Back to GetFilings.com

Table of Contents

SECURITIES AND EXCHANGE COMMISSION

WASHINGTON, D.C. 20549

FORM 10-K

For the Fiscal Year ended January 31, 2003

001-15715

(Commission File Number)

TIPPINGPOINT TECHNOLOGIES, INC.

(Exact name of Registrant as specified in its charter)

7501B N. Capital of Texas Highway

Austin, Texas 78731

(Address of principal executive offices)

(512) 681-8000

(Registrant’s telephone number, including area code)

Securities registered pursuant to Section 12(b) of the Act: None

Securities registered pursuant to Section 12(g) of the Act:

Common Stock, $0.01 par value

(Title of Class)

Indicate by check mark whether the Registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the Registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes  x    No  ¨

Indicate by check mark if disclosure of delinquent filers pursuant to Item 405 of Regulation S-K is not contained herein, and will not be contained, to the best of Registrant’s knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-K or any amendment to this Form 10-K:    ¨

Indicate by check whether the Registrant is an accelerated filer (as defined in Exchange Act Rule 12b-2). Yes  ¨    No  x

The aggregate market value of the Registrant’s voting stock held by non-affiliates of the Registrant at July 31, 2002, based on the $11.50 per share closing price for our common stock on the Nasdaq National Market, was approximately $20,050,860.

The number of shares of the Registrant’s common stock outstanding as of March 31, 2003 was 5,254,706.

DOCUMENTS INCORPORATED BY REFERENCE

Certain information from the definitive Proxy Statement for the Registrant’s 2003 Annual Meeting of Stockholders to be filed with the Securities and Exchange Commission pursuant to Regulation 14A not later than 120 days after the end of the Registrant’s fiscal year, is incorporated by reference into Part II and Part III of this Form 10-K.

Table of Contents

Table of Contents

i

Table of Contents

PART I

ITEM 1. BUSINESS

Overview

TippingPoint Technologies^™ designs, manufactures and markets network-based intrusion prevention systems and appliances (IPS) to provide in-depth protection and attack eradication for corporate enterprises, government agencies, service providers and academic institutions. Our UnityOne^™ line of intrusion prevention appliances and systems, which have high-speed, security-optimized, processors that can operate at gigabit speeds, are hardware-based products designed to protect enterprise information systems from external and internal hostile, malicious or cyber-terrorist attacks. Our products are designed to continually analyze Internet and Intranet traffic and block attacks commonly referred to as viruses, worms, Trojans and denial-of-service attacks, before damage occurs and without compromising network performance.

We believe that our competitive advantage is the ability of our products to stop attacks in a network at gigabit per second speeds, without slowing network performance. Our hardware-based platform is designed for network-based attack prevention and is capable of supporting thousands of filters that can inspect each packet across a network segment without compromising network operating performance. We believe that our approach offers customers an effective network-based security solution with attractive economics, high performance, scalability and reliability.

Our IPS products are currently complementary to firewalls, but significantly improve protection against malicious attacks. Even with firewalls, organizations are still plagued by dangerous attacks such as Code Red, Nimda and Sapphire, which penetrate through firewalls. Accordingly, IPS products are increasingly seen as a critical tier of any multi-tier security strategy. Firewalls offer security mechanisms for limited layers of network communications. Our UnityOne IPS products protect information technology infrastructures from attacks that firewalls miss, and prevent intrusions within network communication that firewalls cannot prevent. Firewalls are also typically positioned at the network perimeter. UnityOne IPS products have the ability to be located either at the core of the network or at the perimeter, enabling protection from external and internal attacks and abuses.

Network Security Problem

Over the past few years, Internet usage has grown rapidly as more computer users connect to the Internet. With Internet and Intranet usage becoming more prevalent, enterprises are increasingly using both to conduct their business. Enterprises, including governmental agencies, are using the world-wide networking advantages of the Internet by connecting their internal networks to the Internet, thereby expanding their operations, facilitating communications within the enterprise, enabling e-commerce and transaction processing and communicating with customers, suppliers, employees and business partners. Many enterprises accomplish this by connecting to the Internet at a variety of access points, including major corporate offices, branch offices, remote user locations, Internet data centers and e-business Web sites.

While Internet usage is increasing, the access speed at which individuals and enterprises are connecting to the Internet is also increasing. Consumers and smaller enterprises are shifting from dial-up modem connections to broadband connections, using cable or digital subscriber line, or DSL, modems. These broadband connections enable users to access the Internet at speeds up to 20 times faster than a dial-up modem. Similarly, larger enterprises, including governmental agencies, are moving from T1 connections and T3 connections to higher speed OC-3 connections and gigabit Ethernet connections. Web site connection speeds are also increasing as many Web sites, which were originally operated from an enterprise’s own facilities, have been outsourced to Internet data centers, which deliver higher bandwidth connections.

1

Table of Contents

As enterprises, including governmental agencies, increasingly use the Internet to conduct business, the amount of confidential and sensitive information that is delivered over, and is accessible through, the Internet increases. Unlike the private, dedicated communications networks that enterprises, including governmental agencies, used for several decades, which were relatively secure from intruders, the Internet and networks connected to it are susceptible to security threats and malicious eavesdropping due to their openness and ease of access. As a result, these networks are now susceptible to attempted breaches of network security, or hacker or cyber attacks, intended to access confidential information or to otherwise interfere with network communications. The risk of cyber-attack is growing tremendously. According to Carnegie-Mellon University’s Software Engineering Institute, the number of new cyber-attack vulnerabilities (i.e., the ways in which a network is susceptible to attack) reported increased from 1,090 in 2000 to 4,129 in 2002.

In the past, enterprises deployed a combination of firewalls, intrusion detection systems (IDS) and vulnerability assessment scanners to protect their networks from security breaches. The first generation of these products generally were designed to secure low bandwidth connections to the Internet. As network connection speeds increased, these early types of security products created significant performance bottlenecks in networks, slowing down connection speeds. As security needs of enterprises evolve, single-function low speed products are less able to cost-effectively meet the performance and manageability needs of enterprises.

We believe enterprises, including governmental agencies, need high-performance, cost-effective products to secure their networks. We also believe that enterprises desire a network security solution that can scale from low bandwidth to high bandwidth connections, while delivering high-speed network performance and availability. In response to this preference, existing security vendors have started to include additional capabilities in their single-function products. However, these products were not originally designed to deliver multiple functions and, as a result, the addition of these functions tends to decrease performance and increase product complexity. A small number of companies have introduced intrusion prevention network security solutions, which are designed to prevent, rather than just detect, network attacks. However, these intrusion prevention systems can dramatically reduce network performance, or even cause the network to crash, and may not be able to discern hostile from legitimate traffic, failing to block hostile traffic and blocking legitimate traffic.

The TippingPoint Solution

We have developed a hardware-based line of intrusion prevention appliances and systems designed to protect enterprise information systems from external and internal hostile, malicious or cyber-terrorist attacks. Our UnityOne IPS products, which have high-speed security optimized processors and can operate at gigabit speeds, are designed to continually analyze Internet and Intranet traffic and block attacks commonly referred to as viruses, worms, Trojans, and denial-of-service attacks, before damage occurs and without compromising network performance We believe that having our products within the network results in enhanced reliability of intrusion protection and decreased cost of security. We believe that this approach offers our customers an effective network-based security solution with attractive economics, high performance, scalability and reliability.

We currently are marketing three intrusion protection appliances, UnityOne-2400 for large enterprises, UnityOne-1200 for enterprise applications and UnityOne-400 for small to medium sized enterprises, and an intrusion protection system, UnityOne-2000 for carriers and high-density enterprise applications.

Our network defense appliances and systems require minimal configuration. As a result, they can be deployed quickly and cost-effectively in a network. Each of our appliances supports up to eight network zones, and our high-end systems support up to 20 network zones, providing protection against both external and internal attacks. Most importantly, we designed our UnityOne appliances and systems to have “switch-like” performance. Our UnityOne IPS products exhibit extremely low latencies, or delays in sending a message over the network, and support over 1,000,000 concurrent sessions and 25,000 new sessions per second, regardless of

2

Table of Contents

traffic profile or attack conditions. Our products are designed to perform to network switch levels of availability and latency, even at gigabit speeds.

Our IPS products are currently complementary to firewalls, but significantly improve protection against malicious attacks. Even with firewalls, organizations are still plagued by dangerous attacks such as Code Red, Nimda and Sapphire, which penetrate through firewalls. Our UnityOne IPS products protect information technology infrastructures from attacks that firewalls miss, and prevent intrusions within network communication that firewalls cannot prevent.

Our appliances and systems have built-in capabilities designed to ensure that network traffic is not disrupted and that intrusion prevention operates seven days a week, 24 hours a day. In the event of an internal failure of its security processors, software or hardware, every UnityOne appliance and system will automatically revert to traffic pass-through, preventing network downtime. Our appliances and systems support redundant network configuration with two appliances to achieve full security at all times. Depending on how they are configured, the UnityOne appliances can both operate actively or one can operate passively as an alternate for the active appliance. If the active appliance fails, traffic is routed to the back-up appliance. The two appliances can also be set up in full mesh configuration, when they actively operate simultaneously.

We provide a real-time attack filter update service, called Digital Vaccine^™, that delivers rapid inoculation of our products against emerging threats. Our Threat Management Center monitors and collects security intelligence from alert services around the world, we perform investigations of first strike vulnerabilities and then we create antidotes that are delivered to subscribers in the form of a Digital Vaccine. We develop and deploy these UnityOne attack filters to provide vulnerability remediation before related exploits occur. Our capability of delivering evergreen attack coverage generates savings for our customers by eliminating the costs associated with the significant operational efforts needed to quickly patch hundreds or thousands of servers and/or client systems during or following an actual attack. Further, as a public service under the National Strategy to Secure Cyberspace, we partner with SANS (SysAdmin, Audit, Network, Security) Institute, a cooperative research and education organization, to evaluate, assess and rate (based on greatest threat) new vulnerabilities every week.

We also offer our customers an optional Peer-to-Peer Privacy Prevention (PPPP) capability that allows enterprises to control the use of peer-to-peer file sharing applications for all our UnityOne appliances and systems. Peer-to-peer file sharing applications like Kazaa, Morpheus, Grokster, Limewire, WinMX, and Bearshare are often used illegally to copy music and videos. Allowing this type of traffic to run unabated exposes enterprises to potential copyright infringement litigation and reduced network performance due to bandwidth monopolization. Our products, with the optional PPPP capability, enable enterprises to block, limit and prioritize peer-to-peer traffic based on specific client, server, IP address or application type.

We believe that our products significantly reduce the cost of securing a network and increase enterprise productivity. Our customers can solve the on-going, day-to-day, maintenance costs associated with patching their systems in response to reported vulnerabilities with efficiency and lower cost. They can also reduce the risk and cost of damage remediation because our products block attacks before they can cause any damage. Since our products are designed to protect networks from down time caused by cyber attacks at higher network speeds, without crashing the network, the network productivity of our customers is also increased.

Our UnityOne line of high-speed intrusion prevention appliances and systems are the first in what we contemplate will be a continuing line of network security products and services. We expect to package and market each generation of products with complementary services.

Sales and Marketing

We market and sell our network security products through a network of resellers that we maintain throughout North America. Our sales organization supports resellers in creating demand by potential end users.

3

Table of Contents

Our arrangements with resellers are non-exclusive, territory specific, generally cover all of our products and provide for appropriate discounts based on a variety of factors including volume purchases.

We also have a dedicated sales force with experience in selling network security products through resellers to support this sales channel. The sales organization is supported by a team of experienced sales engineers who are responsible for providing pre-sale technical support and technical training for the sales team and for resellers. All of our salespeople are responsible for lead follow-up and account management.

Our marketing includes advertising, our Web site, trade shows, direct marketing and public relations. Our marketing program is designed to build the TippingPoint and UnityOne brands, increase customer awareness, generate leads and communicate our product advantages. We will also use our marketing program to support the sale of our products through new channels and to new markets.

We plan to pursue opportunities for Original Equipment Manufacture (OEM) relationships with larger companies to bundle our products into their product and service solutions. In addition, we have developed relationships with system integrators, who will market our products to their clients in connection with their services and solutions.

We introduced our system product in February 2002, conducted beta trials during the spring of 2002, and began marketing it in September 2002. We announced our new line of appliances in February 2003.

Research and Development

We believe that strong product development capabilities are essential to our strategy of developing and improving our product and service offerings. We will continue to invest significant time and resources in creating a structured process for undertaking all product development projects. We have actively recruited and hired engineers and software developers with expertise in the areas of hardware design, software and system implementation, and supported this effort with individuals and additional management with extensive backgrounds in the network security and infrastructure, enterprise software and telecommunications industries. We will focus our ongoing research and development efforts on our suite of network security products.

Our research and development expenses totaled approximately $16.7 million for the fiscal year ended January 31, 2003, $1.5 million for the month ended January 31, 2002, and approximately $13.4 million and $6.0 million for the fiscal years ended December 31, 2001 and 2000, respectively.

Manufacturing

We currently use a third party to manufacture sub-assemblies for our UnityOne line of products. We perform final product assembly and quality testing at our headquarters in Austin, Texas.

Competition

Our network security line of products competes in markets that are intensely competitive, fragmented and rapidly changing. We expect competition in the market for network security products to intensify in the future. We expect to encounter strong competition from current and potential competitors in our target markets, many of whom are bringing new solutions to market, focusing on specific segments of our target markets and establishing alliances and Original Equipment Manufacture (OEM) relationships with larger companies who will bundle these competitive products into their product and service solutions, and with some of the same resellers we intend to use. We believe that the principal competitive factors affecting the market for network security include network accuracy at switching speeds, security effectiveness, technical features, ease-of-use, price, scope of offering and customer service and support. Although we believe that our products generally

4

Table of Contents

compete favorably with respect to such factors, we cannot guarantee that we will compete successfully against current and potential competitors, especially those with greater financial resources or brand name recognition.

Current and potential competitors in our market include the following:

Intellectual Property

We rely on a combination of trademark, trade secret and copyright law and contractual restrictions to protect the proprietary aspects of our technology. We have filed eleven patent applications for inventions related to the core technology for our network security products and have applied to register various trademarks relating to our business. We anticipate filing additional patent applications for other inventions that we determine will be key to our network security business. We can give no assurance that we will obtain any such patents, or that any patents we obtain will be useful in our business. If we are not successful in obtaining the patent protection we seek, our competitors may be able to replicate our technology and more effectively compete with us.

Employees

We had 98 full-time employees as of March 31, 2003, a substantial majority of whom are non-management personnel. None of our employees are represented by a labor union. We have not experienced any work stoppages, and we believe that we have satisfactory employee relations.

Discontinued Operations

From our inception in 1999 through January 2001, our operations consisted primarily of developing and offering consumers Internet-based content, applications and services through Internet appliances, which we also marketed and sold. That business model required a great deal of capital since we sold the Internet appliance at a loss to try to attract customers to our Internet access service. Shortly after the initial public offering of our common stock in March 2000, the U.S. equity markets entered a period of increased volatility in which the stocks of many technology companies, including ours, were negatively impacted. As a result, it became apparent to us that it would be very difficult to raise the additional financing required to sustain and grow our consumer Internet offering to a point at which we could achieve profitability. In November 2000, we began shifting our business model to focus on providing an offering for information systems and away from our Internet appliance offering. In connection with this shift in focus, we restructured our operations. In January 2001, we announced our decision to discontinue our Internet appliance and service business. At that time, we

5

Table of Contents

terminated all marketing and sales efforts related to our consumer Internet appliance and service business. We had completely exited this business by December 2001. We experienced operating losses while trying to build, support and, ultimately, wind this business down.

SPECIAL NOTE ON FORWARD-LOOKING STATEMENTS AND RISK FACTORS

This report contains “forward-looking statements” within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934, both as amended. All statements other than statements of historical fact are “forward-looking statements” for purposes of federal and state securities laws, including: any projections of earnings, revenues or other financial items; any statements of the plans, strategies and objectives of management for future operations; any statements concerning proposed new products, services or developments; any statements regarding future economic conditions or performance; any statements of belief; and any statements of assumptions underlying any of the foregoing. Forward-looking statements may include the words “may,” “will,” “estimate,” “intend,” “continue,” “believe,” “expect,” “plan” or “anticipate” and other similar words. Such forward-looking statements may be contained in the sections “Factors Affecting Operating Results,” “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and “Business,” among other places in this report.

Although we believe that the expectations reflected in our forward-looking statements are reasonable, actual results could differ materially from those projected or assumed. Our future financial condition and results of operations, as well as any forward-looking statements, are subject to change and to inherent risks and uncertainties, such as those disclosed in this report. We do not intend, and undertake no obligation, to update any forward-looking statement.

Factors Affecting Operating Results

There are numerous risks affecting our business, some of which are beyond our control. An investment in our common stock involves a high degree of risk and may not be appropriate for investors who cannot afford to lose their entire investment. In addition to the risks outlined below, risks and uncertainties not presently known to us or that we currently consider immaterial may also impair our business operations. Our future operating results and financial condition are heavily dependent on our ability to successfully develop, manufacture and market technologically innovative solutions in order to meet customer demands for network security. Inherent in this process are a number of factors that we must successfully manage if we are to achieve positive operating results in the future. Potential risks and uncertainties that could affect our operating results and financial condition include, without limitation, the following:

We cannot predict our future results because we have a limited operating history and have only recently introduced our line of products within the network security industry.

We have a limited operating history and little history operating our network security business. Our line of products only recently became generally available for purchase, and we have not yet recognized any revenues from that line of products. Therefore, we have little meaningful historical financial data upon which to base projections of operating expenses or revenues. We began to focus on our network security offering in the later half of 2001. Our network security offering is still in the early stage, and we have only recently achieved any sales from this offering. There are significant risks and costs inherent in our efforts to undertake this business model. These include the risk that we may not be able to achieve market acceptance for our network security line of products or earn significant revenues from the sale of such products, that our business model may not be profitable and other significant risks related to our business model. Our prospects must be considered in light of the uncertainties and difficulties frequently encountered by companies in their early stages of development. These risks are heightened in rapidly evolving industries, such as network security. It is possible that we will exhaust all available funds before we reach positive cash flow.

6

Table of Contents

It is possible that we may never become profitable.

Successful implementation of our network-based IPS products business model continues to involve several risks. These risks include:

In addition, although we believe that the actions that we are taking under our business plan will help us become profitable, we cannot assure you that such actions will succeed in the long or short term.

Internal and external changes resulting from our financial condition may concern our prospective customers, strategic relationships, resellers and employees, and produce a prolonged period of uncertainty, which could have a material adverse affect on our business. Our strategy requires substantial changes, including pursuing new strategic relationships, increasing our research and development expenditures, adding employees who possess the skills we believe we will need going forward, investing in new technologies, establishing leadership positions in new high-growth markets, establishing distribution channels for our new products and realigning and enhancing our sales and marketing departments. Many factors may impact our ability to successfully implement our strategy, including our ability to finalize agreements with other companies, sustain the productivity of our workforce, introduce innovative new products in a timely manner, manage operating expenses and quickly respond to, and recover from, unforeseen events associated with our strategy.

The market for our IPS products may not develop as we contemplate, which could result in our failure to achieve sales and profits from our business model.

Our business model involves competing in a dynamic market. Our financial performance and any future growth will depend, in part, upon our ability to obtain market share from existing competitors. We intend to invest a significant portion of our resources in the network security market, which we anticipate will grow at a significantly higher rate than the broader networking and infrastructure industry on average. The markets for network security solutions are highly competitive, and we are not certain that our target customers will widely adopt and deploy our IPS technology. Even if our IPS products are effective, our target customers may not choose to use them for technical, cost, support or other reasons. We are offering a different solution to network security, and it may not be accepted by the market as an alternative to existing solutions.

7

Table of Contents

Competition in the network security market may reduce the demand for, or price of, our products.

The market for network security products is highly competitive, and we expect competition to intensify in the future. Our competitors may introduce new competitive products for the same markets targeted by our line of products. These products may have better performance, lower prices and broader acceptance than our products. Competition may reduce the overall market for our products.

Current and potential competitors in our market include the following:

Many of these current and potential competitors have longer operating histories, greater name recognition, larger customer bases and significantly greater financial, technical, sales, marketing and other resources than we do. Many of our competitors may also have existing relationships with the resellers who we use to sell our products, or with our potential customers. In addition, some of our competitors currently combine their products with other companies’ networking and security products to compete with our products. These competitors also often combine their sales and marketing efforts to compete with our products. This competition may result in reduced prices and longer sales cycles for our products. If any of our larger competitors were to commit greater technical, sales, marketing and other resources to our markets, our ability to compete would be adversely affected.

Our business will suffer if our target customers do not accept our IPS products.

Our revenues will depend upon the widespread acceptance and use of network security technology by our target market. Substantially all of our revenues may come from sales of one or two product lines, making us dependent on widespread market acceptance of these products. We may be more dependent on the market acceptance of individual product lines than our competitors with broader offerings. Factors that may affect the market acceptance of our anticipated line of products include:

8

Table of Contents

If we are unable to acquire key components or are unable to acquire them on favorable terms, our business will suffer.

Some key processors and other components of our line of products upon which we rely are currently available only from single or limited sources. In addition, some of the suppliers of these components will also be supplying certain of our competitors. We cannot be certain that our suppliers will be able to meet our demand for components in a timely and cost-effective manner. We expect to carry little inventory of some of our products and product components, and we will rely on our suppliers to deliver necessary components to our contract manufacturers in a timely manner based upon forecasts we provide. Some of the semiconductors and processors we require are complex, and we may not be able to develop an alternate source of supply in a timely manner, which could hurt our ability to deliver our products to our customers. If we are unable to buy these components on a timely and a cost-efficient basis, we may not be able to deliver products to our customers, which would negatively impact future revenues and, in turn, seriously harm our business.

At various times, some of the key components for our products have been in short supply. Delays in receiving components would harm our ability to deliver our products on a timely basis. In addition, because we expect to rely on purchase orders rather than long-term contracts with our suppliers, we cannot predict with certainty our ability to procure components in the longer term. If we receive a smaller allocation of components than is necessary to manufacture products in quantities sufficient to meet our customers’ demand, those customers could choose to purchase competing products.

Our reliance on third parties to manufacture and assemble our products could cause a delay in our ability to fill orders, which might cause us to lose sales.

We currently use a single third party to manufacture sub-assemblies of our products and we purchase our components on a purchase order basis. We expect to continue this method of procurement indefinitely. If we cannot continue our arrangement with our contract manufacturer, and if we cannot establish an arrangement with at least one contract manufacturer who agrees to manufacture our sub-assemblies on terms acceptable to us, we may not be able to produce and ship our products, and our business will suffer. If we fail to manage our relationships with our contract manufacturers effectively, or if they experience delays, disruptions or quality control problems in their manufacturing operations, our ability to ship products to our customers could be delayed.

The absence of dedicated capacity with our contract manufacturers means that, with little or no notice, they could refuse to continue manufacturing some or all of our products. Qualifying new contract manufacturers and commencing volume production would be expensive and time-consuming. If we are required or choose to change contract manufacturers, we could lose revenues and damage our customer relationships.

Our reliance on third-party manufacturers also exposes us to the following risks that are outside our control:

9

Table of Contents

If we fail to develop or maintain relationships with significant resellers, or if these resellers are not successful in their sales efforts, sales of our products and our operating results would suffer.

We expect to derive the bulk of our total revenues from sales by resellers. Sometimes purchasers of network security solutions choose their products based on which network security solution is carried by the reseller from whom they buy other products, rather than solely on performance characteristics. We do not expect to have any long-term contracts or minimum purchase commitments with any of our resellers. In addition, our resellers may sell products that are competitive with ours, may devote more resources to those competitive products and may cease selling our products altogether. The resellers through whom we sell our products may not be successful in selling our products, for reasons beyond our control. If any of the foregoing occurs, our operating results will suffer.

Marketing to most of our target customers involves long sales and implementation cycles, which may cause revenues and operating results to vary significantly.

We market our line of products primarily to large enterprises and government agencies through resellers. A prospective customer’s decision to purchase our products will often involve a significant commitment of its resources and a lengthy evaluation and product qualification process. Throughout the sales cycle, we anticipate often spending considerable time educating and providing information to prospective customers regarding the use and benefits of our products. Budget constraints, budget cycles and the need for multiple approvals within these organizations may also delay the purchase decision. Failure to obtain the required approval for a particular project or purchase decision on a timely basis may delay the purchase of our products. As a result, we expect that the sales cycle for our network security solutions typically will be 90 to 180 days. These long cycles may cause delays in any potential sale, and we may spend a large amount of time and resources on prospective customers who decide not to purchase our line of products and services, which could materially and adversely affect our business.

Even after making the decision to purchase our products, our customers may not deploy our products broadly within their networks. We expect the timing of implementation to vary widely, depending on the complexity of the customer’s network environment, the size of the network deployment, budget constraints, the skill set of the customer and the degree of hardware and software configuration necessary to deploy our products. Enterprises, including governmental agencies, with large networks usually expand their networks in large increments on a periodic basis. In addition, large enterprises and governmental agencies, and resellers selling to such entities, typically pay their suppliers over a longer period of time, which could negatively affect our liquidity.

Our IPS products are designed for the network infrastructure market, which requires us to maintain a sophisticated sales force, engage in extensive negotiations and provide high level engineering support to complete sales. If we do not successfully market our IPS products to these targeted customers, our operating results will be below our expectations and the expectations of investors and market analysts, which would likely cause the market price of our common stock to decline.

We will not be able to develop or continue our business if we fail to attract and retain key personnel.

Our future success depends on our ability to attract, hire, train and retain a number of highly skilled employees and on the service and performance of our senior management and other key personnel. The loss of the services of our executive officers or other key employees could adversely affect our business. Competition for qualified personnel possessing the skills necessary for success in the competitive market of the network security industry is intense, and we may fail to attract or retain the employees necessary to execute our business

10

Table of Contents

model successfully. Because we have experienced operating losses, we may have a more difficult time in attracting and retaining the employees we need.

We will also offer support and other services through maintenance and other agreements. Although we plan to provide support services sufficient to meet our expected business level, our growth will be limited in the event we are unable to hire or retain support services personnel or subcontract these services to qualified third parties.

Some members of our management team have joined us only recently. Our success depends to a significant degree upon the continued contributions of our key management, engineering, research and development, business development and marketing and other personnel, many of whom would be difficult to replace. In particular, we believe that our future success is highly dependent on John F. McHale, Chairman and Chief Executive Officer, with whom we do not have an employment agreement.

Our failure to develop or introduce new products or product enhancements might cause our business to suffer.

The market for network security products is characterized by rapid technological change, frequent new product introductions, changes in customer requirements, intense competition and evolving industry standards. Therefore, our success will depend upon our ability to identify product opportunities, to develop and introduce products in a timely manner and to gain market acceptance of any products developed. In developing our products, we have made, and will continue to make, assumptions with respect to which features, security standards and performance criteria will be required by our customers. We also expect to develop products with strategic partners and incorporate advanced third-party security capabilities into our products. We may not be able to develop new products or product enhancements in a timely manner, or at all. If we fail to develop or introduce these new products and product enhancements, such failure might cause our products to be less competitive. In addition, our assumptions about customer requirements may be wrong. If we implement features, security standards and performance criteria that are different from those required by our customers, market acceptance of our products may be significantly reduced or delayed. Even if we are able to develop and introduce new products and enhancements, these products or enhancements may not achieve widespread market acceptance. Any failure of our products or product enhancements to achieve market acceptance could cause our business to suffer.

If we are unable to integrate our products with our customers’ networks, our business will suffer.

The network security solutions that we are marketing must interface with our customers’ existing networks, each of which will likely have different specifications and utilize multiple protocol standards. Many of our prospective customers’ networks contain multiple generations of hardware and software that have been added over time as these networks have grown and evolved. In order to meet our customers’ requirements, our products must interface with all of the hardware and software within these networks, as well as with hardware and software that our customers may add to these networks in the future. If we find errors in the existing software used in our customers’ networks, we may have to modify our software to fix or overcome these errors so that our products will interface and scale with the existing software and hardware. If our products do not interface with those within our customers’ networks, installations could be delayed or orders for our products could be cancelled, which would significantly impact our revenues, and our business would suffer materially.

We may not be able to compete effectively if we are not able to protect our intellectual property.

We intend to rely on a combination of patent, trademark, trade secret and copyright law and contractual restrictions to protect the intellectual property we develop. We have filed eleven patent applications related to our network security products in the United States. We have also applied to register certain trademarks relating to our business in the United States. We anticipate filing additional patent and trademark applications relating to our business. If we are not successful in obtaining the patent protection we need, our competitors may be able to

11

Table of Contents

replicate our technology and compete more effectively against us. We also enter, and plan to continue to enter, into confidentiality or license agreements with our employees, consultants and other parties with whom we contract, and control access to and distribution of our software, documentation and other proprietary information. The legal protections described above would afford only limited protection. Unauthorized parties may attempt to copy aspects of our products, or otherwise attempt to obtain and use our intellectual property. Monitoring unauthorized use of our products will be difficult, and the steps we have taken may not prevent unauthorized use of our technology, particularly in foreign countries where the laws may not protect our proprietary rights as fully as in the United States.

Downturns in the network security and related markets may cause our revenues and operating results to suffer.

The market for our products depends on economic conditions affecting the broader network security and information technology market. A prolonged downturn in these markets may cause large enterprises to delay or cancel security projects, reduce their overall or security-specific information technology budgets or reduce or cancel orders for our products. In this environment, customers may experience financial difficulty, cease operations or not budget for the purchase of our products. This, in turn, may lead to longer sales cycles, price pressures, delays in payment and collection, causing us to realize lower revenues and margins. Recent political turmoil in many parts of the world, including terrorist and military actions and the war in Iraq, may continue to put pressure on global economic conditions. If the economic and market conditions in the United States and globally do not improve, or if they deteriorate further, we may experience material adverse impacts on our business, operating results and financial condition as a result of the factors stated above or otherwise.

Undetected product errors or defects could result in loss of revenues, delayed market acceptance and claims against us.

We offer a warranty on all of our products, allowing the customer to have any defective unit repaired or to receive a replacement product within a certain period after the date of sale. Our products may contain undetected errors or defects. If one of our products fails, we may have to replace all affected products without being able to record any revenue for the replacement units, or we may have to refund the purchase price for the defective units. Some errors are discoverable only after a product has been installed and used by customers. Any errors discovered after our products have been widely used by customers could result in loss of revenues and claims against us.

If we are unable to fix errors or other problems that later are identified after installation, in addition to the consequences described above, we could experience:

12

Table of Contents

If we fail to predict our manufacturing requirements accurately, we could incur additional costs or experience manufacturing delays, which could reduce our gross margins or cause us to lose sales.

We provide forecasts of our demand to our contract manufacturer prior to the scheduled delivery of products to our customers. If we overestimate our requirements, our contract manufacturer may have excess component inventory, which would increase our costs. If we underestimate our requirements, our contract manufacturer may have an inadequate component inventory, which could interrupt the manufacturing of our products and result in delays in shipments and revenues. In addition, lead times for materials and components that we order vary significantly and depend on factors such as the specific supplier, contract terms and demand for each component at a given time. We may also experience shortages of components from time to time, which also could delay the manufacturing of our products.

A breach of network security could harm public perception of our IPS products, which could harm our business.

If an actual or perceived breach occurs in one of our customer’s network security systems, regardless of whether the breach is attributable to our IPS products, the market perception of the effectiveness of our products could be harmed. This could cause us to lose existing and potential customers or cause us to lose existing and potential resellers. Because the techniques used by computer hackers to access or sabotage networks change frequently and generally are not recognized until launched against a target, we may be unable to anticipate these techniques.

Because we are in the business of providing network security, our own networks may be more likely to become a target of attacks. If attacks on our internal networks are successful, public perception of our IPS products would be harmed.

We might have to defend lawsuits or pay damages in connection with any alleged or actual failure of our products.

Because our products will provide and monitor network security and may protect valuable information, we could face claims for product liability, tort or breach of warranty. Anyone who circumvents our network security measures could misappropriate the confidential information or other property of customers using our products, or interrupt their operations. If that happens, affected customers or others may sue us. In addition, we may face liability for breaches caused by faulty installation of our products by our service and support organizations. Defending a lawsuit, regardless of its merit, could be costly and divert management attention. Our business liability insurance coverage may be inadequate or future coverage may be unavailable on acceptable terms or at all.

We could become subject to litigation regarding intellectual property rights that could be costly and result in the loss of significant rights.

In recent years, there has been a significant increase in litigation in the United States involving patents and other intellectual property rights. In the future, we may become a party to litigation to protect our intellectual property or to defend against an alleged infringement by us of another party’s intellectual property. Claims for alleged infringement and any resulting lawsuit, if successful, could subject us to significant liability for damages and invalidation of our intellectual property rights. These lawsuits, regardless of their success, would likely be time-consuming and expensive to resolve and would divert management time and attention. Any potential intellectual property litigation could also force us to do one or more of the following:

13

Table of Contents

If we are forced to take any of these actions, our business might be seriously harmed. Our business insurance may not cover potential claims of this type or may not be adequate to indemnify us for all liability that could be imposed.

The inability to obtain any third-party license required to develop new products and product enhancements could seriously harm our business, financial condition and results of operations.

From time to time, we may be required to license technology from third parties to develop new products or product enhancements. Third-party licenses may not be available to us on commercially reasonable terms, or at all. Our inability to obtain any third-party license necessary to develop new products or product enhancements could require us to obtain substitute technology of lower quality or performance standards, or at greater cost, which could seriously harm our business, financial condition and results of operations.

Our officers and directors own a large percentage of our outstanding stock and could significantly influence the outcome of actions.

Our executive officers and directors, in the aggregate, owned approximately 39% of our outstanding stock as of March 31, 2003. These stockholders, if acting together, would be able to significantly influence all matters requiring approval by our stockholders, including the election of directors and the approval of mergers or other business combination transactions.

Shares of common stock eligible for public sale could cause our stock price to decline.

The market price of our common stock could decline as a result of sales by our existing stockholders of a large number of shares of our common stock in the market, or the perception that such sales could occur. This circumstance may be more significant because of the relatively low volume of our common stock that is traded on any given day. All of our outstanding common stock that was issued in private placements prior to October 2002 may currently be resold in reliance on Rule 144 of the Securities Act of 1933. The holders of the shares of our common stock issued in our October 2002 private placement have the right to require us to register the resale of those shares at any time after January 1, 2003. Any such registration will result in additional shares being sold in the market, which may have a negative impact on the market price of our common stock. Even without registration, significant amounts of such shares will be tradable under Rule 144 starting in October 2003.

We may be unable to obtain the additional capital required to grow our business, which could seriously harm our proposed business. If we raise additional funds, our current stockholders may suffer substantial dilution.

As of January 31, 2003, we had approximately $27.2 million in cash, cash equivalents and short-term investments on hand. In July 2002, we entered into a loan agreement consisting of term loan facility for equipment and software purchases of up to $2.5 million, of which we had outstanding borrowings of approximately $1 million at January 31, 2003, and a revolving loan facility for working capital of up to $5 million. We also received approximately $10 million in a private placement of our common stock in October 2002. We may need to raise additional funds at any time and, given our history, we cannot be certain that we will be able to obtain additional financing on favorable terms, if at all. Due to the recent volatility of the U.S. equity markets, particularly for smaller technology companies, we may not have access to new capital investment when we need to raise additional funds.

14

Table of Contents

Our future capital requirements will depend upon several factors, including whether we are successful in developing our products, and our level of operating expenditures. Our expenditures are likely to rise as we continue our technology and business development efforts. If our capital requirements vary materially from those we currently plan, we may require additional financing sooner than anticipated. If we cannot raise funds on acceptable terms, we may not be able to develop our products and services, take advantage of future opportunities or respond to competitive pressures or unanticipated requirements, any of which could have a material adverse effect on our ability to develop and grow our business.

Further, if we issue equity securities, our existing stockholders will experience dilution of their ownership percentages, and the new equity securities may have rights, preferences or privileges senior to those of our common stock. If we do not obtain additional funds when needed, we could quickly cease to be a viable going concern.

We do not intend to declare dividends and our stock could be subject to volatility.

We have never declared or paid any cash dividends on our common stock. We presently intend to retain all future earnings, if any, to finance the development of our business and do not expect to pay any dividends in the foreseeable future.

The market price of our common stock may fluctuate significantly in