Fortinet Stock: The Cloudflare Of Hybrid Networking & Security (NASDAQ:FTNT) | #cloudsecurity


hapabapa/iStock Editorial via Getty Images

1Q22 ER Summary and Valuation Recap

Fortinet (NASDAQ:FTNT) continues to benefit tremendously from organizations’ hybrid requirements. Indeed, the pandemic forced orgs to migrate IT assets to the cloud and forced workforces to work remotely, though typically orgs still need their own private data centre for certain systems and applications that don’t require (costly) elastic scale compute and storage (such as HR, for example). Post-pandemic workers also are now working in a hybrid manner whereby they spend some time at home and some time in the office.

So, it’s clear that most orgs must have a need for on-prem security though at the same time the added network complexity (cloud vs private DC, remote vs office, more devices and more data, etc.) also makes them need intelligent networking to offset increases in latencies. Ultimately, this is why FTNT continues to prosper under these dynamics because they have their FortiGate NGFW (Next-Gen Firewall) with superior processing power and a market-leading SD-WAN (Software-Defined WAN) built in. This is particularly reflected in the 54% YoY product growth for 1Q22.

The reason we draw parallels between FTNT and NET is because these two are the only vendors that have home-grown converged security and networking capabilities. Of course, NET is the clean-slate cloud-first vendor that delivers all of its services off-prem. Though, at a high-level FTNT can satisfy the same demands but just in a hybrid manner.

Here are some financial highlights from the 1Q22 ER:

  • Total revenue was $955m, up 34% YoY.
  • Product revenue was $371m, up 54% YoY.
  • Services revenue was $584m, up 24% YoY.
  • Bookings were $1.3bn, up 50% YoY.
  • GAAP operating profit was $151m, equating to a 16% margin.
  • Net profit was $138m, equating to a 14.5% margin.
  • FCF was $273.5m, equating to a 29% margin.
  • Revenue and earnings beat consensus estimates.
  • Revenue guidance for 2Q22 and FY22 is also strong and upwardly revised – 27% and 31% YoY growth, respectively.

What impressed us the most is the balanced blend of growth and FCF margin which has resulted in a Rule of 40 of 63%. Based on an earlier piece of analysis we conducted, we strongly surmise that this puts FTNT’s Rule of 40 in the top 4% of 100+ U.S. tech stocks generating TTM revenue over $500m. Though, for the EV/FCF/NTM Growth metric, FTNT is in the bottom quintile of the distribution. So, we believe there’s still some relative attractiveness despite FTNT’s drawdown since the Dec-21 highs being less severe than many peers. Additionally, our conservative DCF valuation range for the stock is $370-$400 per share so we believe there’s a 30%-40% upside available for investors when we eventually get through the market downturn.

Key Tailwinds

Heightened Awareness

Coming second to PANW as the largest pure-play cybersecurity software provider, FTNT is reaping the benefits of the general heightened awareness triggered by the rise in number and in sophistication of ransomware attacks and high-profile data breaches. This elevated concern is catalyzing the whole industry though FTNT’s long-standing reputation (600k customers and long-term relationships) combined with its breadth puts in an advantageous competitive position to grab incremental market share.

The CISO Dilemma

FTNT also are profiting from the dichotomy of CISOs (Chief Information Security Officers) wanting both vendor consolidation and BoB solutions. CISOs want consolidation because enterprises typically have between 50 and 100 disjointed security point solutions being managed by understaffed security teams – thus consolidation will vastly strengthen security postures and bring down costs. However, CISOs also want specific BoB solutions to have a better chance in catching and eliminating threats, especially as Russia’s retaliations to sanctions are likely to lead to increasing levels of sophisticated cyberwarfare. FTNT (along with PANW) is one of very few vendors that can allow CISOs to have their cake and eat it, so to speak, by offering one of the broadest security platforms containing various BoB solutions.

Though, if we do enter an economic downturn, it’s possible the CISOs will become more budget constrained and forgo the BoB solutions and focus more on cost savings. Either way, we expect FTNT will perform well relative to the industry. Sidenote: Also expect ZS to perform relatively well versus competitors should we enter a recession.

Converged Security and Networking

The shift to distributed workforces and the expanding IT sprawl has obliterated the castle-and-moat security architecture. Now, orgs need to focus on building in security around user and machine identity in order to effectively protect user, customer, and corporation data. This necessitates a Zero Trust philosophy which entails that each connection made begins with zero trust between the requester and the responder or resource. From there, trust is built up via authentication and then maintained via continual verification, and the latter requires a lot of processing power to incorporate the disparate contextual data (user, device software status, location, time, etc.) to make frequent risk-based assessments for allowing a level of access. All this Zero Trust activity adds to latency which is why having a converged security and networking vendor like FTNT, that has heavily invested in its hardware processing power, can alleviate a lot of pain points for orgs.

In essence, there has always been a tradeoff between security and productivity but the pandemic has exacerbated it. FTNT has a BoB Zero Trust capability combined with a superior SD-WAN solution to deliver intelligent network to minimize latency and improve user experience and org productivity, which makes their converged security/networking solution (aka SASE) the best around. Furthermore, FTNT’s ASIC hardware that has been developed over the past 20 years, is a major factor in speeding up connections.

Service Providers

FTNT appears to be the go-to SD-WAN vendor for SPs looking to prepare their networks for 5G (AT&T, Orange, Telefonica, and many more). A higher number of cell towers, especially for the mmWave frequency band, is required to deliver 5G, and hence there’s more traffic management complexity. SD-WAN helps to optimally route traffic to the nearest cell towers to enhance the last mile connectivity.

Thanks to FTNT’s lowest TCO (Total Cost of Ownership), superior processing power, built-in Zero Trust security, and its smooth deployments and software management, the firm is the ideal SD-WAN vendor for SPs and other verticals.

Figure 1 – Gartner’s Magic Quadrant for WAN Edge Infrastructure (aka SD-WAN)

Gartner Magic Quadrant for WAN Edge Infrastructure

Gartner

OT Security

OT, or Operational Technology, relates to Industrial IoT and various systems that are connecting online to better interact with the external environment. As manufacturing and other industrial verticals are digitalizing their operations to maximize the use of data, devices are connecting to the Internet and IT systems but there are several issues in doing this, including:

  • Most of OT appliances are very dated and hence can’t properly secure connections.
  • Most OT appliances have nonstandard OS and so are not very compatible with endpoint security solutions. Furthermore, these very old appliances don’t have enough disk space, RAM, and CPU power to run endpoint software.
  • Over the years industrial/manufacturing orgs have connected and attempted to secure OT in a piecemeal fashion, and hence orgs are now managing a plethora of different security solutions.

These verticals have recently become the main targets of ransomware because of the rapid digitalization without the commensurate security considerations, which ultimately presents bad actors with weak spots to exploit. And it’s actually a much graver situation because usually the worst that happens in the IT security world is some data and/or money being stolen/extorted, though security breaches in OT can result in unsafe food being shipped to customers because a bad actor corrupted the digital safety checks.

This is a huge emerging area of cybersecurity and the reason we believe FTNT will succeed is because these verticals tend to be more cost sensitive toward digitalization initiatives and FTNT has the best TCO products. Moreover, network segmentation is becoming increasingly important to thwart ransomware actors from moving east-west, or laterally, across an org looking for valuable systems, and this requires a high number of firewalls, therefore FTNT’s cost leadership is going to be major advantage.

But How has FTNT Cultivated These Advantages

As writing up this report it dawned on me that readers may be wondering how FTNT has actually developed hardware with superior computing power, can deliver the best TCO for customers, and have developed in-house networking functionality while all other pureplay security vendors haven’t gone that route. Well, it roots back to the co-founder and CEO, Ken Xie’s, vision he had over 20 years ago.

In the early 2000s, Xie envisioned that, in the wake of pervasive encryption and exabytes of data moving across the world each day, the standard CPU would eventually fail to be powerful enough to process security functions at the speed required. Therefore, right from the onset of FTNT’s existence, Xie invested in developing ASICs (Application-Specific Integrated Circuits) that were specifically designed for security-related processes. The multi-year timeline for ASIC development and the high investment required dissuaded FTNT’s rivals from following suit.

Then in the mid-2010s when FTNT had finalized its ASICs, the company began outcompeting rivals in speed but also in cost thanks to the upstream integration, thus delivering a market-leading TCO for customers and the best performance-to-cost offering available. This hardware/software integration opened up the door for FTNT to venture into hardware-centric networking and eventually build out the only home-grown SD-WAN solution from a security player. A major value enhancer was FortiOS (FTNT’s OS) which could install the SD-WAN on existing FortiGate NGFWs – highly valuable considering the vastness of FTNT’s installed base.

And it’s SD-WAN that has been a major factor for FTNT moving upmarket and landing more enterprise deals in recent years/quarters, as orgs want to lower latency, optimize bandwidth, improve application performance, and ultimately have a more productive workforce, all in the face of surging data volumes.

As a result of this very long-sighted vision, FTNT now has compute power that is 5x that of the industry average, and is the only player with a home-grown SD-WAN with security built in. And all the benefits that this brings – like user experience, productivity, IT admin simplification, and solid security – is a key reason for the company’s success in hybrid environments.

Additionally, the in-house hardware/software integration has enabled FTNT to pack all networking and security functions – such as routing with SD-WAN, load balancing, VPN, NGFW, SWG, etc. – into its FortiGate. This makes it incredibly easier for IT admins to manage and it’s also way cheaper for customers. And ultimately, this is why we’ve said for a long time now that FTNT is the most accommodative SASE player – because this compact and affordable box can be placed anywhere (even at home offices) and deliver converged security and networking. Sidenote: This isn’t Gartner’s definition of SASE but we think FTNT expands the meaning of SASE by delivering converged security and networking either on-prem, at home offices, or via PoPs off-prem.

Sandwiching Upper and Lower Ends of the Market

Thanks to FTNT’s rare SD-WAN capability for a security vendor along with packing in all networking/security functions into one box as well as being able to deliver Gartner’s definition of SASE, as already outlined, the company has attracted an abundance of demand for hybrid use cases. And as large enterprises tend to have the most complex hybrid use cases, in the past couple of years FTNT has increasingly penetrated upmarket.

In 1Q22, G2000 bookings were up over 60% and large enterprise bookings were up over 65%. A big driver of the recent enterprise demand has been the partial return back to the office and toward more of a pre-pandemic work environment, which has resulted in many postponed projects being recommissioned (also a chunk of this demand is from hyperscalers expanding their capacities). This is depicted in the FY21 deal numbers presented in the following chart.

Figure 2 – FTNT Continues to Move Upmarket

Enterprise and G2000 deals

Fortinet

While the upmarket success is providing the growth and has been accretive to margins, FTNT’s global dominance in the low ends of the market provides great geographic diversification. The chart below shows FTNT represented over one third of all firewall shipments in 3Q21. And the steep ascent since 2020 is attributable to FTNT’s affordable all-in-one FortiGate satisfying the various demands that have emerged since the pandemic.

Figure 3 – Global Firewall Shipments

Global firewall shipments

Fortinet, IDC

At Asymmetric Tech Investments we’re shortly going to do a mini-series on security, including, 1) cloud security, 2) an assessment of the entry barriers of various areas within the security industry, and also 3) a report on why the NGFW is far from dead and why that keeps FTNT and PANW is a strong position going forward.

Then beginning on 20th May, we’ll begin our Tech Stack Investing research project. This will likely be 12-month long project where we search for investment opportunities right through the tech stack, from sand to silicon to chips to hardware to software to superclouds and the various associated themes emerging. The other objective of this research project is to break down a lot of the knowledge barriers for investors.

If FTNT is Such a Great Company, Why is it Relatively Undervalued?

We think FTNT, and to even more of an extent PANW, are relatively undervalued because they have this “legacy” hardware association in the minds of investors and that they aren’t as cloud-capable as younger, clean-slate type of vendors (like NET, ZS, OKTA, etc.). We surmise that investors think that 1) NGFWs are outdated, 2) all security should now be off-prem, 3) and that FTNT/PANW haven’t transitioned from an on-prem only vendor – which all leads to less interest in these names. If these are the thoughts of investors then these are misunderstandings. And furthermore, FTNT and PANW are growing c. 30% at TTM revenue of $4bn+ and $5bn+, respectively, which when you think about it, they’re grabbing more market share than younger cloud vendors growing at 50%+ from a much lower revenue base. And much of FTNT’s and PANW’s growth is from either cloud-delivered or cloud-native security. Not only that, in FTNT’s case it is convincingly profitable too.

Conclusion

  • FTNT has delivered a very impressive 1Q22 ER, largely driven by hybrid use case requirements and large enterprises recommissioning postponed IT projects.
  • The tailwinds outlined are secular and will continue to support FTNT’s growthy business. Not discussed in this report, though Zero Trust and network segmentation implementations are still very few and far between across the corporate world. FTNT is a BoB provider for these architectural requirements to protect against ransomware and other sophisticated attacks.
  • FTNT’s 1) home-grown integrated SD-WAN capability that can deliver SASE in its truest form, 2) all-in-one NGFW box that can deliver SASE from anywhere, 3) superior computing power & market-leading TCO, 4) long-standing reputation, and 5) smooth implementations and UI management, will all be competitive advantages going forward so it can outgrow the industry (projections range from 10%-20%) for several years to come.
  • Relatively FTNT is still attractive, and our DCF valuation also indicates attractive upside. Possible discounts to the stock, apart from the obvious macro environment, is the company’s image within the era of cloud-first security – which we believe is largely inaccurate.



Original Source link




Leave a Reply

Your email address will not be published.

one + five =