides comprehensive infrastructure and per-application metrics and analytics for performance and security monitoring, anomaly detection and faster troubleshooting. The container-based, microservices architecture allows controller capacity to be scaled without interrupting operations. Our Harmony Controller is available in two deployment models: A10 managed software as a service (“SaaS”), or as a self-managed, on premise deployment.

2.
aGalaxy TPS. aGalaxy TPS multi-device network management solution enables a network administrator to manage multiple Thunder TPS devices. aGalaxy TPS is designed to provide lower operational costs, as staff are freed up from repetitive tasks, while also increasing precision and accuracy with centralized and automated tasks, reducing the potential for human error. aGalaxy TPS is available as a hardware appliance or a software-only virtual machine. aGalaxy TPS highlights included advanced workflow and automated defense capabilities.

Product Form Factors
Our products are offered in a variety of form factors and payment models, including physical appliances and perpetual and subscription based software licenses, as well as pay-as-you-go licensing models and FlexPool, a flexible consumption-

7


based software model. FlexPool, allows businesses to flexibly allocate and re-distribute capacity across applications, multiple clouds and data centers.

Thunder Series. ADC, CGN, TPS, SSLi, and CFW products are available on the Thunder Series family of physical appliances. The Thunder Series products support throughput ranges from 200 Mbps to 300 Gbps. The appliance family provides a variety of other security and performance options.

vThunder virtual appliances operate on all major hypervisor platforms, including VMware, Microsoft Hyper-V and Linux KVM. vThunder is also available from cloud providers like Amazon Web Services (“AWS”), Microsoft Azure, and service providers. The vThunder Series products support throughput ranges from 200 Mbps to 100 Gbps.

Thunder for Bare Metal is a software version of our ADC and CGN solutions that is designed to run on a variety of Intel x86 servers, allowing the customer to design and select their own hardware platform.

Lightning is a cloud-native SaaS ADC product designed to boost the delivery and security of applications and microservices across public, private and hybrid clouds. Our Lightning ADC and the A10 Harmony Controller’s multi-cloud management capabilities allow flexible application deployment across multiple clouds with the ability to maintain and manage diverse workloads. Our Lightning ADC will run natively on public cloud environments, such as Amazon Web Services, Microsoft Azure, and Google Cloud Platforms.

AX Series: Our ADC and CGN solutions are available on select older models from the AX Series line.

Underlying Technology
Since our inception, our solutions have been known for their high performance and scalability in some of the largest and most demanding networks. The value and significance of our high-performance offerings reside in our portfolio’s underlying software operating system. With the exception of Lightning ADC, our products are built on the Advanced Core Operating System (“ACOS”) platform and leverage its performance optimization and security features.

The ACOS platform is optimized for modern 64-bit central processing units (“CPUs”), which increasingly have multiple parallel processing cores that operate within a single CPU for higher efficiency and performance scalability. To maximize the capabilities of these increasingly dense multi-core CPUs, ACOS implements a proprietary shared memory architecture that provides all cores with simultaneous access to common memory. This shared memory software architecture enables our products to utilize these multi-core CPUs efficiently and scale performance with increasing CPU cores. As a result, ACOS provides customers with products that can deliver superior price performance benefits over products that lack these capabilities.

ACOS’ high-performance design enables our products to address a wide range of performance-driven networking challenges. The flexible software design of ACOS allows us to apply our portfolio to a variety of markets for a variety of needs. Some notable details about ACOS include:

High Performance and Intelligent Network I/O Processing. In order to maximize the efficiency of high density, multi-core processors, we have developed a high performance intelligent network I/O technology that can balance application traffic flows equitably across processor cores. Our Flexible Traffic Accelerator logic can be implemented either as software running within a standard x86 processor or a Field Programmable Gate Array (“FPGA”) semiconductor. Our Flexible Traffic Accelerator (“FTA”) also performs certain hardware-based security checks for each packet and can discard suspicious traffic before it can impact system performance.

Scalable and Efficient Memory Usage. To improve the performance of the multi-core processor architecture, we have developed a shared memory technology to allow all processors to share common memory and the state of the system simultaneously. This avoids the overhead associated with Inter-Processor Communication architectures deployed in first-generation approaches. We optimize memory to be visible to all cores simultaneously, while minimizing communication overhead and contention among processors for allocated memory space. All processors share a common memory pool, which dynamically allocates memory space based on application processing requirements without constraints. Customers can achieve greater performance and scalability from memory and processor resources because configurations, policies and network databases are efficiently stored within a shared memory architecture.


8


Optimized Application Networking and Security. Once data is processed and placed into a shared memory, a processor can begin to apply ACOS common services and function-specific logic. To ensure that every processor is utilized to perform every function and thereby achieve greater system utilization, ACOS uses all processor cores symmetrically for all functions and services. The ACOS common services perform a set of key operational functions, including configuration management, network I/O, aFleX scripting, Virtual Chassis System(“aVCS”), aXAPI for management integration, Application Delivery Partitions (“ADPs”), virtualization to enable multi-tenancy, and common resource management such as buffer, system memory, timer management and other internal system management tasks. ACOS features a modular software design, which improves reliability by ensuring that modifications made to one module will not have unwanted side effects on other system functions.

Other noteworthy ACOS Technologies. ACOS incorporates a number of other technologies to provide a rich environment for developing Layer 4-7 application networking solutions, including:

aFleX Scripting. aFleX scripting technology is based on industry-standard tool command language and enables customers to write custom scripts to augment the application processing.
ADP. ADP enables multi-tenancy in the ACOS common services so that multiple departments of an organization or multiple customers can share a physical/virtual appliance.
aVCS. aVCS enables multiple physical/virtual appliances to be managed as a single chassis.
aXAPI. aXAPI is an industry standard representational state transfer (“RESTful”) program interface to enable management integration for automated management.

Support & Services
One of our founding principles is to provide excellent customer support. Our global support team is part of our engineering organization and is trained across all products and solutions, and takes complete ownership of customer issues from the beginning to the end to achieve rapid response and resolution. Our consistent, high-quality customer service and technical support is a key factor in attracting and retaining customers of all sizes, as well as support services that include installation, phone support, repair and replacement, software updates, online tools, consulting and training services.

All customers receive standard warranty support for 90 days with the purchase of our products. We offer four maintenance options - Basic, Basic Plus, Gold and Platinum support programs (Platinum available in select countries). Maintenance contracts may be purchased in 12-month increments up to five years. The average maintenance contract term is approximately 18 months. We invoice channel partners or customers directly for maintenance contracts at the time of hardware purchase, and all maintenance contracts are non-cancellable and are generally renewed through the same channel as originally purchased. Software updates are provided to all customers with a current maintenance contract on a when-and-if-available basis. We maintain technical support centers in the United States, Japan, China, India and the Netherlands.

Thunder TPS features an enhanced support offering that includes access to the A10 DDoS Security Incident Response Team (“SIRT”). Augmenting the standard support, the offering includes access to a dedicated team of DDoS mitigation experts specializing in DDoS prevention, offering immediate assistance for mitigating attacks, and a subscription to the A10 Threat Intelligence Service, leveraging collective intelligence to block known threats.

Our professional services team provides a full range of fee-based consulting services, including pre-sale network assessment, comprehensive network analysis and capacity planning, post-sale migration and implementation services, on-site installation and ongoing support.

Customers
Our customers operate in a variety of industries, including telecommunications, technology, industrial, government, retail, financial, gaming, and education. As of December 31, 2018, we had sold our products to more than 6,000 end customers across 117 countries. Our customers include the top four United States wireless carriers, seven of the top 10 United States cable providers, and the top four service providers in Japan, in addition to other global enterprises, web giants, gaming companies and governmental organizations. During the years ended December 31, 2018, 2017 and 2016, purchases from our 10 largest end-customers accounted for approximately 37%, 35% and 36% of our total revenue, respectively.


9


In 2018, two distribution channel partners, Adaptive Integration and ITOCHU Techno-Solutions Corporation, accounted for 14% and 10% of our total revenue, respectively. In 2017, no customer accounted for more than 10% of our total revenue. In 2016, one distribution channel partner, ITOCHU Techno-Solutions Corporation, accounted for 14% of our total revenue.

In 2018, we changed the way we present revenue by customer vertical. We now report three customer verticals: service providers, enterprises and web giants compared to only service providers and enterprises in prior years. We believe this new presentation will provide more transparency into our exposure to web giant revenue which was previously primarily accounted for in enterprise revenue. The revenue by vertical percentages from prior years included in this report have been revised to conform with current year presentation.

Competition
As security, 5G and multi-cloud trends continue to gain prominence, changes in application delivery needs, cyber security threats, and the technology landscape result in evolving customer requirements to address application scalability, performance, security and intelligent automation. These evolving demands have expanded our addressable market into DDoS protection, 5G network security (Gi-LAN protection) and multiple areas of cloud and network security, where we compete with a number of companies not included among traditional ADC vendors. The agility and flexibility of the ACOS platform enables us to rapidly innovate and deploy solutions into adjacent markets to ADC. We have also enhanced our portfolio with the Harmony Controller, an intelligent management, automation, and predictive analytics platform for secure application delivery in multi-cloud environments and advanced protection of the 4G/5G mobile infrastructure services. This container and microservices-based product complement our comprehensive set of hardware, software and cloud offerings.

We do not consider any of these markets to include a single dominant company, nor do we consider the markets to be fragmented. Our main competitors fall into the following categories:
Companies that sell products in the traditional ADC market, such as F5 Networks, Inc. (“F5 Networks”) and Citrix Systems, Inc. (“Citrix Systems”);
Companies that sell open source, software-only, cloud-based ADC services, such as Avi Networks Inc. (“Avi Networks”), NGINX Inc. (“NGiNX”), and HAProxy Technologies, Inc. (“HAProxy”) as well as many startups;
Companies that sell Gi/SGi firewall and CGN products, which were originally designed for other networking purposes, such as edge routers and security appliances from vendors like Cisco Systems, Inc. (“Cisco Systems”), Juniper Networks, Inc. (“Juniper Networks”) and Fortinet, Inc. (“Fortinet”);
Companies that sell traditional DDoS protection products, such as Arbor Networks, Inc., a subsidiary of NetScout Systems, (“Arbor Networks”) and Radware, Ltd. (“Radware”);
Companies that sell SSL decryption and inspection products, such as Symantec Corporation (through its acquisition of Blue Coat Systems Inc. in 2016) and F5 Networks; and
Companies that sell certain network security products, including Secure Web Gateways, SSL Insight/SSL Intercept, data center firewalls and Office 365 proxy solutions.

The key competitive factors in our markets include:
Ability to innovate and respond to customer needs rapidly;
Ability to address on-premise and cloud application environments in a secure, centrally managed manner;
Ability to accommodate any IT delivery model or combination of models, regardless of form factor;
Breadth and depth of product features and functionality;
Level of customer satisfaction;
Price, performance, and efficiency;
Ability for products to scale with high-speed network traffic;
Flexible and agile design of products;

10


Ability to detect and mitigate large-scale cyber security threats;
Brand awareness and reputation;
Strength of sales and marketing; and
Ability to attract and retain talented employees.

Sales and Marketing
Sales
Our high-touch salesforce engages customers directly and through distribution channels. Our sales team is comprised of inside sales and field sales personnel who are organized by geography and maintain sales presence in 27 countries as of December 31, 2018, including in the following countries and regions: United States, Western Europe, the Middle East, Japan, China, Taiwan, South Korea, Southeast Asia and Latin America. Our sales organization includes sales engineers with deep technical domain expertise who are responsible for pre-sales technical support, solutions engineering, proof-of-concept work and technical training for our distribution channel partners. Our sales team is also comprised of a channel sales organization that is expanding our market reach through partners. We may continue to grow our sales headcount, including in geographies where we currently do not have a sales presence.

Some customer sales are originated and completed by our OEM and distribution channel partners with little or no direct engagement with our sales personnel. We fulfill nearly all orders globally through our distribution channel partners, which include distributors, value added resellers and system integrators. Revenue fulfilled through our distribution channel partners accounted for 93%, 86% and 85% of our total revenue for the years ended December 31, 2018, 2017 and 2016, respectively.

Marketing
Our strategy is focused on driving greater demand for our products and services, and enabling sales to win as that demand broadens. Our marketing drives global demand generation campaigns, as well as additional awareness and demand via joint marketing campaigns with channel partners and strategic alliance partners worldwide. Our marketing also drives global awareness through industry analyst engagement, financial analyst engagement, media outreach, blogs, social media and events.

Manufacturing
We outsource the manufacturing of our hardware products to original design manufacturers. This approach allows us to benefit from the scale and experience of our manufacturing partners to reduce our costs, overhead and inventory while allowing us to adjust more quickly to changing customer demand. Our manufacturers are Lanner Electronics Inc. (“Lanner”), AEWIN Technologies Co., Ltd. (“AEWIN”) and iBase. These companies manufacture and assemble our hardware products using design specifications, quality assurance programs and standards established by us. Our manufacturers procure components and assemble our products based on our demand forecasts and purchase orders. These forecasts represent our estimates of future demand for our products based on historical trends and analysis from our sales and product management functions as adjusted for overall market conditions. The component parts incorporated into our products are sourced either by our manufacturing partners or directly by us.

We have agreements with Lanner with an initial term of one year and AEWIN with an initial term of six years pursuant to which they manufacture, assemble, and test our products. Each agreement automatically renews for successive one-year terms unless either party gives notice that they do not want to renew. We do not have any long-term manufacturing contracts that guarantee fixed capacity or pricing. Quality assurance and testing is performed at our San Jose, Taiwan and Japan distribution centers, as well as at our manufacturers’ locations. We warehouse and deliver our products out of our San Jose warehouse for the Americas and outsource warehousing and delivery to a third-party logistics provider in some regions.


11


Backlog
As of December 31, 2018 and 2017, we had product backlog of approximately $5.9 million and $9.3 million. Backlog represents orders confirmed with a purchase order for products to be shipped generally within 90 days to customers with approved credit status. Orders are subject to cancellation, rescheduling by customers and product specification changes by customers. Although we believe that the backlog orders are firm, purchase orders may be canceled by the customer prior to shipment without significant penalty. For this reason, we believe that our product backlog at any given date is not a reliable indicator of future revenues.

For the years ended December 31, 2018, 2017 and 2016, our total revenue was $232.2 million, $235.4 million, and $227.3 million, respectively, and our gross margin was 77.7%, 77.4%, and 76.1%, respectively. We had net losses of $27.6 million, $10.8 million and $22.4 million for the years ended December 31, 2018, 2017 and 2016, respectively.

Intellectual Property
We rely on a combination of patent, copyright, trademark and trade secret laws, and restrictions on disclosure to protect our intellectual property rights. As of December 31, 2018, we had 140 United States (“U.S.”) patents issued and 73 U.S. patent applications pending, and 60 overseas patents issued and 25 overseas patent applications pending. Our issued U.S. patents, excluding 20 patents that we acquired, expire between 2025 and 2035. Our issued overseas patents, excluding 11 patents that we acquired, expire between 2027 and 2037. Our future success depends in part on our ability to protect our proprietary rights to the technologies used in our principal products. Despite our efforts to protect our proprietary rights, unauthorized parties may attempt to copy aspects of our products or to obtain and use trade secrets or other information that we regard as proprietary. In addition, the laws of some foreign countries do not protect our proprietary rights as fully as do the laws of the United States. Any issued patent may not preserve our proprietary position, and competitors or others may develop technologies similar to or superior to our technology. Our failure to enforce and protect our intellectual property rights could harm our business, operating results and financial condition.

We license software from third parties for development of or integration into our products, including proprietary and open source software. We pursue registration of our trademarks and domain names in the United States and other jurisdictions. See Part I, Item 1A. Risk Factors included in this Annual Report on Form 10-K for additional information regarding the risks associated with protecting our intellectual property.

Employees
As of December 31, 2018, we had 834 full-time employees, including 413 engaged in research and development and customer support, 342 in sales and marketing and 79 in general and administrative and other activities. None of our employees is represented by a labor union or is a party to any collective bargaining arrangement in connection with his or her employment with us. We have never experienced any work stoppages, and we consider our relations with our employees to be good.

Corporate Information
A10 Networks, Inc. was incorporated in the State of California in 2004 and subsequently reincorporated in the State of Delaware in March 2014. Our website is located at www.A10networks.com, and our investor relations website is located at http://investors.A10networks.com. The following filings are available through our investor relations website after we file them with the SEC: Annual Reports on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, as well as any amendments to such reports and all other filings pursuant to Section 13(a) or 15(d) of the Securities Act. These filings are also available for download free of charge on our investor relations website. Additionally, copies of materials filed by us with the SEC may be accessed at the SEC’s website at www.sec.gov.

We announce material information to the public about A10, our products and services and other matters through a variety of means, including our website (www.A10networks.com), the investor relations section of our website (www.investors.A10networks.com ), press releases, filings with the Securities and Exchange Commission, public conference calls, and social media, including our corporate Twitter account (@A10Networks) and our corporate Facebook page (https://www.facebook.com/a10networks). The contents of our website and social media contents are not intended to be incorporated by reference into this Annual Report on Form 10-K or in any other report or document we file with the SEC, and any references to our websites are intended to be inactive textual references only. We encourage investors and others to review the information we make public in these locations, as such information could be deemed to be material information. Please note that this list may be updated from time to time.

12


Item 1A. Risk Factors

Investing in our common stock involves a high degree of risk. You should carefully consider the risks and uncertainties described below, together with all of the other information contained in this report and in our other public filings. The risks and uncertainties described below are not the only ones we face. Additional risks and uncertainties that we are unaware of, or that we currently believe are not material, may also become important factors that affect us. If any of the following risks occur, our business, financial condition, operating results, and prospects could be materially harmed. In that event, the trading price of our common stock could decline, perhaps significantly.

We have identified deficiencies in our internal control over financial reporting that resulted in material weaknesses in our internal control over financial reporting and have concluded that our internal control over financial reporting and our disclosure controls and procedures were not effective as of December 31, 2018 and December 31, 2017. If we fail to properly remediate these or any future material weaknesses or deficiencies or to maintain proper and effective internal controls, material misstatements in our financial statements could occur and impair our ability to produce accurate and timely financial statements and could adversely affect investor confidence in our financial reports, which could negatively affect our business.

As described in Item 9A, “Controls and Procedures” of this report, we have concluded that our internal control over financial reporting was not effective as of December 31, 2018 and December 31, 2017, due to the existence of material weaknesses in such controls, and we have also concluded that our disclosure controls and procedures were not effective as of December 31, 2018 and December 31, 2017, due to material weaknesses in our internal control over financial reporting. While we have initiated remediation efforts to address the identified weaknesses, we cannot provide assurance that additional material weaknesses in our internal control over financial reporting will not arise or be identified in the future. We intend to continue our control remediation activities and generally improve our internal controls. In doing so, we will continue to incur expenses and expend management time on compliance-related issues.

If our remediation measures are insufficient to address the identified deficiencies, or if additional deficiencies in our internal control over financial reporting are discovered or occur in the future, our consolidated financial statements may contain material misstatements and we could be required to restate our financial results. Moreover, because of the inherent limitations of any control system, material misstatements due to error or fraud may not be prevented or detected on a timely basis, or at all. If we are unable to provide reliable and timely financial reports in the future, our business and reputation may be further harmed. Restated financial statements and failures in internal controls may also cause us to fail to meet reporting obligations, negatively affect investor confidence in our management and the accuracy of our financial statements and disclosures, or result in adverse publicity and concerns from investors, any of which could have a negative effect on the price of our common stock, subject us to further regulatory investigations and penalties or stockholder litigation, and materially adversely impact our business and financial condition.

The Audit Committee’s investigation of certain accounting and internal control matters relating to our previously issued financial statements and the audit of our consolidated financial statements as of and for the year ended December 31, 2017 have been time-consuming and expensive, and may result in additional expense.

We have incurred significant expenses, including audit, legal, consulting and other professional fees, in connection with the Audit Committee’s internal investigation, the review of our accounting, the audit of our 2017 financial statements and the ongoing remediation of deficiencies in our internal control over financial reporting. As described in Item 9A, “Controls and Procedures,” of this report, we have taken a number of steps in order to strengthen our accounting function and attempt to reduce the risk of future recurrence and errors in accounting determinations. The validation of the efficacy of these remedial steps will result in us incurring near term expenses, and to the extent these steps are not successful, we could be required to incur significant additional time and expense. The incurrence of significant additional expense, or the requirement that management devote significant time that could reduce the time available to execute on our business strategies, could have a material adverse effect on our business, results of operations and financial condition.

Our failure to timely file periodic reports we are required to file under the Securities Exchange Act of 1934 could adversely affect the market for our common stock and make it more difficult for us to access the public markets to raise debt or equity capital.

We filed our Annual Report on Form 10-K for the year ended December 31, 2017 approximately five months after it was due. Because of the time required to complete and file this report, we also were unable to timely file our Quarterly Reports on Form 10-Q for the quarters ended March 31, 2018 and June 30, 2018.


13


As a result of our inability to timely file our periodic reports under the Securities Exchange Act of 1934, we will not be eligible to use a registration statement on Form S-3 to conduct public offerings of our securities until we have timely filed all periodic reports with the SEC for a period of twelve months. Our inability to use Form S-3 during this time period may have a negative impact on our ability to access the public capital markets in a timely fashion because we would be required to file a long-form registration statement on Form S-1 and have it reviewed and declared effective by the SEC. This may limit our ability to access the public markets to raise debt or equity.

If we do not successfully anticipate market needs and opportunities or if the market does not continue to adopt our application networking products, our business, financial condition and results of operations could be significantly harmed.

The application networking market is rapidly evolving and difficult to predict. Technologies, customer requirements, security threats and industry standards are constantly changing. As a result, we must anticipate future market needs and opportunities and then develop new products or enhancements to our current products that are designed to address those needs and opportunities, and we may not be successful in doing so.

Even if we are able to anticipate, develop and commercially introduce new products and enhancements that address the market’s needs and opportunities, there can be no assurance that new products or enhancements will achieve widespread market acceptance. For example, organizations that use other conventional or first-generation application networking products for their needs may believe that these products are sufficient. In addition, as we launch new product offerings, organizations may not believe that such new product offerings offer any additional benefits as compared to the existing application networking products that they currently use. Accordingly, organizations may continue allocating their IT budgets for existing application networking products and may not adopt our products, regardless of whether our products can offer superior performance or security.

If we fail to anticipate market needs and opportunities or if the market does not continue to adopt our application networking products, then market acceptance and sales of our current and future application networking products could be substantially decreased or delayed, we could lose customers, and our revenue may not grow or may decline. Any of such events would significantly harm our business, financial condition and results of operations.

Our success depends on our timely development of new products and features to address rapid technological changes and evolving customer requirements. If we are unable to timely develop and successfully introduce new products and features that adequately address these changes and requirements, our business and operating results could be adversely affected.

Changes in application software technologies, data center and communications hardware, networking software and operating systems, and industry standards, as well as our end-customers’ continuing business growth, result in evolving application networking needs and requirements. Our continued success depends on our ability to identify, develop and introduce in a timely and successful manner, new products and new features for our existing products that meet these needs and requirements.

Our future plans include significant investments in research and development and related product opportunities. Developing our products and related enhancements is time-consuming and expensive. We have made significant investments in our research and development team in order to address these product development needs. Our investments in research and development may not result in significant design and performance improvements or marketable products or features, or may result in products that are more expensive than anticipated. We may take longer to generate revenue, or generate less revenue, than we anticipate from our new products and product enhancements. We believe that we must continue to dedicate a significant amount of resources to our research and development efforts to maintain our competitive position.

If we are unable to develop new products and features to address technological changes and new customer requirements in the application networking or security markets or if our investments in research and development do not yield the expected benefits in a timely manner, our business and operating results could be adversely affected. For example, when the 5G standards are published, we may not be able to produce a satisfactory return on investment if our strategic vision and the resources that we are spending on developing our presence in the 5G technology industry turn out to be misaligned with such standards.


14


We have experienced net losses in recent periods, anticipate increasing our operating expenses in the future and may not achieve or maintain profitability in the future. If we cannot achieve or maintain profitability, our financial performance will be harmed and our business may suffer.

We experienced net losses for the years ended December 31, 2018, 2017 and 2016. We may not be able to increase our revenue growth or achieve profitability in the future or on a consistent basis. During the years ended December 31, 2018, 2017 and 2016, we have invested in our sales, marketing and research and development teams in order to develop, market and sell our products. We may continue to invest in these areas in the future. As a result of these expenditures, we may have to generate and sustain increased revenue, manage our cost structure and avoid significant liabilities to achieve future profitability.

Revenue growth may slow or decline, and we may incur significant losses in the future for a number of possible reasons, including our inability to develop products that achieve market acceptance, general economic conditions, increasing competition, decreased growth in the markets in which we operate, or our failure for any reason to capitalize on growth opportunities. Additionally, we may encounter unforeseen operating expenses, difficulties, complications, delays and other unknown factors that may result in losses in future periods. If these losses exceed our expectations or our revenue growth expectations are not met in future periods, our financial performance will be harmed and our stock price could be volatile or decline.

Our operating results have varied and are likely to continue to vary significantly from period to period and may be unpredictable, which could cause the trading price of our common stock to decline.

Our operating results, in particular, revenue, margins and operating expenses, have fluctuated in the past, and we expect this will continue, which makes it difficult for us to predict our future operating results. The timing and size of sales of our products are highly variable and difficult to predict and can result in significant fluctuations in our revenue from period to period. This is particularly true of sales to our largest end-customers, such as service providers, Web giants and governmental organizations, who typically make large and concentrated purchases and for whom close or sales cycles can be long, as a result of their complex networks and data centers, as well as requests that may be made for customized features. Our quarterly results may vary significantly based on when these large end-customers place orders with us and the content of their orders.

 Our operating results may also fluctuate due to a number of other factors, many of which are outside of our control and may be difficult to predict. In addition to other risks listed in this “Risk Factors” section, factors that may affect our operating results include:

fluctuations in and timing of purchases from, or loss of, large customers;
the budgeting cycles and purchasing practices of end-customers;
our ability to attract and retain new end-customers;
changes in demand for our products and services, including seasonal variations in customer spending patterns or cyclical fluctuations in our markets;
our reliance on shipments at the end of our quarters;
variations in product mix or geographic locations of our sales, which can affect the revenue we realize for those sales;
the timing and success of new product and service introductions by us or our competitors;
our ability to increase the size of our distribution channel and to maintain relationships with important distribution channel partners;
our ability to improve our overall sales productivity and successfully execute our marketing strategies;
the effect of currency exchange rates on our revenue and expenses;
the cost and potential outcomes of existing and future litigation;
expenses related to our facility;
the effect of discounts negotiated by our largest end-customers for sales or pricing pressure from our competitors;
changes in the growth rate of the application networking or security markets or changes in market needs;
inventory write downs, which may be necessary for our older products when our new products are launched and adopted by our end-customers; and

15


our third-party manufacturers’ and component suppliers’ capacity to meet our product demand forecasts on a timely basis, or at all.

Any one of the factors above or the cumulative effect of some of these factors may result in significant fluctuations in our financial and other operating results. This variability and unpredictability could result in our failure to meet our or our investors’ or securities analysts’ revenue, margin or other operating results expectations for a particular period, resulting in a decline in the trading price of our common stock.

Reliance on shipments at the end of the quarter could cause our revenue for the applicable period to fall below expected levels.

As a result of end-customer buying patterns and the efforts of our sales force and distribution channel partners to meet or exceed their sales objectives, we have historically received a substantial portion of purchase orders and generated a substantial portion of revenue during the last few weeks of each quarter. We may be able to recognize such revenue in the quarter received, however, only if all of the requirements of revenue recognition are met by the end of the quarter. Any significant interruption in our information technology systems, which manage critical functions such as order processing, revenue recognition, financial forecasts, inventory and supply chain management, could result in delayed order fulfillment and thus decreased revenue for that quarter. If expected revenue at the end of any quarter is delayed for any reason, including the failure of anticipated purchase orders to materialize (including delays by our customers or potential customers in consummating such purchase orders), our third-party manufacturers’ inability to manufacture and ship products prior to quarter-end to fulfill purchase orders received near the end of the quarter, our failure to manage inventory to meet demand, our inability to release new products on schedule, any failure of our systems related to order review and processing, or any delays in shipments or achieving specified acceptance criteria, our revenue for that quarter could fall below our, or our investors’ or securities analysts’ expectations, resulting in a decline in the trading price of our common stock.

We face intense competition in our market, especially from larger, well-established companies, and we may lack sufficient financial or other resources to maintain or improve our competitive position.

The application networking and security markets are intensely competitive, and we expect competition to increase in the future. To the extent that we sell our solutions in adjacent markets, we expect to face intense competition in those markets as well. We believe that our main competitors fall into the following categories:

Companies that sell products in the traditional ADC market, such as F5 Networks, Inc. (“F5 Networks”) and Citrix Systems, Inc. (“Citrix Systems”);
Companies that sell open source, software-only, cloud-based ADC services, such as Avi Networks Inc. (“Avi Networks”), NGINX Inc. (“NGiNX”), and HAProxy Technologies, Inc. (“HAProxy”) as well as many startups;
Companies that sell CGN products, which were originally designed for other networking purposes, such as edge routers and security appliances from vendors like Cisco Systems, Inc. (“Cisco Systems”) Juniper Networks, Inc. (“Juniper Networks”) and Fortinet, Inc. (“Fortinet”);
Companies that sell traditional DDoS protection products, such as Arbor Networks, Inc., a subsidiary of NetScout Systems, (“Arbor Networks”) and Radware, Ltd. (“Radware”):
Companies that sell SSL decryption and inspection products, such as Symantec Corporation (through its acquisition of Blue Coat Systems Inc. in 2016) and F5 Networks; and
Companies that sell certain network security products, including Secure Web Gateways, SSL Insight/SSL Intercept, data center firewalls and Office 365 proxy solutions.

Many of our competitors are substantially larger and have greater financial, technical, research and development, sales and marketing, manufacturing, distribution and other resources and greater name recognition. In addition, some of our larger competitors have broader products offerings and could leverage their customer relationships based on their other products. Potential customers who have purchased products from our competitors in the past may also prefer to continue to purchase from these competitors rather than change to a new supplier regardless of the performance, price or features of the respective products. We could also face competition from new market entrants, which may include our current technology partners. As we continue to expand globally, we may also see new competitors in different geographic regions. Such current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources.


16


Many of our existing and potential competitors enjoy substantial competitive advantages, such as:

longer operating histories;
the capacity to leverage their sales efforts and marketing expenditures across a broader portfolio of products and services at a greater range of prices, including through selling at zero or negative margins;
the ability to incorporate functionality into existing products to gain business in a manner that discourages users from purchasing our products, including through product bundling or closed technology platforms;
broader distribution and established relationships with distribution channel partners in a greater number of worldwide locations;
access to larger end-customer bases;
the ability to use their greater financial resources to attract our research and development engineers as well as other employees of ours;
larger intellectual property portfolios; and
the ability to bundle competitive offerings with other products and services.

Our ability to compete will depend upon our ability to provide a better solution than our competitors at a competitive price. We may be required to make substantial additional investments in research and development, marketing and sales in order to respond to competition, and there is no assurance that these investments will achieve any returns for us or that we will be able to compete successfully in the future. We also expect increased competition if our market continues to expand. Moreover, conditions in our market could change rapidly and significantly as a result of technological advancements or other factors.

In addition, current or potential competitors may be acquired by third parties that have greater resources available. As a result of these acquisitions, our current or potential competitors might take advantage of the greater resources of the larger organization to compete more vigorously or broadly with us. In addition, continued industry consolidation might adversely impact end-customers’ perceptions of the viability of smaller and even medium-sized networking companies and, consequently, end-customers’ willingness to purchase from companies like us.

As a result, increased competition could lead to fewer end-customer orders, price reductions, reduced margins and loss of market share.

Cloud-based computing trends present competitive and execution risks.
We are experiencing an industry-wide trend of customers considering transitioning from purely on-premise network architectures to a computing environment that may utilize a mixture of existing solutions and various new cloud-based solutions. Concurrently with this transition, pricing and delivery models are also evolving. Many companies in our industry, including some of our competitors, are developing and deploying cloud-based solutions for their customers. In addition, the emergence of new cloud infrastructures may enable new companies to compete with our business. These new competitors may include large cloud providers who can provide their own ADC functionality as well as smaller companies targeting applications that are developed exclusively for delivery in the cloud. We are dedicating significant resources to develop and offer our customers new cloud-based solutions. Also, some of our largest customers are cloud providers that utilize our existing solutions, and we believe that as cloud infrastructures continue to grow our existing solutions may provide benefits to other cloud providers. While we believe our expertise and dedication of resources to developing new cloud-based solutions, together with the benefits that our existing solutions offer cloud providers, represent advantages that provide us with a strong foundation to compete, it is uncertain whether our efforts to develop new cloud-based solutions or our efforts to market and sell our existing solutions to cloud providers will attract the customers or generate the revenue necessary to successfully compete in this new business model. Nor is it clear when or in what manner this new business model will evolve, and this uncertainty may delay purchasing decisions by our customers or prospective customers. Whether we are able to successfully compete depends on our execution in a number of areas, including maintaining the utility, compatibility and performance of our software on the growing assortment of cloud computing platforms and the enhanced interoperability requirements associated with orchestration of cloud computing environments. Any failure to adapt to these evolving trends may reduce our revenues or operating margins and could have a material adverse effect on our business, results of operations and financial condition.


17


If we are unable to attract new end-customers, sell additional products to our existing end-customers or achieve the anticipated benefits from our investment in additional sales personnel and resources, our revenue may decline, and our gross margin will be adversely affected.

To maintain and increase our revenue, we must continually add new end-customers and sell additional products to existing end-customers. The rate at which new and existing end-customers purchase solutions depends on a number of factors, including some outside of our control, such as general economic conditions. If our efforts to sell our solutions to new end-customers and additional solutions to our existing end-customers are not successful, our business and operating results will suffer.

In certain recent periods, we have added personnel and other resources to our sales and marketing functions, as we focused on growing our business, entering new markets and increasing our market share. We may incur additional expenses by hiring additional sales and marketing personnel and expanding our international operations in order to seek revenue growth. The return on these and future investments may be lower, or may be realized more slowly, than we expect, if realized at all. If we do not achieve the benefits anticipated from these investments, or if the achievement of these benefits is delayed, our growth rates will decline, and our gross margin would likely be adversely affected.

If we are not able to maintain and enhance our brand and reputation, our business and operating results may be harmed in tangible or intangible ways.

We believe that maintaining and enhancing our brand and reputation are critical to our relationships with, and our ability to attract, new end-customers, technology partners and employees. The successful promotion of our brand will depend largely upon our ability to continue to develop, offer and maintain high-quality products and services, our marketing and public relations efforts, and our ability to differentiate our products and services successfully from those of our competitors. Our brand promotion activities may not be successful and may not yield increased revenue. In addition, extension of our brand to products and uses different from our traditional products and services may dilute our brand, particularly if we fail to maintain the quality of products and services in these new areas. We have in the past, and may in the future, become involved in litigation that could negatively affect our brand. If we do not successfully maintain and enhance our brand and reputation, our growth rate may decline, we may have reduced pricing power relative to competitors with stronger brands or reputations, and we could lose end-customers or technology partners, all of which would harm our business, operating results and financial condition.

A limited number of our end-customers, including service providers, make large and concentrated purchases that comprise a significant portion of our revenue. Any loss or delay of expected purchases by our largest end-customers could adversely affect our operating results.

As a result of the nature of our target market and the current stage of our development, a substantial portion of our revenue in any period comes from a limited number of large end-customers, including service providers. During the years ended December 31, 2018, 2017 and 2016, purchases from our ten largest end-customers accounted for approximately 37%, 35% and 36% of our total revenue, respectively. The composition of the group of these ten largest end-customers changes from period to period, but often includes service providers and web giants. During the years ended December 31, 2018, 2017 and 2016, service providers accounted for approximately 43%, 47% and 48% of our total revenue and web giants accounted for approximately 18%, 14% and 11% of our total revenue.

Sales to these large end-customers have typically been characterized by large but irregular purchases with long initial sales cycles. After initial deployment, subsequent purchases of our products typically have a more compressed sales cycle. The timing of these purchases and of the requested delivery of the purchased product is difficult to predict. As a consequence, any acceleration or delay in anticipated product purchases by or requested deliveries to our largest end-customers could materially affect our revenue and operating results in any quarter and cause our quarterly revenue and operating results to fluctuate from quarter to quarter.

We cannot provide any assurance that we will be able to sustain or increase our revenue from our largest end-customers nor that we will be able to offset any absence of significant purchases by our largest end-customers in any particular period with purchases by new or existing end-customers in that or a subsequent period. We expect that sales of our products to a limited number of end-customers will continue to contribute materially to our revenue for the foreseeable future. The loss of, or a significant delay or reduction in purchases by, a small number of end-customers could have a material adverse effect on our consolidated financial position, results of operations or cash flows.


18


Our business could be adversely impacted by changes demanded by our customers in the deployment and payment models for our products.

Our customers have traditionally demanded products deployed in physical, appliance-based on-premise data centers that are paid in full at the time of purchase and include perpetual licenses for our software products. While these products remain central to our business, new deployment and payment models are emerging in our industry that may provide some of our customers with additional technical, business agility and flexibility options. These new models include cloud-based applications provided as SaaS and software subscription licenses where license and service fees are ratable and correlate to the type of service used, the quantity of services consumed or the length of time of the subscription. These models have accounting treatments that may require us to recognize revenue ratably over an extended period of time. If a substantial portion of our customers transition from on-premise-based products to such cloud-based, consumption and subscription-based models, this could adversely affect our operating results and could make it more difficult to compare our operating results during such transition period with our historical operating results.

Some of our large end-customers demand favorable terms and conditions from their vendors and may request price or other concessions from us. As we seek to sell more products to these end-customers, we may agree to terms and conditions that may have an adverse effect on our business.

Some of our large end-customers have significant purchasing power and, accordingly, may request from us and receive more favorable terms and conditions, including lower prices than we typically provide. As we seek to sell products to this class of end-customer, we may agree to these terms and conditions, which may include terms that reduce our gross margin and have an adverse effect on our business.

Our gross margin may fluctuate from period to period based on the mix of products sold, the geographic location of our customers, price discounts offered, required inventory write downs and exchange rate fluctuations.

Our gross margin may fluctuate from period to period in response to a number of factors, such as the mix of our products sold and the geographic locations of our sales. Our products tend to have varying gross margins in different geographic regions. We also may offer pricing discounts from time to time as part of a targeted sales campaign or as a result of pricing pressure from our competitors. In addition, our larger end-customers may negotiate pricing discounts in connection with large orders they place with us. The sale of our products at discounted prices could have a negative impact on our gross margin. We also must manage our inventory of existing products when we introduce new products.

If we are unable to sell the remaining inventory of our older products prior to or following the launch of such new product offerings, we may be forced to write down inventory for such older products, which could also negatively affect our gross margin. Our gross margin may also vary based on international currency exchange rates. In general, our sales are denominated in U.S. dollars; however, in Japan they are denominated in Japanese yen. Changes in the exchange rate between the U.S. dollar and the Japanese yen may therefore affect our actual revenue and gross margin.

We have been, may presently be, or in the future may be, a party to litigation and claims regarding intellectual property rights, resolution of which has been and may in the future be time-consuming, expensive and adverse to us, as well as require a significant amount of resources to prosecute, defend, or make our products non-infringing.

Our industry is characterized by the existence of a large number of patents and by increasingly frequent claims and related litigation based on allegations of infringement or other violations of patent and other intellectual property rights. In the ordinary course of our business, we have been and may presently be in disputes and licensing discussions with others regarding their patents and other claimed intellectual property and proprietary rights. Intellectual property infringement and misappropriation lawsuits and other claims are subject to inherent uncertainties due to the complexity of the technical and legal issues involved, and we cannot be certain that we will be successful in defending ourselves against such claims or in concluding licenses on reasonable terms or at all.

We may have fewer issued patents than some of our major competitors, and therefore may not be able to utilize our patent portfolio effectively to assert defenses or counterclaims in response to patent infringement claims or litigation brought against us by third parties. Further, litigation may involve patent holding companies or other adverse patent owners that have no relevant products revenue and against which our potential patents may provide little or no deterrence. In addition, many potential litigants have the capability to dedicate substantially greater resources than we can to enforce their intellectual property rights and to defend claims that may be brought against them. We expect that infringement claims may increase as the number of product types and the number of competitors in our market increases. Also, to the extent we gain greater visibility,

19


market exposure and competitive success, we face a higher risk of being the subject of intellectual property infringement claims.

If we are found in the future to infringe the proprietary rights of others, or if we otherwise settle such claims, we could be compelled to pay damages or royalties and either obtain a license to those intellectual property rights or alter our products such that they no longer infringe. Any license could be very expensive to obtain or may not be available at all. Similarly, changing our products or processes to avoid infringing the rights of others may be costly, time-consuming or impractical. Alternatively, we could also become subject to an injunction or other court order that could prevent us from offering our products. Any of these claims, regardless of their merit, may be time-consuming, result in costly litigation and diversion of technical and management personnel, or require us to cease using infringing technology, develop non-infringing technology or enter into royalty or licensing agreements.

Many of our commercial agreements require us to indemnify our end-customers, distributors and resellers for certain third-party intellectual property infringement actions related to our technology, which may require us to defend or otherwise become involved in such infringement claims, and we could incur liabilities in excess of the amounts we have received for the relevant products and/or services from our end-customers, distributors or resellers. These types of claims could harm our relationships with our end-customers, distributors and resellers, may deter future end-customers from purchasing our products or could expose us to litigation for these claims. Even if we are not a party to any litigation between an end-customer, distributor or reseller, on the one hand, and a third party, on the other hand, an adverse outcome in any such litigation could make it more difficult for us to defend our intellectual property rights in any subsequent litigation in which we are a named party.

We may not be able to adequately protect our intellectual property, and if we are unable to do so, our competitive position could be harmed, or we could be required to incur significant expenses to enforce our rights.

We rely on a combination of patent, copyright, trademark and trade secret laws, and contractual restrictions on disclosure of confidential and proprietary information, to protect our intellectual property. Despite the efforts we take to protect our intellectual property and other proprietary rights, these efforts may not be sufficient or effective at preventing their unauthorized use. In addition, effective trademark, patent, copyright and trade secret protection may not be available or cost-effective in every country in which we have rights. There may be instances where we are not able to protect intellectual property or other proprietary rights in a manner that maximizes competitive advantage. If we are unable to protect our intellectual property and other proprietary rights from unauthorized use, the value of those assets may be reduced, which could negatively impact our business.

We also rely in part on confidentiality and/or assignment agreements with our technology partners, employees, consultants, advisors and others. These protections and agreements may not effectively prevent disclosure of our confidential information and may not provide an adequate remedy in the event of unauthorized disclosure. In addition, others may independently discover our trade secrets and intellectual property information we thought to be proprietary, and in these cases we would not be able to assert any trade secret rights against those parties. Despite our efforts to protect our intellectual property, unauthorized parties may attempt to copy or otherwise obtain and use our intellectual property or technology. Monitoring unauthorized use of our intellectual property is difficult and expensive. We have not made such monitoring a priority to date and will not likely make this a priority in the future. We cannot be certain that the steps we have taken or will take will prevent misappropriation of our technology, particularly in foreign countries where the laws may not protect our proprietary rights as fully as in the United States.

If we fail to protect our intellectual property adequately, our competitors might gain access to our technology, and our business might be harmed. In addition, even if we protect our intellectual property, we may need to license it to competitors, which could also be harmful. For example, as a result of the settlement of an intellectual property matter, we have already licensed all of our issued patents, pending applications, and future patents and patent applications that we may acquire, obtain, apply for or have a right to license to Brocade Communications Systems, Inc. until May 2025, for the life of each such patent. In addition, we might incur significant expenses in defending our intellectual property rights. Any of our patents, copyrights, trademarks or other intellectual property rights could be challenged by others or invalidated through administrative process or litigation.

We may in the future initiate claims or litigation against third parties for infringement of our proprietary rights or to establish the validity of our proprietary rights. Any litigation, whether or not resolved in our favor, could result in significant expense to us and divert the efforts of our management and technical personnel, as well as cause other claims to be made against us, which might adversely affect our business, operating results and financial condition.


20


We generate a significant amount of revenue from sales to distributors, resellers, and end-customers outside of the United States, and we are therefore subject to a number of risks that could adversely affect these international sources of our revenue.

A significant portion of our revenue is generated in international markets, including Japan, Western Europe, China, Taiwan and South Korea. During the years ended December 31, 2018, 2017 and 2016, approximately 55%, 51% and 49% of our total revenue, respectively, was generated from customers located outside of the United States. If we are unable to maintain or continue to grow our revenue in these markets, our financial results may suffer.

As a result, we must hire and train experienced personnel to staff and manage our foreign operations. To the extent that we experience difficulties in recruiting, training, managing and retaining an international staff, and specifically sales management and sales personnel, we may experience difficulties in sales productivity in foreign markets. We also seek to enter into distributor and reseller relationships with companies in certain international markets where we do not have a local presence. If we are not able to maintain successful distributor relationships internationally or recruit additional companies to enter into distributor relationships, our future success in these international markets could be limited. Business practices in the international markets that we serve may differ from those in the United States and may require us in the future to include terms in customer contracts other than our standard terms. To the extent that we may enter into customer contracts in the future that include non-standard terms, our operating results may be adversely impacted.

We have a significant presence in international markets and plan to continue to expand our international operations, which exposes us to a number of risks that could affect our future growth.

Our sales team is comprised of field sales and inside sales personnel who are organized by geography and maintain sales presence in 27 countries as of December 31, 2018, including in the following countries and regions: United States, Western Europe, the Middle East, Japan, China, Taiwan, South Korea, Southeast Asia and Latin America. We expect to continue to increase our sales headcount in all markets, particularly in markets where we currently do not have a sales presence. As we continue to expand our international sales and operations, we are subject to a number of risks, including the following:

greater difficulty in enforcing contracts and accounts receivable collection and possible longer collection periods;
increased expenses incurred in establishing and maintaining office space and equipment for our international operations;
greater difficulty in recruiting local experienced personnel, and the costs and expenses associated with such activities;
general economic and political conditions in these foreign markets;
economic uncertainty around the world, including continued economic uncertainty as a result of sovereign debt issues in Europe and the United Kingdom’s decision to exit the European Union (commonly referred to as “Brexit”);
management communication and integration problems resulting from cultural and geographic dispersion;
risks associated with trade restrictions and foreign legal requirements, including the importation, certification, and localization of our products required in foreign countries;
greater risk of unexpected changes in regulatory practices, tariffs, and tax laws and treaties;
the uncertainty of protection for intellectual property rights in some countries;
greater risk of a failure of foreign employees to comply with both U.S. and foreign laws, including antitrust regulations, the U.S. Foreign Corrupt Practices Act (“FCPA”), and any trade regulations ensuring fair trade practices; and
heightened risk of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of, or irregularities in, financial statements.

Because of our worldwide operations, we are also subject to risks associated with compliance with applicable anticorruption laws. One such applicable anticorruption law is the FCPA, which generally prohibits U.S. companies and their employees and intermediaries from making payments to foreign officials for the purpose of obtaining or keeping business, securing an advantage, or directing business to another, and requires public companies to maintain accurate books and records and a system of internal accounting controls. Under the FCPA, U.S. companies may be held liable for actions taken by

21


directors, officers, employees, agents, or other strategic or local partners or representatives. As such, if we or our intermediaries, such as channel partners and distributors, fail to comply with the requirements of the FCPA or similar legislation, governmental authorities in the United States and elsewhere could seek to impose civil and/or criminal fines and penalties which could have a material adverse effect on our business, operating results and financial condition.

We are exposed to fluctuations in currency exchange rates, which could negatively affect our results of operations.

Our consolidated results of operations, financial position and cash flows are subject to fluctuations due to changes in foreign currency exchange rates. Historically, the majority of our revenue contracts are denominated in U.S. dollars, with the most significant exception being Japan, where we invoice primarily in the Japanese yen. Our expenses are generally denominated in the currencies in which our operations are located, which is primarily in North America and EMEA. Revenue resulting from selling in local currencies and costs incurred in local currencies are exposed to foreign currency exchange rate fluctuations that can affect our operating income. The currency exchange impact of the foreign exchange rates on our net loss was $0.7 million and $0.4 million unfavorable for the years ended December 31, 2018 and 2017, respectively. As exchange rates vary, our operating income may differ from expectations. We deploy normal and customary hedging practices that are designed to proactively mitigate such exposure. The use of such hedging activities may not offset any, or more than a portion, of the adverse financial effects of unfavorable movements in currency exchange rates over the limited time the hedges are in place and would not protect us from long term shifts in currency exchange rates.

Our success depends on our key personnel and our ability to hire, retain and motivate qualified product development, sales, marketing and finance personnel.

Our success depends to a significant degree upon the continued contributions of our key management, product development, sales, marketing and finance personnel, many of whom may be difficult to replace. The complexity of our products, their integration into existing networks and ongoing support of our products requires us to retain highly trained professional services, customer support and sales personnel with specific expertise related to our business. Competition for qualified professional services, customer support, engineering and sales personnel in our industry is intense, because of the limited number of people available with the necessary technical skills and understanding of our products. Our ability to recruit and hire these personnel is harmed by tightening labor markets, particularly in the engineering field, in several of our key geographic hiring areas. We may not be successful in attracting, integrating, or retaining qualified personnel to fulfill our current or future needs, nor may we be successful in keeping the qualified personnel we currently have. Our ability to hire and retain these personnel may be adversely affected by volatility or reductions in the price of our common stock, since these employees are generally granted equity-based awards.

Our future performance also depends on the continued services and continuing contributions of certain employees and members of senior management to execute on our business plan and to identify and pursue new opportunities and product innovations. Our senior management team, significant employees with technical expertise, and production and sales managers, among others, are critical to the development of our technology and the future vision and strategic direction of our company. The loss of their services could significantly delay or prevent the achievement of our development and strategic objectives, which could adversely affect our business, financial condition, and operating results.

Adverse general economic conditions or reduced information technology spending may adversely impact our business.

A substantial portion of our business depends on the demand for information technology by large enterprises and service providers, the overall economic health of our current and prospective end-customers and the continued growth and evolution of the Internet. The timing of the purchase of our products is often discretionary and may involve a significant commitment of capital and other resources. Volatility in the global economic market or other effects of global or regional economic weakness, including limited availability of credit, a reduction in business confidence and activity, deficit-driven austerity measures that continue to affect governments and educational institutions, and other difficulties may affect one or more of the industries to which we sell our products and services. If economic conditions in the United States, Europe and other key markets for our products continue to be volatile or do not improve or those markets experience another downturn, many end-customers may delay or reduce their IT spending. This could result in reductions in sales of our products and services, longer sales cycles, slower adoption of new technologies and increased price competition. Any of these events would likely harm our business, operating results and financial condition. In addition, there can be no assurance that IT spending levels will increase following any recovery.

22


Exposure to UK political developments, including the outcome of the UK referendum on membership in the European Union, could have a material adverse effect on us.
On June 23, 2016, a referendum was held on the United Kingdom’s membership in the European Union, the outcome of which was a vote in favor of leaving the European Union (commonly referred to as “Brexit”). The Brexit vote creates an uncertain political and economic environment in the United Kingdom and potentially across other European Union member states, which may last for a number of months or years.
The result of the Brexit vote means that the nature of the United Kingdom’s long-term relationship with the European Union is unclear and that there is considerable uncertainty as to when any such relationship will be agreed and implemented. In the interim, there is a risk of economic instability for both the United Kingdom and the European Union, which could adversely affect our results, financial condition and prospects.
The political and economic uncertainty created by the Brexit vote has caused and may continue to cause significant volatility in global financial markets and in the value of the Pound Sterling currency or other currencies, including the Euro. Depending on the terms reached regarding any exit from the European Union, it is possible that there may be adverse practical and/or operational implications on our business.
Consequently, no assurance can be given as to the overall impact of the Brexit and, in particular, no assurance can be given that our operating results, financial condition and prospects would not be adversely impacted by the result.

Enhanced United States tax, tariff, import/export restrictions, Chinese regulations or other trade barriers may have a negative effect on global economic conditions, financial markets and our business.

There is currently significant uncertainty about the future relationship between the United States and various other countries, most significantly China, with respect trade policies, treaties, tariffs and taxes, including trade policies and tariffs regarding China. The current U.S. presidential administration has called for substantial changes to U.S. foreign trade policy with respect to China and other countries, including the possibility of imposing greater restrictions on international trade and significant increases in tariffs on goods imported into the United States. In 2018, the Office of the U.S. Trade Representative (the “USTR”) enacted tariffs on imports into the U.S. from China, including communications equipment products and components manufactured and imported from China. The tariff became effective on September 24, 2018, with an initial rate of 10% and was scheduled to increase from 10% to 25% on January 1, 2019; however, that increase has been delayed for 90 days pending trade negotiations between the U.S. and China. In addition, the tariffs may be increased in the future. It is expected that these tariffs will cause our costs to increase, which could narrow the profits we earn from sales of products requiring such materials. Furthermore, if tariffs, trade restrictions, or trade barriers are placed on products such as ours by foreign governments, especially China, the prices for our products may increase, which may result in the loss of customers and our business, financial condition and results of operations may be harmed. There can be no assurance that we will not experience a disruption in our business related to these or other changes in trade practices and the process of changing suppliers in order to mitigate any such tariff costs could be complicated, time-consuming, and costly.

Furthermore, the U.S. tariffs may cause customers to delay orders as they evaluate where to take delivery of our products in connection with their efforts to mitigate their own tariff exposure. Such delays create forecasting difficulties for us and increase the risk that orders might be canceled or might never be placed. Current or future tariffs imposed by the U.S. may also negatively impact our customers' sales, thereby causing an indirect negative impact on our own sales. Any reduction in our customers' sales, and/or any apprehension among distributors and customers of a possible reduction in such sales, would likely cause an indirect negative impact on our own sales.

Additionally, the current uncertainty about the future relationship between the United States and other countries with respect to the trade policies, treaties, taxes, government regulations and tariffs makes it difficult to plan for the future. New developments in these areas, or the perception that any of them could occur, may have a material adverse effect on global economic conditions and the stability of global financial markets, and may significantly reduce global trade and, in particular, trade between these nations and the United States. Any of these factors could depress economic activity and restrict our access to suppliers or customers and have a material adverse effect on our business, financial condition and results of operations and affect our strategy in China and elsewhere around the world. Given the uncertainty of further developments related to tariffs, international trade agreements and policies we can give no assurance that our business, financial condition, and operating results would not be adversely affected.


23


We are dependent on third-party manufacturers, and changes to those relationships, expected or unexpected, may result in delays or disruptions that could harm our business.

We outsource the manufacturing of our hardware components to third-party original design manufacturers who assemble these hardware components to our specifications. Our primary manufacturers are Lanner and AEWIN, each of which is located in Taiwan. Our reliance on these third-party manufacturers reduces our control over the manufacturing process and exposes us to risks, including reduced control over quality assurance, product costs, and product supply and timing. Any manufacturing disruption at these manufacturers could severely impair our ability to fulfill orders. Our reliance on outsourced manufacturers also may create the potential for infringement or misappropriation of our intellectual property rights or confidential information. If we are unable to manage our relationships with these manufacturers effectively, or if these manufacturers suffer delays or disruptions for any reason, experience increased manufacturing lead-times, experience capacity constraints or quality control problems in their manufacturing operations, or fail to meet our future requirements for timely delivery, our ability to ship products to our end-customers would be severely impaired, and our business and operating results would be seriously harmed.

These manufacturers typically fulfill our supply requirements on the basis of individual orders. We do not have long-term contracts with our manufacturers that guarantee capacity, the continuation of particular pricing terms, or the extension of credit limits. Accordingly, they are not obligated to continue to fulfill our supply requirements, which could result in supply shortages, and the prices we are charged for manufacturing services could be increased on short notice. In addition, our orders may represent a relatively small percentage of the overall orders received by our manufacturers from their customers. As a result, fulfilling our orders may not be considered a priority by one or more of our manufacturers in the event the manufacturer is constrained in its ability to fulfill all of its customer obligations in a timely manner.

Although the services required to manufacture our hardware components may be readily available from a number of established manufacturers, it is time-consuming and costly to qualify and implement such relationships. If we are required to change manufacturers, whether due to an interruption in one of our manufacturers’ businesses, quality control problems or otherwise, or if we are required to engage additional manufacturers, our ability to meet our scheduled product deliveries to our customers could be adversely affected, which could cause the loss of sales to existing or potential customers, delayed revenue or an increase in our costs that could adversely affect our gross margin.

Because some of the key components in our products come from limited sources of supply, we are susceptible to supply shortages or supply changes, which could disrupt or delay our scheduled product deliveries to our end-customers and may result in the loss of sales and end-customers.

Our products incorporate key components, including certain integrated circuits that we and our third-party manufacturers purchase on our behalf from a limited number of suppliers, including some sole-source providers. In addition, the lead times associated with these and other components of our products can be lengthy and preclude rapid changes in quantities and delivery schedules. Moreover, long-term supply and maintenance obligations to our end-customers increase the duration for which specific components are required, which may further increase the risk we may incur component shortages or the cost of carrying inventory. If we are unable to obtain a sufficient quantity of these components in a timely manner for any reason, sales and/or shipments of our products could be delayed or halted, which would seriously affect present and future sales and cause damage to end-customer relationships, which would, in turn, adversely affect our business, financial condition and results of operations.

In addition, our component suppliers change their selling prices frequently in response to market trends, including industry-wide increases in demand, and because we do not necessarily have contracts with these suppliers, we are susceptible to price fluctuations related to raw materials and components. If we are unable to pass component price increases along to our end-customers or maintain stable pricing, our gross margin and operating results could be negatively impacted. Furthermore, poor quality in sole-sourced components or certain other components in our products could also result in lost sales or lost sales opportunities. If the quality of such components does not meet our standards or our end-customers’ requirements, if we are unable to obtain components from our existing suppliers on commercially reasonable terms, or if any of our sole source providers cease to continue to manufacture such components or to remain in business, we could be forced to redesign our products and qualify new components from alternate suppliers. The development of alternate sources for those components can be time-consuming, difficult and costly, and we may not be able to develop alternate or second sources in a timely manner. Even if we are able to locate alternate sources of supply, we could be forced to pay for expedited shipments of such components or our products at dramatically increased costs.


24


Real or perceived defects, errors, or vulnerabilities in our products or services or the failure of our products or services to block a threat or prevent a security breach could harm our reputation and adversely impact our results of operations.

Because our products and services are complex, they have contained and may contain design or manufacturing defects or errors that are not detected until after their commercial release and deployment by our customers. Even if we discover those weaknesses, we may not be able to correct them promptly, if at all. Defects may cause our products to be vulnerable to security attacks, cause them to fail to help secure networks, or temporarily interrupt end-customers’ networking traffic. Furthermore, our products may fail to detect or prevent malware, viruses, worms or similar threats for any number of reasons, including our failure to enhance and expand our platform to reflect industry trends, new technologies and new operating environments, the complexity of the environment of our end-customers and the sophistication of malware, viruses and other threats. Data thieves and hackers are increasingly sophisticated, often affiliated with organized crime or state-sponsored groups, and may operate large-scale and complex automated attacks. The techniques used to obtain unauthorized access or to sabotage networks change frequently and may not be recognized until launched against a target. Additionally, as a well-known provider of enterprise security solutions, our networks, products, and services could be targeted by attacks specifically designed to disrupt our business and harm our reputation. As our products are adopted by an increasing number of enterprises and governments, it is possible that the individuals and organizations behind advanced attacks will focus on finding ways to defeat our products. In addition, defects or errors in our updates to our products could result in a failure of our services to effectively update end-customers’ products and thereby leave our end-customers vulnerable to attacks. Our data centers and networks may experience technical failures and downtime, may fail to distribute appropriate updates, or may fail to meet the increased requirements of a growing installed end-customer base, any of which could temporarily or permanently expose our end-customers’ networks, leaving their networks unprotected against security threats. Our end-customers may also misuse or wrongly configure our products or otherwise fall prey to attacks that our products cannot protect against, which may result in loss or a breach of business data, data being inaccessible due to a “ransomware” attack, or other security incidents. For all of these reasons, we may be unable to anticipate all data security threats or provide a solution in time to protect our end-customers’ networks. If we fail to identify and respond to new and increasingly complex methods of attack and to update our products to detect or prevent such threats in time to protect our end-customers’ critical business data, our business, operating results and reputation could suffer.

If any companies or governments that are publicly known to use our platform are the subject of a cyberattack that becomes publicized, our other current or potential channel partners or end-customers may look to our competitors for alternatives to our products. Real or perceived security breaches of our end-customers’ networks could cause disruption or damage to their networks or other negative consequences and could result in negative publicity to us, damage to our reputation, declining sales, increased expenses and end-customer relations issues. To the extent potential end-customers or industry analysts believe that the occurrence of any actual or perceived failure of our products to detect or prevent malware, viruses, worms or similar threats is a flaw or indicates that our products do not provide significant value, our reputation and business could be harmed.

Any real or perceived defects, errors, or vulnerabilities in our products, or any failure of our products to detect a threat, could result in:
a loss of existing or potential end-customers or channel partners;
delayed or lost revenue;
a delay in attaining, or the failure to attain, market acceptance;
the expenditure of significant financial and product development resources in efforts to analyze, correct, eliminate, or work around errors or defects, to address and eliminate vulnerabilities, to remediate harms potentially caused by those vulnerabilities, or to identify and ramp up production with third-party providers;
an increase in warranty claims, or an increase in the cost of servicing warranty claims, either of which would adversely affect our gross margins;
harm to our reputation or brand; and
litigation, regulatory inquiries, or investigations that may be costly and further harm our reputation.

Although we maintain cyber liability coverage that may cover certain liabilities in connection with a security breach, we cannot be certain that our insurance coverage will be adequate for liabilities actually incurred, that insurance will continue to be available to use on commercially reasonable terms, or at all, or that any insurer will not deny coverage as to any future claim. The successful assertion of one or more large claims against us that exceed available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or the imposition of large deductible or co-

25


insurance requirements, could have a material adverse effect on our business, including our financial condition, results of operation and reputation.

Our business is subject to the risks of warranty claims, product returns, product liability, and product defects.

Real or perceived errors, failures or bugs in our products could result in claims by end-customers for losses that they sustain. If end-customers make these types of claims, we may be required, or may choose, for customer relations or other reasons, to expend additional resources in order to help correct the problem. Historically, the amount of warranty claims has not been significant, but there are no assurances that the amount of such claims will not be material in the future. Liability provisions in our standard terms and conditions of sale, and those of our resellers and distributors, may not be enforceable under some circumstances or may not fully or effectively protect us from customer claims and related liabilities and costs, including indemnification obligations under our agreements with resellers, distributors or end-customers. The sale and support of our products also entail the risk of product liability claims. We maintain insurance to protect against certain types of claims associated with the use of our products, but our insurance coverage may not adequately cover any such claims. In addition, even claims that ultimately are unsuccessful could result in expenditures of funds in connection with litigation and divert management’s time and other resources.

Failure to protect and ensure the confidentiality and security of data could lead to legal liability, adversely affect our reputation and have a material adverse effect on our operating results, business and reputation.

We may collect, store and use certain confidential information in the course of providing our services, and we have invested in preserving the security of this data. We may also outsource operations to third-party service providers to whom we transmit certain confidential data. There are no assurances that any security measures we have in place, or any additional security measures that our subcontractors may have in place, will be sufficient to protect this confidential information from unauthorized security breaches.

We cannot assure you that, despite the implementation of these security measures, we will not be subject to a security incident or other data breach or that this data will not be compromised. We may be required to expend significant capital and other resources to protect against security breaches or to alleviate problems caused by security breaches, or to pay penalties as a result of such breaches. Despite our implementation of security measures, techniques used to obtain unauthorized access or to sabotage systems change frequently and may not be recognized until launched against a target. As a result, we may be unable to anticipate these techniques or implement adequate preventative measures to protect this data. In addition, security breaches can also occur as a result of non-technical issues, including intentional or inadvertent breaches by our employees or service providers or by other persons or entities with whom we have commercial relationships. Any compromise or perceived compromise of our security could damage our reputation with our end-customers, and could subject us to significant liability, as well as regulatory action, including financial penalties, which would materially adversely affect our brand, results of operations, financial condition, business and prospects.

We have incurred, and expect to continue to incur, significant costs to protect against security breaches. We may incur significant additional costs in the future to address problems caused by any actual or perceived security breaches.

Breaches of our security measures or those of our third-party service providers, or other security incidents, could result in: unauthorized access to our sites, networks and systems; unauthorized access to, misuse or misappropriation of information, including personally identifiable information, or other confidential or proprietary information of ourselves or third parties; viruses, worms, spyware or other malware being served from our sites, networks or systems; deletion or modification of content or the display of unauthorized content on our sites; interruption, disruption or malfunction of operations; costs relating to notification of individuals, or other forms of breach remediation; deployment of additional personnel and protection technologies; response to governmental investigations and media inquiries and coverage; engagement of third-party experts and consultants; litigation, regulatory investigations, prosecutions, and other actions; and other potential liabilities. If any of these events occurs, or is believed to occur, our reputation and brand could be damaged, our business may suffer, we could be required to expend significant capital and other resources to alleviate problems caused by such actual or perceived breaches, we could be exposed to a risk of loss, litigation or regulatory action and possible liability, and our ability to operate our business, including our ability to provide maintenance and support services to our channel partners and end-customers, may be impaired. If current or prospective channel partners and end-customers believe that our systems and solutions do not provide adequate security for their businesses’ needs, our business and our financial results could be harmed. Additionally, actual, potential or anticipated attacks may cause us to incur increasing costs, including costs to deploy additional personnel and protection technologies, train employees and engage third-party experts and consultants.


26


Although we maintain privacy, data breach and network security liability insurance, we cannot be certain that our coverage will be adequate for liabilities actually incurred or that insurance will continue to be available to us on economically reasonable terms, or at all. Any actual or perceived compromise or breach of our security measures, or those of our third-party service providers, or any unauthorized access to, misuse or misappropriation of personally identifiable information, channel partners’ or end-customers information, or other information, could violate applicable laws and regulations, contractual obligations or other legal obligations and cause significant legal and financial exposure, adverse publicity and a loss of confidence in our security measures, any of which could have an material adverse effect on our business, financial condition and operating results.

Our failure to adequately protect personal data could have a material adverse effect on our business.

A wide variety of provincial, state, national, foreign, and international laws and regulations apply to the collection, use, retention, protection, disclosure, transfer, and other processing of personal data. These data protection and privacy-related laws and regulations are evolving and being tested in courts and may result in ever-increasing regulatory and public scrutiny and escalating levels of enforcement and sanctions. For example, the European Union has adopted a General Data Protection Regulation, or GDPR, which superseded the Data Protection Directive. This regulation, which took full effect on May 25, 2018, has caused EU data protection requirements to be more stringent and provide for greater penalties. Noncompliance with the GDPR can trigger fines of up to €20 million or 4% of global annual revenues, whichever is higher. The United Kingdom also recently enacted legislation that substantially implements the GDPR. Additionally, California recently enacted the California Consumer Privacy Act, or CCPA, that will, among other things, require covered companies to provide new disclosures to California consumers, and afford such consumers new abilities to opt-out of certain sales of personal information, when it goes into effect on January 1, 2020. The CCPA recently was amended, and it is possible that it will be amended again before it goes into effect. We cannot yet predict the impact of the CCPA on our business or operations, but it may require us to modify our data processing practices and policies and to incur substantial costs and expenses in an effort to comply. Our failure to comply with applicable laws and regulations, or to protect such data, could result in enforcement action against us, including significant fines, imprisonment of company officials and public censure, claims for damages by end-customers and other affected persons and entities, damage to our reputation and loss of goodwill (both in relation to existing and prospective channel partners and end-customers), and other forms of injunctive or operations-limiting relief, any of which could have a material adverse effect on our operations, financial performance, and business. Evolving and changing definitions of personal data and personal information, within the European Union, the United States, and elsewhere, especially relating to classification of Internet Protocol (“IP”) addresses, machine identification, location data, biometric data and other information, may limit or inhibit our ability to operate or expand our business, including limiting strategic partnerships that may involve the sharing of data. We may be required to expend significant resources to modify our solutions and otherwise adapt to these changes, which we may be unable to do on commercially reasonable terms or at all, and our ability to develop new solutions and features could be limited. These developments could harm our business, financial condition and results of operations. Even if not subject to legal challenge, the perception of privacy concerns, whether or not valid, may harm our reputation and inhibit adoption of our products by current and prospective end-customers.

If the general level of advanced cyberattacks declines, or is perceived by our current or potential customers to have declined, our business could be harmed.

Our security business may be dependent on enterprises and governments recognizing that advanced cyberattacks are pervasive and are not effectively prevented by legacy security solutions. High visibility attacks on prominent companies and governments have increased market awareness of advanced cyberattacks and help to provide an impetus for enterprises and governments to devote resources to protecting against advanced cyberattacks, which may include testing, purchasing and deploying our products. If advanced cyberattacks were to decline, or enterprises or governments perceived a decline in the general level of advanced cyberattacks, our ability to attract new channel partners and end-customers and expand our offerings within existing channel partners and end-customers could be materially and adversely affected. An actual or perceived reduction in the threat landscape could increase our sales cycles and harm our business, results of operations and financial condition.


27


Undetected software or hardware errors may harm our business and results of operations.

Our products may contain undetected errors or defects when first introduced or as new versions are released. We have experienced these errors or defects in the past in connection with new products and product upgrades. We expect that these errors or defects will be found from time to time in new or enhanced products after commencement of commercial distribution. These problems have in the past and may in the future cause us to incur significant warranty and repair costs, divert the attention of our engineering personnel from our product development efforts and cause significant customer relations problems. We may also be subject to liability claims for damages related to product errors or defects. While we carry insurance policies covering this type of liability, these policies may not provide sufficient protection should a claim be asserted. A material product liability claim may harm our business and results of operations.

Any errors, defects or vulnerabilities in our products could result in:
expenditures of significant financial and product development resources in efforts to analyze, correct, eliminate or work around errors and defects or to address and eliminate vulnerabilities;
loss of existing or potential end-customers or distribution channel partners;
delayed or lost revenue;
delay or failure to attain market acceptance;
indemnification obligations under our agreements with resellers, distributors and/or end-customers;
an increase in warranty claims compared with our historical experience or an increased cost of servicing warranty claims, either of which would adversely affect our gross margin; and
litigation, regulatory inquiries, or investigations that may be costly and harm our reputation.

Our use of open source software in our products could negatively affect our ability to sell our products and subject us to possible litigation.

We incorporate open source software such as the Linux operating system kernel into our products. We have implemented a formal open source use policy, including written guidelines for use of open source software and business processes for approval of that use. We have developed and implemented our open source policies according to industry practice; however, best practices in this area are subject to change, because there is little reported case law on the interpretation of material terms of many open source licenses. We are in the process of reviewing our open source use and our compliance with open source licenses and implementing remediation and changes necessary to comply with the open source licenses related thereto. We cannot guarantee that our use of open source software has been, and will be, managed effectively for our intended business purposes and/or compliant with applicable open source licenses. We may face legal action by third parties seeking to enforce their intellectual property rights related to our use of such open source software. Failure to adequately manage open source license compliance and our use of open source software may result in unanticipated obligations regarding our products and services, such as a requirement that we license proprietary portions of our products or services on unfavorable terms, that we make available source code for modifications or derivative works we created based upon, incorporating or using open source software, that we license such modifications or derivative works under the terms of the particular open source license and/or that we redesign the affected products or services, which could result, for example, in a loss of intellectual property rights, or delay in providing our products and services. From time to time, there have been claims against companies that distribute or use third-party open source software in their products and services, asserting that the open source software or its combination with the products or services infringes third parties’ patents or copyrights, or that the companies’ distribution or use of the open source software does not comply with the terms of the applicable open source licenses. Use of certain open source software can lead to greater risks than use of warranted third-party commercial software, as open source licensors generally do not provide warranties or controls on the origin of such open source software. From time to time, there have been claims against companies that use open source software in their products, challenging the ownership of rights in such open source software. As a result, we could also be subject to suits by parties claiming ownership of rights in what we believe to be open source software and so challenging our right to use such software in our products. If any such claims were asserted against us, we could be required to incur significant legal expenses defending against such a claim. Further, if our defenses to such a claim were not successful, we could be, for example, subject to significant damages, be required to seek licenses from third parties in order to continue offering our products and services without infringing such third party’s intellectual property rights, be required to re-engineer such products and services, or be required to discontinue making available such products and services if re-engineering cannot be accomplished on a timely or successful basis. The need to engage in these or other remedies could increase our costs or otherwise adversely affect our business, operating results and financial condition.


28


Our products must interoperate with operating systems, software applications and hardware that are developed by others and if we are unable to devote the necessary resources to ensure that our products interoperate with such software and hardware, we may fail to increase, or we may lose market share and we may experience a weakening demand for our products.

Our products must interoperate with our end-customers’ existing infrastructure, specifically their networks, servers, software and operating systems, which may be manufactured by a wide variety of vendors and original equipment manufacturers. As a result, when problems occur in a network, it may be difficult to identify the source of the problem. The occurrence of software or hardware problems, whether caused by our products or another vendor’s products, may result in the delay or loss of market acceptance of our products. In addition, when new or updated versions of our end-customers’ software operating systems or applications are introduced, we must sometimes develop updated versions of our software so that our products will interoperate properly. We may not accomplish these development efforts quickly, cost-effectively or at all. These development efforts require capital investment and the devotion of engineering resources. If we fail to maintain compatibility with these applications, our end-customers may not be able to adequately utilize our products, and we may, among other consequences, fail to increase, or we may lose market share and experience a weakening in demand for our products, which would adversely affect our business, operating results and financial condition.

We license technology from third parties, and our inability to maintain those licenses could harm our business.

Many of our products include proprietary technologies licensed from third parties. In the future, it may be necessary to renew licenses for third party technology or obtain new licenses for other technology. These third-party licenses may not be available to us on acceptable terms, if at all. As a result, we could also face delays or be unable to make changes to our products until equivalent technology can be identified, licensed or developed and integrated with our products. Such delays or an inability to make changes to our products, if it were to occur, could adversely affect our business, operating results and financial condition. The inability to obtain certain licenses to third-party technology, or litigation regarding the interpretation or enforcement of license agreements and related intellectual property issues, could have a material adverse effect on our business, operating results and financial condition.

Failure to prevent excess inventories or inventory shortages could result in decreased revenue and gross margin and harm our business.

We purchase products from our manufacturers outside of, and in advance of, reseller or end-customer orders, which we hold in inventory and sell. We place orders with our manufacturers based on our forecasts of our end-customers’ requirements and forecasts provided by our distribution channel partners. These forecasts are based on multiple assumptions, each of which might cause our estimates to be inaccurate, affecting our ability to provide products to our customers. There is a risk we may be unable to sell excess products ordered from our manufacturers. Inventory levels in excess of customer demand may result in obsolete inventory and inventory write-downs. The sale of excess inventory at discounted prices could impair our brand image and have an adverse effect on our financial condition and results of operations. Conversely, if we underestimate demand for our products or if our manufacturers fail to supply products we require at the time we need them, we may experience inventory shortages. Inventory shortages might delay shipments to resellers, distributors and customers and cause us to lose sales. These shortages may diminish the loyalty of our distribution channel partners or customers.

The difficulty in forecasting demand also makes it difficult to estimate our future financial condition and results of operations from period to period. A failure to accurately predict the level of demand for our products could adversely affect our total revenue and net income, and we are unlikely to forecast such effects with any certainty in advance.

Our sales cycles can be long and unpredictable, primarily due to the complexity of our end-customers’ networks and data centers and the length of their budget cycles. As a result, our sales and revenue are difficult to predict and may vary substantially from period to period, which may cause our operating results to fluctuate significantly.

The timing of our sales is difficult to predict because of the length and unpredictability of our products’ sales cycles. A sales cycle is the period between initial contact with a prospective end-customer and any sale of our products. Our sales cycle, in particular to our large end-customers, may be lengthy due to the complexity of their networks and data centers. Because of this complexity, prospective end-customers generally consider a number of factors over an extended period of time before committing to purchase our products. End-customers often view the purchase of our products as a significant and strategic decision that can have important implications on their existing networks and data centers and, as a result, require considerable time to evaluate, test and qualify our products prior to making a purchase decision and placing an order to ensure that our products will successfully interoperate with our end-customers’ complex network and data centers. Additionally, the budgetary decisions at these entities can be lengthy and require multiple organization reviews. The length of time that end-customers

29


devote to their evaluation of our products and decision making process varies significantly. The length of our products’ sales cycles typically ranges from three to 12 months but can be longer for our large end-customers. In addition, the length of our close or sales cycle can be affected by the extent to which customized features are requested, in particular in our large deals.

For all of these reasons, it is difficult to predict whether a sale will be completed or the particular fiscal period in which a sale will be completed, both of which contribute to the uncertainty of our future operating results. If our close or sales cycles lengthen, our revenue could be lower than expected, which would have an adverse impact on our operating results and could cause our stock price to decline.

Our ability to sell our products is highly dependent on the quality of our support and services offerings, and our failure to offer high-quality support could have a material adverse effect on our business, revenue and results of operations.

We believe that our ability to provide consistent, high quality customer service and technical support is a key factor in attracting and retaining end-customers of all sizes and is critical to the deployment of our products. When support is purchased our end-customers depend on our support organization to provide a broad range of support services, including on-site technical support, 24-hour support and shipment of replacement parts on an expedited basis. If our support organization or our distribution channel partners do not assist our end-customers in deploying our products effectively, succeed in helping our end-customers resolve post-deployment issues quickly, or provide ongoing support, it could adversely affect our ability to sell our products to existing end-customers and could harm our reputation with potential end-customers. We currently have technical support centers in the United States, Japan, China, India and the Netherlands. As we continue to expand our operations internationally, our support organization will face additional challenges, including those associated with delivering support, training and documentation in languages other than English.

We typically sell our products with maintenance and support as part of the initial purchase, and a substantial portion of our support revenue comes from renewals of maintenance and support contracts. Our end-customers have no obligation to renew their maintenance and support contracts after the expiration of the initial period. If we are unable to provide high quality support, our end-customers may elect not to renew their maintenance and support contracts or to reduce the product quantity under their maintenance and support contracts, thereby reducing our future revenue from maintenance and support contracts.

Our failure or the failure of our distribution channel partners to maintain high-quality support and services could have a material and adverse effect on our business, revenue and operating results.

We depend on growth in markets relating to network security, management and analysis, and lack of growth or contraction in one or more of these markets could have a material adverse effect on our results of operations and financial condition.

Demand for our products is linked to, among other things, growth in the size and complexity of network infrastructures and the demand for networking technologies addressing the security, management and analysis of such infrastructures. These markets are dynamic and evolving. Our future financial performance will depend in large part on continued growth in the number of organizations investing in their network infrastructure and the amount they commit to such investments. If this demand declines, our results of operations and financial condition would be materially and adversely affected. Segments of the network infrastructure industry have in the past experienced significant economic downturns. Furthermore, the market for network infrastructure may not continue to grow at historic rates, or at all. The occurrence of any of these factors in the markets relating to network security, management and analysis could materially and adversely affect our results of operations and financial condition.

Because we recognize subscription revenue from our customers over the term of their agreements, downturns or upturns in sales of our subscription based offerings will not be immediately reflected in our operating results and may adversely affect revenue in the future.

We recognize subscription revenue over the term of our customer agreements. As a result, most of our subscription revenue arises from agreements entered into during previous periods. A shortfall in orders for our subscription based solutions in any one period would most likely not significantly reduce our subscription revenue for that period, but could adversely affect the revenue contribution in future periods. In addition, we may be unable to quickly reduce our cost structure in response to a decrease in these orders. Accordingly, the effect of downturns in sales of our subscription based solutions will not be fully reflected in our operating results until future periods. A subscription revenue model also makes it difficult for us to rapidly increase our revenue through additional subscription sales in any one period, as revenue is generally recognized over a longer period.


30


Our business and operations have experienced growth in certain prior periods and may experience rapid growth at certain times in the future, and if we do not effectively manage any future growth or are unable to improve our controls, systems and processes, our operating results will be adversely affected.

In certain prior periods, we have significantly increased the number of our employees and independent contractors. As we hire new employees and independent contractors and expand into new locations outside the United States, we are required to comply with varying local laws for each of these new locations. We anticipate that further expansion of our infrastructure and headcount will be required. Our growth has placed, and will continue to place, a significant strain on our administrative and operational infrastructure and financial resources. Our ability to manage our operations and growth across multiple countries will require us to continue to refine our operational, financial and management controls, human resource policies, and reporting systems and processes.

We need to continue to improve our internal systems, processes, and controls to effectively manage our operations and growth. We may not be able to successfully implement improvements to these systems, processes and controls in an efficient or timely manner. In addition, our systems and processes may not prevent or detect all errors, omissions or fraud. For example, as described in Item 9A, “Controls and Procedures,” of this report, we identified material weaknesses in our internal control over financial reporting and concluded that our internal control over financial reporting and our disclosure controls and procedures were not effective as of December 31, 2018 and December 31, 2017. We may experience difficulties in managing improvements to our systems, processes, and controls or in connection with third-party software, which could impair our ability to provide products or services to our customers in a timely manner, causing us to lose customers, limit us to smaller deployments of our products, increase our technical support costs, or damage our reputation and brand. Furthermore, given our growth and size, our management team may lack oversight on certain side agreements between sales personnel and customers. Our failure to improve our systems and processes, or their failure to operate in the intended manner, may result in our inability to manage the growth of our business and to accurately forecast our revenue, expenses, and earnings, or to prevent certain losses, any of which may harm our business and results of operations.

We may not be able to sustain or develop new distributor and reseller relationships, and a reduction or delay in sales to significant distribution channel partners could hurt our business.

We sell our products and services through multiple distribution channels in the United States and internationally. We may not be able to increase our number of distributor or reseller relationships or maintain our existing relationships. Recruiting and retaining qualified distribution channel partners and training them on our technologies requires significant time and resources. These distribution channel partners may also market, sell and support products and services that are competitive with ours and may devote more resources to the marketing, sales and support of such competitive products. Our sales channel structure could subject us to lawsuits, potential liability and reputational harm if, for example, any of our distribution channel partners misrepresent the functionality of our products or services to end-customers or violate laws or our corporate policies. If we are unable to establish or maintain our sales channels or if our distribution channel partners are unable to adapt to our future sales focus and needs, our business and results of operations will be harmed.

The terms of the 2016 Credit Facility and changes in the rate at which we can obtain indebtedness could restrict our operations, particularly our ability to respond to changes in our business or to take specified actions.

In November 2016, we entered into a loan and security agreement (the “2016 Credit Facility”) with Silicon Valley Bank (“SVB”), as the lender. The 2016 Credit Facility contains a number of restrictive covenants that impose operating and financial restrictions on us, including restrictions on our ability to take actions that may be in our best interests. The 2016 Credit Facility requires us to satisfy specified covenants. As of the date of this filing, we had no outstanding balance under the 2016 Credit Facility and were in compliance with all facility covenants. However, we have experienced noncompliance with the covenants under the 2016 Credit Facility in connection with our late submission of quarterly financial statements and annual audited financial statements. While we view this as a one-time event, and while we were able to successfully negotiate a forbearance for such default and ultimately deliver the required financial statements, we may in the future fail to comply with the terms of the 2016 Credit Facility and be unable to negotiate a waiver or forbearance of any such defaults with our lender. If we fail to comply with these covenants in the future, SVB could elect to declare all amounts outstanding under the 2016 Credit Facility to be immediately due and payable and terminate all commitments to extend further credit. If SVB accelerates the repayment, if any, we may not have sufficient funds to repay our existing debt. If we were unable to repay those amounts, SVB could proceed against the collateral granted to it to secure such indebtedness. We have pledged substantially all of our assets, excluding our intellectual property, as collateral under the 2016 Credit Facility. The 2016 Credit Facility uses LIBOR as a reference rate for our revolving loans, such that the interest rate applicable to such loans may, at our option, be calculated based on LIBOR. LIBOR is the subject of recent national, international and other regulatory guidance and proposals for reform. The consequences of these developments cannot be entirely predicted, but if LIBOR is no longer available or if our lender has

31


increased costs due to changes in LIBOR, we may experience potential increases in interest rates on our revolving loans, which could adversely impact our interest expense, results of operations and cash flows.

Our sales to governmental organizations are subject to a number of challenges and risks.

We sell to governmental organization end-customers. Sales to governmental organizations are subject to a number of challenges and risks. Selling to governmental organizations can be highly competitive, expensive and time consuming, often requiring significant upfront time and expense without any assurance that these efforts will generate a sale. We have not yet received security clearance from the United States government, which prevents us from being able to sell directly for certain governmental uses. There can be no assurance that such clearance will be obtained, and failure to do so may adversely affect our operating results. Governmental organization demand and payment for our products may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our products. Governmental organizations may have statutory, contractual or other legal rights to terminate contracts with our distributors and resellers for convenience or due to a default, and any such termination may adversely impact our future operating results.

The U.S. federal government shutdown may negatively impact our business.

The United States continues to face an uncertain political environment and substantial fiscal and economic challenges, which could affect future funding for the U.S. federal government’s discretionary and non-discretionary budgets. For 35 days ending on January 25, 2019, the U.S. federal government was partially shut down as a result of a lapse in appropriations from Congress. Additional or extended U.S. federal government shutdowns or any related under-staffing of the government departments or agencies that interact with our business could result in program cancellations, disruptions and stop work orders, limit the government’s ability to effectively progress programs and make timely payments, and affect our ability to successfully compete for new work. Additional or extended government shutdowns for any significant duration could additionally impact discretionary income among our customers or potential customers and financial markets in the U.S. Any lack of governmental support or staffing, decreases in discretionary income, financial market turbulence or other yet unknown impacts related to the foregoing could have an adverse impact on our business, financial condition and results of operations. The U.S. federal budget is expected to continue to be the subject of considerable debate, which could have significant impacts on the U.S. federal government’s spending broadly, and its spending with respect to the Company and the industries in which we operate.

Failure to comply with governmental laws and regulations could harm our business.

Our business is subject to regulation by various federal, state, local and foreign governmental entities, including agencies responsible for monitoring and enforcing employment and labor laws, workplace safety, product safety, environmental laws, consumer protection laws, anti-bribery laws, import/export controls, federal securities laws, and tax laws and regulations. In certain jurisdictions, these regulatory requirements may be more stringent than those in the United States. Noncompliance with applicable regulations or requirements could subject us to investigations, sanctions, mandatory product recalls, enforcement actions, disgorgement of profits, fines, damages, civil and criminal penalties or injunctions. If any governmental sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation, our business, operating results, and financial condition could be materially adversely affected. In addition, responding to any action will likely result in a significant diversion of management’s attention and resources and an increase in professional fees. Enforcement actions and sanctions could harm our business, operating results and financial condition.

We are subject to governmental export and import controls that could subject us to liability or impair our ability to compete in international markets.

Our products are subject to U.S. export controls and may be exported outside the United States only with the required level of export license or through an export license exception because we incorporate encryption technology into our products. In addition, various countries regulate the import of certain encryption technology and have enacted laws that could limit our ability to distribute our products or our end-customers’ ability to implement our products in those countries. Changes in our products or changes in export and import regulations may create delays in the introduction of our products in international markets, prevent our end-customers with international operations from deploying our products throughout their global systems or, in some cases, prevent the export or import of our products to certain countries altogether. Any change in export or import regulations or related legislation, shift in approach to the enforcement or scope of existing regulations or change in the countries, persons or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential end-customers with international operations. Any

32


decreased use of our products or limitation on our ability to export or sell our products would likely adversely affect our business, operating results and financial condition.

We discovered that trial software was inadvertently available for download by any international user and, on limited occasions, was downloaded by individuals located in a U.S. sanctioned country. We implemented corrective actions and filed a Voluntary Self Disclosure in February 2017 with the U.S. Department of Commerce and U.S. Department of Treasury regarding these technical violations. Both agencies closed their review without any fines or penalties.

We are subject to various environmental laws and regulations that could impose substantial costs upon us.

Our company must comply with local, state, federal, and international environmental laws and regulations in the countries in which we do business. We are also subject to laws, which restrict certain hazardous substances, including lead, used in the construction of our products, such as the European Union Restriction on the Use of Hazardous Substances in electrical and electronic equipment directive. We are also subject to the European Union Directive, known as the Waste Electrical and Electronic Equipment Directive (“WEEE Directive”), which requires producers of certain electrical and electronic equipment to properly label products, register as a WEEE producer, and provide for the collection, disposal and recycling of waste electronic products. Failure to comply with these environmental directives and other environmental laws could result in the imposition of fines and penalties, inability to sell covered products in certain countries, the loss of revenue, or subject us to third-party property damage or personal injury claims, or require us to incur investigation, remediation or engineering costs. Our operations and products will be affected by future environmental laws and regulations, but we cannot predict the ultimate impact of any such future laws and regulations at this time.

Our products must conform to industry standards in order to be accepted by end-customers in our markets.

Generally, our products comprise only a part of a data center. The servers, network, software and other components and systems of a data center must comply with established industry standards in order to interoperate and function efficiently together. We depend on companies that provide other components of the servers and systems in a data center to support prevailing industry standards. Often, these companies are significantly larger and more influential in driving industry standards than we are. Some industry standards may not be widely adopted or implemented uniformly, and competing standards may emerge that may be preferred by our end-customers. If larger companies do not support the same industry standards that we do, or if competing standards emerge, market acceptance of our products could be adversely affected and we may need to incur substantial costs to conform our products to such standards, which could harm our business, operating results and financial condition.

We are dependent on various information technology systems, and failures of or interruptions to those systems could harm our business.

Many of our business processes depend upon our information technology systems, the systems and processes of third parties, and on interfaces with the systems of third parties. If those systems fail or are interrupted, or if our ability to connect to or interact with one or more networks is interrupted, our processes may function at a diminished level or not at all. This could harm our ability to ship or support our products, and our financial results may be harmed.

In addition, reconfiguring or upgrading our information technology systems or other business processes in response to changing business needs may be time-consuming and costly and is subject to risks of delay or failed deployment. To the extent this impacts our ability to react timely to specific market or business opportunities, our financial results may be harmed.

Future acquisitions we may undertake may not result in the financial and strategic goals that are contemplated at the time of the transaction.

We completed the acquisition of substantially all of the assets of Appcito in June 2016 and may make future acquisitions of complementary companies, products or technologies. With respect to the Appcito acquisition or any other future acquisitions we may undertake, we may find that the acquired businesses, products or technologies do not further our business strategy as expected, that we paid more than what the assets are later worth or that economic conditions change, all of which may generate future impairment charges. The Appcito acquisition or any future acquisitions may be viewed negatively by customers, financial markets or investors. There may be difficulty integrating the operations and personnel of an acquired business, and we may have difficulty retaining the key personnel of an acquired business. We may have difficulty in integrating acquired technologies or products with our existing product lines. Any integration process may require significant time and resources, and we may not be able to manage the process successfully. Our ongoing business and management’s attention may be disrupted or diverted by transition or integration issues and the complexity of managing geographically and culturally

33


diverse locations. We may have difficulty maintaining uniform standards, controls, procedures and policies across locations. We may experience significant problems or liabilities associated with product quality, technology and other matters.

Our inability to successfully operate and integrate future acquisitions appropriately, effectively and in a timely manner, or to retain key personnel of any acquired business, could have a material adverse effect on our revenue, gross margin and expenses.

Our ability to use our net operating loss carryforwards may be subject to limitation and may result in increased future tax liability to us.

Generally, a change of more than 50% in the ownership of a corporation’s stock, by value, over a three-year period constitutes an ownership change for U.S. federal income tax purposes. An ownership change may limit a company’s ability to use its net operating loss carryforwards attributable to the period prior to such change. In the event we have undergone an ownership change under Section 382 of the Internal Revenue Code, if we earn net taxable income, our ability to use our pre-change net operating loss carryforwards to offset U.S. federal taxable income may become subject to limitations, which could potentially result in increased future tax liability to us.

Changes in tax laws or regulations or adverse outcomes resulting from examination of our income or other tax returns could adversely affect our operating results and financial condition.

We are subject to income taxes in the United States and various foreign jurisdictions, and our domestic and international tax liabilities will be subject to the allocation of expenses in differing jurisdictions. Our future effective tax rates could be subject to volatility or adversely affected by a number of factors, including:

changes in the valuation of our deferred tax assets and liabilities;
expected timing and amount of the release of tax valuation allowances;
expiration of, or detrimental changes in, research and development tax credit laws;
tax effects of stock-based compensation;
costs related to intercompany restructurings;
changes in tax laws, regulations, accounting principles or interpretations thereof;
future earnings being lower than anticipated in countries where we have lower statutory tax rates and higher than anticipated earnings in countries where we have higher statutory tax rates; or
examinations by US federal, state or foreign jurisdictions that disagree with interpretations of tax rules and regulations in regard to positions taken on tax filings.

As our business grows, we are required to comply with increasingly complex taxation rules and practices. We are subject to tax in multiple U.S. tax jurisdictions and in foreign tax jurisdictions as we expand internationally. The development of our tax strategies requires additional expertise and may impact how we conduct our business. Our future effective tax rates could be unfavorably affected by changes in, or interpretations of, tax rules and regulations in the jurisdictions in which we do business or changes in the valuation of our deferred tax assets and liabilities. Furthermore, we provide for certain tax liabilities that involve significant judgment. We are subject to the examination of our tax returns by federal, state and foreign tax authorities, which could focus on our intercompany transfer pricing methodology as well as other matters. If our tax strategies are ineffective or we are not in compliance with domestic and international tax laws, our financial position, operating results and cash flows could be adversely affected.

In addition, from time to time the United States, foreign and state governments make substantive changes to tax rules and the application of rules to companies. For example, the 2017 Tax Cut and Jobs Act (the “Tax Act”) creates a new requirement that certain income (i.e., Global Intangible Low-Taxed Income, or GILTI) earned by controlled foreign corporations (“CFCs”) must be included currently in the gross income of the CFCs’ U.S. shareholder. Additionally, the Ninth Circuit Court of Appeals, or the Court, issued an opinion in Altera Corp. v. Commissioner addressing cost-sharing regulations governing stock-based compensation. On August 7, 2018, a newly constituted panel issued an order withdrawing the July 24, 2018 opinion to allow the reconstituted panel to confer on the appeal, and the case was reargued on October 16, 2018. The Court is expected to issue a final opinion. We are monitoring this case and any impact the final opinion could have on our financial and effective tax rate. Furthermore, due to shifting economic and political conditions, tax policies or rates in various jurisdictions may be subject to significant change.

34



We are exposed to the credit risk of our distribution channel partners and end-customers, which could result in material losses and negatively impact our operating results.

Most of our sales are on an open credit basis, with typical payment terms ranging from 30 to 90 days depending on local customs or conditions that exist in the sale location. If any of the distribution channel partners or end-customers responsible for a significant portion of our revenue becomes insolvent or suffers a deterioration in its financial or business condition and is unable to pay for our products, our results of operations could be harmed.

The sales price of our products and subscriptions may decrease, which may reduce our gross profits and adversely impact our financial results.

The sales prices for our products and subscriptions may decline for a variety of reasons, including competitive pricing pressures, discounts, a change in our mix of products and subscriptions, anticipation of the introduction of new products or subscriptions, or promotional programs. Competition continues to increase in the market segments in which we participate, and we expect competition to further increase in the future, thereby leading to increased pricing pressures. Larger competitors with more diverse product and service offerings may reduce the price of products or subscriptions that compete with ours or may bundle them with other products and subscriptions. Additionally, although we price our products and subscriptions worldwide in U.S. dollars (except in Japan), currency fluctuations in certain countries and regions may negatively impact actual prices that channel partners and end-customers are willing to pay in those countries and regions. Furthermore, we anticipate that the sales prices and gross profits for our products will decrease over product life cycles. We cannot guarantee that we will be successful in developing and introducing new offerings with enhanced functionality on a timely basis, or that our product and subscription offerings, if introduced, will enable us to maintain our prices and gross profits at levels that will allow us to achieve and maintain profitability.

Our reported financial results may be adversely affected by changes in accounting principles generally accepted in the United States.

Generally accepted accounting principles (“GAAP”) in the United States are subject to interpretation by the Financial Accounting Standards Board (“FASB”), the SEC and various bodies formed to promulgate and interpret appropriate accounting principles. A change in these principles or interpretations could have a significant effect on our reported financial results, and could affect the reporting of transactions completed before the announcement of a change. For example, in May 2014, the FASB issued Accounting Standards Update No. 2014-09 (Topic 606), Revenue from Contracts with Customers, which supersedes nearly all existing revenue recognition guidance under U.S. GAAP. We adopted Topic 606 effective January 1, 2018, applying the modified retrospective method to all contracts that were not completed as of January 1, 2018. This or other changes in accounting principles could adversely affect our financial results. See Note 2 of our Notes to the Consolidated Financial Statements included in Part II, Item 8 of this report regarding the effect of new accounting pronouncements on our financial statements. Any difficulties in implementing these pronouncements could cause us to fail to meet our financial reporting obligations, which could result in regulatory discipline and harm investors’ confidence in us.

Concentration of ownership among our existing executive officers, a small number of stockholders, directors and their affiliates may prevent new investors from influencing significant corporate decisions.

Our executive officers and directors, together with affiliated entities, own 27% of our outstanding common stock (45% if other holders of 5% or more of our outstanding common stock are also included) as of December 31, 2018. Accordingly, these stockholders, acting together, have significant influence over the election of our directors, over whether matters requiring stockholder approval are approved or disapproved and over our affairs in general. The interests of these stockholders could conflict with your interests. These stockholders may also have an interest in pursuing acquisitions, divestitures, financings or other transactions that, in their judgment, could enhance their investments, even though such transactions might involve risks to you. In addition, this concentration of ownership could have the effect of delaying or preventing a liquidity event such as a merger or liquidation of our company.

Certain stockholders could attempt to influence changes at the Company, which could adversely affect our operations, financial condition and the value of our common stock.

Our stockholders may from time-to-time seek to acquire a controlling stake in us, engage in proxy solicitations, advance stockholder proposals or otherwise attempt to effect changes. Campaigns by stockholders to effect changes at publicly-traded companies are sometimes led by investors seeking to increase short-term stockholder value through actions such as financial restructuring, increased debt, special dividends, stock repurchases or sales of assets or the entire company.

35


Responding to proxy contests and other actions by activist stockholders can be costly and time-consuming, and could disrupt our operations and divert the attention of our board of directors and senior management from the pursuit of our business strategies. These actions could adversely affect our operations, financial condition and the value of our common stock.

We may need to raise additional funds in future private or public offerings, and such funds may not be available on acceptable terms, if at all. If we do raise additional funds, existing stockholders will suffer dilution.

We may need to raise additional funds in private or public offerings, and these funds may not be available to us when we need them or on acceptable terms, if at all. If we raise additional funds through further issuances of equity or convertible debt securities, you could suffer significant dilution, and any new equity securities we issue could have rights, preferences and privileges superior to those of our then-existing capital stock. The 2016 Credit Facility, as well as any debt financing secured by us in the future could involve restrictive covenants relating to our capital raising activities and other financial and operational matters that may make it more difficult for us to obtain additional capital and to pursue business opportunities. If we cannot raise additional funds when we need them, our business and prospects could fail or be materially and adversely affected.

The price of our common stock has been and may continue to be volatile, and the value of your investment could decline.

Technology stocks have historically experienced high levels of volatility. The trading price of our common stock has been and is likely to continue to be volatile and subject to fluctuations in response to many factors, some of which are beyond our control and may not be related to our operating performance. These fluctuations could cause you to lose all or part of your investment in our common stock. Factors that could cause fluctuations in the trading price of our common stock include the following:

announcements of new products, services or technologies, commercial relationships, acquisitions or other events by us or our competitors;
price and volume fluctuations in the overall stock market from time to time;
significant volatility in the market price and trading volume of technology companies in general and of companies in our industry;
fluctuations in the trading volume of our shares or the size of our public float;
actual or anticipated changes or fluctuations in our results of operations;
whether our results of operations meet the expectations of securities analysts or investors;
actual or anticipated changes in the expectations of investors or securities analysts;
litigation or investigations involving us, our industry, or both;
regulatory developments in the United States, foreign countries or both;
general economic conditions and trends;
major catastrophic events;
sales of large blocks of our common stock; or
departures of key personnel.

In addition, if the market for technology stocks or the stock market in general experiences a loss of investor confidence, the trading price of our common stock could decline for reasons unrelated to our business, results of operations or financial condition. The trading price of our common stock might also decline in reaction to events that affect other companies in our industry even if these events do not directly affect us. In the past, following periods of volatility in the market price of a company’s securities, securities class action litigation has often been brought against that company. The price of our common stock has been highly volatile since our initial public offering (“IPO”) in March 2014. In January 2015, several substantially identical putative class action lawsuits alleging violations of securities laws were filed against us, our directors and certain of our executive officers and in June 2015, a related shareholder derivative action was filed. The consolidated securities class actions and the derivative action were settled in 2016 and dismissed in the first quarter of 2017. In March 2018, a putative class action lawsuit alleging violations of securities laws was filed against us and certain of our current and former executive officers, and in May 2018, a related shareholder derivative action was filed. In March 2018, the United States Securities and Exchange Commission began a private investigation into any securities laws violations by us or persons currently or formerly affiliated with us. Current or future securities litigation, including any related shareholder derivative litigation or investigation, could

36


result in substantial costs and divert our management’s attention and resources from our business. This could have a material adverse effect on our business, results of operations and financial condition.

Sales of substantial amounts of our common stock in the public markets, or the perception that such sales might occur, could reduce the price that our common stock might otherwise attain and may dilute your voting power and your ownership interest in us.

Sales of a substantial number of shares of our common stock in the public market, or the perception that such sales could occur, could adversely affect the market price of our common stock and may make it more difficult for you to sell your common stock at a time and price that you deem appropriate. As of December 31, 2018, there were approximately 4.1 million vested and exercisable options to purchase our common stock, in addition to the 74.3 million common shares outstanding as of such date. All outstanding shares and all shares issuable upon exercise of outstanding and vested options are freely tradable, subject in some cases to volume and other restrictions of Rules 144 and 701 under the Securities Act, as well as our insider trading policy. In addition, holders of certain shares of our outstanding common stock, including an aggregate of 9.5 million shares held by funds affiliated with Summit Partners, L.P. as of December 31, 2018 are entitled to rights with respect to registration of these shares under the Securities Act pursuant to an investors’ rights agreement.

If these holders of our common stock, by exercising their registration rights, sell a large number of shares, they could adversely affect the market price for our common stock. If we file a registration statement for the purposes of selling additional shares to raise capital and are required to include shares held by these holders pursuant to the exercise of their registration rights, our ability to raise capital may be impaired. Sales of substantial amounts of our common stock in the public market, or the perception that these sales could occur, could cause the market price of our common stock to decline.

We are an emerging growth company, and any decision on our part to comply only with certain reduced disclosure requirements applicable to emerging growth companies could make our common stock less attractive to investors.

We are an emerging growth company, and, for as long as we continue to be an emerging growth company, we may choose to take advantage of exemptions from various reporting requirements applicable to other public companies but not to “emerging growth companies,” including, but not limited to, not being required to have our independent registered public accounting firm audit our internal control over financial reporting under Section 404 of the Sarbanes-Oxley Act, reduced disclosure obligations regarding executive compensation in our periodic reports and proxy statements, and exemptions from the requirements of holding a nonbinding advisory vote on executive compensation and stockholder approval of any golden parachute payments not previously approved. We could be an emerging growth company for up to five years following the completion of our initial public offering. We will remain an emerging growth company until the earliest of: (a) the last day of the year (i) following the fifth anniversary of the completion of the initial public offering, (ii) in which we have total annual gross revenue of at least $1.07 billion, or (iii) in which we qualify as a large accelerated filer, which means the market value of our common stock that is held by non-affiliates exceeds $700 million as of the prior June 30, or (b) the date on which we have issued more than $1.0 billion in non-convertible debt securities during the prior three-year period. We cannot predict if investors will find our common stock less attractive if we choose to rely on these exemptions. If some investors find our common stock less attractive as a result of any choices to reduce future disclosure, there may be a less active trading market for our common stock and the price of our common stock may be more volatile.

Under the JOBS Act, emerging growth companies can also delay adopting new or revised accounting standards until such time as those standards apply to private companies. We have irrevocably elected not to avail ourselves of this accommodation allowing for delayed adoption of new or revised accounting standards, and, therefore, we will be subject to the same new or revised accounting standards as other public companies that are not emerging growth companies.

Effective December 31, 2019, we will no longer be an “emerging growth company,” and the reduced disclosure requirements applicable to “emerging growth companies” will no longer apply, which will increase our costs as a result of compliance requirements with Section 404 of the Sarbanes-Oxley Act and increased demands on management.

Effective December 31, 2019, we will lose our status as an “emerging growth company” as defined in the JOBS Act. As such, we will incur significant additional expenses that we did not previously incur in complying with the Sarbanes-Oxley Act and rules implemented by the SEC. Once we are no longer an “emerging growth company,” the cost of compliance with Section 404 will require us to incur substantial accounting expense and expend significant management time on compliance-related issues as we implement additional corporate governance practices and comply with reporting requirements. Moreover, if we or our independent registered public accounting firm deems current or future deficiencies in our internal control over financial reporting to be material weaknesses, we may be required to make prospective or retroactive changes to our financial statements, consider other areas for further attention or improvement, or be unable to obtain the required attestation in a timely

37


manner, if at all. In addition, the market price of our stock could decline and we could be subject to sanctions or investigations by the SEC or other regulatory authorities, which would require additional financial and management resources.

We are obligated to implement and maintain effective internal control over financial reporting. As of December 31, 2018 and December 31, 2017, we concluded that our internal control over financial reporting and our disclosure controls and procedures were not effective. In the future, we may again not complete our analysis of our internal control over financial reporting in a timely manner, or our internal control over financial reporting may not be determined to be effective, or we may discover significant deficiencies or material weaknesses in our internal control over financial reporting, all of which may adversely affect investor confidence in our company and, as a result, the value of our common stock.

We are required, pursuant to the Exchange Act, to furnish a report by management on, among other things, the effectiveness of our internal control over financial reporting for each fiscal year. This assessment will need to include disclosure of any material weaknesses identified by our management in our internal control over financial reporting.

We have, in the past, experienced and are currently experiencing issues with our internal control over financial reporting. We have discovered and it is possible that we may discover in the future significant deficiencies or material weaknesses in our internal control over financial reporting. Current significant deficiencies and material weaknesses have resulted in a restatement of certain of our financial reports, as disclosed in Item 9A, “Controls and Procedures,” of our Annual Report on Form 10-K for the year ended December 31, 2017. If, in any future reporting periods, we are unable to conclude that our internal control over financial reporting is effective, or if we are required to restate our financial statements as a result of ineffective internal control over financial reporting, we could lose investor confidence in the accuracy and completeness of our financial reports, which would cause the price of our common stock to decline.

We are required to disclose material changes made in our internal control and procedures on a quarterly basis. However, our independent registered public accounting firm will not be required to attest to the effectiveness of our internal control over financial reporting pursuant to Section 404 of the Sarbanes-Oxley Act until December 31, 2019, when we will no longer be an emerging growth company as defined in the JOBS Act, if we take advantage of the exemptions contained in the JOBS Act. To comply with these requirements, we may need to undertake various actions, such as implementing new internal controls and procedures and hiring accounting or internal audit staff.

If securities or industry analysts do not publish research or reports about our business, or publish inaccurate or unfavorable research reports about our business, our share price and trading volume could decline.

The market for our common stock, to some extent, depends on the research and reports that securities or industry analysts publish about us or our business. We do not have any control over these analysts. If one or more of the analysts who cover us should downgrade our shares or change their opinion of our shares, our share price would likely decline. If one or more of these analysts should cease coverage of our company or fail to regularly publish reports on us, we could lose visibility in the financial markets, which would cause our share price or trading volume to decline.

Our charter documents and Delaware law could discourage takeover attempts and lead to management entrenchment.

Our restated certificate of incorporation and bylaws contain provisions that could delay or prevent a change in control of our company. These provisions could also make it difficult for stockholders to elect directors that are not nominated by the current members of our board of directors or take other corporate actions, including effecting changes in our management. These provisions include:

a classified board of directors with three-year staggered terms, with declassification phasing in over a period of three years, beginning with the 2018 annual meeting of stockholders, which could delay the ability of stockholders to change the membership of a majority of our board of directors until our board of directors is completely declassified;

the ability of our board of directors to issue shares of preferred stock and to determine the price and other terms of those shares, including preference and voting rights, without stockholder approval, which could be used to significantly dilute the ownership of a hostile acquirer;

the exclusive right of our board of directors to elect a director to fill a vacancy created by the expansion of our board of directors or the resignation, death or removal of a director, which prevents stockholders from being able to fill vacancies on our board of directors;


38


a prohibition on stockholder action by written consent, which forces stockholder action to be taken at an annual or special meeting of our stockholders;

the requirement that a special meeting of stockholders may be called only by the chairman of our board of directors, our Chief Executive Officer, our secretary, or a majority vote of our board of directors, which could delay the ability of our stockholders to force consideration of a proposal or to take action, including the removal of directors;

the requirement for the affirmative vote of holders of at least 66-2/3% of the voting power of all of the then-outstanding shares of the voting stock, voting together as a single class, to amend the provisions of our restated certificate of incorporation relating to the issuance of preferred stock and management of our business or our bylaws, which may inhibit the ability of an acquirer to effect such amendments to facilitate an unsolicited takeover attempt;

the ability of our board of directors, by majority vote, to amend the bylaws, which may allow our board of directors to take additional actions to prevent an unsolicited takeover and inhibit the ability of an acquirer to amend the bylaws to facilitate an unsolicited takeover attempt; and

advance notice procedures with which stockholders must comply to nominate candidates to our board of directors or not to propose matters to be acted upon at a stockholders’ meeting, which may discourage or deter a potential acquirer from conducting a solicitation of proxies to elect the acquiror’s own slate of directors or otherwise attempting to obtain control of us.

In addition, as a Delaware corporation, we are subject to Section 203 of the Delaware General Corporation Law. These provisions may prohibit large stockholders, in particular those owning 15% or more of our outstanding voting stock, from merging or combining with us for a certain period of time.

Our business is subject to the risks of earthquakes, fire, power outages, floods, and other catastrophic events, and to interruption by man-made problems such as acts of war and terrorism.

A significant natural disaster, such as an earthquake, fire, a flood, or significant power outage could have a material adverse impact on our business, operating results, and financial condition. Our corporate headquarters are located in the San Francisco Bay Area, a region known for seismic activity. In addition, our two primary manufacturers are located in Taiwan, which is near major earthquake fault lines and subject to typhoons during certain times of the year. In the event of a major earthquake or typhoon, or other natural or man-made disaster, our manufacturers in Taiwan may face business interruptions, which may impact quality assurance, product costs, and product supply and timing. In the event our or our service providers’ information technology systems or manufacturing or logistics abilities are hindered by any of the events discussed above, shipments could be delayed, resulting in missed financial targets, such as revenue and shipment targets, and our operations could be disrupted, for the affected quarter or quarters. In addition, cyber security attacks, acts of war or terrorism, or other geo-political unrest could cause disruptions in our business or the business of our supply chain, manufacturers, logistics providers, partners, or end-customers or the economy as a whole. Any disruption in the business of our supply chain, manufacturers, logistics providers, partners or end-customers that impacts sales at the end of a quarter could have a significant adverse impact on our quarterly results. All of the aforementioned risks may be further increased if the disaster recovery plans for us and our suppliers prove to be inadequate. To the extent that any of the above should result in delays or cancellations of customer orders, or the delay in the manufacture, deployment or shipment of our products, our business, financial condition and operating results would be adversely affected.

We do not intend to pay dividends for the foreseeable future.

We intend to retain any earnings to finance the operation and expansion of our business, and we do not anticipate paying any cash dividends in the future. In addition, the 2016 Credit Facility currently restricts our ability to pay cash dividends while this facility remains outstanding. As a result, you may only receive a return on your investment in our common stock if the value of our common stock increases.


Item 1B. Unresolved Staff Comments

None.


39



Item 2. Properties

Our corporate headquarters is located in San Jose, California, where we currently lease 79,803 square feet of space under a lease agreement that expires on January 31, 2020. We also lease space for offices internationally and for sales offices in locations throughout the United States and various international locations, including, among others, China, Japan, the United Kingdom, the Netherlands, Taiwan, Korea, Singapore and India. We believe that our current facilities are adequate to meet our current needs. We intend to expand our facilities or add new facilities as we add employees and enter new geographic markets. We believe that alternative or additional space suitable for our requirements will be available as needed to accommodate ongoing operations and any such growth. We do however expect to incur additional expenses in connection with any such new or expanded facilities.


Item 3. Legal Proceedings

We have been and may currently be involved in various legal proceedings, the outcomes of which are not within our complete control or may not be known for prolonged periods of time. Management is required to assess the probability of loss and amount of such loss, if any, in preparing our consolidated financial statements. We evaluate the likelihood of a potential loss from legal proceedings to which we are a party. We record a liability for such claims when a loss is deemed probable and the amount can be reasonably estimated. Significant judgment may be required in the determination of both probability and whether an exposure is reasonably estimable. Our judgments are subjective based on the status of the legal proceedings, the merits of our defenses and consultation with in-house and outside legal counsel. As additional information becomes available, we reassess the potential liability related to pending claims and may revise our estimates. Due to the inherent uncertainties of the legal processes in the multiple jurisdictions in which we operate, our judgments may be materially different than the actual outcomes, which could have material adverse effects on our business, financial conditions and results of operations.

Additional information with respect to this Item may be found in Note 6. Commitments and Contingencies, in the notes to consolidated financial statements in Part II, Item 8 of this Annual Report on Form 10-K, which is incorporated by reference.


Item 4. Mine Safety Disclosure

Not applicable.



40


PART II

Item 5. Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities

Market for Registrant’s Common Equity
Our common stock has been quoted on the New York Stock Exchange (“NYSE”) under the symbol “ATEN.”

There were approximately 130 stockholders of record on February 28, 2019. Because many shares of our common stock are held by brokers and other institutions on behalf of stockholders, we are unable to estimate the total number of stockholders represented by these holders of record.

Company Stock Performance
The following graph compares the cumulative total return on our common stock, the NASDAQ Composite Index and the Russell 1000 Index. The graph assumes $100 was invested on March 21, 2014 in our common stock and each index and all dividends were reinvested. The historic stock price performance is not necessarily indicative of future stock price performance.
chart-a1df6913ce88efc53bf.jpg
Issuer Purchases of Equity Securities
On October 23, 2017, our board of directors authorized a share repurchase program for up to $20.0 million of our common stock over 12 months. No shares were repurchased under this program through its expiration in October 2018.

Unregistered Sales of Equity Securities
None.


41


Item 6. Selected Financial Data

We have derived the consolidated statement of operations data for the years ended December 31, 2018, 2017 and 2016 and the selected consolidated balance sheet data as of December 31, 2018 and 2017 from our audited consolidated financial statements that are included in this Form 10-K. The following selected consolidated statement of operations data for the years ended December 31, 2015 and 2014 and the selected consolidated balance sheet data as of December 31, 2016, 2015 and 2014 are derived from our audited consolidated financial statements that are not included in this report.

Our historical operating results are not necessarily indicative of future operating results, these selected consolidated financial data should be read in conjunction with the consolidated financial statements and accompanying notes in Part II, Item 8, and Management’s Discussion and Analysis of Financial Condition and Results of Operations in Part II, Item 7 included in this report. In addition, the amounts as of and for the year ended December 31, 2018 have been prepared based on our adoption of Accounting Standards Codification (“ASC”) No. 606, Contracts with Customers. We elected to adopt this accounting standard on a modified retrospective basis which resulted in the impact of adoption being recorded as of January 1, 2018. The amounts in all other years, other than 2018, in the tables below have been prepared on the previously outstanding guidance on revenue recognition. We have disclosed the ASC 606 adoption impact on our revenue recognition in Note 2 of the audited consolidated financial statements included in Part II, Item 8 of this report.
 
 
Years Ended December 31,
(in thousands, except per share amounts)
 
2018
 
2017
 
2016
 
2015
 
2014
Consolidated Statement of Operations Data:
 
 
 
 
 
 
 
 
 
 
Revenue
 
$
232,223

 
$
235,429

 
$
227,297

 
$
196,285

 
$
179,507

Cost of revenue
 
$
51,896

 
$
53,318

 
$
54,413

 
$
48,402

 
$
42,937

Gross profit
 
$
180,327

 
$
182,111

 
$
172,884

 
$
147,883

 
$
136,570

Loss from operations
 
$
(27,679
)
 
$
(10,372
)
 
$
(20,570
)
 
$
(40,309
)
 
$
(30,271
)
Net loss
 
$
(27,617
)
 
$
(10,751
)
 
$
(22,391
)
 
$
(41,897
)
 
$
(35,870
)
Net loss per share: basic and diluted
 
$
(0.38
)
 
$
(0.15
)
 
$
(0.34
)
 
$
(0.67
)
 
$
(0.74
)
Weighted-average shares used in computing net loss per share: basic and diluted
 
72,882

 
70,053

 
65,701

 
62,428

 
48,682

 
 
 
 
 
 
 
 
 
 
 
Consolidated Balance Sheet Data:
 
 
 
 
 
 
 
 
 
 
Cash, cash equivalents and marketable securities
 
$
128,375

 
$
131,134

 
$
114,347

 
$
98,117

 
$
91,905

Working capital
 
$
117,572

 
$
111,076

 
$
95,285

 
$
89,550

 
$
100,656

Total assets
 
$
235,876

 
$
224,858

 
$
216,733

 
$
189,892

 
$
186,980

Deferred revenue (current and non-current)
 
$
97,966

 
$
94,637

 
$
91,617

 
$
72,008

 
$
57,220

Total stockholders’ equity
 
$
103,883

 
$
98,386

 
$
82,752

 
$
78,205

 
$
96,565




42


Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations

The following discussion and analysis of our financial condition and results of operations (“MD&A”) should be read in conjunction with our consolidated financial statements and related notes included elsewhere in this document. In addition to historical information, the MD&A contains forward-looking statements that involve risks and uncertainties. These forward-looking statements include, but are not limited to, those matters discussed under the heading “Forward-looking Statements.” Our actual results could differ materially from those anticipated by these forward‑looking statements due to various factors, including, but not limited to, those set forth under Item 1A. Risk Factors of this Form 10-K and elsewhere in this document.

Overview

We are a leading provider of secure application solutions and services that enable a new generation of intelligently connected companies with the ability to continuously improve cyber protection and digital responsiveness across dynamic Information Technology (“IT”) and network infrastructures. Our portfolio of software and hardware solutions combines industry-leading performance and scale with advanced intelligent automation, machine learning, data driven analytics, and threat intelligence to ensure security and availability of customer applications across their multi-cloud and mobile infrastructure
networks, including on-premise, private and public clouds. As the cyber threat landscape intensifies and network architectures evolve, we are committed to providing customers with greater connected intelligence to improve the security, visibility, automation, availability, flexibility, management and performance of their applications. Our customers include leading cloud providers, web-scale businesses, service providers, government organizations and enterprises.

Our product portfolio seeks to address many of the aforementioned challenges and solution requirements. The portfolio consists of six secure application solutions; Thunder Application Delivery Controller (“ADC”), Lightning Application Delivery Controller (“Lightning ADC”), Thunder Carrier Grade Networking (“CGN”), Thunder Threat Protection System (“TPS”), Thunder SSL Insight (“SSLi”) and Thunder Convergent Firewall (“CFW”) and intelligent management, and automation tools; Harmony Controller and aGalaxy TPS. Our products are offered in a variety of form factors and payment models, including physical appliances and perpetual and subscription based software licenses, as well as pay-as-you-go licensing models and FlexPool, a flexible consumption-based software model.

We derive revenue from sales of products and related support services. Products revenue is generated primarily by sales of hardware appliances with perpetual licenses to our embedded software solutions. We also derive revenue from licenses to, or subscription services for, software-only versions of our solutions. We generate services revenue primarily from sales of maintenance and support contracts. Our customers predominantly purchase maintenance and support in conjunction with purchases of our products. In addition, we also derive revenue from the sale of professional services.

We sell our products globally to service providers, enterprises and web giants that depend on data center applications and networks to generate revenue and manage operations efficiently. In 2018, we changed the way we present revenue by customer vertical. We now report three customer verticals: service providers, enterprises and web giants compared to only service providers and enterprises in prior years. We believe this new presentation will provide more transparency into our exposure to web giant revenue which was previously primarily accounted for in enterprise revenue. The revenue by vertical percentages from prior years included in this report have been revised to conform with current year presentation. Our end-customers operate in a variety of industries, including telecommunications, technology, industrial, retail, financial, gaming, education and government. Since inception, our customer base has grown rapidly. As of December 31, 2018, we had sold products to approximately 6,000 end customers across 117 countries.

We sell substantially all of our solutions through our high-touch sales organization as well as distribution channel partners, including distributors, value-added resellers and system integrators, and fulfill nearly all orders globally through such partners. We believe this sales approach allows us to obtain the benefits of channel distribution, such as expanding our market coverage, while still maintaining face-to-face relationships with our end-customers. We outsource the manufacturing of our hardware products to original design manufacturers. We perform quality assurance and testing at our San Jose, Taiwan and Japan distribution centers, as well as at our manufacturers’ locations.

During 201845% of our total revenue was generated from the United States, 24% from Japan and 31% from other geographical regions. During 201749% of our total revenue was generated from the United States, 22% from Japan and 29% from other geographical regions. During 2016, 51% of our total revenue was generated from the United States, 23% from Japan and 26% from other geographical regions. Our enterprise customers accounted for 39%, 39% and 41% of our total revenue during 2018, 2017 and 2016, respectively. Our service provider customers accounted for 43%, 47% and 48% of our

43


total revenue during 2018, 2017 and 2016, respectively. Our web giant customers accounted for 18%, 14% and 11% of our total revenue during 2018, 2017 and 2016, respectively.

As a result of the nature of our target market and the current stage of our development, a substantial portion of our revenue comes from a limited number of large customers, including service providers and web giants, in any period. Purchases from our ten largest end-customers accounted for 37%, 35% and 36% of our total revenue for 2018, 2017 and 2016, respectively. Sales to these large end-customers have typically been characterized by large but irregular purchases with long sales cycles. The timing of these purchases and the delivery of the purchased products are difficult to predict. Consequently, any acceleration or delay in anticipated product purchases by or deliveries to our largest customers could materially impact our revenue and operating results in any quarterly period. This may cause our quarterly revenue and operating results to fluctuate from quarter to quarter and make them difficult to predict.

As of December 31, 2018, we had $40.6 million of cash and cash equivalents and $87.8 million of marketable securities. Cash used in operating activities was $2.7 million in 2018 compared to $14.3 million of cash provided by operating activities last year.

We intend to continue to invest for long-term growth. We have invested and expect to continue to invest in our product development efforts to deliver new products and additional features in our current products to address customer needs. In addition, we may expand our global sales and marketing organizations, expand our distribution channel partner programs and increase awareness of our solutions on a global basis. Our investments in growth in these areas may affect our short-term profitability.



44


Results of Operations

A summary of our consolidated statements of operations for the year ended December 31, 2018, 2017 and 2016 are as follows (dollars in thousands):
 
Years Ended December 31,
 
 
 
 
 
2018
 
2017
 
Increase (Decrease)
 
Amount
 
Percent of Total Revenue
 
Amount
 
Percent of Total Revenue
 
Amount
 
Percent
Revenue:
 

 
 
 
 

 
 
 
 
 
 
Products
$
144,682

 
62.3
 %
 
$
149,903

 
63.7
 %
 
$
(5,221
)
 
(3.5
)%
Services
87,541

 
37.7

 
85,526

 
36.3

 
2,015

 
2.4
 %
Total revenue
232,223

 
100.0

 
235,429

 
100.0

 
(3,206
)
 
(1.4
)%
Cost of revenue:
 

 
 
 
 

 
 
 
 
 
 
Products
34,066

 
14.7

 
36,269

 
15.4

 
(2,203
)
 
(6.1
)%
Services
17,830

 
7.6

 
17,049

 
7.2

 
781

 
4.6
 %
Total cost of revenue
51,896

 
22.3

 
53,318

 
22.6

 
(1,422
)
 
(2.7
)%
Gross profit
180,327

 
77.7

 
182,111

 
77.4

 
(1,784
)
 
(1.0
)%
Operating expenses:
 

 
 
 
 

 
 
 
 
 
 
Sales and marketing
103,214

 
44.4

 
101,360

 
43.1

 
1,854

 
1.8
 %
Research and development
65,157

 
28.1

 
62,991

 
26.8

 
2,166

 
3.4
 %
General and administrative
39,635

 
17.1

 
28,132

 
11.9

 
11,503

 
40.9
 %
Total operating expenses
208,006

 
89.6

 
192,483

 
81.8

 
15,523

 
8.1
 %
Loss from operations
(27,679
)
 
(11.9
)
 
(10,372
)
 
(4.4
)
 
(17,307
)
 
(166.9
)%
Non-operating income (expense):
 

 
 
 
 

 
 
 
 
 
 
Interest expense
(129
)
 
(0.1
)
 
(162
)
 

 
33

 
20.4
 %
Interest and other income (expense), net
1,273

 
0.6

 
989

 
0.3

 
284

 
28.7
 %
Total non-operating income (expense), net
1,144

 
0.5

 
827

 
0.3

 
317

 
38.3
 %
Loss before income taxes
(26,535
)
 
(11.4
)
 
(9,545
)
 
(4.1
)
 
(16,990
)
 
(178.0
)%
Provision for income taxes
1,082

 
0.5

 
1,206

 
0.5

 
(124
)
 
(10.3
)%
Net loss
$
(27,617
)
 
(11.9
)%
 
$
(10,751
)
 
(4.6
)%
 
$
(16,866
)
 
(156.9
)%
 
 
 
 
 
 
 
 
 
 
 
 



45


 
Years Ended December 31,
 
 
 
 
 
2017
 
2016
 
Increase (Decrease)
 
Amount
 
Percent of Total Revenue
 
Amount
 
Percent of Total Revenue
 
Amount
 
Percent
Revenue:
 
 
 
 
 

 
 
 
 
 
 
Products
$
149,903

 
63.7
 %
 
$
152,308

 
67.0
 %
 
$
(2,405
)
 
(1.6
)%
Services
85,526

 
36.3

 
74,989

 
33.0

 
10,537

 
14.1
 %
Total revenue
235,429

 
100.0

 
227,297

 
100.0

 
8,132

 
3.6
 %
Cost of revenue:
 

 
 
 
 

 
 
 
 
 
 
Products
36,269

 
15.4

 
37,520

 
16.5

 
(1,251
)
 
(3.3
)%
Services
17,049

 
7.2

 
16,893

 
7.4

 
156

 
0.9
 %
Total cost of revenue
53,318

 
22.6

 
54,413

 
23.9

 
(1,095
)
 
(2.0
)%
Gross profit
182,111

 
77.4

 
172,884

 
76.1

 
9,227

 
5.3
 %
Operating expenses:
 

 
 
 
 

 
 
 
 
 
 
Sales and marketing
101,360

 
43.1

 
104,360

 
45.9

 
(3,000
)
 
(2.9
)%
Research and development
62,991

 
26.8

 
60,700

 
26.7

 
2,291

 
3.8
 %
General and administrative
28,132

 
11.9

 
26,305

 
11.6

 
1,827

 
6.9
 %
Litigation settlement expense

 

 
2,089

 
0.9

 
(2,089
)
 
(100.0
)%
Total operating expenses
192,483

 
81.8

 
193,454

 
85.1

 
(971
)
 
(0.5
)%
Loss from operations
(10,372
)
 
(4.4
)
 
(20,570
)
 
(9.0
)
 
10,198

 
49.6
 %
Non-operating income (expense):
 

 
 
 
 

 
 
 
 
 
 
Interest expense
(162
)
 

 
(424
)
 
(0.2
)
 
262

 
61.8
 %
Interest and other income (expense), net
989

 
0.3

 
(640
)
 
(0.3
)
 
1,629

 
254.5
 %
Total non-operating income (expense), net
827

 
0.3

 
(1,064
)
 
(0.5
)
 
1,891

 
177.7
 %
Loss before income taxes
(9,545
)
 
(4.1
)
 
(21,634
)
 
(9.5
)
 
12,089

 
55.9
 %
Provision for income taxes
1,206

 
0.5

 
757

 
0.4

 
449

 
59.3
 %
Net loss
$
(10,751
)
 
(4.6
)%
 
$
(22,391
)
 
(9.9
)%
 
$
11,640

 
52.0
 %
 
 
 
 
 
 
 
 
 
 
 
 


Revenue

Our products revenue primarily consists of revenue from sales of our hardware appliances upon which our software is installed. Such software includes our ACOS software platform plus one or more of our ADC, CGN, TPS, SSLi or CFW solutions. Purchase of a hardware appliance includes a perpetual license to the included software. We recognize products revenue upon transfer of control, generally at the time of shipment, provided that all other revenue recognition criteria have been met. As a percentage of revenue, our products revenue may vary from quarter to quarter based on, among other things, the timing of orders and delivery of products, cyclicality and seasonality, changes in currency exchange rates and the impact of significant transactions with unique terms and conditions.

We generate services revenue from sales of post contract support (“PCS”), which is bundled with sales of products and professional services. We offer tiered PCS services under renewable, fee-based PCS contracts, primarily including technical support, hardware repair and replacement parts, and software upgrades on a when-and-if-available basis. We recognize services revenue ratably over the term of the PCS contract, which is typically one year, but can be up to five years.

Our adoption of ASC 606, the new revenue recognition guidance, in January 2018 resulted in a $2.6 million increase in products revenue in 2018. See Note 2 of the Notes to Consolidated Financial Statements in Part II, Item 8 of this report for additional information.


46


A summary of our total revenue is as follows (dollars in thousands):
 
Years Ended December 31,
 
 
 
2018
 
2017
 
Increase (Decrease)
 
Amount
 
Percent of Total Revenue
 
Amount
 
Percent of Total Revenue
 
Amount
 
Percent
Revenue:
 
 
 
 
 
 
 
 
 
 
 
Products
$
144,682

 
62
%
 
$
149,903

 
64
%
 
$
(5,221
)
 
(3
)%
Services
87,541

 
38

 
85,526

 
36

 
2,015

 
2
 %
Total revenue
$
232,223

 
100
%
 
$
235,429

 
100
%
 
$
(3,206
)
 
(1
)%
Revenue by geographic region:
 

 
 
 
 

 
 
 
 

 
 
United States
$
103,791

 
45
%
 
$
115,536

 
49
%
 
$
(11,745
)
 
(10
)%
Japan
55,205

 
24

 
51,488

 
22

 
3,717

 
7
 %
Asia Pacific, excluding Japan
36,897

 
16

 
33,189

 
14

 
3,708

 
11
 %
EMEA
27,615

 
12

 
27,859

 
12

 
(244
)
 
(1
)%
Latin America
8,715

 
3

 
7,357

 
3

 
1,358

 
18
 %
Total revenue
$
232,223

 
100
%
 
$
235,429

 
100
%
 
$
(3,206
)
 
(1
)%
 
 
 
 
 
 
 
 
 
 
 
 

 
Years Ended December 31,
 
 
 
2017
 
2016
 
Increase (Decrease)
 
Amount
 
Percent of Total Revenue
 
Amount
 
Percent of Total Revenue
 
Amount
 
Percent
Revenue:
 
 
 
 
 
 
 
 
 
 
 
Products
$
149,903

 
64
%
 
$
152,308

 
67
%
 
$
(2,405
)
 
(2
)%
Services
85,526

 
36

 
74,989

 
33

 
10,537

 
14
 %
Total revenue
$
235,429

 
100
%
 
$
227,297

 
100
%
 
$
8,132

 
4
 %
Revenue by geographic region:
 

 
 
 
 

 
 
 
 

 


United States
$
115,536

 
49
%
 
$
115,706

 
51
%
 
$
(170
)
 
 %
Japan
51,488

 
22

 
52,951

 
23

 
(1,463
)
 
(3
)%
Asia Pacific, excluding Japan
33,189

 
14

 
29,829

 
13

 
3,360

 
11
 %
EMEA
27,859

 
12

 
23,669

 
10

 
4,190

 
18
 %
Latin America
7,357

 
3

 
5,142

 
3

 
2,215

 
43
 %
Total revenue
$
235,429

 
100
%
 
$
227,297

 
100
%
 
$
8,132

 
4
 %
 
 
 
 
 
 
 
 
 
 
 
 

2018 Revenue Compared to 2017 Revenue

Total revenue decreased by $3.2 million, or 1%, in 2018 compared to 2017. This decrease was due to a $5.2 million decrease in products revenue, partially offset by a $2.0 million increase in services revenue. The decrease in products revenue was primarily driven by lower demand from our service provider customers in the United States. Revenue from web giant customers increased 26% and revenue from service provider customers decreased 10% in 2018 compared to 2017. Revenue from enterprise customers remained relatively constant in 2018 compared to 2017.

Products revenue decreased $5.2 million, or 3%, in 2018 compared to 2017 primarily driven by lower demand from our service provider customers in the United States, as well as decreases from EMEA, offset in part by a $2.6 million increase from the adoption of ASC 606 in 2018 and by the increase in products revenue primarily from Japan and Asia Pacific. See Note 2 of the Notes to Consolidated Financial Statements in Part II, Item 8 of this report for additional information related to our adoption of ASC 606.

47



Services revenue increased $2.0 million, or 2%, in 2018 compared to 2017. The increases were primarily attributable to the increase in PCS sales in connection with our increased installed customer base.

During 2018$103.8 million, or 45% of total revenue, was generated from the United States, which represents a 10% decrease compared to 2017. The decrease was primarily due to lower products revenue driven by lower demand from our service providers in the United States.

During 2018$55.2 million, or 24% of total revenue, was generated from Japan, which represents a 7% increase compared to 2017. The increase was mainly due to higher products revenue driven primarily by higher demand from our service providers in Japan.

During 2018$36.9 million, or 16% of total revenue, was generated from the Asia Pacific region excluding Japan, which represents a 11% increase compared to 2017. The increase was driven primarily by higher products revenue as well as higher services revenue from PCS sales in connection with our increased installed customer base.

During 2018$27.6 million, or 12% of total revenue, was generated from EMEA, which remained relatively consistent from 2017.
 
2017 Revenue Compared to 2016 Revenue

Total revenue increased $8.1 million, or 4%, in 2017 compared to 2016, due to a $10.5 million increase in services revenue, partially offset by a $2.4 million decrease in products revenue. Revenue from web giant and service provider customers increased 35% and 2%, respectively, in 2017 compared to 2016. Revenue from enterprise customers decreased 3% in 2017 compared to 2016.

Products revenue decreased $2.4 million, or 2%, in 2017 compared to 2016, which is primarily attributable to decreases from the United States and Japan, partially offset by increases from EMEA and Asia Pacific excluding Japan. Products revenue from service provider and enterprise customers increased 11% and decreased 11%, respectively, in 2017 compared to 2016.

Services revenue increased $10.5 million, or 14%, in 2017 compared to 2016, which is primarily attributable to the increase in PCS sales in connection with our increased installed customer base. During 2017, services revenue recognized from our installed customer base with contracts existing at the beginning of the year grew by 19% compared to the same measure in 2016. Services revenue from service provider and enterprise customers increased 11% and 16%, respectively, in 2017 compared to 2016.

During 2017, $115.5 million, or 49%, of total revenue was generated from the United States, which remained relatively constant compared to 2016. The decrease in products revenue was partially offset by higher services revenue attributable to the increase PCS sales in connection with our increased installed customer base.

During 2017$51.5 million, or 22%, of total revenue was generated from Japan, which represents a 3% decrease in revenue compared to 2016. The decrease in products revenue was partially offset by higher services revenue attributable to the increase PCS sales in connection with our increased installed customer base.

During 2017$33.2 million, or 14%, of total revenue was generated from the Asia Pacific regions excluding Japan, which represents a 11% increase in revenue compared to 2016. The increase was due to higher products revenue and higher services revenue from PCS sales in connection with our increased installed customer base.

During 2017$27.9 million, or 12%, of total revenue was generated from EMEA, which represents a 18% increase in revenue compared to 2016. The increase was due to higher products revenue and higher services revenue from PCS sales in connection with our increased installed customer base.


48


Cost of Revenue, Gross Profit and Gross Margin

Cost of revenue
Cost of products revenue is primarily comprised of cost of third-party manufacturing services and cost of inventory for the hardware component of our products. Cost of products revenue also includes warehouse personnel costs, shipping costs, inventory write-downs, certain allocated facilities and information technology infrastructure costs, and expenses associated with logistics and quality control.

Cost of services revenue is primarily comprised of personnel costs for our technical support, training and professional service teams. Cost of services revenue also includes the costs of inventory used to provide hardware replacements to end- customers under PCS contracts and certain allocated facilities and information technology infrastructure costs.

A summary of our cost of revenue is as follows (dollars in thousands):
 
Years Ended December 31,
 
Increase (Decrease)
 
2018
 
2017
 
Amount
 
Percent
Cost of revenue:
 
 
 
 
 
 
 
Products
$
34,066

 
$
36,269

 
$
(2,203
)
 
(6
)%
Services
17,830

 
17,049

 
781

 
5
 %
Total cost of revenue
$
51,896

 
$
53,318

 
$
(1,422
)
 
(3
)%
 
 
 
 
 
 
 
 

 
Years Ended December 31,
 
Increase (Decrease)
 
2017
 
2016
 
Amount
 
Percent
Cost of revenue:
 
 
 
 
 
 
 
Products
$
36,269

 
$
37,520

 
$
(1,251
)
 
(3
)%
Services
17,049

 
16,893

 
156

 
1
 %
Total cost of revenue
$
53,318

 
$
54,413

 
$
(1,095
)
 
(2
)%
 
 
 
 
 
 
 
 

Gross Margin
Gross margin may vary and be unpredictable from period to period due to a variety of factors. These may include the mix of revenue from each of our regions, the mix of our products sold within a period, discounts provided to customers, inventory write-downs and foreign currency exchange rates.

Our sales are generally denominated in U.S. dollars, however, in Japan they are denominated in Japanese yen.

Any of the factors noted above can generate either a favorable or unfavorable impact on gross margin.

A summary of our gross profit and gross margin is as follows (dollars in thousands):
 
Years Ended December 31,
 
 
 
2018
 
2017
 
Increase (Decrease)
 
Amount
 
Gross Margin
 
Amount
 
Gross Margin
 
Amount
 
Gross Margin
Gross profit:
 

 
 

 
 

 
 

 
 

 
 

Products
$
110,616

 
76.5
%
 
$
113,634

 
75.8
%
 
$
(3,018
)
 
0.7
 %
Services
69,711

 
79.6
%
 
68,477

 
80.1
%
 
1,234

 
(0.5
)%
Total gross profit
$
180,327

 
77.7
%
 
$
182,111

 
77.4
%
 
$
(1,784
)
 
0.3
 %
 
 
 
 
 
 
 
 
 
 
 
 


49


 
Years Ended December 31,
 
 
 
2017
 
2016
 
Increase (Decrease)
 
Amount
 
Gross Margin
 
Amount
 
Gross Margin
 
Amount
 
Gross Margin
Gross profit:
 

 
 

 
 

 
 

 
 

 
 

Products
$
113,634

 
75.8
%
 
$
114,788

 
75.4
%
 
$
(1,154
)
 
0.4
%
Services
68,477

 
80.1
%
 
58,096

 
77.5
%
 
10,381

 
2.6
%
Total gross profit
$
182,111

 
77.4
%
 
$
172,884

 
76.1
%
 
$
9,227

 
1.3
%
 
 
 
 
 
 
 
 
 
 
 
 

2018 Gross Margin Compared to 2017 Gross Margin

Products gross margin increased 0.7% in 2018 compared to 2017 primarily driven by a favorable impact from our product mix.

Services gross margin decreased 0.5% in 2018 compared to 2017 primarily due to higher costs of inventory used to provide hardware replacements to end customers under PCS contracts and higher personnel related support costs.

2017 Gross Margin Compared to 2016 Gross Margin

Products gross margin increased by 0.4% in 2017 compared to 2016 primarily due to the favorable impact as a result of lower inventory reserve for excess and obsolete products, partially offset by unfavorable geographic revenue mix. We had less sales from geographic regions and products with higher gross margins in 2017 compared to 2016.

Services gross margin increased by 2.6% in 2017 compared to 2016 primarily due to higher services revenue due to increased installed customer base while the personnel costs related to support, professional services and maintenance remained relatively constant.


Operating Expenses
Our operating expenses consist of sales and marketing, research and development, general and administrative, and litigation settlement expenses. The largest component of our operating expenses is personnel costs which consist of wages, benefits, bonuses, and, with respect to sales and marketing expenses, sales commissions. Personnel costs also include stock-based compensation.

A summary of our operating expenses is as follows (dollars in thousands):
 
Years Ended December 31,
 
Increase (Decrease)
 
2018
 
2017
 
Amount
 
Percent
Operating expenses:
 

 
 

 
 

 
 

Sales and marketing
$
103,214

 
$
101,360

 
$
1,854

 
2
%
Research and development
65,157

 
62,991

 
2,166

 
3
%
General and administrative
39,635

 
28,132

 
11,503

 
41
%
Total operating expenses
$
208,006

 
$
192,483

 
$
15,523

 
8
%
 
 
 
 
 
 
 
 


50


 
Years Ended December 31,
 
Increase (Decrease)
 
2017
 
2016
 
Amount
 
Percent
Operating expenses:
 

 
 

 
 

 
 

Sales and marketing
$
101,360

 
$
104,360

 
$
(3,000
)
 
(3
)%
Research and development
62,991

 
60,700

 
2,291

 
4
 %
General and administrative
28,132

 
26,305

 
1,827

 
7
 %
Litigation settlement expense

 
2,089

 
(2,089
)
 
(100
)%
Total operating expenses
$
192,483

 
$