UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

Washington, D.C. 20549

FORM 10-K

Commission file number 0-23655

INTERNET SECURITY SYSTEMS, INC.

(Exact name of Registrant as Specified in Its Charter)

Registrant’s telephone number, including area code:  (404) 236-2600

Securities registered pursuant to Section 12(b) of the Act: None

Securities registered pursuant to Section 12(g) of the Act:

Common Stock, $0.001 par value

Preferred Stock Purchase Rights

(Title of Class)

     Indicate by check mark whether the Registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the Registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.

     Indicate by check mark if disclosure of delinquent filers pursuant to Item 405 of Regulation S-K is not contained herein, and will not be contained, to the best of Registrant’s knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-K or any amendment to this Form 10-K.    x

     Indicate by check mark whether the registrant is an accelerated filer (as defined in Exchange Act Rule 12b-2).    Yes    x         No    o

     The aggregate market value of the voting stock held by non-affiliates of the Registrant, based upon the closing sale price of Common Stock on June 30, 2004 as reported on the Nasdaq National Market, was approximately $559 million (affiliates being, for these purposes only, directors, executive officers and holders of more than 5% of the Registrant’s Common Stock).

     As of March 3, 2005 the Registrant had 50,876,113 outstanding shares of Common Stock.

DOCUMENTS INCORPORATED BY REFERENCE

     Portions of the Proxy Statement for the Registrant’s Annual Meeting of Stockholders to be held on May 24, 2005 are incorporated by reference into Part III of this Form 10-K.

     In this Form 10-K, the words “Internet Security Systems,” “ISS,” “the Company,” “we,” “our,” “ours,” and “us” refer to Internet Security Systems, Inc., and its subsidiaries.

      This Annual Report on Form 10-K contains forward-looking statements. Forward-looking statements can be identified by the use of words such as “may,” “will,” “should,” “could,” “continue,” “future,” “potential,” “believe,” “project,” “plan,” “intend,” “seek,” “estimate,” “predict”, “expect”, “anticipate” and similar expressions, or the negative of such terms, or other comparable terminology. Forward-looking statements also include the assumptions underlying or relating to any of the foregoing statements. Our actual results could differ materially from those anticipated in these forward-looking statements as a result of various factors, including those set forth below under the caption “Risk Factors” and those otherwise described from time to time in our Securities and Exchange Commission reports filed after this Form 10-K. All forward-looking statements included in this Form 10-K are based on information available to ISS on the date hereof. We assume no obligation (except where required by law) to update any forward-looking statements for any events or circumstances occurring after the date of this Form 10-K.

      Internet Security Systems, Network ICE, System Scanner, Wireless Scanner, SiteProtector, SecurePartner and X-Press Update are trademarks and service marks, BlackICE is a licensed trademark and the Internet Security Systems logo, X-Force, Proventia, RealSecure, Internet Scanner, and Database Scanner are registered trademarks and service marks, of Internet Security Systems, Inc. Each trademark, trade name or service mark of any other company appearing herein belongs to its holder.

PART I

Introduction

      Internet Security Systems, Inc. is a trusted security expert to global enterprises and world governments, providing software, appliances and services that protect IT infrastructure against Internet threats. An established world leader in security since 1994, ISS delivers proven cost efficiencies and reduces regulatory and business risk across the enterprise for customers worldwide. ISS products and services are based on the proactive security intelligence conducted by its research and development team. With headquarters in Atlanta, ISS operates throughout the Americas, Asia, Australia, Europe and the Middle East. ISS is publicly traded on the Nasdaq (ISSX).

      The mailing address for our headquarters is 6303 Barfield Road, Atlanta, Georgia, 30328, and our telephone number at that location is (404) 236-2600. Our website can be found at www.iss.net. We make available free of charge through our website our Annual Reports on Form 10-K, Quarterly Reports on Form 10-Q, and Current Reports on Form 8-K, and amendments to those reports, as soon as reasonably practicable after we file them electronically with, or furnish them to, the Securities and Exchange Commission. Our Corporate Governance Guidelines and Code of Conduct are also available on our website and are available in print to any stockholder who mails a request to our headquarters, attention to the Corporate Secretary. Our website also contains other corporate governance-related documents that may be of interest to stockholders. The information on our website is not part of this Form 10-K.

      ISS software and appliance products provide preemptive security across all layers of IT infrastructure: network gateways, servers and endpoint devices like PCs, laptops and handhelds. Our products incorporate a variety of security technologies, including intrusion prevention systems (IPS), intrusion detection systems (IDS), firewall and virtual private networking (VPN), content security, web filtering, antispam, antivirus, vulnerability assessment and security management. Our primary product line for enterprises consists of Proventia® appliances. We expect to introduce Proventia software products in 2005. We continue to market and sell our legacy brand of RealSecure® software solutions. And we offer two small office and consumer

products, BlackICE^tm PC Protection and BlackICE Server Protection software. Below is a more detailed overview of ISS’ product offerings organized by security technology.

      We use a range of fee structures to license our products, depending on the type of product and the intended use. Fees for our product line can be comprised of three components: 1) a platform fee, which includes the hardware and a perpetual or term license to the underlying software; 2) annually renewable software and hardware maintenance, which includes technical support and repair; and, 3) annually renewable content subscriptions, which provide security updates. A variety pricing structures are offered to fit different customer environments.

      ISS offers Proventia intrusion prevention appliances to preemptively protect enterprise network gateways, the connections between the network and the outside world. These appliances proactively block malicious attacks from entering the network and are available in a variety of models rated for speed and capacity. In 2005, ISS expects to introduce two new Proventia software products with intrusion prevention technology for servers and endpoint PC desktops and laptops.

      ISS offers Proventia intrusion detection appliances for network IDS, forensics and response technology. These appliances come in a range of models with varying speeds and capacity. ISS continues to maintain its legacy IDS products, RealSecure Network 10/100 and RealSecure Network Gigabit software.

      ISS offers Proventia integrated security appliances to provide robust protection for remote and branch offices that are simple to deploy and manage. These appliances combine intrusion prevention, firewall, VPN, Web filtering, antispam and antivirus in a single device and come in a range of models with varying speeds and capacity.

      ISS offers Internet Scanner® software for comprehensive vulnerability assessment across enterprise networks, servers, desktops and wireless networks.

      ISS offers Proventia Mail Filter and Proventia Web Filter for content security. Proventia Mail Filter monitors the content of your e-mail traffic, eliminating spam and blocking undesirable or illegal content. Proventia Web Filter blocks unwanted Web content.

      ISS offers the SiteProtector centralized management system for scalable, centralized management of all ISS products. SiteProtector significantly reduces demand on staff and other operational resources. The SiteProtector Security Fusion module uses advanced data correlation and analysis to derive the likelihood of a successful attack from aggregated vulnerability assessment information. The SiteProtector Third Party module interfaces with market leading firewalls — such as CheckPoint and Cisco PIX — to automate the collection of audit and intrusion detection events into the SiteProtector system for advanced analysis.

      We continue to offer BlackICE PC Protection and BlackICE Server protection software for powerful, affordable firewall and intrusion detection for the consumer and small office product market.

      ISS offers both professional and managed security services to help enterprise customers reduce the risk of online attacks. Professional Security Services from ISS help enterprises plan and implement a security strategy with assessment, design, deployment, management and education services. For organizations lacking the time, expertise or appropriate internal resources to effectively secure their corporate networks and online resources, we offer Managed Security Services. Our Managed Security Services provide 24/7 monitoring and management, advanced correlation, event prioritization and rapid incident response upon detection.

      Managed security services fees are determined by the complexity of the monitoring arrangement and by the number of devices being monitored. These fees are typically billed monthly as services are performed. Our professional services fees are calculated either on a fixed-fee basis or an hourly rate per consultant based on the scope of the engagement, market sector and geographical territory. Educational services are calculated on a per-class basis.

      ISS offers technical support to customers worldwide. Our standard annual support contract provides 24x7 telephone technical support, 24x7 online support incident submission and tracking, product updates and enhancements, access to the True Blue Customer Portal, online incident submission and tracking, priority notification of new and emerging security threats, and unlimited access to the ISS Knowledgebase and X-Force Threat and Vulnerability Database. North America customers may upgrade their standard support contracts to select support or premium support for better response times, access to senior technical support, and other services. Maintenance agreements are generally renewable annually.

      As of the end of fiscal 2004, our worldwide sales and marketing organization consisted of 363 individuals, including managers, sales representatives, and technical support personnel. We have field sales offices in 22 countries and sell our products and services both directly and through a variety of channels with support from our sales force. A substantial portion of our products and services are sold through our channel partners and the remainder are sold through direct sales. Our channel partners include system integrators, service providers, other resellers, distributors, and retail partners. During 2004, indirect sales accounted for 68% of product licenses sold.

      System integrators and service providers typically sell directly to end users and often provide system installation, technical support, professional services, and other support services in addition to security product sales. System integrators also typically integrate our products into an overall solution. Distributors typically sell to system integrators, service providers, and other resellers who sell to the end customer, a two-tier system. Revenue from the channel is recognized based on the sell-through method, meaning that the sale has occurred with the channel for an identified end user.

      Our sales organization is divided into three geographic areas: the Americas (United States, Canada, Latin America and South America), EMEA (Europe, Middle East and Africa) and Asia/ Pacific. These geographic areas represent our three reportable segments. The accounting policies of the reportable geographic segments are the same as described under the caption “Critical Accounting Policies” in “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and in our consolidated financial statements, and are applied consistently across the segments. Revenues, as a percentage of total revenues, for each segment are as follows:

      Our marketing activities include market segment and competitive analysis, strategic brand and product planning, public relations, industry analyst relations and education; publication of technical and educational articles in both print and online media (through our white papers, and through our own print and online

newsletters and/or magazines); direct mail and email; participation in industry tradeshows; product/technology conferences, seminars, and web casts; competitive analysis; sales training; advertising and development and distribution of marketing literature; and maintenance of our Web site.

      We provide products and services to a variety of customers worldwide, including many of the world’s largest banks, IT companies, telecommunications providers, auto manufacturers and insurance providers. We view our primary customers as enterprise, service provider and risk management enterprises, but we have also developed products and services for the consumer and small office market. Our enterprise market customers generally have annual revenues exceeding $500 million.

      Our X-Force research organization is a group of security experts who investigate security flaws in software that could become the target of online attacks as well as emerging threats that appear on the Internet. From X-Force research, we develop updates for our products and services to protect against the latest vulnerabilities and threats. These updates quickly and easily self-install into our software and appliances. X-Force research and analysis is a differentiator for our offerings, which help keep our customers ahead of online threats. By researching the actual vulnerabilities, or weak spots in software that become the point of entry for new attacks, we create protection updates that shield the weak spots, often before a threat is even developed.

      The X-Force organization operates out of our Global Threat Operations Center — which is a specialized threat intelligence facility in Atlanta that collects security trend information from our five state-of-the-art Security Operations Centers operating on three continents — to analyze the nature and severity of any threat in real-time. The X-Force then helps deliver our solutions to market via alerts, advisories, product updates, professional services, emergency response services and 24/7 remotely managed security services. In addition, the X-Force produces a fee-based X-Force Threat Analysis Service for customers that require immediate, comprehensive notification of security events, threats and vulnerabilities.

      We use a multiple product sourcing strategy that includes internal development, licensing from third parties, and acquisitions of technologies or companies. Beginning in the second quarter of 2003, we began to aggressively transition our product development efforts from primarily software-based products towards our Proventia appliance products that deliver network protection solutions on ISS-branded network hardware. These appliances improve protection and flexibility for customers, and reduce costs through simple procurement, deployment and management. We have incorporated a modular design in our software products to permit plug-and-play capabilities, although customers often use our professional services or our strategic partners to install and configure products for use in larger or more complex network systems.

      We use strategic acquisitions and partnerships as necessary to provide certain technology, people and products for our overall product and services strategy. We consider both time to market and potential market share growth when evaluating partnerships, acquisitions of technologies, product lines or companies.

      The market for network security monitoring, detection, prevention and response solutions is intensely competitive, and we expect competition to increase in the future. We believe that the principal competitive factors affecting the market for information security solutions include security effectiveness, manageability, technical features, performance, ease of use, price, scope of product offerings, professional services capabilities, distribution relationships and customer service and support. Although we believe that our solutions generally compete favorably with respect to such factors, we cannot guarantee that we will compete successfully against current or potential competitors, especially those with significantly greater financial resources or brand name recognition.

      We compete against many companies who offer competing products to our technology solutions and competing services to our response and support. Some of the companies we compete against are Symantec, McAfee Security (formerly Network Associates), Checkpoint, and Cisco. In addition, we compete with large technology companies such as Computer Associates, IBM, and Microsoft that may offer network and system protection products as enhancements to their operating systems; we also face competition from smaller companies and shareware authors that may develop competing products.

Customers

      No customer accounted for more than 10% of our consolidated revenues in 2004, 2003 or 2002. Target customers include both public and private sector organizations, as well as consumers, that use Internet protocol enabled information systems. Business customers represent a broad spectrum of organizations within diverse sectors, including financial services, technology, telecommunications, and government and information technology services.

Intellectual Property

      We rely primarily on copyright, trademark, patent and trade secret laws, confidentiality procedures and contractual provisions to protect our intellectual property and other proprietary rights. We have obtained one United States patent, one Taiwanese patent and have a number of patent applications pending in the United States and certain foreign jurisdictions. We believe that the technological and creative skills of our personnel, new product developments, frequent product enhancements, our name recognition, our professional services capabilities and delivery of reliable product maintenance are essential to establishing and maintaining a technology leadership position. We cannot assure you that our competitors will not develop technologies that are similar to ours. We generally license our software products to end users in object code (machine-readable) format. Some of our customers have required us to maintain a source-code escrow account with a third-party software escrow agent, and a failure by us to perform our obligations under any of the related license and maintenance agreements, or our insolvency, could result in the release of our product source code to such customers. The standard form license agreement for our software products allows the end user to use our products solely on the end user’s computer equipment for the end user’s internal purposes, and the end user is generally prohibited from sublicensing or transferring the products.

      Despite our efforts to protect our intellectual property, unauthorized parties may attempt to copy aspects of our products or to obtain and use information that we regard as proprietary. Policing unauthorized use of our products is difficult. While we cannot determine the extent to which piracy of our software products occurs, we expect software piracy to be a persistent problem. In addition, the laws of some foreign countries do not protect our proprietary rights to as great an extent as do the laws of the United States and many foreign countries do not enforce these laws as diligently as U.S. government agencies and private parties. See “Management’s Discussion and Analysis of Financial Condition and Results of Operations — Risk Factors.”

Employees

      As of December 31, 2004, we had 1,200 employees, of whom 276 were engaged in product research and development, 363 were engaged in sales and marketing, 280 were engaged in customer service and support, 96 were engaged in professional services, and 185 were engaged in administrative functions. We believe that we have good relations with our employees.

      We currently lease three buildings totaling approximately 289,000 square feet in Atlanta, Georgia for our headquarters and research and development facility. The lease on these three buildings expires in May 2013.

      We lease additional office space in Chicago, Illinois; Mountain View, California; Southfield, Michigan; New York, New York; Paramus, New Jersey and Washington, D.C., as well as small executive suites in a number of United States cities. In addition, we lease office space in Sao Paulo and Rio de Janeiro, Brazil; Buenos Aires, Argentina; Mexico City, Mexico; Brussels, Belgium; London, England; Paris, France; Kassel

and Stuttgart, Germany; Stockholm, Sweden; Milan, Rome and Padova, Italy; Madrid, Spain; Zurich, Switzerland; Amsterdam, Netherlands; Warsaw, Poland; Cairo, Egypt; Seoul, Korea; Brisbane, Australia; Singapore; and Osaka and Tokyo, Japan.

      We believe that our existing facilities are adequate for our current needs and that additional space will be available as needed.

      On August 17, 2004, the Company filed in the United States District Court for the Northern District of Georgia a declaratory judgment action (the “Georgia Action”) against SRI International, Inc. (“SRI”). The action seeks the court’s declaration that the Company’s products and services do not infringe any valid claim of five patents held by SRI and seeks declaration that certain claims of those patents are invalid. SRI has filed a motion to dismiss the action, which the Company has opposed. On August 26, 2004, SRI filed in the United States District Court for Delaware a complaint against the Company and Symantec Corporation (the “Delaware Action”). The complaint in the Delaware Action alleges that the Company’s SiteProtector and Proventia products infringe upon claims of two of the five patents at issue in the Georgia Action. The Delaware Action seeks unspecified damages and injunctive relief. The Company has filed a motion to dismiss the Delaware Action, which SRI has opposed. The Company intends to defend the Delaware Action vigorously and believes it has meritorious defenses.

      No matter was submitted to a vote of our stockholders during the fourth quarter of 2004.

PART II

      Our Common Stock is quoted on the Nasdaq National Market under the symbol “ISSX”. The following table lists the high and low per share sales prices for the Common Stock as reported by the Nasdaq National Market for the periods indicated:

      As of March 3, 2005, there were 50,876,113 shares of our Common Stock outstanding held by 264 stockholders of record.

      We have never declared nor paid cash dividends on our capital stock. We intend to retain any earnings for use in our business and do not anticipate paying any cash dividends in the foreseeable future. Our Board of Directors will determine future dividends, if any.

      On October 29, 2003, ISS announced a voluntary option exchange program intended to reduce the number of outstanding options. Stock options with exercise prices exceeding $30 per share were eligible. Our directors and five most senior executive officers, including the chief executive officer, were not eligible to participate in the program. Approximately 783,000 of the 1,343,000 eligible option shares with exercise prices between $30 and $83 per share elected to participate in the program and these options were cancelled on November 27, 2003. New options totaling approximately 313,000 shares were issued on June 1, 2004. This transaction is exempt from registration under Section 3(a)(9) of the Securities Act of 1933.

      Information on our securities authorized for issuance under our equity compensation plans is incorporated by reference from our Proxy Statement for our 2005 Annual Meeting of Stockholders to be filed with the Securities and Exchange Commission in Item 12 of Part III of this Annual Report on Form 10-K.

Purchases of Equity Securities

      The following table provides information about purchases by ISS of its common stock during the three months ended December 31, 2004. All such purchases were made in open-market transactions pursuant to a repurchase plan publicly announced on July 21, 2004. Under this repurchase plan, ISS has been authorized by the Board to repurchase up to $50.0 million of its outstanding common stock over the 12 months ending July 19, 2005.

      The financial data set forth below for each of the three years in the period ended December 31, 2004 and as of December 31, 2004 and 2003 has been derived from the audited consolidated financial statements appearing elsewhere in this Annual Report on Form 10-K. The financial data for the years ended December 31, 2001 and 2000 and as of December 31, 2002, 2001 and 2000 has been derived from audited financial statements not included herein. This data should be read in conjunction with the consolidated financial statements and notes thereto, and with Item 7, “Management’s Discussion and Analysis of Financial Condition and Results of Operations”.

      The following Management’s Discussion and Analysis of Financial Condition and Results of Operations should be read in conjunction with the Consolidated Financial Statements and related Notes thereto included elsewhere in this Form 10-K. Except for the historical financial information, many of the matters discussed in this Item 7 may be considered “forward-looking” statements. Such forward-looking statements are not guarantees of future performance and involve a number of risks and uncertainties. Many of the risks and uncertainties are described below under the caption “Risk Factors”.

Overview

      We focus on providing enterprise-wide pre-emptive protection. We provide such protection with our comprehensive line of products and services. These include ISS’ SiteProtector centralized management system; a product family consisting of network and host intrusion prevention, integrated security appliances, desktop protection and vulnerability protection; and ISS’ Managed Security Services and Professional Security Services. The integrated security appliance includes, in addition to intrusion prevention, firewall, virtual private network, anti-virus protection, content filtering and e-mail security, including anti-spam.

      This combination of products and services forms our Proventia Enterprise Security Platform (ESP), which contributes to business process optimization by maintaining a delicate balance between IT-performance, availability and risk — ultimately stopping cyber threats before they impact operations. Unlike traditional approaches to security, which focus on improving reaction times, Proventia ESP is designed to avoid security incidents by combining continuous vulnerability assessment and threat prevention with enterprise-wide information management and reporting capabilities. Our objective is to enable companies to shield security vulnerabilities across their entire IT infrastructure — before attacks are released.

      We currently plan to continue to evolve the Proventia Enterprise Security Platform by further automating enterprise security policy and delivering it within the context of existing IT processes.

      Our managed services offerings currently provide remote management of our best-of-breed security technology, focusing on security assessment and intrusion detection, intrusion prevention and desktop protection systems, and include firewalls, VPNs, anti-virus and URL filtering software. We focus on serving as the trusted security provider to our customers by maintaining within our existing products the latest counter-measures to security risks, creating new innovative products based on our customers’ needs and providing professional and managed services.

      Many factors will affect our future financial performance, especially our ability to differentiate our offerings from competitors that include much larger companies with greater marketing capabilities, financial resources and brand recognition. In order to continue to create such differentiation, we expect to continue to expand our domestic and international sales and marketing operations, seek acquisition candidates and alliances with partners whose products, technologies or services capabilities are complementary to our solutions; and improve our internal operating and financial infrastructure in support of our strategic goals and objectives. At the same time, we expect to adjust our organization size in light of changing economic conditions and maintain emphasis on controlling discretionary spending and capital expenditures. While we believe in the long-term success of our business solutions, our prospects must be considered in light of the recent experience, risks and difficulties that are frequently encountered by companies serving rapidly evolving markets. See “Risk Factors”.

Critical Accounting Policies

      The consolidated financial statements were prepared in conformity with U.S. generally accepted accounting principles (“GAAP”). As such, management is required to make certain estimates, judgments and assumptions it believes are reasonable based upon the information available. These estimates and assumptions affect the reported amounts of assets and liabilities at the date of the financial statements and the reported amounts of revenues and expenses during the periods presented. The significant accounting policies which

management believes are the most critical to aid in fully understanding and evaluating our reported financial results include the following:

      We recognize revenue in the following categories:

      We recognize software license revenue under Statement of Position (“SOP”) 97-2, Software Revenue Recognition, as modified by SOP 98-9, Software Revenue Recognition with Respect to Certain Transactions, when the following criteria have been met:

      We recognize perpetual software license revenues, assuming all other revenue recognition criteria are met, upon (1) delivery of the software and (2) issuance of the related license, assuming that no significant vendor obligations or customer acceptance rights exist. Where payment terms are extended over periods greater than twelve months, revenue is recognized as such amounts become due and payable. Revenue is also deferred when payment terms are extended for periods less than twelve months and such sales are deemed either not to be fixed or determinable or collection is not probable based on evaluation of all terms of the transaction.

      Product sales consist primarily of appliances sold in conjunction with ISS licensed software. These sales are recognized upon shipment to the customer provided all other revenue recognition criteria for software license revenue recognition are met.

      Sales of products are generated both through direct sales to end-users as well as through various partners, including system integrators, value-added resellers and distributors. Revenue from product licenses and sales is recognized when the sale has occurred for an identified end user, provided all other revenue recognition criteria are met. We offer evaluation software available via download from our website and evaluation units for appliance-based products that allow potential customers to see the functionality of the products on their own networks prior to purchase. At the point of delivery, the customer has no right of return.

      Renewable product support and content updates are separate components of product licenses and sales. Security monitoring and management services for information assets and systems are part of managed services and associated revenues are recognized and billed as such services are provided. Term licenses allow customers to use our products and receive product support coverage and content updates for a specified period, generally twelve months. We generally invoice for product support, content updates and term licenses at the beginning of the term and recognize revenue ratably over the subscription term.

      Historically, our appliance and software sales have been accounted for primarily as revenue at the time of sale, with product support and content updates generally representing between 20% and 30% of the license or product amount. The majority of the initial price paid by the customer for certain Proventia integrated security

appliance models currently is for selected content blades, which customers acquire for a specified term that is recognized over such term as subscription revenue. The Company is considering changing the pricing model for our Proventia integrated security appliances to our historical model. Under this model customers would acquire the appliance and all content blades, which would be recorded as product revenue in the period of sale, and pay annual support and content fee in the historical range of 20% to 30% of the product amount.

      Service engagements are typically billed on either a fixed fee or time-and-materials basis and primarily consist of security assessments of customer networks and the development of customers’ security policies. These offerings are intended to support our goal of providing products and managed services. We prefer to have our partners provide these services where practical. We recognize such professional services revenues as the related services are rendered.

      Our sales of product and/or software licenses are multiple element arrangements that include product support and content updates and may include other subscription or professional services delivered after the product or software license. Revenue is generally recognizable before delivery of every element of the arrangement when all of the following requirements exist:

      We recognize the difference between the total arrangement fee and the amount deferred for the undelivered elements as product and license revenues. We allocate revenue to the delivered products and licenses using the residual method. Under the residual method, we allocate discounts inherent in the arrangement to products and product support and content updates associated with products that are initially delivered and recognize the other elements as they are delivered based on the VSOE, which is determined based on transactions where the company sells those elements separately. We determine fair value of the undelivered elements based on historical evidence of our stand-alone sales of these elements to third parties.