NETWORKS ASSOCIATES INC/ - 10-K Annual Report

Securities registered pursuant to Section 12(g) of the Act: Common Stock, $.01 Par Value

Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes þ o No

Indicate by check mark if disclosure of delinquent filers pursuant to Item 405 of Regulation S-K is not contained herein, and will not be contained, to the best of the registrant’s knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-K or any amendment to this Form 10-K. o

The aggregate market value of the voting stock held by non-affiliates of the issuer as of December 31, 2001 was approximately $3,582,411,290. The number of shares outstanding of the issuer’s common stock as of December 31, 2001 was 140,699,222.

Items 10, 11, 12, and 13 of Part III are incorporated by reference from the Registrant’s Proxy Statement for the Annual Meeting of Stockholders to be held May 15, 2002.

Some of the statements contained in this Annual Report on Form 10-K are forward-looking statements, including but not limited to those specifically identified as such, that involve risks and uncertainties. The statements contained in the Report on Form 10-K that are not purely historical are forward looking statements within the meaning of Section 27A of the Securities Act and Section 21E of the Exchange Act, including, without limitation, statements regarding our expectations, beliefs, intentions or strategies regarding the future. All forward looking statements included in this Report on Form 10-K are based on information available to us on the date hereof, and we assume no obligation to update any such forward-looking statements. These statements involve known and unknown risks, uncertainties and other factors, which may cause our actual results to differ materially from those implied by the forward-looking statements. In some cases, you can identify forward-looking statements by terminology such as “may,” “will,” “should,” “expects,” “plans,” “anticipates,” “believes,” “estimates,” “predicts,” “potential,” or “continue” or the negative of these terms or other comparable terminology. In some instances, we have also indicated forward looking statements with an asterisk (*). Although we believe that the expectations reflected in the forward-looking statements are reasonable, we cannot guarantee future results, levels of activity, performance or achievements. Moreover, neither any other person nor we assume responsibility for the accuracy and completeness of such statements. Important factors that may cause actual results to differ from expectations include those discussed in “Risk Factors” beginning on page 11 in this document.

Networks Associates, Inc. was formed in December 1997, by the combination of McAfee Associates, Inc. and Network General Corporation. Following the combination, McAfee changed its legal name to Networks Associates, Inc. and we do business under the name Network Associates. In 1999, our subsidiary McAfee.com sold to the public its Class A common stock as a part of its initial public offering.

We are a leading supplier of network security and network management solutions. We operate through two businesses consisting of our infrastructure business and McAfee.com, our publicly traded subsidiary. Our infrastructure business is operated in six geographic regions: the United States, Europe, Japan, Canada, Asia-Pacific and Latin America. McAfee.com is an application service provider, or ASP, targeted at consumers and small to medium-sized businesses.

The majority of our net revenue has historically been derived from our McAfee anti-virus products and our Sniffer Technologies network fault and performance products. In addition to these two flagship products, we have focused our efforts on building a full line of complementary network security and network management solutions. On the network security side, we strengthened our anti-virus lineup by adding complementary products in the firewall, intrusion detection, encryption, and virtual private networking categories. On the network management side, we built upon our Sniffer Technologies line by adding products in the help desk, asset management, network monitoring, and network reporting categories. We continuously seek to expand our product lines.

To more effectively market our infrastructure products in our various geographic regions, we have combined complementary products into separate product groups, as follows:


	•	McAfee, which delivers world-class anti-virus and security products and services;

	•	Sniffer Technologies, which is a leader in network availability and system security products; and

	•	Magic Solutions, which is a leading provider of web-based service desk solutions.

In the fourth quarter of 2001, we substantially completed integrating the activities of our PGP product group into our McAfee and Sniffer product groups. The PGP product group accounted for approximately 6%

of our net revenue in 2001. Former PGP products now marketed and sold as McAfee products include the McAfee VPN, McAfee Desktop Firewall (our distributed firewall) for corporate users and the McAfee E-Business Server. The CyberCop vulnerability assessment technology was integrated into the Sniffer product line. We are seeking buyers for the PGP desktop encryption and Gauntlet firewall products.

In 2001, our infrastructure business, including the recently integrated PGP product group, accounted for approximately $772.5 million in net revenue and a net operating loss of $82.0 million. In 2001, McAfee.com accounted for approximately $62.0 million in net revenue and a net operating loss of approximately $192,000.

McAfee’s products and services provide solutions designed to enforce anti-virus policies and measure the performance of anti-virus activities and deliver network security. The McAfee product group includes products and services that provide multi-layer anti-virus protection, management and reporting for desktops, servers, GroupWare, Internet technologies, and wireless technologies. The McAfee product group also includes distributed firewalls and virtual private network products for corporate users. McAfee’s services are provided by McAfee’s Anti-Virus Emergency Response Team (AVERT). AVERT augments McAfee’s product offerings by identifying new viruses and deploying anti-virus solutions to our customers. McAfee customers are primarily corporate customers, including customers in the managed service market (such as, ASPs, and managed service providers, or MSPs).

Sniffer Technologies’ products and services provide customers with network and application management solutions designed to maximize network availability and performance and system security. Sniffer Technologies’ products capture data, monitor network traffic and collect key network statistics. Sniffer Technologies’ products are also designed to optimize network and application performance and increase network reliability by uncovering and analyzing network problems and system vulnerabilities and recommending solutions to such problems, automatically and in real-time for mid-level and high-speed networks. Sniffer Technologies’ products also proactively monitor and diagnose network and application-level problems on complex, multi-segment networks from centralized locations as well as troubleshooting high-speed telecommunications and Internet service provider networks. Sniffer Technologies’ customers are primarily corporate customers, including customers in the managed service market.

Magic Solutions’ products provide customers with a web-based set of tools to manage their customer support and problem management needs. Magic Solutions’ product group consists of products that promote information sharing, facilitate workflow, and improve service delivery. Magic Solutions’ products include the Magic Total Service Desk Suite, a 100% browser-based service desk and problem management solution. In addition, Magic Solutions’ stand-alone products include Magic HelpDesk, Self Service Desk, Remote Desktop and Event Management. Magic Solutions’ customers are primarily corporations.

McAfee.com is a security ASP delivering security applications software and related services through an Internet browser. The McAfee.com applications allow users to detect and eliminate viruses on their PCs, repair their PCs from damage caused by viruses, optimize their hard drives and update their PCs’ virus protection system with current software patches and upgrades. McAfee.com also offers customers access to McAfee.com Personal Firewall, McAfee.com Wireless Security Center and McAfee.com Internet Privacy Service.

Under the terms of our licensing agreement with McAfee.com, McAfee.com’s business has historically been targeted exclusively at consumers. In March 2001, we entered into a reseller agreement with McAfee.com allowing it to expand its product offerings with McAfee.com for Business. McAfee.com for Business is a website serving the security needs for small and medium-sized businesses delivering managed applications services that allow businesses to provide anti-virus and firewall security for their desktop PCs.

As of December 31, 2001, we owned 36.0 million shares of McAfee.com Class B common stock, entitled to three votes per share and representing approximately 76% of McAfee.com’s outstanding common stock and 90% of its total voting power.

As our products and computer networks become more complex, customers increasingly require greater professional assistance in the design, installation, configuration and implementation of their networks and acquired products. To meet these evolving customer needs, we have established Professional Services and Technical Support. Professional Services is focused on two service segments: Consulting Services and Education Services. Technical Support consists primarily of one program called PrimeSupport.

Consulting Services supports product integrations and deployment with an array of standardized and custom offerings. Consulting Services also offers other services ranging from proactive and emergency troubleshooting to network design, planning and simulation. We supplement our consulting service capabilities through the use of outside professional service providers, including system integrators. Our consulting services organization is organized around our three product groups.

Education Services represents the combined training organizations of Sniffer University, McAfee University and Magic University. Together, these training organizations offer customers an extensive curriculum of computer network technology courses, including protocol analysis and troubleshooting, security, help-desk and network management tools. Education Services provides public classes and customized on-site training at customer locations.

The PrimeSupport program provides our customers online and telephone-based technical support in an effort to ensure that our products are installed and working properly. To meet customers’ varying needs, PrimeSupport offers a choice of the online KnowledgeCenter or the telephone-based Connect, Priority and Enterprise. All PrimeSupport programs include software updates and upgrades. PrimeSupport is available to all customers on a worldwide basis from various regional support centers.


	•	PrimeSupport KnowledgeCenter — Consists of a searchable, knowledge base of technical solutions and links to a variety of technical documents such as product FAQs and technical notes.

	•	PrimeSupport Connect — Provides toll-free telephone access to technical support during regular business hours and access to the online KnowledgeCenter.

	•	PrimeSupport Priority — Provides support for critical operations with priority, unlimited, toll-free telephone access to technical support 24 hours a day, 7 days a week and access to the online KnowledgeCenter.

	•	PrimeSupport Enterprise — Offers proactive, personalized service for the most business critical operations and includes an assigned technical support engineer from our elite Enterprise support team, proactive support contact (telephone or email) with customer-defined frequency, election of five designated customer contacts and access to the online KnowledgeCenter.

NAI Labs is our research and development organization dedicated to advanced network and information systems security technology. NAI Labs is actively conducting research in the areas of network security, cryptography, security infrastructure and other network security and network defense projects. NAI Labs has ongoing projects funded through DARPA (the U.S. Defense Advanced Research Projects Agency), Air Force, Navy, Army, NSA and other Department of Defense and U.S. government agencies. NAI Labs makes a number of its research prototypes available as open source software and support several open source community initiatives.

We typically license our products to corporate and government customers on a subscription basis, for a period of two years or on a perpetual basis. Beginning in October 2000, we began selling our two-year

subscription licenses with one-year (first year) of maintenance. Previously, our two-year subscription licenses included two years of maintenance. During the first year of the two-year subscription license, the customer has the option to purchase the second year of maintenance. The purchase price for the second year of maintenance is set at the time of purchase of the two-year subscription license. As the software licenses or maintenance contracts near expiration, we contact customers to renew their licenses or maintenance contracts, as applicable. We believe that providing the customer the option to purchase the second year of maintenance provides the customer greater flexibility in selecting the appropriate level of maintenance support. Electronic distribution of our products and upgrades allows us to offer upgrades and updates on a more regular basis than companies using traditional distribution methods.

Our licensing model also creates the opportunity for recurring revenue for us through the renewal of existing licenses. By offering two-year licenses as opposed to traditional perpetual licenses, we are also able to meet a lower initial cost threshold for customers with annual budgetary constraints. The renewal process also provides an opportunity to cross-sell new products and product lines to existing customers.

We also provide single user and corporate user licenses for our products under traditional perpetual licenses with product updates, upgrades and support available to customers under separate maintenance contracts. As compared to subscription licenses, sales of perpetual licenses typically result in significantly higher up-front revenue and lower recurring and future revenues as the sales price for upgrades and updates tends to be significantly lower than that of a perpetual license. We typically sell perpetual licenses in connection with sales of our hardware-based Sniffer and E-ppliance products where software is bundled with the hardware platform.

For our ASP or hosted products and services, customers essentially “rent” the use of our software. Because our ASP services are “version-less,” or self updating, customers using these services are assured of using the most recent version of the software application, eliminating the need to purchase product updates or upgrades. McAfee.com provides software using a related subscription model. Paid McAfee Clinic subscribers receive a time-based subscription to the service.

In 2001, the McAfee Product Group introduced its ASaP offerings. These are hosted products and services which provide the most up-to-date anti-virus software to corporate customers. These offerings include VirusScan ASaP, which provides anti-virus protection to desktops and file servers, VirusScreen ASaP, which screens e-mails to detect and quarantine viruses and infected attachments, and WebShield e500 ASaP, which combines a McAfee WebShield e-ppliance with hosted monitoring services that keep the e-ppliance continuously up to date to stop viruses at the Internet gateway before they enter an organization.

To augment and capitalize upon our marketing efforts, our sales and marketing activities are directed primarily at large corporate and government customers, as well as to resellers, distributors and system integrators worldwide through the channels listed below.

Our United States direct sales force, constituting the majority of our sales force, is organized by product group, with three separately focused sales organizations selling by product group. Each of these sales organizations consists of field sales representatives who are located regionally and outbound telesales representatives who actively market our individual product groups, focusing on small customers and transactions. Our corporate telesales representatives also respond to prospective customers who contact us as a result of a particular marketing program or after electronically evaluating one of our products. To augment our sales organization, our executives are involved with sales to many major accounts.

All of our United States sales representatives are responsible for developing new business as well as the renewal of our existing licenses. Prior to expiration of a license, a sales representative contacts the customer and

encourages the customer to renew the expiring license and determines if the number of computers licensed needs adjustment and, additionally, markets new products and product groups to this existing customer.

We have sales and support operations in Europe, Japan, Canada, Asia-Pacific and Latin America. In 2001, international revenues accounted for approximately 35% of our net revenues. In 2001, we announced our intention to significantly expand our international sales activities, and we hired new heads of our Asia-Pacific, European and Latin American operations.

We recently organized our international sales forces by region. In addition to the United States, the principal geographic regions are Europe, Japan, Canada, Asia-Pacific, and Latin America. Within these regions, sales forces are organized by country where appropriate. Our international direct sales force is organized by our three product groups when and where local demand and sales force considerations make this action advisable. Outside of the United States, each product group’s sales force reports to the regional sales head.

To complement our direct sales efforts, we market many of our products through corporate resellers and distributors, and indirectly through retailers. We currently utilize corporate resellers, including ASAP Software, Corporate Software & Technology, Softmart, Software House International and Software Spectrum, which focus primarily on selling site licenses of our software to corporate customers.

Independent software distributors who currently market our products include Ingram Micro, Merisel America, MOCA and Tech Data. These distributors market our products primarily to large retailers, value added resellers, or VARs, and mail order companies. Through our authorized distributors, we sell our retail packaged products to several of the larger computer and software retailers in the United States, including Best Buy, Comp USA, Fry’s, Office Depot, Office Max and Staples. Several members of our channel sales force work closely with our major reseller and distributor accounts to manage orders, promotions and selling activities.

Our top ten distributors typically account for between 37% and 42% of our net revenue each quarter. Our agreements with our distributors are not exclusive and may be terminated by either party without cause. Terminated distributors may not continue to represent our products. If one of our significant distributors terminated its relationship with us, we could experience a significant interruption in the distribution of our products.

Commencing January 1, 2001, we implemented a sell-through business model for distributors under which we recognize revenue on products sold through distributors at the time our distributors resell the products to their customers. Under this business model, our distributors are permitted to purchase software licenses at the same time they fill customer orders and to pay for hardware and retail products only when these products are resold to the distributors’ customers. In addition, prior to the resale of our products, our distributors are permitted unlimited unconditional rights of return. After sale by the distributor to its customer, there is no right of return from the distributor to us with respect to such product, unless we approve the return from the final customer to the distributor.

Original Equipment Manufacturers, or OEMs, license our products and bundle them with PC hardware or software. OEMs typically sublicense a single version of our products to end users who must contact us in order to receive their updates. We typically receive a per-copy royalty from our OEMs. Subject to limited exceptions, our OEM activities are conducted through McAfee.com.

Our principal means of marketing our products and services is through the Internet. In addition to the NAI.com website, each of our product groups and McAfee.com have their own individual websites. A number

of these websites are localized to serve the various geographic regions in which we operate. Not only do each of these websites contain various marketing materials and information about our products, but website visitors may download and purchase products or obtain free trials of our products or trial subscriptions for hosted products and services. We also promote our products and services through advertising activities in trade publications and direct mail campaigns and strategic arrangements. In addition, we attend trade shows, sponsor conferences and publish a quarterly newsletter, which is mailed to existing and prospective customers.

We primarily market our products to large corporate and government customers directly through our direct sales organization and indirectly through resellers and distributors. A majority of our products are distributed indirectly through resellers and distributors. In the U.S., substantially all our indirect sales are through four major distributors. In Europe, substantially all indirect sales are made through five major distributors. During 2001, one customer, Ingram Micro, accounted for approximately 27% of our net revenue.

We primarily market our products directly to individual consumers through online distribution channels and indirectly through traditional distribution channels, such as retail stores. McAfee.com is responsible for online distribution of our products sold to individual consumers over the Internet or for Internet-based products and for the licensing of technology to OEMs for sale to individual consumers, subject to certain exceptions.

We believe that our ability to maintain our competitiveness will depend in large part upon our ability to successfully enhance existing products, develop and acquire new products and develop and integrate acquired products. The market for computer software includes low barriers to entry, rapid technological change, and is highly competitive with respect to timely product introductions. As part of our growth strategy, we have made and expect to continue to make investments in complementary businesses, products and technologies.

In addition to developing new products, our internal development staff is also focused on developing upgrades and updates to existing products and modifying and enhancing any acquired products. Future upgrades and updates may include additional functionality, respond to user problems or address compatibility problems with new or changing operating systems and environments.

Excluding stock-based compensation charges, we expended $142.1 million, $171.6 million and $148.2 million in 2001, 2000 and 1999, respectively, on research and development.

Our manufacturing operations consist primarily of assembly, testing and quality control of materials, components, subassemblies and systems for our Sniffer hardware-based and E-ppliance products. We use a limited number of third-party manufacturers for these manufacturing operations. Reliance on third-party manufacturers involves a number of risks, including the lack of control over the manufacturing process and the potential absence or unavailability of adequate capacity. The loss of one of our third-party manufacturers could disrupt our business. Hardware-based products entail other risks, such as the unavailability of critical components which are supplied by a limited number of parties and greater obsolescence risks.

We have developed software-only versions of some of our Sniffer products. Purchasers of these Sniffer software products are required to already own, or purchase directly from the manufacturer or other vendors, the necessary hardware products, such as computer platforms and components. Customers may require that we continue to provide the necessary hardware products.

The markets for our products are intensely competitive and we expect competition to increase in the near-term. We believe that the principal competitive factors affecting the markets for our products include:


	•	performance;

	•	functionality;

	•	quality;

	•	customer support;

	•	breadth of product group;

	•	frequency of upgrades and updates;

	•	integration of products;

	•	manageability of products;

	•	brand name recognition;

	•	reputation; and

	•	price.

We believe that we compete favorably against our competitors in each of these areas. However, some of our competitors have longer operating histories, greater name recognition, larger technical staffs, established relationships with hardware vendors and/or greater financial, technical and marketing resources. These factors may provide our competitors with an advantage in penetrating the market with their network security and management products.

Anti-Virus. Our principal competitor in the anti-virus market is the Norton Product Group of Symantec. Trend Micro remains the strongest competitor in the Asian anti-virus market, with Dr. Ahn’s making recent inroads, particularly in Japan and Korea.

Network Security. Our principal competitors in the security market vary by product type. For firewalls, our principal competitors include CheckPoint, Symantec, and larger companies such as Cisco Systems and Microsoft. For intrusion detection products, we compete with Cisco Systems, Internet Security Systems and Symantec. The markets for encryption and virtual private network, or VPN, products are highly fragmented with numerous small and large vendors. VPN competitors include hardware and software vendors, including telecommunications companies and traditional networking suppliers.

Network Management. Our principal competitor in the network management market is Agilent. Other competitors include Acterna Corporation, Cisco Systems, Computer Associates, Compuware, Concord Communications, DeskTalk Systems, GN Nettest, Network Instruments, Radcom Technologies, Shomiti Systems and WildPackets.

Help Desk. Our principal competitors in the help desk market are Computer Associates, FrontRange Solutions and Peregrine Systems.

Other Competitors. We also face competition from large software companies such as HP, Intel, Microsoft and Novell, which may offer network security and management products as enhancements to their operating systems.

Our success depends significantly upon proprietary software technology. We rely on a combination of contractual rights, trademarks, trade secrets and copyrights to establish and protect proprietary rights to our software. However, these protections may be inadequate or competitors may independently develop technologies or products that are substantially equivalent or superior to our products. We do not typically obtain signed

license agreements from customers who license products directly from us. Rather we include an electronic version of a “shrink-wrap” license in all of our electronically distributed software and a printed license in the box for our products. Since none of these licenses are signed by the licensee, many legal authorities believe that such licenses may not be enforceable under the laws of many states and foreign jurisdictions. In addition, the laws of some foreign countries either do not protect these rights at all or offer only limited protection for these rights. The steps taken by us to protect our proprietary software technology may be inadequate to deter misuse or theft of this technology. For example, we are aware that a substantial number of users of our anti-virus products have not paid any registration or license fees to us.

For the purposes of defining our ongoing relationship with McAfee.com, our publicly traded subsidiary, we have entered into a number of ongoing agreements. These agreements are filed as exhibits to the public disclosure documents that we file with the Securities and Exchange Commission and are described briefly below. The description is subject in all respects to the terms of the actual agreements.

Licensed Technology. Network Associates and McAfee.com granted to each other limited rights to each others’ patents, copyrights, trademarks and trade secrets for use in defined markets. McAfee.com granted us worldwide, non-exclusive rights to McAfee.com’s patents and exclusive rights to use McAfee.com’s copyrights, trademarks and trade secrets to deliver products and services to enterprise customers and individual consumers by any means other than the Internet. Under the agreement, McAfee.com was granted worldwide, non-exclusive rights to our patents and exclusive rights to use our copyright, trademark and trade secret rights to create and deliver products and services directly or indirectly to individual consumers over the Internet or for Internet-based products. Each party is also permitted to create products derived from the technology licensed to it by the other. The creating party retains ownership of their newly derived products but these derived products are licensed to the other party subject to the terms of the license agreement.

Royalty Payments. In consideration for the rights granted under the license agreement, we are required to pay McAfee.com a flat quarterly royalty of $250,000. In consideration for the rights granted by us to McAfee.com under the license agreement, McAfee.com is required to pay us a 7% royalty on revenues recognized from product and subscription sales that include our technology.

Limitations on Offered Products. During the term of the agreement, each party has agreed that it will not offer products incorporating third-party technology if those products are competitive with the products offered by the other party.

Indemnification. Under the agreement, each party has agreed to indemnify, defend and hold harmless the other for any losses incurred in connection with claims arising in the covered countries if the technology licensed under the agreement violates the patent, copyright, trademark or trade secrets or other proprietary rights of a third party. Covered countries are those countries that are party to the Berne Convention for the Protection of Literary and Artistic Works, which include the U.S. and substantially all U.N. member nations.

Term and Termination. The license agreement will remain in effect perpetually, but may be terminated, among other circumstances, by the non-defaulting party, in the event of a material breach by the other party that remains uncured for 30 days following notice of the breach, subject to mandatory dispute resolution prior to the effectiveness of any proposed termination.

Reseller Agreements. In March 2001, we entered into reseller agreements with McAfee.com. Under these agreements, McAfee.com may resell our products to business customers, except in Japan, and in certain countries, we may resell McAfee.com products to OEMs and end-users directly or through ASPs.

Services Agreement. Under this agreement, we provide services relating to tax, insurance, employee benefits and administration, corporate record keeping and information technology. For these services, we charge a portion of the cost of our provision of the services to McAfee.com, including all related expenses, which is allocated based on headcount, plus a ten percent mark-up. In addition, from time to time, we may

provide additional services, including legal and accounting services. The services agreement may be terminated either by McAfee.com on 30 days notice or by us when we cease to own a majority of the outstanding voting stock of McAfee.com.

Registration Rights Agreement. Under this agreement, we, or any transferee of at least 10% of our McAfee.com shares, can include such shares of McAfee.com common stock in any future registration of common stock made by McAfee.com, other than any registration statement relating to an acquisition or stock option plan. In addition, we or any transferee of at least 10% of our McAfee.com shares can request that McAfee.com file a registration statement for the public sale of such shares of McAfee.com stock.

Joint Cooperation Agreement. The joint cooperation and master services agreement with McAfee.com governs the provision of technology services among the parties. Under this agreement, our anti-virus emergency response team, or AVERT, will provide McAfee.com with research and solutions for virus events. The agreement also contains standard terms and conditions governing the provision of technology services from one party to the other under statements of work that may be negotiated from time to time. We pay McAfee.com a fee for these services in an amount equal to 10% of McAfee.com’s total quarterly technology costs plus a 10% service charge.

Tax Sharing Agreement. Under this agreement, McAfee.com pays federal, state and local income tax liability amounts to us, determined on a pro forma basis as if McAfee.com filed its own separate income tax returns for each year. We will not reimburse McAfee.com for McAfee.com’s or any other group member’s use of their net operating loss or other tax benefits in any consolidated or combined return. However, McAfee.com will be able, during the term of the agreement, to take into account its past and future net operating loss and other tax attributes for purposes of computing its hypothetical separate income tax return liability payment to, or refund from, us.

The tax sharing agreement will terminate if McAfee.com is no longer eligible to join us in the filing of a consolidated federal income tax return. In the event of such termination, any net operating losses or other carryforward amounts would not be available to McAfee.com upon departure from the group. Under the agreement, McAfee.com will not be reimbursed for any such loss of tax benefits.

Indemnification and Voting Agreement. Under this agreement, except as contemplated below, we will indemnify and defend McAfee.com harmless for all losses related to any third party claims relating to events or circumstances arising out of any action or inaction of us, including our subsidiaries and officers and directors, on or prior to December 2, 1999, the date on which McAfee.com completed its initial public offering. Matters for which we are not obligated to indemnify McAfee.com include:


	•	any obligations assumed by McAfee.com, or payments required to be made by McAfee.com, under its agreements with us;

	•	any losses resulting from third party claims that are related to intellectual property developed by McAfee.com between August 20, 1999 and December 2, 2000;

	•	any obligations incurred by McAfee.com in the ordinary course of business;

	•	any losses resulting from third parties claims made against McAfee.com alleging infringement of intellectual property rights unknown as of the closing of McAfee.com’s initial public offering; and

	•	any losses resulting from third parties claims related to or arising from a material misstatement contained in or material omission from the prospectus or the registration statement for McAfee.com’s initial public offering.

In the event of a claim relating to a product that includes components supplied by McAfee.com and components supplied by us, we have the right to determine whether and to what extent McAfee.com is entitled to indemnification, after reasonable consultation with McAfee.com.

For so long as we own at least 20% of McAfee.com’s outstanding voting power, we must vote our shares of McAfee.com’s capital stock in favor of the election of two independent directors. Additionally, if, as described

below under the stockholders agreement, we have a change of control which is not approved by our continuing directors, we have agreed to vote to elect a majority of independent directors to McAfee.com’s board.

Stockholders Agreement. Under this agreement, we have agreed that if (1) without the prior approval of our continuing directors, as defined below, any person acquires or agrees to acquire 15% or more of our outstanding common stock or (2) our continuing directors cease to constitute a majority of serving directors, then for so long but only for so long as that condition exists:


	•	our shares of McAfee.com Class B common stock are entitled to only one vote per share instead of three votes per share; and

	•	we are obligated to vote our McAfee.com shares to cause, and to take such actions reasonably within our control to cause, and to seek to cause the McAfee.com directors appointed by us to cause, McAfee.com’s board of directors to consist of at least a majority of independent directors.

Our continuing directors will consist of our current directors and any subsequent directors approved or not objected to by a majority of our then-continuing directors.

As of December 31, 2001, we employed 3,659 individuals worldwide. Competition for qualified management and technical personnel is intense in the software industry. Our continued success depends in part upon our ability to attract and retain qualified personnel. With limited exceptions, none of our employees are represented by a labor union and we believe that our employee relations are good.

Investing in our common stock involves a high degree of risk. The risks described below are not the only ones facing our company. Additional risks not presently known to us or that we deem immaterial may also impair our business operations. Any of the following risks could materially adversely affect our business, operating results and financial condition and could result in a complete loss of your investment

We were not profitable in 2001, 2000 and 1999. In 2001, we had a net loss of $100.7 million on net revenues of $834.5 million compared to a net loss of $102.7 million on net revenues of $745.7 million in 2000 and a net loss of $159.9 million on net revenues of $683.7 million in 1999.

Our revenues and operating results have varied significantly in the past. We expect fluctuations in our operating results to continue. As a result, we believe that period-to-period comparisons of our financial results should not be relied on as an indicator of our future results. Our expense levels are based in part on our expectations regarding future revenues and in the short term are relatively fixed. We may be unable to adjust our expenses in time to compensate for any unexpected revenue shortfall.

Operational factors that may cause our revenues, gross margins and operating results to fluctuate significantly from quarter to quarter include:


	•	volume, size and timing of new licenses and renewals of existing licenses;

	•	introduction of new products, product upgrades or updates by us or our competitors;

	•	the mix of products we sell and whether those products are sold directly by us or indirectly through distributors and whether, in the case of software licenses, the licenses are time-based subscription licenses or perpetual licenses;

	•	costs or charges related to our acquisitions or dispositions, including our planned disposition of the Gauntlet firewall and our PGP desktop and wireless encryption product lines;

	•	the components of our revenue, particularly that portion attributable to our ASP/MSP subscription model, that are deferred; and

	•	stock-based compensation charges and costs related to extraordinary events, including litigation and any reductions in forces.

Our net revenue is typically higher in the fourth quarter, as many customers complete annual budgetary cycles, and lower in the summer months when many businesses experience lower sales, particularly in the European market. In recent periods, poor economic conditions in Asia, particularly Japan, and Latin America have hurt our business. Customer concerns about weakening U.S. and global economic conditions and the uncertainties following the terrorist attacks of September 11, 2001 could also harm our business.

It Is Difficult For Us To Estimate Operating Results Prior To The End Of A Quarter.

Because we do not maintain a significant level of backlog, product revenues in any quarter are dependent on contracts entered into or orders booked and shipped in that quarter. Historically, we have experienced a trend toward more product orders, and therefore, a higher percentage of revenue shipments, in the last month of a quarter. Some customers believe they can enhance their bargaining power by waiting until the end of a quarter to place their order.

We Face Risks Associated With The Integration Of Our PGP Product Group Into Our McAfee And Sniffer Product Groups.

We recently integrated most of the PGP products into our McAfee and Sniffer product groups and are seeking buyers for the remaining assets. Risks related to the integration and possible sales include:


	•	we may not realize our estimated expense reductions of approximately $50 million in 2002 in full or on a timely basis;

	•	we may experience increased customer dissatisfaction or customer losses, particularly from customers licensing the Gauntlet firewall and PGP desktop and wireless encryption technologies that we plan to sell; and

	•	we may be unable to sell the Gauntlet firewall and PGP desktop and wireless encryption technologies on favorable terms, on a timely basis, or at all.

We Have Recently Experienced Significant Changes In Senior Management And Plan To Add New Members Of Senior Management.

On January 3, 2001, our board of directors appointed George Samenuk as our chief executive officer and president. In April 2001, Stephen C. Richards was appointed as our executive vice president and chief financial officer and was recently named our chief operating officer. In October 2001, Zachary Nelson, who was recently named our chief strategy officer, left that position. We have also recently hired new heads of our Asia-Pacific, European and Latin American operations. In December 2001, Gene Hodges, the president of our McAfee product group, was appointed president of Network Associates and we hired Art Matin to replace Gene Hodges as the president of the McAfee product group. We intend to continue to add new members to senior management. Changes in management may be disruptive to our business and may result in the departure of existing employees and/or customers. It may take significant time to locate, retain and integrate qualified management personnel.

Our success depends in large part on our ability to attract and retain technically qualified and highly skilled sales, consulting, technical, marketing and management employees. Competition for qualified employees is intense, resulting in upward pressure on wages. In addition to our recent management additions, we hired a significant number of new employees in 2000 and 2001. We may continue to add new employees to fill positions vacated by departing employees and to expand our business. There may be reduced levels of productivity as recent hires are trained and otherwise assimilate and adapt to our organization.

Other than executive management who have “at will” employment agreements, our employees are not typically subject to an employment agreement or non-competition agreement. We may be unsuccessful in retaining key personnel. For example, after April 22, 2000, the end of the 12-month lock-up period for options repriced in April 1999, we experienced a larger than normal level of employee departures as many of these employees elected to terminate their employment with us. We may also have difficulties in retaining employees because many of our employees hold options to purchase our stock at prices significantly above the current market price for our stock.

For 2001 and 2000, net revenue from international sales represented approximately 35% and 37%, respectively, of our net revenue. We intend to focus on international growth and expect international revenue to account for a significant percentage of our net revenue. Related risks include:


	•	longer payment cycles and greater difficulty in collecting accounts receivable;

	•	increased costs and management difficulties related to the building of our international sales and support organization;


	•	the acceptance of the reorganization of our international sales forces by regions;

	•	the need to train and integrate the new heads of Asia-Pacific, Europe and Latin America;

	•	uncertainties relative to regional economic circumstances, including the continued economic weakness in Asia and a weak Euro;

	•	currency fluctuations and risks related to hedging strategies;

	•	political instability in emerging markets;

	•	tariffs, trade barriers and export restrictions; and

	•	a high incidence of software piracy in some countries.

We have historically derived a majority of our net revenues from our flagship McAfee anti-virus software products and Sniffer network fault and performance management products. These products are expected to continue to account for a significant portion of our net revenues for the foreseeable future. Because of this revenue concentration, our business could be harmed by a decline in demand for, or in the prices of, these products as a result of, among other factors, any change in our pricing model, a maturation in the markets for these products or other risks described in this document.

Weakening economic conditions, new product introductions and expansions of our business may increase the time necessary to sell our products and require us to spend more on our sales efforts. Our products may be considered to be capital purchases by our current or prospective customers. Capital purchases are often discretionary and, therefore, are canceled or delayed if the customer experiences a downturn in its business prospects or as a result of economic conditions in general.

We Face A Number Of Risks Related To Our Product Sales Through Distributors.

We sell a significant amount of our products through intermediaries such as distributors. Our top ten distributors typically represent approximately 37% to 42% of our net revenue in any quarter. Our largest distributor, Ingram Micro, accounted for approximately 27% of net revenue during 2001.

Our distributor agreements may be terminated by either party without cause. If one of our significant distributors terminates its distribution agreement, we could experience a significant interruption in the distribution of our products.

We recognize revenue on products sold by our distributors when distributors sell our products to their customers. To determine our business performance at any point in time or for any given period, we must timely and accurately gather sales information from our distributors’ information systems, at an increased cost to us. Our distributors’ information systems may be less accurate or reliable than our internal systems.

Our distributors may sell other vendors’ products that are complementary to, or compete with, our products. While we encourage our distributors to focus on our products through market and support programs, these distributors may give greater priority to products of other suppliers, including competitors.

Some of our distributors may experience financial difficulties, which could adversely impact our collection of accounts receivable. Our allowance for doubtful accounts was approximately $8.4 million at December 31, 2001 and $15.3 million at December 31, 2000. In 1999, one of our large European distributors, CHS, entered bankruptcy requiring us to record a related accounts receivable write-off of approximately $28.7 million. Also in 1999, Pinacor, a U.S. distributor, entered bankruptcy requiring us to record a related accounts receivable write-off of approximately $6.0 million. We regularly review the collectibility and credit-worthiness of our distributors to determine an appropriate allowance for doubtful accounts. Our uncollectable accounts could exceed our current or future allowances.

We expect to incur stock-based compensation charges related to employee options repriced in April 1999. The size of these charges could be significant depending on movements in the market value of our common stock and, in some cases, the market value of McAfee.com common stock. On December 31, 2001, the market value of our common stock and McAfee.com’s common stock was $25.85 and $33.91, respectively. Subject to a number of assumptions and limitations, including the timing and number of option exercises, for each $1.00 increase in the price of our common stock or McAfee.com’s common stock, at March 31, 2002 we could expect a stock-based compensation charge of approximately $2.3 million and $235,000, respectively. We may also incur additional stock-based compensation charges related to executive compensation arrangements.

We Face The Risk Of Future Non-Recurring Charges In The Event Of Impairment And Will Experience Significant Amortization Charges Related to Purchased Technology.

We adopted SFAS 142 beginning in 2002 and, as a result, we no longer amortize goodwill. However, we will continue to have significant amortization related to purchased technology, trademarks, patents and other intangibles, and we must evaluate our intangible assets, including goodwill and purchased technology, at least annually for impairment. For 2001, our amortization charge for purchased technology and other intangibles was $13.0 million, and our amortization charge for goodwill was $51.1 million. If we determine that these items are impaired, we will be required to take a related non-recurring charge to earnings.

We May Need To Use A Large Portion Of Our Cash Balances, Issue A Significant Amount Of Our Common Stock Or Incur Additional Indebtedness To Repurchase Our Outstanding Debentures.

On February 13, 1998, we issued zero coupon debentures having an aggregate face amount at maturity of $885.5 million and generating net proceeds (after deducting fees and expenses) to us of approximately $337.6 million. The initial price for the debentures was $391.06 per $1,000 of principal amount at maturity. At the option of the holder, we are required to repurchase the debentures as of February 13, 2003 at a repurchase price equal to the initial issue price plus the accretion of original issue discount on the debentures to such date (or $494.52 per $1,000 of principal amount at maturity). In the case of such a required repurchase, at our option, we may pay the aggregate repurchase price in cash, shares of our common stock or a combination of cash and common stock. The number of shares of common stock so issued by us would be based on the fair value of our common stock at the time of any required repurchase. On the same date and at the same repurchase price, we may at our option redeem the outstanding debentures for cash.

As of December 31, 2001, we had used $173.7 million of our cash to repurchase zero coupon debentures having an aggregate face amount at maturity of $387.0 million. Assuming that as of February 13, 2003, all zero coupon debentures outstanding as of December 31, 2001 are redeemed, the aggregate redemption price would equal approximately $246.5 million. As of December 31, 2001, our aggregate cash, cash equivalents and marketable securities were approximately $943.0 million, including $102.5 million held by McAfee.com.

In anticipation of any repurchase or optional redemption of the debentures, we may issue additional indebtedness to pay all or a portion of the repurchase or redemption price. This indebtedness may be issued in a greater amount than, or on terms less favorable than, the outstanding debentures or notes.

We Face Risks Related To The Organization Of Our U.S. Professional Services Organization And Sales Efforts By Product Groups.

Our U.S. sales force and related professional service organization are organized by product group: McAfee, Sniffer Technologies and Magic Solutions. Risks related to this structure include:


	•	customer confusion or irritation related to multiple sales calls from different members of our sales forces;

	•	potential losses of cross-selling opportunities and lead sharing between the separate product groups’ sales representatives;

	•	possible failures by our centralized general and administrative group to meet each product group’s individualized infrastructure and support requirements; and

	•	one or more of our product groups lacking sufficient qualified professional services personnel to support its products.

We may buy or make investments in complementary companies, products and technologies. Since 1995, we have completed a large number of significant acquisitions involving both public and private companies including the acquisition of CyberMedia and Dr. Solomon’s in 1998 and Network General in 1997. We and McAfee.com have also completed a number of smaller acquisitions and we have acquired a number of our international distributors.

Integration of an acquired company or technology involves a complex, time consuming and expensive process. The successful integration of an acquisition requires, among other things, that we:


	•	integrate and retain key management, sales and other personnel;

	•	integrate the acquired products into our product offerings both from an engineering and sales and marketing perspective;

	•	integrate and support preexisting supplier, distribution and customer relationships;

	•	coordinate research and development efforts; and

	•	consolidate duplicate facilities and functions.

The geographic distance between the companies, the complexity of the technologies and operations being integrated, and the disparate corporate cultures being combined may increase the difficulties of integrating an acquired company or technology. Management’s focus on the integration of operations may distract attention from our day-to-day business and may disrupt key research and development, marketing or sales efforts. In addition, it is common in the technology industry for aggressive competitors to attract customers and recruit key employees away from companies during the integration phase of an acquisition.

Our available cash and securities may be used to buy or invest in companies or products, possibly resulting in significant acquisition-related charges to earnings and dilution to our stockholders. Moreover, if we buy a company, we may have to incur or assume that company’s liabilities, including liabilities that are unknown at the time of acquisition.

We have made a number of venture and minority investments in private and publicly-traded companies with complementary products, services and technologies. As of December 31, 2001, the minority venture investments we continue to hold totaled $2.4 million consisting of investments in public and private companies, amounting to $2.2 million and $200,000, respectively. During 2001, we recorded a $20.6 million impairment charge in connection with these investments. We may make additional strategic investments.

We Could Experience Customer And Market Confusion Due To Similarities In The Names Used By Our Different Product Groups And Subsidiaries.

Network Associates, our product groups and our subsidiaries, often have similar and potentially confusing names, products and Web addresses. For example, our online consumer anti-virus products are sold by our publicly traded McAfee.com subsidiary, our retail and large corporate anti-virus products are sold by our retail division, which is called McAfee Retail, and our hosted anti-virus products are marketed and sold by our McAfee product group. Customers of our McAfee product group are frequently confused by the need to access information regarding our products and services at www.mcafeeb2b.com. The web address www.mcafee.com is utilized by our publicly traded subsidiary McAfee.com.

Customers of our ASP or hosted products and services essentially “rent” the use our software. For example, McAfee ASaP offers hosted services to corporate customers and McAfee.com is dedicated to updating, upgrading and managing PCs over the Internet for consumers and small to medium-sized businesses. This web-based model is a relatively new concept, and our ASP products and services may fail to maintain or increase market acceptance. The growth, market acceptance and ultimate profitability of our ASP services is highly uncertain and subject to a number of factors, including:


	•	our ability to successfully adapt existing products or develop new or enhanced products that operate in a fast, secure and reliable manner over the Internet;

	•	increased expenditures associated with the creation of a new business or delivery platform, such as product development, marketing and technical and administrative support;

	•	the introduction of new products by third-party competitors; and

	•	our ability to properly price our products and services to generate the greatest revenue opportunities.

Our Managed Service Provider Strategy Exposes Us To Risks In Addition To Those Generally Experienced As An ASP.

We also make our hosted products and services available over the Internet in what we refer to as a managed environment. Unlike our ASP solutions, these managed service provider, or MSP, solutions are customized, monitored and updated by networking professionals for a specific customer. To successfully offer MSP services we must:


	•	effectively monitor and customize each customer’s managed services;

	•	attract and retain qualified networking professionals to manage customer accounts; and

	•	effectively price our products and services to account for the higher costs associated with selling managed services.

We also allow intermediaries, such as Internet Service Providers, to sell and host our products and services in a managed environment. This MSP reseller strategy exposes us to additional risks:


	•	we must select, train and maintain qualified and financially stable MSP resellers;

	•	it is more difficult for us to ensure customer satisfaction as we do not have direct customer contact and we rely on our resellers to timely and properly customize and administer our products and services;

	•	we must develop and maintain mutually satisfactory revenue sharing arrangements with our MSP resellers; and

	•	our MSP resellers may compete with our own MSP efforts.

We have entered into various inter-company arrangements with McAfee.com, our publicly traded subsidiary. Pursuant to our cross license agreement with McAfee.com, we have licensed all our technology to McAfee.com for use in the markets specified below and McAfee.com has licensed its technology to us for our use outside of McAfee.com’s markets. Our license and other agreements with McAfee.com expose us to risks, including:


	•	subject to the reseller agreement described below, McAfee.com has the exclusive right to use the licensed technology for providing single-user consumer licenses for our products and services sold over the Internet or for Internet-based products and licensing the technology to original equipment manufacturers for sale to individual consumers;

	•	we may not offer a product incorporating third-party technology if those products are competitive with products offered by McAfee.com;

	•	the license agreement is perpetual and may only be terminated by us if McAfee.com fails to cure a material breach of the license within 30 days after we notify it of the breach, subject to mandatory dispute resolution prior to the effectiveness of any proposed termination; and

	•	we are required to indemnify McAfee.com with respect to litigation related to our licensed technology.

These risks manifest themselves, among other ways, in terms of customer confusion, sales force confusion over market boundaries and possible conflicts between the companies.

In March 2001, we entered into reseller agreements with McAfee.com. Under these agreements, McAfee.com may resell our products to business customers, except in Japan, and, in certain countries, we may sell McAfee.com products to OEMs and end-users directly or through ASPs.

We Are Subject To Intense Competition In The Network Management And Security Markets And We Expect To Face Increased Competition In The Future.

The markets for our products are intensely competitive and we expect competition to increase in the near-term. Some of our competitors have longer operating histories, greater name recognition, larger technical staffs, established relationships with hardware vendors and/or greater financial, technical and marketing resources.

Our principal competitor in the anti-virus market is the Norton Product Group of Symantec. Trend Micro remains the strongest competitor in the Asian anti-virus market, with Dr. Ahn’s making recent inroads, particularly in Japan and Korea. Other anti-virus competitors include numerous smaller companies and shareware authors that may in the future develop competing software or be consolidated into larger competitors.

Our principal competitors in the security market vary by product type. For firewalls, our principal competitors include CheckPoint, Symantec, and larger companies such as Cisco Systems and Microsoft. For intrusion detection products, we compete with Cisco Systems, Internet Security Systems and Symantec. The markets for encryption and virtual private network, or VPN, products are highly fragmented with numerous small and large vendors. VPN competitors include hardware and software vendors, including telecommunications companies and traditional networking suppliers.

Our principal competitor in the network management market is Agilent. Other competitors include Acterna Corporation, Cisco Systems, Computer Associates, Compuware, Concord Communications,

Our principal competitors in the help desk market are Computer Associates, FrontRange Solutions and Peregrine Systems.

We also face competition from large software companies such as HP, Intel, Microsoft and Novell, which may offer network security and management products as enhancements to their operating system.

We Face Product Development Risks Associated With Rapid Technological Changes In Our Market.

The network security and management market is highly fragmented and characterized by ongoing technological developments, evolving industry standards and rapid changes in customer requirements. Our success depends on our ability to timely and effectively:


	•	offer a broad range of network security and management software products;

	•	enhance existing products and expand product offerings;

	•	respond promptly to new customer requirements and industry standards; and

	•	remain compatible with popular operating systems such as Linux, NetWare, Windows XP, Windows 2000, Windows 98 and Windows NT, and develop products that are compatible with new or otherwise emerging operating systems.

We may experience delays in software development as we have at times in the past. Complex software products like ours may contain undetected errors or version compatibility problems, particularly when first released, which could delay or harm market acceptance.

Our long-term success depends on our ability to keep our products current. For example, the proliferation of new and changing viruses makes it imperative to update anti-virus products frequently to avoid obsolescence. Accordingly, we must upgrade and update existing product offerings, modify and enhance acquired products and introduce new products which meet our customers’ needs. We believe that our ability to provide these upgrades and updates frequently and at low costs is key to our anti-virus success.

Competitors May Include Products Similar To Ours In Their Hardware Or Software And Render Our Products Obsolete, And If There Are Fewer Weaknesses In Third-Party Software, The Perceived Need For Our Software May Decline.

Vendors of hardware and of operating system software or other software (such as firewall or e-mail software) may enhance their products or bundle separate products to include network security and management software similar to our products. From time to time, Microsoft has indicated that it would incorporate its own anti-virus software or functionality into its products. The widespread inclusion of products that perform the same or similar functions as our products within computer hardware or other software could render our products obsolete and unmarketable. Furthermore, even if these incorporated products are inferior or more limited than our products, customers may elect to accept the incorporated products rather than purchase our products. If we are unable to develop new network security and management products to further enhance operating systems or other software and to successfully replace any obsolete products, our business could suffer.

Many current viruses exploit known weaknesses in third-party software. If these weaknesses are corrected or, if there are fewer third-party software weaknesses, the perceived need for our products may decline.

Our Hardware Based Products Face Manufacturing, Supply, Inventory, Licensing And Obsolescence Risks.

We rely on a small number of third parties to manufacture some of our hardware-based Sniffer and E-ppliance products. We expect the number of our hardware-based products and our reliance on third-party manufacturers to increase as software-only network security and management solutions become less viable. Reliance on third-party manufacturers involves a number of risks, including the lack of control over the manufacturing process and the potential absence or unavailability of adequate capacity. If any of our third party manufacturers cannot or will not manufacture our products in required volumes, on a cost-effective basis, in a timely manner, or at all, we will have to secure additional manufacturing capacity. Even if this additional capacity is available at commercially acceptable terms, the qualification process could be lengthy and could cause interruptions in product shipments. The unexpected loss of any of our manufacturers would be disruptive to our business.

Our hardware-based products contain critical components supplied by a single or a limited number of third parties. Any significant shortage of components or the failure of the third-party supplier to maintain or enhance these products could lead to cancellations of customer orders or delays in placement of orders.

Some of our hardware-based products incorporate licensed software. We must be able to obtain reasonably priced licenses and successfully integrate this software with our hardware.

Hardware based products may face greater obsolescence risks than software products. We could incur losses or other charges in disposing of obsolete inventory.

Although we intend to support other operating systems, we seek to be the leading supplier of network security and management products for Windows/ Intel based networks. Sales of our products would be materially and adversely affected by market developments that are adverse to the Windows operating environments, including the failure of users and application developers to accept Windows. In addition, our ability to develop products using the Windows operating environments is dependent on our ability to gain timely access to, and to develop expertise in, current and future developments by Microsoft, including the recently introduced Windows XP. We may be unable to gain the necessary access from Microsoft to its product development activities.

We May Fail To Support Operating Systems Which Successfully Compete With Microsoft’s Technology, Including Competing Versions Of The Unix Operating System.

We are expanding our product support to include the Unix operating system and the Linux operating system. Sales of our products could be materially and adversely impacted by our failure to support those operating systems or competing operating systems that receive broad market acceptance. The Unix system encompasses many separate operating systems of which we only support a few, including for example, Sun Microsystems’ Solaris Unix operating system.

We Rely Heavily On Our Intellectual Property Rights Which Offer Only Limited Protection Against Potential Infringers.

We rely on a combination of contractual rights, trademarks, trade secrets, patents and copyrights to establish and protect proprietary rights in our software. However, the steps taken by us to protect our

proprietary software may not deter its misuse or theft. We are aware that a substantial number of users of our anti-virus products have not paid any registration or license fees to us. Competitors may also independently develop technologies or products that are substantially equivalent or superior to our products. Changing legal interpretations of liability for unauthorized use of our software, or lessened sensitivity by corporate, government or institutional users to avoiding infringement of intellectual property could also harm our business.

Intellectual Property Litigation In The Network Security And Management Market Is Common and Can Be Expensive.

Litigation may be necessary to enforce and protect trade secrets and other intellectual property rights that we own. Similarly, we may be required to defend against claimed infringement by others.

In addition to the expense and distractions associated with litigation, adverse determinations could:


	•	result in the loss of our proprietary rights;

	•	subject us to significant liabilities, including monetary liabilities;

	•	require us to seek licenses from third parties; or

	•	prevent us from manufacturing or selling our products.

The litigation process is subject to inherent uncertainties. We may not prevail in these matters, or we may be unable to obtain licenses with respect to any patents or other intellectual property rights that may be held valid or infringed upon by our products or us.

If we acquire a portion of software included in our products from third parties, our exposure to infringement actions may increase because we must rely upon these third parties as to the origin and ownership of any software being acquired. Similarly, exposure to infringement claims increase if we employ or hire software engineers previously employed by competitors, notwithstanding measures taken by us or our competitors to protect our competitors’ intellectual property.

Pending Or Future Litigation Could Have A Material Adverse Impact On Our Results Of Operation And Financial Condition.

In addition to intellectual property litigation, from time to time, we have been subject to litigation. Where we can make a reasonable estimate of the liability relating to pending litigation, we record a related liability. As additional information becomes available, we assess the potential liability and revise estimates as appropriate. However, because of uncertainties relating to litigation, the amount of our estimates could be wrong. In addition to the related cost and use of cash, pending or future litigation could cause the diversion of management’s attention and resources. A putative securities class action is currently pending against us, our directors and our former officers. The plaintiffs allege that we and the other defendants improperly engaged in a course of conduct by which we improperly accounted for revenue from our software license sales and that, as a result, certain of our financial statements were false and misleading and not in compliance with generally accepted accounting principles.

Our network security and management software products are used to protect and manage computer systems and networks that may be critical to organizations. As a result, our sale and support of these products involves the risk of potential product liability and related claims. Our license agreements with our customers typically contain provisions designed to limit our exposure to potential product liability claims. It is possible, however, that the limitation of liability provisions may not be effective under the laws of certain jurisdictions, particularly in circumstances involving unsigned licenses.

Due to our high profile in the security software market, we have been a target of computer hackers who have, among other things, created viruses to sabotage or otherwise attack our products and services, including our various websites. For example, we have recently seen the spread of viruses, or worms, that intentionally delete antivirus and firewall software. Similarly, hackers may attempt to penetrate our network security and misappropriate proprietary information or cause interruptions of our internal systems and services. Also, a number of websites have been subject to denial of service attacks, where a website is bombarded with information requests eventually causing the website to overload, which causes a delay or disruption of service. If successful, any of these events could damage users’ or our computer systems. In addition, since we do not control diskette duplication by distributors or our independent agents, diskettes containing our software may be infected with viruses.

False Detection Of Viruses And Actual Or Perceived Security Breaches Could Adversely Affect Our Business.

Our anti-virus software products have in the past and may at times in the future falsely detect viruses that do not actually exist. These false alarms, while typical in the industry, may impair the perceived reliability of our products and may therefore adversely impact market acceptance of our products. In addition, we have in the past been subject to litigation claiming damages related to a false alarm, and similar claims may be made in the future. An actual or perceived breach of network or computer security at one of our customers, regardless of whether the breach is attributable to our products, could adversely affect the market’s perception of our security products.

Business Interruptions May Impede Our Operations And Adversely Affect Our Business.

We face a number of potential business interruption risks that are beyond our control. The State of California has recently experienced intermittent power shortages, sharp increases in the cost of energy and even interruptions of service to some business customers.

Additionally, we may experience natural disasters that could interrupt our business. Our corporate headquarters is located near a major earthquake fault. The potential impact of a major earthquake on our facilities, infrastructure and overall operations is not known. Despite safety precautions that have been implemented, there is no guarantee that an earthquake would not seriously disturb our entire business process. We are largely uninsured for losses and business disruptions caused by an earthquake and other natural disasters.

We are currently engaged in several research and development contracts with agencies of the U.S. government. The willingness of these government agencies to enter into future contracts with us depends in part on our continued ability to meet their expectations.

Minimum fee awards for companies entering into government contracts are generally between 3% and 7% of the costs incurred by them in performing their duties under the related contract. However, these fee awards may be as low as 1% of the contract costs. Furthermore, these contracts are subject to cancellation at the convenience of the government agencies. Although we have been awarded contract fees of more than 1% of the contract costs in the past, minimum fee awards or cancellations may occur in the future. Reductions or delays in federal funds available for projects we are performing could also have an adverse impact on our government business. Contracts involving the U.S. government are also subject to the risks of disallowance of costs upon audit, changes in government procurement policies, required competitive bidding and, with respect to contracts involving prime contractors or government-designated subcontractors, the inability of those parties to perform under their contracts.

Some of our network security products, particularly those incorporating encryption, may be subject to export restrictions. As a result, some products may not be exported to international customers without prior U.S. government approval. The list of products and end users for which export approval is required, and the regulatory policies with respect thereto, are subject to revision by the U.S. government at any time. The cost of compliance with U.S. and international export laws and changes in existing laws could affect our ability to sell certain products in certain markets, and could have a material adverse effect on our international revenues.

Our Stock Price Has Been Volatile And Is Likely To Remain Volatile, Which May Adversely Affect The Price Of Our Stock.

During 2001, our stock price was highly volatile ranging from a per-share high of $27.27 to low of $4.19. Announcements, litigation developments, and our ability to meet the expectations of investors with respect to our operating and financial results may contribute to current and future stock price volatility. We may not discover, or be able to confirm, revenue or earnings shortfalls until the end of a quarter, which could result in an immediate drop in our stock price. In addition, similar e


þ		ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

		For the fiscal year ended December 31, 2001

or

o		TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
		For the transition period from to


Delaware (State or other jurisdiction of incorporation or organization)		77-0316593 (I.R.S. Employer Identification Number)
3965 Freedom Circle Santa Clara, California (Address of principal executive offices)		95054 (Zip Code)


PART I
	Item 1.Business
OVERVIEW
RISK FACTORS
	Item 2.Properties
	Item 3.Legal Proceedings
	Item 4.Submission of Matters to a Vote of Security Holders
PART II
	Item 5.Market for the Registrant’s Common Equity and Related Stockholder Matters
	Item 6.Selected Financial Data
	Item 7.Management’s Discussion and Analysis of Financial Condition and Results of Operations
OVERVIEW
STOCK-BASED COMPENSATION
CRITICAL ACCOUNTING POLICIES
RECENT ACCOUNTING PRONOUNCEMENTS
	Item 7A.Quantitative and Qualitative Disclosure About Market Risk
	Item 8.Financial Statements and Supplementary Data
	Item 9.Changes In and Disagreements With Accountants on Accounting and Financial Disclosure
PART III
	Item 10.Directors and Officers of the Registrant
	Item 11.Executive Compensation
	Item 12.Security Ownership of Certain Beneficial Owners and Management
	Item 13.Certain Relationships and Related Transactions
PART IV
	Item 14.Exhibits, Financial Statement Schedules and Reports on Form 8-K
CONSOLIDATED STATEMENTS OF STOCKHOLDERS’ EQUITY
SIGNATURES
EXHIBIT 10.21
EXHIBIT 10.46
EXHIBIT 10.47
EXHIBIT 10.48
EXHIBIT 10.49
EXHIBIT 10.50
EXHIBIT 12.1
EXHIBIT 23.1

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents

Table of Contents


	*Operational Factors.*


	*Seasonal and Macroeconomic Factors.*


	*Loss of a Distributor.*


	*Need for Accurate Distributor Information.*