Back to GetFilings.com
- --------------------------------------------------------------------------------
- --------------------------------------------------------------------------------
SECURITIES AND EXCHANGE COMMISSION
WASHINGTON, D.C. 20549
----------------
FORM 10-K
FOR ANNUAL AND TRANSITION REPORTS
PURSUANT TO SECTION 13 OR 15(d) OF THE
SECURITIES EXCHANGE ACT OF 1934
[X] ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT
OF 1934
For the fiscal year ended December 31, 2000
OR
[_] TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE
ACT OF 1934
For the transition period from ____________ to _____________
Commission file number 000-26819
----------------
WATCHGUARD TECHNOLOGIES, INC.
(Exact name of registrant as specified in its charter)
Delaware 91-1712427
(State or other jurisdiction of (I.R.S. Employer
incorporation or organization) Identification No.)
505 Fifth Avenue South, Suite 500, Seattle, WA 98104
(Address of principal executive offices) (zip code)
(206) 521-8340
(Registrant's telephone number, including area code)
----------------
Securities registered pursuant to Section 12(b) of the Act:
None
Securities registered pursuant to Section 12(g) of the Act:
Common Stock, $.001 par value
----------------
Indicate by check mark whether the registrant: (1) has filed all reports
required to be filed by Section 13 or 15(d) of the Securities Exchange Act of
1934 during the preceding 12 months (or for such shorter period that the
registrant was required to file such reports) and (2) has been subject to such
filing requirements for the past 90 days. Yes [X] No [_]
Indicate by check mark if disclosure of delinquent filers pursuant to Item
405 of Regulation S-K is not contained herein, and will not be contained, to
the best of registrant's knowledge, in definitive proxy or information
statements incorporated by reference in Part III of this Form 10-K or any
amendment to this Form 10-K. [_]
The aggregate market value of the voting stock held by nonaffiliates of the
registrant, based on the closing sales price of the registrant's common stock
on February 28, 2001 as reported on the Nasdaq National Market, was
approximately $224,827,879. Shares of common stock held by each officer and
director and by each person who owns 5% or more of the outstanding common stock
have been excluded because such persons may be deemed to be affiliates. This
determination of affiliate status is not necessarily a conclusive determination
for other purposes.
As of February 28, 2001, there were 26,680,257 shares outstanding of the
registrant's common stock.
- --------------------------------------------------------------------------------
- --------------------------------------------------------------------------------
WATCHGUARD TECHNOLOGIES, INC.
FORM 10-K
FOR THE FISCAL YEAR ENDED DECEMBER 31, 2000
TABLE OF CONTENTS
Page
----
PART I
ITEM 1. BUSINESS...................................................... 3
ITEM 2. PROPERTIES.................................................... 27
ITEM 3. LEGAL PROCEEDINGS............................................. 27
ITEM 4. SUBMISSION OF MATTERS TO A VOTE OF SECURITY HOLDERS........... 27
PART II
ITEM 5. MARKET FOR THE REGISTRANT'S COMMON EQUITY AND RELATED
STOCKHOLDER MATTERS........................................... 28
ITEM 6. SELECTED FINANCIAL DATA....................................... 29
ITEM 7. MANAGEMENT'S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION
AND RESULTS OF OPERATIONS..................................... 30
ITEM 7A. QUANTITATIVE AND QUALITATIVE DISCLOSURES ABOUT MARKET RISK.... 45
ITEM 8. FINANCIAL STATEMENTS AND SUPPLEMENTARY DATA................... 46
ITEM 9. CHANGES IN AND DISAGREEMENTS WITH ACCOUNTANTS ON ACCOUNTING
AND FINANCIAL DISCLOSURE...................................... 69
PART III
ITEM 10. DIRECTORS AND EXECUTIVE OFFICERS OF THE REGISTRANT............ 70
ITEM 11. EXECUTIVE COMPENSATION........................................ 72
ITEM 12. SECURITY OWNERSHIP OF CERTAIN BENEFICIAL OWNERS AND
MANAGEMENT.................................................... 75
ITEM 13. CERTAIN RELATIONSHIPS AND RELATED TRANSACTIONS................ 76
PART IV
ITEM 14. EXHIBITS, FINANCIAL STATEMENT SCHEDULES AND REPORTS ON
FORM 8-K...................................................... 77
SIGNATURES.............................................................. 79
PART I
Forward-Looking Statements
Our disclosure and analysis in this annual report on Form 10-K contain
forward-looking statements, which provide our current expectations or forecasts
of future events. We use words such as "anticipates," "believes," "expects,"
"future" and "intends," and similar expressions, to identify forward-looking
statements, but the absence of these words does not mean that the statement is
not forward-looking. Forward-looking statements include statements about our
plans, objectives, expectations and intentions and other statements that are
not historical facts. They are subject to known and unknown risks and
uncertainties and inaccurate assumptions that could cause our actual results to
differ materially from those expected or implied by the forward-looking
statements. Our actual results could differ materially from those anticipated
in the forward-looking statements for many reasons, including the risks
described under "Factors Affecting Our Operating Results, Our Business and Our
Stock Price" in Part I, Item 1 of this annual report. You should not unduly
rely on these forward-looking statements, which apply only as of the date of
this annual report.
ITEM 1. BUSINESS
Overview
WatchGuard is a leading provider of Internet security solutions designed to
protect enterprises that use the Internet for electronic commerce and secure
communications. Thousands of large and small companies worldwide use our award-
winning products and services, which include firewalls for access control,
virtual private networks, or VPNs, for secure communications and our new
ServerLock products for server content and application security. Our core
market includes small- to medium-sized enterprises, or SMEs, large Internet-
distributed enterprises, or IDEs, with ultra-high-speed connections supporting
VPNs between the IDEs and their geographically dispersed branch offices and
telecommuters, small and home offices, or SOHOs, with broadband connections,
and telecommuters.
Our innovative subscription-based LiveSecurity Service enables our customers
to protect their data and communications in a continuously changing environment
with minimal effort. Our LiveSecurity Service is directed by a team of security
experts that provides ongoing technical advice and alerts on emerging security
threats, delivers software updates to address these threats, when appropriate,
and provides periodic software upgrades. In addition, the LiveSecurity Service
provides various levels of technical support and Web-based training and
certification programs. The dynamic nature of our firewall and VPN solutions is
made possible through an updatable security appliance that executes software
sent from the remote management system receiving our LiveSecurity Service. Our
ServerLock product family, installed on an enterprise's existing servers, is
also updated through our LiveSecurity Service. Our comprehensive security
solutions are easily installed, configured and monitored with point-and-click
security management.
Our recent acquisition of Qiave Technologies Corporation allowed us to expand
our product and service offerings into the emerging server content and
application security markets. Our ServerLock System, which we launched under
the WatchGuard brand in February 2001, provides content and application
security to enterprises of all sizes. ServerLock protects critical data and
services against unauthorized or unintentional changes, such as Web site
defacement and the deposit of malicious code. We sell ServerLock as an added
layer of defense to our existing customer base and as a stand-alone server
security product in new environments, including organizations deploying our
competitors' products. According to a Netcraft survey, there are currently more
than 25 million Web servers worldwide, with over 5 million running Microsoft
applications, a number that IDC projects to increase to over 13 million by
2004. ServerLock is currently available for servers running Microsoft
applications, and we expect to release additional versions designed to protect
servers using other operating systems in the near future.
Our security solutions give enterprises a security management choice. An
enterprise can manage its own Internet security with our product offerings or
outsource its security management to an Internet service
3
provider, or ISP, or other managed service provider implementing our managed
security solutions. An enterprise using our security solutions can rapidly
distribute security protection from a desktop personal computer to all security
appliances or protected servers on its corporate network, while retaining
centralized control and administration. An enterprise that does not want to be
directly involved with security management may outsource the function to a
service provider. For the service provider, our technology improves the
economics of managed security services through a scalable delivery platform
that enables the service provider to remotely configure and manage thousands of
customer sites quickly and easily.
We sell our Internet security solutions directly and indirectly to service
providers and indirectly to end-users through more than 400 distributors and
resellers covering over 60 countries, with LiveSecurity subscribers located in
approximately 100 countries. As part of this distribution network, thousands of
resellers worldwide sell our security solutions. We have established
relationships with a number of service providers to implement our security
solutions, including AlphaNet Solutions, Inc., AT&T Global Network Services
Hong Kong Limited (AGNS Ltd.), Deutsche Telekom AG, Genuity, Inc., Internet
Initiative Japan, Internet Security Systems, Inc., Interpath Communications,
Inc., KPN, Nextcom K.K., PSINet Inc., Sunrise Communications AG/Applitec AG and
UUNet, a Worldcom company. As of December 31, 2000, we had shipped over 50,000
of our security appliances.
We initially incorporated in Washington in 1996 and reincorporated in
Delaware in 1997. References to "we," "our," "us" and "WatchGuard" in this
annual report refer to WatchGuard Technologies, Inc., our subsidiaries and our
predecessor. Our executive offices are located at 505 Fifth Avenue South, Suite
500, Seattle, Washington 98104, and our telephone number is (206) 521-8340.
Industry Background
Reliance on the Internet
The growth in the Internet provides enterprises, regardless of size, with new
revenue opportunities through global distribution of products and services and
enables significant reductions in sales and marketing costs through automation
and instantaneous access. Because of its affordability, global reach and
versatility, the Internet is a particularly powerful and necessary tool for
enterprises. Enterprises are increasingly required to establish secure Internet
access to facilitate and support strategic business objectives. In a
marketplace that is becoming more competitive, enterprises are increasingly
utilizing new business tools and initiatives such as remote access, e-commerce,
online customer service and supply chain management to gain competitive
advantage.
The need for Internet security
The increased importance of electronic commerce and the proliferation and
growth of corporate intranets have dramatically increased the openness of
computer networks, with the Internet becoming a widely accepted platform for
many business-to-business and direct-to-consumer transactions. The
accessibility and the relative anonymity of users in open computing
environments, however, make systems and the integrity of information stored on
them increasingly vulnerable to security threats. Open systems present inviting
opportunities for computer hackers, curious or disgruntled employees,
contractors and competitors to compromise, alter or destroy sensitive
information within the system or to disrupt operations and Internet access. In
addition, open computing environments are complex and typically involve a
variety of hardware, operating systems and applications supplied by a variety
of vendors, making networks difficult to manage, monitor and protect from
unauthorized access. Even SOHOs and telecommuters face security threats similar
to those faced by larger enterprises connected to the Internet, with the advent
of "always-on" broadband Internet connections that leave the user's computer
much more vulnerable to security breaches than a traditional dial-up
connection. In addition, because smaller organizations are rapidly adopting
public-facing Web and application servers, they now face the types of threats
and vulnerabilities that had been previously reserved for much larger
organizations that could deploy sufficient personnel to meet that challenge.
4
The annual Computer Security Institute survey conducted in 2000 highlights
the potential risks faced by organizations connected to the Internet. The CSI
survey revealed that 90% of companies responding had experienced security
breaches within the past 12 months, with 70% reporting serious breaches that
included theft of proprietary information, financial fraud and sabotage of data
or networks. The damage caused by a security breach is often difficult to
quantify and may include the loss of irreplaceable proprietary information or
data, damage to business reputation or undetected theft or alteration of
information. Those organizations in the CSI survey that were able to quantify
losses reported an average total loss of over $1 million per organization.
The Internet security challenge
Enterprises increasingly depend on the Internet for external and internal
communications and for facilitating and conducting business, and therefore need
comprehensive Internet security solutions. Adequate Internet security is not a
response to a single challenge, but rather a response to a variety of business
requirements. For example, because businesses need to control the flow of
information between their internal networks and the Internet, they need
firewalls, an important component of a comprehensive security solution. A
firewall, a security component that varies in complexity, is designed to block
access from the Internet to a company's internal networks, as well as control
the flow of and access to information shared between the networks and the
Internet. Traditional large-enterprise firewalls, however, are often difficult
to install and expensive to maintain. They must be configured by skilled
personnel and, to maximize effectiveness, must be continually monitored and
frequently updated. A comprehensive security solution should also integrate
several other sophisticated security layers, such as VPNs, to enable encrypted
communications between two points on the Internet, and server content and
application security to protect critical data and services against unauthorized
or unintentional changes, such as Web site defacement or the deposit of
malicious code. Additionally, the technological complexity of traditional
solutions introduces a new set of risks--their many interacting components can
easily be misconfigured.
Enterprises therefore face greater pressure to hire trained security
personnel to ensure that these traditional security solutions are installed and
maintained properly. The scarcity of skilled network and Internet security
personnel, however, makes the cost of hiring in-house personnel prohibitive for
many enterprises. Traditional security solutions are also expensive to maintain
because they must be updated continually to maximize effectiveness. They tend
to be static while the dangers against which they must protect are dynamic,
with new types of intrusion schemes and other security threats and
vulnerabilities emerging constantly. The Computer Emergency Response Team, a
federally funded research and development center, handled 21,756 security
incidents in 2000, more than double the 9,859 security incidents handled in
1999 and more than five times the 3,734 security incidents handled in 1998.
Even if updates are available to allow an enterprise's traditional security
system to respond to the changing security landscape, the enterprise needs
dedicated security experts to proactively identify, obtain and manually
implement these updates quickly and correctly. Although appliance-based
solutions have emerged as a lower-cost alternative to traditional large-
enterprise security solutions, they, like traditional solutions, too often fail
to allow customers to effectively address continuously changing security
threats and protect their data and communications with minimal effort.
The Internet security opportunity
According to Infonetics Research, Inc., the worldwide market for firewall and
VPN hardware and software is expected to grow from $1.1 billion in 2000 to $5.4
billion by the end of 2004, representing a compounded annual growth rate of
nearly 50%. Companies are increasingly employing firewall and VPN hardware and
software solutions as they become more reliant on the Internet to connect
geographically dispersed branch offices, telecommuters and mobile workers.
According to Cahners In-Stat Group, approximately 24% of the U.S. workforce, or
approximately 30 million workers, will telecommute at some point during 2001.
In addition, the rapid deployment of public-facing Web and application servers
by less sophisticated organizations has opened these businesses to the types of
threats and vulnerabilities previously reserved for much larger organizations.
According to a Netcraft survey, there are currently more than 25 million Web
servers worldwide,
5
with over 5 million running Microsoft applications. IDC projects that this
number will increase to over 13 million by 2004. The need for Internet security
will only grow as millions of enterprises and consumers move from a dial-up
connection to an always-on broadband connection.
Enterprises require an easy-to-use, robust, comprehensive Internet security
solution that has low installation and maintenance costs and can be installed
quickly and kept up to date easily. In addition, many enterprises would rather
outsource the management of any Internet security system to ISPs and other
managed service providers. Service providers face challenges, however, in
delivering affordable security services that can be rapidly and economically
deployed to thousands of customer sites and easily managed from a central
location.
The WatchGuard Solution
WatchGuard's security products and services offer an innovative approach to
Internet security. We provide enterprises of all sizes with an easy-to-use,
robust, comprehensive and cost-effective Internet security solution that we
keep up to date through our innovative Internet-based LiveSecurity Service. Our
solution has the following key benefits:
Comprehensive and scalable security For enterprises of all sizes, we offer a
comprehensive security solution that
includes (1) a firewall for access
control, (2) VPN capability for secure,
encrypted communication between remote
offices, mobile employees and trading
partners, (3) server security to protect
against unauthorized or unintentional
access to and manipulation of critical
content and applications residing on a
server and (4) our LiveSecurity Service.
Dynamic protection Our subscription-based LiveSecurity
Service is designed to keep our security
solutions up to date with (1) security
threat responses that specifically address
newly discovered security vulnerabilities
or hacker techniques, (2) software
updates, (3) expert editorials, news
bulletins and Internet security-related
feature articles, (4) support flashes with
answers to commonly asked questions about
our products and services and information
on new software updates, (5) virus alerts
with information from Trend Micro about
the latest virus threats and access to its
virus protection products, (6) Web-based
customer training and technical
certification and (7) Web-based and
interactive technical support.
Easy installation and use We offer (1) a plug-in security appliance
for ease of firewall and VPN deployment,
(2) server security software with
virtually effortless installation and
configuration and (3) point-and-click
centralized management of all aspects of
the security solution. These features make
it easy for the non-security professional
to install, configure and monitor our
security solutions and to receive and
implement our LiveSecurity Service.
Viable outsourcing to ISPs and Through centralized configuration and
other managed service providers management capabilities, our security
solution enables service providers to
provide outsourced Internet security
services to thousands of customers
quickly, easily and at a price enterprises
can afford.
6
Affordability We minimize the overall ownership cost of our security solution
with easy deployment and management, which reduces the need for
information technology personnel. Our LiveSecurity Service
enables users of our security solutions to address their
security needs by leveraging our team of security experts.
Strategy
Our objective is to be the leading provider of Internet security solutions to
enterprises of all sizes worldwide. Our strategy to achieve this goal is based
on the following key elements:
Continue to extend our leadership position in the market for comprehensive
security for SMEs and our established presence in the SOHO/telecommuter market
into the larger-enterprise and IDE markets
We intend to further extend our leadership position into new markets by
expanding and enhancing our Internet security product and service offerings.
Over the past 18 months, we have expanded our traditional product line to meet
the needs of larger enterprises and IDEs. In addition, we have recently
expanded our addressable market with the introduction of ServerLock. Initially,
our marketing efforts for our ServerLock product line will be targeted at
public-facing servers connected to the Internet, such as corporate Web sites
and e-mail servers. In the future, we may expand our marketing efforts to
target internal application servers. We were the first, and remain the leader,
in developing updatable security appliances that execute software sent from a
remote management system. Our architecture allows enterprises of all sizes,
particularly IDEs, to quickly and easily deploy new products and services from
a central management system, using a familiar Windows- or Web-based interface.
Our distributed architecture also facilitates the scalability necessary for
service providers to provide our products and services to their customers at a
price enterprises can afford. We intend to continue to enhance our technology
and architecture, hire additional network and Internet security experts and
invest in product development and product and service enhancements.
Expand our strategic relationships with leading ISPs and other managed service
providers
To capitalize on the large number of potential customers to which ISPs and
other managed service providers have access, we have established relationships
with industry-leading service providers to create services based on our managed
security offering, LiveSecurity for MSS, and to act as resellers of our
products and services. Service providers with which we have relationships
include AlphaNet, AT&T Global Network Services Hong Kong Limited (AGNS Ltd.),
Deutsche Telekom, Genuity, Internet Initiative Japan, Internet Security
Systems, Interpath Communications, KPN, Nextcom, Sunrise Communications and
UUNet. We intend to continue to establish relationships with service providers
to facilitate the widespread adoption of our products and services by
capitalizing on the brand recognition and customer base of the service
providers. In addition, these strategic relationships should enhance WatchGuard
brand awareness and provide a powerful endorsement of our security technology
and services.
Expand and enhance our innovative LiveSecurity Service
Our LiveSecurity Service is an innovative, value-added security service that
delivers threat responses, software updates, expert editorials, support flashes
and virus alerts, along with training and technical support, over the Internet
directly to our subscribers and service provider partners. We plan to expand
and enhance our LiveSecurity Service, and therefore the value of our
subscription service, by expanding our internal and external team of security
experts and by adding new software and services through internal development
and partnering with third-party providers. As we expand and enhance our
LiveSecurity Service, we plan to ensure that it remains easy to implement and
use by enterprises of all sizes and service providers.
Continue to expand worldwide sales and distribution
We intend to continue to expand our international distribution capabilities
to allow any enterprise with an Internet connection to purchase WatchGuard
products and services, no matter where the enterprise is located.
7
Our goal is to make our security solutions the easiest to purchase and deploy,
whether by the enterprise or by a service provider. We plan to expand our
distribution network of resellers, distributors and service provider partners
and continue to make our solution available for purchase through their Web
sites. We will continue to invest in Web-based training programs and regional
awareness programs that educate our resellers and subscribers all over the
world about the features and benefits of our products and services and that
assist our customers with deployment.
Continue to expand WatchGuard brand awareness
We believe that we have an opportunity to make the WatchGuard brand
synonymous with Internet security worldwide. We intend to continue to invest in
marketing programs jointly executed with our distribution network around the
world. We will continue to participate in trade shows and regionally targeted
public relations activities both domestically and abroad, leverage our Web site
and links from the Web sites of our distribution network and promote the use of
the WatchGuard brand name when our service provider partners market their
managed security services.
We have not determined a schedule for implementing these components of our
strategy. The timing for executing our strategies will depend on market
conditions, the availability of strategic opportunities and the availability of
management resources.
Products and Services
Our comprehensive security solutions, which include an integrated suite of
security and management software, an Internet security appliance and a dynamic
Internet-based service to keep security defenses current, provide access
control, VPN and server content and application security. Enterprises may use
our Firebox System to internally manage their Internet security or elect to
outsource security management to a service provider implementing our
LiveSecurity for MSS.
Security solutions for enterprise-managed security
Using our security solutions for enterprise-managed security, an enterprise
can quickly and affordably deploy comprehensive security protection to all
sites on its network, while retaining centralized control and administration.
In addition, our LiveSecurity Service enables enterprises to augment their
information technology staff with our security experts, which we believe
substantially reduces personnel costs. Every new security system includes an
initial one-year subscription to our LiveSecurity Service.
Firebox System
For enterprises of all sizes, the Firebox System provides access control and
VPN through three key components: our security management system software with
security and management features, our security appliance and a subscription to
our Internet-based LiveSecurity Service.
Security features. The Firebox System contains the following security
features:
. Firewall. Our firewall controls incoming and outgoing traffic between
the Internet and an enterprise's systems and data. The firewall
incorporates access control and detection and blocking features.
. Authentication. For our SME and larger-enterprise products, our
authentication features identify network users and define user and user-
group security policies.
. Virtual private networking. Our software enables enterprises to create
VPNs by using encryption technology to allow data to flow securely
across the Internet between two predetermined points. Our branch office
VPN, used in all of our Firebox System products, secures communications
with branch offices and trading partners, and our remote-user VPN, used
in our SME and larger-enterprise
8
products, secures connections to telecommuters and traveling employees.
Our VPN solutions implement industry standard protocols.
. Web surfing control. In our SME and larger-enterprise products, our Web-
blocking feature enables enterprises to restrict site access privileges
by user, group, time of day, site type or particular site. In our SOHO
products, site access privileges may be restricted simply by site type.
Management features. Our Windows- or Web-based software manages and monitors
an enterprise's Internet security with an intuitive, point-and-click user
interface.
. Integrated suite of system management tools. For our SME and larger-
enterprise products, our security management system packages, configures
and deploys security software, security policies and the operating
system from the in-house manager's desktop computer to the enterprise's
security appliances. The management system also includes logging and
notification functions and real-time monitoring and historical reporting
of network, service and bandwidth usage. Our SOHO products are managed
by a Web-based interface accessed from the appliance itself or from
remote management software. Our management tools allow management of
multiple security appliances from a single location.
. Automated installation guides. Our automated installation guides enable
enterprises to install and configure our systems in as quickly as 15 to
30 minutes. Software updates or upgrades are also accessed through easy-
to-use installation guides.
Security appliance. Our security appliances for SMEs and larger enterprises
are standalone Internet security appliances that run the security functions of
the Firebox System. The security capabilities of these security appliances come
entirely from the operating system, security software and security policies
directed to them from the remote management software. They simply plug in and
reside between an enterprise's Internet router and its internal network of
servers and workstations. These Fireboxes have three independent, separately
monitored connections: one to the enterprise's network, one to the Internet and
one to the enterprise's public network for hosting Web and e-mail servers. The
Firebox System encrypts communications between the security appliance and the
management software on the in-house manager's desktop.
Our security appliances for SOHOs and telecommuters are standalone Internet
security appliances that run the security functions of the LiveSecurity System
and provide IP sharing. Our SOHO security appliances are increasingly being
used by enterprises as endpoints for VPNs. The security capabilities of the
SOHO security appliances come entirely from the operating system, security
software and security policies that reside on the appliances or that the
appliances receive from remote management software. They simply plug in and
reside between the SOHO's or telecommuter's Internet router and broadband modem
and its internal network of servers and workstations. These Fireboxes have two
independent, separately monitored connections: one to the SOHO's or
telecommuter's network and one to the Internet.
LiveSecurity Service. Through our subscription-based LiveSecurity Service, we
keep our family of security solutions current and allow them to continually
operate at their highest level for our customers. Our LiveSecurity Service
includes:
. Threat responses. When our rapid response team discovers and neutralizes
a security vulnerability or new hacker technique, we deliver updated
software that specifically addresses that security threat.
. Software updates. We deliver software updates that enhance the function
of the Firebox System.
. Expert editorials. Our team of industry-leading security advisors offer
their views and provide continuing education on the rapidly changing
field of Internet security.
. Support flashes. Interactive technical tutorials provide our customers
with answers to frequently asked questions about managing WatchGuard
products and information on new software updates.
. Virus alerts. We provide information from Trend Micro about the latest
virus threats and offer access to its virus protection products.
9
. Training. We provide subscribers with access to interactive and Web-
based product training and certification services.
. Support. We provide subscribers with access to various levels of
interactive and Web-based technical support.
ServerLock System
For enterprises of all sizes, the ServerLock System provides server content
and application security that protects critical data and services against
unauthorized or unintentional access or manipulation. This protection is
offered through a combination of kernel-level software, secured remote
communications, centralized management and a simplified dual-mode
administrative model.
System structure. The ServerLock System is comprised of the following
components:
. ServerLock. Our ServerLock software resides on the protected server and
acts as a filter between operations by the user and execution by the
operating system. This protects the system against unauthorized or
unintentional changes by even the most privileged user, the system
administrator.
. ServerLock Manager. Recognizing that users will implement ServerLock on
multiple servers and, in large enterprises, on entire server farms, the
ServerLock Manager is designed to maximize efficiency of control for
tens and even hundreds of servers, all using secure, remote
communication channels.
. ServerLock console. By allowing systems to be segregated into intuitive
groupings by function, geography or any customer-selected criteria, the
ServerLock console manages the protection state for all managed servers
with a simple click of a mouse.
Product features. ServerLock represents a new model for protecting data,
applications and the core of mission-critical systems by creating a new form of
protection on the server.
. Kernel-based protection. ServerLock's protection, from filtering user
requests to authenticating changes in the protection state, operates
from the kernel, the heart of the operating system. The kernel performs
the most critical and fundamental system operations and represents the
real core of any server. By applying ServerLock protection at this
level, users are defended against virtually all attempts to corrupt
systems.
. Simplified administration. Internet security has historically been an
area of complexity and confusion for enterprises. The security
appliance, pioneered by WatchGuard, represents an important and
groundbreaking development in simplification. By using a simplified
dual-mode model for administering the security policy, ServerLock
extends that simplification to maintaining the integrity of server
content and applications. Critical resources are managed in two modes,
operational and administrative. In operational mode, designated server
content and applications are protected from unauthorized or
unintentional access or manipulation. In administrative mode, standard
server protections are in force. ServerLock's simplified dual mode
allows a technically naive user to understand the protection:
operational mode is in place when the business is operating and
administrative mode is in place when the server needs to be
administered.
. Simplified installation. Designed to complement the manner in which
servers are built, configured and run, ServerLock's specialized license
keys allow straightforward installation and require little discretion on
the part of the installer.
. Customizable protection. For protection of specialized resources or
applications, ServerLock provides a utility for creating and managing
custom rules that can be used to protect individual files, proprietary
applications or site-specific configuration parameters. This
customizable protection is also managed with a simple on/off,
operational/administrative protection model.
10
LiveSecurity Service. ServerLock customers also receive the benefits of our
LiveSecurity Service. This includes access to technical support, software
updates, threat responses, expert editorials, support flashes, virus alerts and
interactive training.
LiveSecurity for MSS for service providers
To serve the needs of SMEs and larger enterprises that want to outsource
their Internet security and the needs of ISPs and other managed service
providers that want to provide this service, we created LiveSecurity for MSS.
LiveSecurity for MSS allows a service provider to centrally configure, monitor
and update the Internet security of thousands of managed customers. The service
provider can economically deliver a full range of security services while its
subscribing customers enjoy the benefit of our up-to-date protection at an
affordable price.
LiveSecurity for MSS has three main components: our network operations center
security suite software with security and management features, our security
appliances and our LiveSecurity Service.
Security features. LiveSecurity for MSS includes the same comprehensive set
of security features offered in our Firebox System.
Management features. Centrally located at the service provider's network
operations center, our global policy manager software provides security
intelligence and configuration for all customer sites under management. Our
software allows the service provider to create and store various security
policy configurations for different customer groups or service plans. Our
scalable WatchGuard event processor software provides monitoring and reporting
for customer sites.
Security appliances. One or more of our security appliances resides on the
service provider customer's premises. The appliances receive and implement the
operating system, security software and security policies sent by the service
provider. All of our security appliances may be centrally managed by the
service provider.
LiveSecurity Service. Through our LiveSecurity Service, the service
provider's network operations center receives threat responses, software
updates, expert editorials, support flashes and virus alerts. The service
provider then updates the security policy of its customers and transmits these
policy updates over its network to those customers.
By receiving the benefits of our security solution through a service
provider, an enterprise gains a number of added advantages. The service
provider can
. monitor and manage customers' security 24 hours a day, 7 days a week;
. define and implement professional, customized Internet security
policies;
. automatically install software updates and threat responses;
. regularly review customers' security and provide detailed reporting and
analysis; and
. mitigate the up-front cost of a security system purchase and setup.
Managed service providers, particularly those engaged in the fast-growing
area of Web hosting, continue to vie for competitive advantage in their
industry. With ServerLock, service providers can offer increased security for
hosted content with only minimal incremental cost. ServerLock's management and
deployment models enable lower cost of management and overhead through the same
intuitive design that minimizes the administrative costs for an enterprise
managing its own security.
Customer service. We make customer service a priority. Our staff of support
representatives serves our end-users, resellers, distributors and service
provider partners by phone and e-mail from 4:00 a.m. to 7:00 p.m. Pacific time,
Monday through Friday, excluding national holidays, with expanded hours for
certain members of our distribution network. As of December 31, 2000, we had 41
customer support representatives. We also offer
11
24-hour-a-day, 7-day-a-week Web support tools. Our computerized customer center
manages all support requests and allows customers to check resolution status
on-line. We provide on-line answers to frequently asked questions about our
products, descriptions of how to configure WatchGuard products to work with
other products and other technical information.
The WatchGuard team of experts
Rapid response team. Our rapid response team identifies, analyzes and
generates responses to new Internet security threats. To identify new threats,
the team continually monitors a wide variety of Internet sources related to
network security, including newsgroups, vendor Web sites and hacker bulletin
boards. When the rapid response team identifies a new security threat, we send
an advisory to our LiveSecurity Service subscribers while we develop and test
software or configuration changes to neutralize the threat. We then deliver the
software updates or configuration recommendations to our subscribers. The team
also provides other information of interest relating to Internet security.
LiveSecurity advisory council. Our LiveSecurity advisory council provides
continuing education and editorials on the rapidly changing subject of Internet
security. The council also oversees and contributes to the efforts of our rapid
response team. We intend to expand the council as opportunities arise.
Currently, the council is composed of Messrs. Frederick Avolio, Rik Farrow and
David Piscitello.
Frederick Avolio. Mr. Avolio has been involved in Internet computing and
communication since the early 1980s and has worked with Internet security
systems for over 10 years. He assisted in the creation of the first commercial
Internet firewall offering and helped create the commercial security products
division of Trusted Information Systems. His areas of expertise include
firewalls, intrusion detection, cryptography, security management and e-mail
systems. Mr. Avolio is the co-author, with Paul Vixie, of Sendmail Theory and
Practice. He holds a B.S. in computer science from the University of Dayton and
an M.S. in computer science from Indiana University.
Rik Farrow. Mr. Farrow provides UNIX and Internet security consulting and
training. He has been working with UNIX system security since 1984 and with
TCP/IP networks since 1988. He has taught in a number of countries and for a
variety of organizations, and consults with firms in designing and implementing
security applications. Mr. Farrow is the author of UNIX System Security and is
the co-author, with Rebecca Thomas, of UNIX Administrator's Guide to System V.
He writes a column for ;login:, the magazine of the USENIX Association, and a
network security column for Network magazine.
David Piscitello. Mr. Piscitello is an internationally recognized expert in
internetworking and fast-packet technology. He founded Core Competence, a full-
service internetworking, broadband, security and network management consulting
firm with offices in Pennsylvania and South Carolina. He is the recipient of a
Bellcore President's Recognition Award for his contributions to SMDS, ATM and
customer network management for switched data services. Mr. Piscitello has
authored books on internetworking and remote access and publishes articles
regularly on a variety of subjects, including network security, wireless data
networking, switched internetworking, Internet security and VPNs. Mr.
Piscitello does testing, product reviews and evaluations of VPNs, firewalls,
intrusion detection and other security products for leading trade publications
and provides consultation to Fortune 100 companies on extranets and Internet
security. He is chairman of the Networld + Interop Program Committee and the
founder and program chairman of the Internet Security Conference.
Licensing and pricing
We offer our resellers, distributors and service provider partners discounts
from current end-user list prices. In addition, we offer educational discounts
and occasional promotional pricing. All customers purchasing our Firebox and
ServerLock products receive a perpetual license for our security and management
software, which is included in the system price. Each end-user also receives a
renewable one-year subscription to our LiveSecurity Service. For LiveSecurity
for MSS, the service provider buys a license to use our network
12
operations center security suite management and security software and must have
an active subscription to the LiveSecurity Service for each customer security
appliance it manages.
Sales, Marketing and Distribution
Because the need for Internet security crosses geographic and economic
boundaries, our business opportunity extends worldwide to all business
segments. Since our inception, we have invested heavily in worldwide sales and
marketing. International sales generated 50% of our revenues in 1999 and 55% of
our revenues in 2000.
We sell our security solutions through distributors, value-added resellers
and service providers and occasionally to end-users. We also sell our
LiveSecurity for MSS products and services directly to service providers. We
license our technology to certain original equipment manufacturers, or OEMs,
for resale as an embedded feature in their products. The OEM end-user then has
the ability to subscribe to our LiveSecurity Service. We resell our products
and services through more than 400 companies covering over 60 countries,
including
. distributors, such as Eltrax Systems, Inc., Ingram Micro, Inc., Otsuka
Shokai Co., Ltd., Tech Data Corporation and Wick Hill Group, Plc;
. value-added resellers, such as CDW Computer Centers, Inc., Fujitsu
Business Systems, Ltd., Integrated Network Technologies, Network
Computing Architects, Inc. and Solunet; and
. service providers, such as AlphaNet, AT&T Global Network Services Hong
Kong Limited (AGNS Ltd.), Deutsche Telekom, Genuity, Internet Initiative
Japan, Internet Security Systems, Interpath Communications, KPN,
Nextcom, PSINet, Sunrise Communications and UUNet.
As part of our distribution network, thousands of resellers worldwide sell our
security solutions. Our agreements with our distribution network are
nonexclusive and provide for discounts based on the reseller's minimum purchase
targets or the volume that the reseller purchases or resells.
We divide our sales organization regionally among the Americas, Europe/Middle
East/Africa and Asia/Pacific and have 57 sales personnel located domestically
and internationally. Assisting our distribution network within a specific
region is a central responsibility of our regional sales representatives.
Regional sales representatives manage our relationships with our distribution
network, help the distribution network sell and support key customer accounts,
and act as liaison between our distribution network and our marketing and
product development organizations. We expect to continue to expand our field
sales organization in support of both the managed security and enterprise
market segments.
We conduct a number of marketing programs to support the sale and
distribution of our products. These programs inform existing and potential
resellers, distributors, service providers and end-user customers about the
capabilities and benefits of our products. Marketing activities include
advertising, publishing technical and educational articles in industry
journals, participating in industry tradeshows, regional awareness programs and
product technology conferences, sales training and marketing on our Web site.
As of December 31, 2000, we had 78 employees in our sales and marketing
organization.
As an additional sales tool, we offer end-users, resellers and distributors
free training on our security solutions through our Web site. Our interactive
training system guides customers through the installation, setup and management
of our Firebox security solutions and provides new product information. The
ServerLock System is delivered with a set of sales and training materials for
both the reseller and the end-user, including live-action video and audio
question-and-answer segments. The ServerLock System automates the installation
process using license keys sold at the time of purchase to identify elements to
be installed and activated, which minimizes the time and skill necessary to
install the product.
13
Our domestic and international sales tend to be lower in the summer months,
when businesses often defer purchasing decisions. Also, as a result of customer
buying patterns and the efforts of our sales force to meet or exceed quarterly
and year-end quotas, historically we have earned a substantial portion of a
quarter's revenues during its last month and, more recently, in the latter half
of the last month.
Customers
As of December 31, 2000, we had shipped over 50,000 of our security
appliances to our distribution network, which resells our products and services
to end-users spanning a wide variety of countries and industries. The following
is a representative list of our customers:
Service Providers IDEs
AlphaNet Bentley Systems,
Deutsche Telekom Incorporated
Genuity Gerbig Snell/Weisheimer &
Internet Initiative Associates, Inc.
Japan JDA Software Group, Inc.
Nextcom MediaPlant
Sunrise Communications Old Dutch Foods
UUNet Siemens AG
The Staubach Company
SMEs
Australian Hospital Care SOHOs
Boullioun Aviation Colony Homes
Services GLG Group, Inc.
Bolle Inc. Into Tomorrow Radio
City of Bellingham, WA Network
e-DOCS.net Martin Staffing
Englewood Public Schools Resources
Graham Steel Corporation Pro-2000 Inc.
Sensazione Studios
Watershed Associates
Technology and Architecture
Firebox System
Our Firebox System utilizes an innovative distributed architecture through
which a basic processor in a security appliance receives and executes software
directed to it from a remote management system. Because the security
intelligence resides in the software and not in the hardware, we can keep our
customers' Internet security up to date with our LiveSecurity Service, which
provides new security software and operating system configurations.
Our Firebox System encrypts communications between WatchGuard, the management
system software and the security appliance. This allows the management system
and the appliance to be separated within an enterprise's local- or wide-area
network or between a service provider and its subscriber. Typically, to install
software on a computer using a general-purpose operating system such as
Windows, a person must be physically present at the computer. Our distributed
architecture, however, allows our customers to remotely install our software on
the security appliances and receive our LiveSecurity Service over the Internet.
Security appliance. Our security appliances are dedicated solely to running
security functions. The security appliances have no other function and no hard
drive memory storage.
Operating system software. Our security appliance uses a Linux or VxWorks
operating system. In the case of the Linux operating system, used in our SME
and larger-enterprise products, we use a custom-configured kernel under an open
source license, which enables us to review the source code and generate a
flexible, robust and secure operating system. We use specially designed
application programming interfaces in all of our Firebox products to facilitate
secure loading of the operating system and security software that our
management software sends to the appliance.
14
Security features. The Firebox System implements our security features in a
number of software modules. Each module provides the specific function that the
management system defines in security rules and transmits to the appliance. For
example, the firewall features that control network traffic are based on an
extensible set of network service protocols, such as HTTP and SMTP. The Firebox
appliance applies the security policies defined by the management system to all
incoming or outgoing traffic. Additional modules implement other security
features, such as authentication and Web-surfing control, which also are
defined in the security policies that the management system transmits to the
appliance. If Web-surfing control is activated, for example, the Web-surfing
control software module will automatically check the details of all outgoing
Web traffic to make sure it complies with the defined policies.
We use an open architectural structure to allow integration with common
standards for network security. For example, our VPN component currently
supports IPSec standards and the authentication module in our SME and larger-
enterprise products supports a variety of standard authentication methods. We
intend to adopt additional standards as they mature in the market.
Management features. Because enterprise, distributed VPN and service provider
environments are very different, we designed separate management systems for
each. Our Firebox System management software enables quick installation and
management by an in-house manager using a standard Windows-based system. The
VPN management software in each of our security appliance types is designed
specifically for ease of configuration and visual representation of multiple
VPNs in a network. We designed our LiveSecurity for MSS management software, on
the other hand, for a trained operator using a dedicated management console to
configure and manage the security of a large subscriber base. All management
systems have the ability to remotely deploy new security software to the
appliances or update their security engines from the management console. Our
service provider customers can choose to separately and remotely deploy select
security features, such as VPN and Web blocking. This gives service providers
the ability to incrementally add for-fee services to their basic service
offering, without the expense of sending personnel to their customers' sites.
Our SOHO and telecommuter customers can also choose a simple Web-based
management interface, which removes the need to install management software.
To enable service providers to configure, monitor and manage the Internet
security of thousands of customers, LiveSecurity for MSS includes scalable
logging and monitoring software called WatchGuard event processors. The event
processors run on UNIX-based workstations and can be located in the network
operations center or distributed at the service provider's point of presence.
Each event processor manages the logging and notification features of up to 500
security appliances through commands issued from the global policy manager at
the network operations center.
LiveSecurity Service. Our scalable LiveSecurity Service is a collection of
secured servers that registers subscribers, facilitates downloading our
software to the desktop computers of registered subscribers and delivers threat
responses, software updates, expert editorials, support flashes and virus
alerts to subscribers. To facilitate a high level of security and authenticity,
we protect our servers with our own security system and strongly encrypt data
communication between servers. We can replicate and distribute our LiveSecurity
servers throughout the world, which should enable us to meet the growth we
expect in demand for our LiveSecurity Service.
ServerLock System
The ServerLock System represents an innovative approach to securing content.
Designed to address architectural vulnerabilities in existing models of popular
multi-user operating systems, ServerLock provides content and application
security by protecting against unauthorized change activity, even when
attempted by the most privileged system users. The ServerLock System has four
key components:
. ServerLock. The ServerLock software runs on and protects the servers on
which it is installed. Acting as a filter between requests for changes
and the actual execution of those changes within the
15
operating system kernel, ServerLock prevents changes to the operating
system's static components and the configurations that implement that
server's security policies.
. Kernel-based authentication and communication. Because all user-space
processes, including authentication, are vulnerable to attack or
accidental corruption by a privileged user or system administrator,
ServerLock implements both its protection and its enabling
authentication within the kernel of the operating system it protects.
ServerLock also enables kernel-to-kernel remote communication using
strong encryption implemented through a 239-bit elliptic curve
cryptosystem adapted for ServerLock.
. Central management. To facilitate adoption by larger enterprises and
service providers, ServerLock may be managed remotely through the
ServerLock management software. The ServerLock Manager allows the
administrators or service providers to control multiple servers by
applying custom rules and turning protection on and off in much the same
manner as those tasks are performed locally. ServerLock's remote
communications channel simplifies setting and resetting the protection
state of remote machines and makes aggregating systems easier, for
simplicity of depiction in a managed environment.
. Remote configuration and management. The ServerLock configuration
interface is fully portable and may be run on remote administrator
systems and laptops, thereby connecting security functions to the
central management server.
Research and Development
We focus our research and development efforts on enhancing our existing
products and services, developing new products based on our innovative
distributed-appliance architecture and developing services that capitalize on
our LiveSecurity Service infrastructure. We use a modular design, which allows
us to develop new applications that plug into our existing product line. As a
result, our products can be deployed in stages, either directly by an
enterprise or by a service provider if the enterprise has outsourced its
security management. As we develop new products, our LiveSecurity end-users
and service provider partners can incorporate the new products into their
systems with minimal system interruption.
As of December 31, 2000, we employed 130 people on our research and
development staff. Research and development expenses were $4.4 million in
1998, $7.1 million in 1999 and $13.9 million in 2000. We have product
development facilities in Seattle, Washington, Waltham, Massachusetts and
Aliso Viejo, California.
Competition
We compete in a market that is relatively new, intensely competitive, highly
fragmented and rapidly changing. We face competition in sales both of products
and services designed for enterprises and of those designed for service
providers. We have experienced and will continue to experience increased
competition from current and emerging competitors, many of which have
significantly greater financial, technical, marketing and other resources.
In the market for Internet security solutions, we compete on the basis of
technological expertise and functionality, breadth of service and product
features, ease of installation and management, updatability, scalability,
brand recognition, price, customer support and distribution capability.
Currently, the primary competitors in our industry include Cisco Systems,
Inc., Check Point Software Technologies Ltd., Nokia Corporation and SonicWALL
Inc. Other competitors offering security products include hardware and
software vendors such as Netscreen Technologies Inc., Lucent Technologies,
Inc. and Network Associates, Inc., operating system vendors such as Microsoft
Corporation, Novell, Inc. and Sun Microsystems, Inc. and a number of smaller
companies.
Our competitors may be able to respond more quickly to new or emerging
technologies and changes in customer requirements than we can. In addition,
our current and future competitors may bundle their products
16
with other software or hardware, including operating systems and browsers, in a
manner that may discourage users from purchasing the products and services we
offer. Many of our current and potential competitors have greater name
recognition, larger customer bases to leverage and greater access to
proprietary technology, and could therefore gain market share to our detriment.
In addition, our current and potential competitors may establish cooperative
relationships among themselves or with third parties that may further enhance
their resources, such as the relationship between Check Point and Nokia. We
expect additional competition as other established and emerging companies enter
the Internet security market and new products and technologies are introduced.
While some of our competitors have traditionally targeted large-enterprise
security needs, using complex products that run on general purpose operating
systems such as UNIX or Windows NT and require full training and support
programs, these vendors could adapt their existing products to make them more
attractive to our markets. If these or other of our competitors were to focus
their greater financial, technical and marketing resources in our markets, our
business could be harmed. In addition, as our security solutions are adopted by
larger enterprises, we expect to see increased competition. Increased
competition in any of our markets could result in price reductions, fewer
customer orders, reduced gross margins and loss of market share.
Proprietary Rights
To protect our proprietary rights, we rely primarily on
. copyright, trademark, service mark and trade secret laws;
. license agreements with third parties, including a standard software
license included with our products;
. confidentiality agreements with our employees and third parties;
. invention assignment agreements with our employees and contractors;
. protective contractual provisions in our agreements with some of our
consultants, resellers and customers; and
. limited access to our software, documentation and other proprietary
information.
WatchGuard(R) is a registered trademark in the United States, Norway, New
Zealand and Japan, and LiveSecurity(R) is a registered trademark in the
European Union and Mexico. Applications to register the WatchGuard and
LiveSecurity trademarks are pending in other jurisdictions. Firebox(TM),
ServerLock(TM), LockSolid(TM), QSecure LockSolid(TM), SpamScreen(TM) and
LiveSecurity(TM) are trademarks in use in the United States, and applications
are pending in the United States and other jurisdictions for registration of
these trademarks. We also have other trademarks in use in the United States
that do not currently have applications pending in any jurisdiction. We have no
issued patents but have 12 patents pending.
We currently license and use the following technologies in our products and
services:
. BSAFE encryption toolkit from RSA Data Security, Inc. We use the
encryption functions of this industry-standard product in our remote
office VPN product.
. Cyber Patrol database from The Learning Company. We use this database to
provide blocking of particular Web addresses as part of our Web-blocking
module.
. Linux kernel. We use a customized version of the Linux operating system
in our SME and larger- enterprise security appliances.
. Internet Security Systems Inc. Internet scanner. We sell an OEM version
of this software to our service provider customers as an optional
scanning module for LiveSecurity for MSS.
. WebTrends Corporation Inc. WebTrends for Firewalls and VPNs. We sell an
OEM version of this software to our service provider customers as an
optional reporting module for LiveSecurity for MSS.
17
. US Software TCP/IP stack. We use a customized version of this basic
TCP/IP stack, in source code form, in our SOHO and telecommuter
products.
. WindRiver VxWorks Real Time operating system. We use this operating
system in our SOHO and telecommuter security appliance.
. Intronic Semiconductor Inc. We use this 3DES software technology in our
SOHO and telecommuter products.
. CertiCom Elliptic Curve Cryptosystem. We use this cryptosystem to
authenticate protection changes and encrypt communications in our
ServerLock products.
. OSR Technologies KSOCKS. We use the KSOCKS product to achieve a
heterogeneous network signature for remote communications in our
ServerLock products.
. RSA Inc. SecurID. We use SecurID's two-factor technologies to provide an
additional level of security and accountability in our ServerLock
products.
U.S. Government Export Regulation Compliance
Our products are subject to federal regulations governing the export of
encryption commodities and software. To comply with these regulations, we have
developed two versions of our products: one for the U.S. and Canadian markets
and one for international markets. Recent federal legislation, however, has
relaxed export controls on encryption. Federal law now allows the export of
encryption commodities and software of any strength to nongovernmental end-
users located in any country except those designated as embargoed or otherwise
restricted by the U.S. government, subject to streamlined reporting
requirements. To satisfy these encryption export reporting requirements, we use
data gathered from end-users during product registration. Encryption
commodities and software previously approved for export by the federal Bureau
of Export Administration, or BXA, under an export license or encryption
licensing arrangement are immediately eligible for export under the revised
regulations without further technical review by the BXA. These commodities and
software include our branch office and remote user VPN software and the VPN
accelerator in our Firebox II Plus with FastVPN security appliance. The BXA has
granted retail export status to our SOHO and telecommuter security appliances,
which use encryption in branch office VPN software, and is currently reviewing
our FastVPN security appliance for retail export status. We are eligible to
export products that qualify for retail export status to all nonembargoed and
nonrestricted foreign end-users, including government entities.
Manufacturing
We currently outsource all hardware manufacturing and assembly for our
Firebox appliances for SMEs and larger enterprises to two companies:
Washington-based Electronic Manufacturing Corporation, our primary supplier,
and California-based Force Computer Corporation. Our contract manufacturer for
our Firebox appliance for SOHOs and telecommuters is Trantronics Inc., a
California-based company. All three manufacturers are certified as meeting the
International Organization for Standardization's quality assurance standards
ISO 9001 and 9002. Other contract manufacturers are currently under review for
potential agreements as either primary or backup suppliers for current and
future products. Worldwide distribution is currently performed at our
distribution facility in Seattle, Washington.
Employees
As of December 31, 2000, we had 287 employees. Of these, 78 were employed in
sales and marketing, 30 in finance and administration, 41 in customer support
and 138 in development and operations. We are not parties to any collective
bargaining agreements with our employees and we have not experienced any work
stoppages. We believe we have good relations with our employees.
18
Factors Affecting Our Operating Results, Our Business and Our Stock Price
In addition to the other information contained in this annual report, you
should carefully read and consider the following risk factors. If any of these
risks actually occur, our business, financial condition or operating results
could be adversely affected and the trading price of our common stock could
decline.
We have incurred losses in the past and may not achieve or sustain consistent
profitability, which could result in a decline in the value of our common
stock.
Since inception through the fourth quarter of 2000, we incurred net losses
and experienced negative cash flows from operations in each quarter, except for
the third quarter of 2000. As of December 31, 2000, we had an accumulated
deficit of approximately $45.6 million. Although our revenues have increased
each year since we began operations, we do not believe that the historical
percentage growth rate of our revenues will be sustainable as our revenue base
increases and we may not achieve or sustain profitability in future periods.
Moreover, we currently expect to increase our operating expenses significantly
in connection with
. expanding into new geographic markets;
. expanding into new product markets;
. continuing to develop our technology;
. hiring additional personnel;
. upgrading our information and internal control systems; and
. integrating acquisitions of businesses, products and technologies and
pursuing additional strategic acquisitions.
If we are unable to achieve or sustain profitability in future quarters, the
trading price of our common stock could decline.
Our operating results fluctuate and could fall below expectations of securities
analysts and investors, resulting in a decline in our stock price.
Our quarterly and yearly operating results have varied widely in the past and
will probably continue to fluctuate. For this reason, we believe that period-
to-period comparisons of our operating results are not meaningful. In addition,
our limited operating history makes predicting our future performance
difficult. In the fourth quarter of 2000, our operating results fell below the
expectations of securities analysts and investors and our operating results for
a future quarter or year may again fail to meet market expectations. This could
result in a decline in our stock price.
Beginning in the fourth quarter of 2000 and continuing into the first quarter
of 2001, we have seen a general economic downturn in the U.S. economy, which
has affected the demand for our products and services. We do not know how long
this economic downturn will last or how severe it will become. We also cannot
predict the extent and timing, if any, of the impact of the economic downturn
in the United States on economies in other countries and geographic regions in
which we conduct business. To the extent that this downturn continues or
spreads to other geographic regions, the Internet security industry and demand
for our products and services are likely to be adversely affected and could
result in a decline in our stock price.
We base our spending levels for product development, sales and marketing and
other operating expenses largely on our expected future revenues. Because our
expenses are largely fixed for a particular quarter or year, we may be unable
to adjust our spending in time to compensate for any unexpected quarterly or
annual shortfall in revenues. A failure to so adjust our spending in time also
could cause operating results to fall below the expectations of securities
analysts and investors, resulting in a decline in our stock price.
19
Because many potential customers remain unaware of the need for Internet
security or may perceive it as costly and difficult to implement, our products
and services may not achieve market acceptance.
We believe that many potential customers, particularly SMEs, SOHOs and
telecommuters, are not fully aware of the need for Internet security products
and services. Historically, only enterprises having substantial resources have
developed or purchased Internet security solutions. Also, there is a perception
that Internet security is costly and difficult to implement. We will therefore
not succeed unless the market understands the need for Internet security and we
can convince our potential customers of our ability to provide this security in
a cost-effective and administratively feasible manner. Although we have spent,
and will continue to spend, considerable resources educating potential
customers about the need for Internet security and the benefits of our products
and services, our efforts may be unsuccessful.
If potential customers do not accept our LiveSecurity products and services,
our business will not succeed.
We currently expect all future revenues to be generated through sales of our
Internet security products and related services, including subscription fees,
and we cannot succeed if the market does not accept these products and
services. Our success depends on our ability and the ability of our
distribution network, which includes distributors, value-added resellers, ISPs
and other managed service providers and OEMs, to obtain and retain LiveSecurity
customers. Some of our LiveSecurity products and services, however, are
relatively new and unproven. The broadcast portion of our LiveSecurity solution
has been available only since February 1999, our Firebox products for SOHOs and
telecommuters have been available only since February 2000 and our ServerLock
products were launched under the WatchGuard brand only in February 2001. To
receive our LiveSecurity Service, enterprises will be required to pay an annual
subscription fee, either to us or, if they obtain the LiveSecurity Service
through one of our channel partners, to the channel partner. We are not aware
of any other Internet security product that allows enterprises to keep their
security solution current by receiving software updates and related information
over the Internet. Enterprises may be unwilling to pay a subscription fee to
keep their Internet security up to date. Because our LiveSecurity Service is
relatively new, we cannot accurately predict the rate at which our customers
will renew their annual subscriptions. In addition, most businesses
implementing security services have traditionally managed their own Internet
security rather than using the services of third-party service providers. As a
result, our products and services and the outsourcing of Internet security to
third parties may not achieve significant market acceptance.
Seasonality and concentration of revenues at the end of the quarter could cause
our revenues to fall below the expectations of securities analysts and
investors, resulting in a decline in our stock price.
The growth rate of our domestic and international sales has been and may
continue to be lower in the summer months, when businesses often defer
purchasing decisions. Also, as a result of customer buying patterns and the
efforts of our sales force to meet or exceed quarterly and year-end quotas,
historically we have earned a substantial portion of a quarter's revenues
during its last month and, more recently, in the latter half of the last month.
If expected revenues at the end of any quarter are delayed, our revenues for
that quarter could fall below the expectations of securities analysts and
investors, resulting in a decline in our stock price.
The integration of Qiave and any future acquisitions may be costly, difficult
and disruptive.
In October 2000, we acquired Qiave Technologies Corporation, a privately held
provider of digital information security products. As part of our business
strategy, we may acquire other companies, products or technologies. The Qiave
acquisition, and any future acquisitions, will subject us to numerous
operational and financial risks and difficulties, including
. loss of key personnel;
. difficulties in assimilating the acquired company's technologies,
products, personnel and operations;
. disruption of our ongoing business and diversion of management
attention;
20
. assumption of known and unknown liabilities;
. higher-than-expected acquisition and integration costs and charges
against earnings;
. potentially dilutive issuances of equity securities; and
. inability of our sales force, consultants and development staff to adapt
to new product lines.
We may be unable to successfully integrate Qiave or any future acquisition.
In addition, we may not gain any substantial benefit from the Qiave acquisition
or from any businesses, products or technologies that we acquire in the future,
notwithstanding the significant expenditure of time and financial, personnel
and other resources.
If our newly established relationships with OEMs are unsuccessful, our ability
to generate revenues from the OEM line of business will be limited.
We have recently established relationships with several domestic and
international OEM partners to incorporate our technology into their products.
If these OEM partners are unsuccessful in marketing and implementing our
technology or the benefits realized from their implementation of our technology
are lower than expected, this line of business will be unable to generate the
levels of revenue we expect. Because our relationships with OEMs are new and
unproven, we cannot predict the degree to which the OEMs will succeed in
marketing and selling our products and services. The OEMs with which we have
established relationships have not had an opportunity to fully develop and
implement product or service offerings incorporating our technology. We cannot
predict how long our current or potential OEM partners will take to complete
this development and implementation. Until and unless this development and
implementation is achieved, our revenues from OEM partnerships will be limited.
If our OEM partners fail to provide adequate installation, deployment and
support of our products and services, end-users could choose not to purchase
OEM products that include our technology. Our OEM partners will offer our
products and services in combination with other products and services, some of
which may compete with our products and services. In addition, we may be unable
to maintain our existing relationships with OEM partners or establish new OEM
relationships in the future.
If our third-party channel partners fail to perform, our ability to sell our
products and services will be limited.
We sell most of our products and services through our distribution network,
and we expect our success to continue to depend in large part on their
performance. Our channel partners have the ability to sell products and
services that are competitive with ours, to devote more resources to those
competitive products or to cease selling our products and services altogether.
Currently, two channel partners, Ingram Micro and Tech Data, together account
for 22% of our revenues. The loss of one of these distributors, a reduction in
their sales or a loss or reduction in sales involving one or more other channel
partners, particularly if the reduction results in increased sales of
competitive products, could harm our business.
If we are unable to compete successfully in the highly competitive market for
Internet security products and services, our business will fail.
The market for Internet security products is intensely competitive and we
expect competition to intensify in the future. An increase in competitive
pressures in our market or our failure to compete effectively may result in
pricing reductions, reduced gross margins and loss of market share. Currently,
the primary competitors in our industry include Cisco Systems, Inc., Check
Point Software Technologies Ltd., Nokia Corporation and SonicWALL Inc. Other
competitors offering security products include hardware and software vendors
such as Netscreen Technologies Inc., Lucent Technologies, Inc. and Network
Associates, Inc., operating system vendors such as Microsoft Corporation,
Novell, Inc. and Sun Microsystems, Inc. and a number of smaller companies. Many
of our competitors have longer operating histories, greater name recognition,
larger customer
21
bases and significantly greater financial, technical, marketing and other
resources than we do. In addition, our current and potential competitors may
establish cooperative relationships among themselves or with third parties that
may further enhance their resources. As a result, they may be able to adapt
more quickly to new technologies and customer needs, devote greater resources
to the promotion or sale of their products and services, initiate or withstand
substantial price competition, take advantage of acquisition or other
opportunities more readily or develop and expand their product and service
offerings more quickly. In addition, our competitors may bundle products
competitive with ours with other products that they may sell to our current or
potential customers. These customers may accept these bundled products rather
than separately purchasing our products.
Product returns or retroactive price adjustments could exceed our allowances,
which could adversely affect our operating results.
We provide some of our channel partners with product return rights for stock
rotation. We also provide some of our channel partners with price protection
rights for their inventories, which they may exercise if we lower our prices
for those products. We may experience significant returns and price adjustments
for which we may not have adequate allowances. The short life cycles of our
products and the difficulty of predicting future sales increase the risk that
new product introductions or price reductions by us or our competitors could
result in significant product returns or price adjustments. In September 1998,
for example, when we introduced the Firebox II security appliance, we
experienced an increase in returns of previous products and product versions.
Provisions for returns and allowances for the years ended December 31, 1998,
1999, and 2000, were $1.7 million, $1.1 million and $1.9 million, or 13%, 5%
and 3% of total revenues before returns and allowances.
Failure to address strain on our resources caused by our rapid growth will
result in our inability to effectively manage our business.
Our current systems, management and resources will be inadequate if we
continue to grow. Our business has grown rapidly in size and complexity. This
rapid expansion has placed significant strain on our administrative,
operational and financial resources and has resulted in ever-increasing
responsibilities for our management personnel. We will be unable to effectively
manage our business if we are unable to timely and successfully alleviate the
strain on our resources caused by our rapid growth.
We may be unable to adequately expand our operational systems to accommodate
growth, which could harm our ability to deliver our products and services.
Our operational systems have not been tested at the customer volumes that may
be required in the future. We may encounter performance difficulties when
operating with a substantially greater number of customers. In implementing our
LiveSecurity products and services, we have experienced periodic interruptions
affecting all or a portion of our systems, and we believe that interruptions
will continue to occur from time to time. These interruptions could harm our
ability to deliver our products and services. An inability to add software and
hardware or to develop and upgrade existing technology or operational systems
to handle increased traffic may cause unanticipated system disruptions, slower
response times and poor customer service, including problems filling customer
orders.
Rapid changes in technology and industry standards could render our products
and services unmarketable or obsolete, and we may be unable to introduce new
products and services timely and successfully.
To succeed, we must continually change and improve our products in response
to rapid technological developments and changes in operating systems, Internet
access and communications, application and networking software, computer and
communications hardware, programming tools, computer language technology and
hacker techniques. We may be unable to successfully and timely develop these
new products and services or achieve and maintain market acceptance. The
development of new, technologically advanced
22
products and services is a complex and uncertain process requiring great
innovation and the ability to anticipate technological and market trends.
Because Internet security technology is complex, it can require long
development and testing periods. Releasing new products and services
prematurely may result in quality problems, and releasing them late may result
in loss of customer confidence and market share. In the past, we have on
occasion experienced delays in the scheduled introduction of new and enhanced
products and services, and we may experience delays in the future. When we do
introduce new or enhanced products and services, we may be unable to manage the
transition from the older products and services to minimize disruption in
customer ordering patterns, avoid excessive inventories of older products and
deliver enough new products and services to meet customer demand.
We may be required to defend lawsuits or pay damages in connection with the
alleged or actual failure of our products and services.
Because our products and services provide and monitor Internet security and
may protect valuable information, we may face claims for product liability,
tort or breach of warranty relating to our products and services. Anyone who
circumvents our security measures could misappropriate the confidential
information or other property of end-users using our products and services or
interrupt their operations. If that happens, affected end-users or channel
partners may sue us. In addition, we may face liability for breaches caused by
faulty installation and implementation of our products by end-users or channel
partners. Although we attempt to reduce the risk of losses from claims through
contractual warranty disclaimers and liability limitations, these provisions
may be unenforceable. Some courts, for example, have found contractual
limitations of liability in standard software licenses to be unenforceable
because the licensee does not sign them. Defending a suit, regardless of its
merit, could be costly and could divert management attention. Although we
currently maintain business liability insurance, this coverage may be
inadequate or may be unavailable in the future on acceptable terms, if at all.
A breach of security could harm public perception of our products and services.
We will not succeed unless the marketplace is confident that we provide
effective Internet security protection. Even networks protected by our software
products may be vulnerable to electronic break-ins and computer viruses. If an
actual or perceived breach of Internet security occurs in an end-user's
systems, regardless of whether the breach is attributable to us, the market
perception of the efficacy of our products and services could be harmed. This
could cause us or our channel partners to lose current and potential customers
or cause us to lose potential channel partners. Because the techniques used by
computer hackers to access or sabotage networks change frequently and generally
are not recognized until launched against a target, we may be unable to
anticipate these techniques.
If we are unable to prevent attacks on our internal network system by computer
hackers, public perception of our products and services will be harmed.
Because we provide Internet security, we are a significant target of computer
hackers. We have experienced attacks by computer hackers in the past and expect
attacks to continue. If attacks on our internal network system are successful,
public perception of our products and services will be harmed.
We may be unable to adequately protect our operational systems from damage,
failure or interruption, which could harm our reputation and our ability to
attract and retain customers.
Our operations, customer service, reputation and ability to attract and
retain customers depend on the uninterrupted operation of our operational
systems. Although we utilize limited off-site backup facilities and take other
precautions to prevent damage, failure or interruption of our systems, our
precautions may be inadequate. Any damage, failure or interruption of our
computer or communications systems could lead to service interruptions, delays,
loss of data and inability to accept and fill customer orders and provide
customers with the LiveSecurity Service.
23
We may be unable to deliver our products and services if we cannot continue to
license third-party technology that is important for the functionality of our
products.
Our success will depend in part on our continued ability to license
technology that is important for the functionality of our products. A
significant interruption in the supply of a third-party technology could delay
our development and sales until we can find, license and integrate equivalent
technology. This could damage our brand and result in loss of current and
potential customers. Although we believe that we could find other sources for
the technology we license, alternative technologies may be unavailable on
acceptable terms, if at all. We depend on our third-party licensors to deliver
reliable, high-quality products, develop new products on a timely and cost-
effective basis and respond to evolving technology and changes in industry
standards. We also depend on the continued compatibility of our third-party
software with future versions of our products.
We may be unable to deliver our products and services if component
manufacturers fail to supply component parts with acceptable quantity, quality
and cost.
We obtain the component parts for our hardware from a variety of
manufacturers. While our component vendors have produced parts for us in
acceptable quantities and with acceptable quality and cost in the past, they
may be unable to do so in the future. Companies in the electronics industry
regularly experience lower-than-required component allocations, and the
industry is subject to frequent component shortfalls. Although we believe that
we could find additional or replacement sources for our hardware components,
our operations could be disrupted if we have to add or switch to a replacement
vendor or if our component supply is interrupted for an extended period. This
could result in loss of customer orders and revenue.
We may need additional capital and our ability to secure additional funding is
uncertain.
Our future revenues may be insufficient to support the expenses of our
operations and the expansion of our business. We may therefore need additional
equity or debt capital. We may seek additional funding through
. public or private equity financings, which could result in significant
dilution to stockholders;
. public or private debt financings; and
. capital lease transactions.
We believe that existing cash and cash equivalent balances will be sufficient
to meet our capital required for at least the next 12 months. Our capital
requirements will depend on several factors, however, including
. the rate of market acceptance of our products and services;
. our ability to expand our customer base;
. the growth of our sales and marketing capabilities; and
. the cost of any acquisitions we may complete.
Financing may be unavailable to us when needed or on acceptable terms.
We may be unable to adequately protect our proprietary rights, which may limit
our ability to compete effectively.
Despite our efforts to protect our proprietary rights, unauthorized parties
may misappropriate or infringe on our trade secrets, copyrights, trademarks,
service marks and similar proprietary rights. We face additional risk when
conducting business in countries that have poorly developed or inadequately
enforced intellectual property laws. While we are unable to determine the
extent to which piracy of our software products exists, we expect piracy to be
a continuing concern, particularly in international markets and as a result of
the growing use of the Internet.
If we fail to obtain and maintain patent protection for our technology, we
may be unable to compete effectively. We have 12 patents pending, but our
patent applications may not result in issued patents. Even if
24
we secure a patent, the patent may not provide meaningful protection. In
addition, we rely on unpatented proprietary technology. Because this
proprietary technology does not have patent protection, we may be unable to
meaningfully protect this technology from unauthorized use or misappropriation
by a third party. In addition, our competitors may independently develop
similar or superior technologies or duplicate any unpatented technologies that
we have developed, which could significantly reduce the value of our
proprietary technology or threaten our market position.
Intellectual property claims and litigation could subject us to significant
liability for damages and invalidation of our proprietary rights.
In the future, we may have to resort to litigation to protect our
intellectual property rights, to protect our trade secrets or to determine the
validity and scope of the proprietary rights of others. Any litigation,
regardless of its success, would probably be costly and require significant
time and attention of our key management and technical personnel. Litigation
could also force us to
. stop or delay selling, incorporating or using products that incorporate
the challenged intellectual property;
. pay damages;
. enter into licensing or royalty agreements, which may be unavailable on
acceptable terms; or
. redesign products or services that incorporate infringing technology.
Although we have not been sued for intellectual property infringement, we may
face infringement claims from third parties in the future. The software
industry has seen frequent litigation over intellectual property rights, and we
expect that participants in the Internet security industry will be increasingly
subject to infringement claims as the number of products, services and
competitors grows and functionality of products and services overlaps.
Undetected product errors or defects could result in loss of revenues, delayed
market acceptance and claims against us.
Our products and services may contain undetected errors or defects,
especially when first released. Despite extensive testing, some errors are
discovered only after a product has been installed and used by customers. Any
errors discovered after commercial release could result in loss of revenues or
claims against us or our channel partners.
Governmental controls over the export or import of encryption technology could
cause us to lose sales.
Any additional governmental regulation of imports or exports or failure to
obtain required export approval of our encryption technologies could adversely
affect our international and domestic sales. The United States and various
other countries have imposed controls, export license requirements and
restrictions on the import or export of some technologies, especially
encryption technology. In addition, from time to time governmental agencies
have proposed additional regulation of encryption technology, such as requiring
the escrow and governmental recovery of private encryption keys. Additional
regulation of encryption technology could delay or prevent the acceptance and
use of encryption products and public networks for secure communications. This,
in turn, could result in decreased demand for our products and services.
In addition, some foreign competitors are subject to less stringent controls
on exporting their encryption technologies. As a result, they may be able to
compete more effectively than we can in the U.S. and international Internet
security markets.
25
If we do not retain our key employees, our ability to execute our business
strategy will be impaired.
Our future success will depend largely on the efforts and abilities of our
senior management and our key development, technical, operations, information
systems, customer support and sales and marketing personnel, and on our ability
to retain them. These employees are not obligated to continue their employment
with us and may leave us at any time.
If we do not expand our international operations and successfully overcome the
risks inherent in international business activities, the growth of our business
will be limited.
Our ability to grow will depend in part on the expansion of our international
sales and operations, which are expected to continue to account for a
significant portion of our revenues. Sales to customers outside of the United
States accounted for approximately 35% of our revenues in 1998, 50% in 1999 and
55% in 2000. The failure of our channel partners to sell our products
internationally would limit our ability to increase our revenues. In addition,
our international sales are subject to the risks inherent in international
business activities, including
. cost of customizing products for foreign countries;
. export and import restrictions, such as those affecting encryption
commodities and software;
. difficulties in acquiring and authenticating customer information;
. reduced protection of intellectual property rights and increased
liability exposure; and
. regional economic and political conditions.
Our international sales currently are U.S. dollar-denominated. As a result,
an increase in the value of the U.S. dollar relative to foreign currencies has
made and may continue to make our products less competitive in international
markets.
Our stock price is volatile.
The trading price of our common stock could be subject to fluctuations for a
number of reasons, including
. actual or anticipated variations in quarterly or annual operating
results;
. changes in analysts' earnings projections or recommendations;
. failure to meet analysts' revenue or earnings projections;
. our inability to successfully implement our business strategy;
. changes in business conditions affecting our customers, our competitors
and us; and
. changes in accounting standards that adversely affect our revenues and
earnings.
In recent years, moreover, the stock market in general and the market for
Internet-related technology companies in particular have experienced extreme
price and volume fluctuations, often unrelated to the operating performance of
the affected companies. Our common stock has experienced, and is likely to
continue to experience, these fluctuations in price, regardless of our
performance.
Changes in or interpretations of accounting rules may adversely impact future
and past results of operations.
We prepare our financial statements in conformity with accounting principles
generally accepted in the United States. These principles have changed
frequently and are subject to ongoing change and interpretation by the
Financial Accounting Standards Board, the Securities and Exchange Commission
and other agencies and organizations. A change in generally accepted accounting
principles could significantly affect our reported
26
results of operations or the reporting of transactions completed before a
change is announced, which could require us to restate our prior published
financial statements. Accounting standards that impact the technology and
software sectors in which we operate and that are currently under review
include
. rules relating to revenue recognition, including rules affecting the
recognition of revenue from the sale of software or related services;
. rules relating to the classification of costs related to marketing
programs, which may impact sales discounts, cost of sales or marketing
expenses; and
. accounting for stock-based compensation for employees and nonemployees.
Any changes to these accounting principles or the way they are interpreted or
applied could significantly affect our reported financial results or the way in
which we conduct business.
ITEM 2. PROPERTIES
Our principal administrative, marketing, sales, development and operations
facility is located in Seattle, Washington. We occupy approximately 90,000
square feet in this facility (including space that is subleased) under a lease
that expires in September 2010. We also maintain a product fulfillment and
distribution warehouse in Seattle. In addition, we maintain offices in Aliso
Viejo, California and Waltham, Massachusetts.
ITEM 3. LEGAL PROCEEDINGS
We are currently not a party to any material legal proceedings.
ITEM 4. SUBMISSION OF MATTERS TO A VOTE OF SECURITY HOLDERS
No matters were submitted to a vote of our security holders during the fourth
quarter of 2000.
27
PART II
ITEM 5. MARKET FOR REGISTRANT'S COMMON EQUITY AND RELATED STOCKHOLDER MATTERS
Market Information
Our common stock began trading on the Nasdaq National Market on July 30, 1999
under the symbol WGRD. The following table lists, for the periods indicated,
the high and low sales prices per share of our common stock as reported on the
Nasdaq National Market.
Price Range of
Common Stock
---------------
High Low
------- -------
Year Ended December 31, 1999
Third quarter (beginning July 30, 1999)..................... $ 18.38 $ 10.38
Fourth quarter.............................................. 40.00 13.81
Year Ended December 31, 2000
First quarter............................................... 125.36 22.63
Second quarter.............................................. 90.94 27.00
Third quarter............................................... 73.50 45.00
Fourth quarter.............................................. 60.13 17.81
The last reported sale price of our common stock on the Nasdaq National
Market on March 27, 2001 was $9.25 per share.
Holders
As of March 15, 2001, there were approximately 160 holders of record of our
common stock. This does not include the number of persons whose stock is held
in nominee or "street name" through brokers or other fiduciaries.
Dividends
We have never paid cash dividends on our common stock. We currently intend to
retain any future earnings to fund the development and growth of our business
and therefore do not anticipate paying any cash dividends in the foreseeable
future. Furthermore, our line of credit agreement with Silicon Valley Bank
prohibits the payment of dividends without the bank's prior written consent.
Recent Sales of Unregistered Securities
On October 4, 2000, we issued 1,292,997 shares of our common stock in
connection with our acquisition of Qiave Technologies Corporation. This
transaction was exempt from Securities Act registration under Section 4(2) of
the Securities Act, on the basis that the transaction did not involve a public
offering.
On November 9, 2000, we issued 198,446 shares of our common stock in
connection with the exercise of a warrant by a customer. This transaction was
exempt from Securities Act registration under Section 4(2) of the Securities
Act, on the basis that the transaction did not involve a public offering.
Use of Proceeds
On July 29, 1999, our registration statement on Form S-1 for our public
offering, file number 333-76587, became effective. The offering terminated as a
result of the sale of all shares offered. After accounting for underwriting
discounts and commissions and other expenses, we received net proceeds of
approximately $40.7 million.
28
ITEM 6. SELECTED FINANCIAL DATA
When you read this selected financial data, it is important that you also
read the historical consolidated financial statements and related notes
included in this annual report, as well as the section entitled "Management's
Discussion and Analysis of Financial Condition and Results of Operations." The
historical results are not necessarily indicative of future results.
Period From
February 14, 1996 Year Ended December 31,
(Inception) to ----------------------------------------
December 31, 1996 1997 1998 1999 2000
----------------- -------- -------- --------- ---------
(In thousands, except per share data)
Consolidated Statement
of Operations Data:
Revenues:
Product............... $ 329 $ 4,975 $ 10,678 $ 17,329 $ 52,010
Service............... 2 123 701 3,290 8,693
------ -------- -------- --------- ---------
Total revenues....... 331 5,098 11,379 20,619 60,703
Cost of revenues:
Product............... 104 1,529 3,653 6,954 18,932
Service............... -- 81 272 1,010 2,987
------ -------- -------- --------- ---------
Total cost of
revenues............ 104 1,610 3,925 7,964 21,919
------ -------- -------- --------- ---------
Gross margin........... 227 3,488 7,454 12,655 38,784
Operating expenses:
Sales and marketing... 224 4,369 8,519 13,512 24,213
Research and
development.......... 274 2,192 4,442 7,118 13,900
General and
administrative....... 191 1,323 2,454 3,646 6,001
Stock-based
compensation......... -- -- 1,039 926 8,407
Acquired in-process
technology and
amortization of
goodwill, purchased
technology and other
intangible assets
acquired............. -- -- -- 3,626 8,227
------ -------- -------- --------- ---------
Total operating
expenses............ 689 7,884 16,454 28,828 60,748
------ -------- -------- --------- ---------
Operating loss......... (462) (4,396) (9,000) (16,173) (21,964)
Interest income
(expense), net........ (6) 62 (119) 155 6,515
------ -------- -------- --------- ---------
Loss before income
taxes................. (468) (4,334) (9,119) (16,018) (15,449)
Provision for income
taxes................. -- -- -- -- 215
------ -------- -------- --------- ---------
Net loss............... $ (468) $ (4,334) $ (9,119) $ (16,018) $ (15,664)
====== ======== ======== ========= =========
Basic and diluted net
loss per share (1).... N/A $ (17.17) $ (11.34) $ (1.80) $ (0.66)
====== ======== ======== ========= =========
Shares used in
calculating basic and
diluted net loss per
share (1)............. N/A 252 804 8,903 23,556
====== ======== ======== ========= =========
- --------
(1) See Notes 1 and 6 of Notes to Consolidated Financial Statements for an
explanation of the method used to calculate basic and diluted net loss per
share.
29
December 31,
-------------------------------------
1996 1997 1998 1999 2000
----- ----- ------ ------- --------
(In thousands)
Consolidated Balance Sheet Data:
Cash, cash equivalents and securities
available for sale..................... $ 232 $ 603 $1,712 $26,401 $115,115
Deferred revenue ....................... 334 313 1,841 4,233 11,874
Long-term debt ......................... -- -- -- -- --
Working capital (deficit) .............. (464) 658 (274) 24,395 117,065
Total assets............................ 597 3,303 9,032 41,311 195,930
Total stockholders' equity (deficit).... (318) 1,382 881 32,245 172,405
Dividends payable ...................... -- -- -- -- --
ITEM 7. MANAGEMENT'S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS
OF OPERATIONS
Overview
WatchGuard is a leading provider of Internet security solutions designed to
protect enterprises that use the Internet for electronic commerce and secure
communications. Our award-winning products and services include firewalls for
access control, virtual private networks, or VPNs, for secure communications
and our new ServerLock products for server content and application security.
Our core market includes small- to medium-sized enterprises, or SMEs, large
Internet-distributed enterprises, or IDEs, with ultra-high-speed connections
supporting VPNs between the IDEs and their geographically dispersed branch
offices and telecommuters, small and home offices, or SOHOs, with broadband
connections, and telecommuters. Our recent acquisition of Qiave Technologies
Corporation allowed us to expand our product line with a software-based
solution designed to protect server content and applications from unauthorized
and unintentional access and manipulation. Our innovative subscription-based
LiveSecurity Service delivers threat responses, software updates, expert
editorials, support flashes and virus alerts over the Internet, which enables
enterprises to protect their data and communications in a continuously changing
environment, with minimal effort.
Since our inception, we have invested heavily in the development of our
products and services and financed our operations as follows:
. In September 1996, we introduced our initial Firebox security appliance
and began selling our products both domestically and internationally.
. In 1997, we significantly expanded our worldwide sales and marketing
efforts.
. In 1998, we launched our managed security offering for Internet service
providers and other managed service providers and introduced our second-
generation security appliance, which added significant functionality to
our existing product lines.
. In February 1999, we launched the broadcast portion of our LiveSecurity
Service.
. In July 1999, we raised net proceeds of $40.7 million in the initial
public offering of our common stock.
. In October 1999, we acquired BeadleNet, LLC, a developer of Internet
security solutions for SOHOs, and formed our broadband Internet security
division.
. In January 2000, we announced the introduction of our security solutions
for SOHOs and telecommuters, which we began shipping in the first
quarter of 2000.
. In February 2000, we raised net proceeds of $90.4 million in a follow-on
public offering of our common stock.
30
. In October 2000, we acquired Qiave, a developer of digital information
security systems, which allowed us to expand our product line with
ServerLock, which protects server content and applications against
unauthorized or unintentional changes.
Sources of Revenues and Revenue Recognition Policy
We generate revenues through
. sales of products and service subscriptions indirectly through our
distribution network at a discount from list price;
. sales of products and service subscriptions directly and, from time to
time, indirectly through our distributors, to our service provider
customers at volume pricing rates; and
. sales of service subscription renewals directly to our end-users.
Product revenues include
. the perpetual software license fees for our Firebox System and the sale
of our security appliance as part of our security solutions;
. the sales of software options, such as VPN;
. the sales of our network operations center, or