Fortinet, Inc. (NASDAQ: FTNT) Q2 2025 Earnings | 08/07/2025

Hello and welcome to Fortinet's second quarter 2025 earnings conference call. At this time, all participants are in a listen-only mode. After the speakers' presentation, we will conduct a question and answer session. Please be advised that this call is being recorded. I would now like to hand the call over to Aaron Ovardia, Senior Director of Investor Relations. Please go ahead.

Thank you and good afternoon everyone. I am pleased to welcome everyone to our call to discuss Fortinet's financial results for the second quarter of 2025. Joining me on today's call are Ken Xie, Fortinet's founder, chairman, and CEO; Christiana Olgart, our CFO; and John Whittle, our COO. Ken will begin our call today by providing a high-level perspective on our business. Cristiana will then review our financial results for the second quarter of 2025 before providing guidance for the third quarter and updating the full year. We will then open the call for questions. During the Q&A session, we ask that you please limit yourself to one question and one follow-up question to allow others to participate. Before we begin, I'd like to remind everyone that on today's call, we will be making forward-looking statements, and these forward-looking statements are subject to risks and uncertainties which could cause actual results to differ materially from those projected. Please refer to our SEC filings, in particular, the risk factors in our most recent Form 10-K and Form 10-Q for more information. All forward-looking statements reflect our opinions only as of the date of this presentation and we undertake no obligation and specifically disclaim any obligation to update forward-looking statements. Also, all references to financial metrics that we make on today's call are non-GAAP unless stated otherwise. Our GAAP results and GAAP to non-GAAP reconciliations are located in our earnings press release and in the presentation that accompany today's remarks, both of which are posted on our investor relations website. As a reminder, this is a live call that will be available for replay via webcast on our investor relations website. The prepared remarks will also be posted on the quarterly earnings section of our IR website following today's call. Lastly, all references to growth are on a year-over-year basis unless noted otherwise. I will now turn the call over to Ken.

Thank you, Ken. Thank you, Aaron. And good afternoon, everyone. As Ken mentioned, Fortinet's growth and momentum are strong. We beat our billings and operating margin guidance for the second quarter and raised our full-year billings outlook. Total billings grew by 15% to $1.78 billion, driven by 21% growth in unified SASE and 31% growth in SecOps. Unified SASE and SecOps now account for 24% and 11% of total billings respectively, up one point each. Our strong billings growth was driven by continued momentum in expanding into the large enterprise, as the number of deals greater than $1 million increased by 29% while their total dollar value grew by 51%. Among our top five verticals, financial services, the vertical with arguably the most sophisticated and discerning security purchasers, led the way with billings growth of over 30%. In addition, we continue to expand our customer base. Over 6,900 new organizations chose our unified single FortiOS platform to power their cybersecurity strategy. The robust growth in new customers is a clear testament to our strong position in the SMB market, driven by the continued commitment and loyalty of our channel partners. Total RPO grew by 12% to $6.64 billion, while current RPO grew by 15% to $3.45 billion. With regards to ARR, unified SASE increased by 22% to $1.15 billion and SecOps increased by 35% to $463 million. Within unified SASE, FortiSASE, our SSE solution, delivered strong results with ARR growth of over 100% while the customer base expanded by 65%. Furthermore, adoption momentum has remained strong as 13% of our large enterprise customers have purchased FortiSASE, highlighting our continued expansion of SASE in our customer base. As a reminder, the typical customer journey begins with the purchase of our FortiGate firewall. From there, customers often expand to our integrated secure SD-WAN solution before adopting our single-vendor SASE offering, reflecting the growing convergence of security and networking. Over 50% of our SASE customers also leverage our SD-WAN solution, while 90% of our large enterprise SASE customers began their journey with SD-WAN, reflecting the value of our integrated platform approach and the convergence of security and networking. Total revenue grew by 14% to $1.63 billion, led by EMEA with growth of 18% while the Americas and APAC both grew 11%. Product revenue increased by 13% to $509 million, benefiting from upgrade buying and strong growth in operational technology. We saw growth in all geos as we continue to lead the cybersecurity industry in product revenue. Software license revenue grew at a high-teens rate and accounted for a high-teens percentage of total product revenue. Service revenue grew by 14% to $1.12 billion. Service billings grew by 17%, our highest growth rate in the past six quarters, reflecting many enterprise agreement renewals as our loyal customers continue to invest in our solutions and benefit from our strong track record of innovation. Now, I'd like to highlight some seven-figure deals that demonstrate how customers are adopting FortiSASE, consolidating networking and security, and expanding their overall footprint with Fortinet. First, an educational institution in APAC purchased solutions across all three of our pillars, including FortiSASE for 3,000 users. This customer chose Fortinet over the competition for our simplified, flexible, and consistent security enforcement, enabling secure access to both on-premises and cloud applications while delivering a seamless user experience. By leveraging FortiOS and FortiSASE, the school achieves superior performance, reduced total cost of ownership, and simplified operations through our integrated security platform. Next, in an expansion and displacement deal, a leading retailer with 1,700 locations significantly increased their investment in Fortinet, purchasing solutions across all three pillars, including FortiAPs, FortiSwitches, and FortiAIOps. Already a FortiGate customer with firewalls deployed at every location, the retailer selected FortiAPs for all sites and FortiSwitches for 600 locations with the remainder planned for early 2026. This customer chose Fortinet's integrated FortiOS operating system, which enabled seamless convergence of networking and security. As part of the deployment, they adopted FortiAIOps to proactively manage their access points and switches, leveraging our AI-driven capabilities to improve operational efficiency. In another large deal, a top US school district expanded its footprint with the purchase of FortiGates, FortiSwitches, and FortiAPs as part of a 350-plus site refresh, displacing multiple vendors. Already utilizing solutions across all three of our pillars, including FortiSASE, the district continues to invest in Fortinet to drive deeper network segmentation, stronger security outcomes, and greater infrastructure resiliency. Due to their continued consolidation on Fortinet products, they are realizing significant operational benefits, including simplified guest access, accelerated deployments, and more efficient upgrade cycles, all managed through our unified FortiOS platform. Lastly, a technology company upgraded a portion of their high-end firewalls as a result of the upcoming 2026 end-of-support deadline and expanded their deployment with additional FortiGate appliances in the data center. They selected Fortinet for our FortiOS operating system, which enables streamlined operations while delivering a lower total cost of ownership. Turning to margins and cash flow, total gross margin increased by 10 basis points to 81.6% and exceeded the high end of the guidance range by 60 basis points due to strong execution and cost control. Product gross margin of 67.8% increased by 180 basis points as inventory-related charges normalized. Service gross margin of 87.8% was down by 80 basis points due to increased investments associated with the expansion of our hosted security solutions. Operating margin of 33.1% decreased by 200 basis points while being 60 basis points above the high end of our guidance range. The year-over-year decline reflects increased investments in sales headcount, the absorption of costs from recent acquisitions, and foreign exchange headwinds stemming from a weaker US dollar, as most of our operating expenses are denominated in foreign currencies. Free cash flow was $284 million and adjusted free cash flow was $428 million, up $104 million. Cash generation in the first half of the year was very strong, with adjusted free cash flow reaching $1.27 billion, representing a margin of 40% year to date. Infrastructure investments were $168 million, up $145 million, as we continue to build out our infrastructure footprint to support FortiSASE, FortiCloud, and other services. We repurchased approximately 4.6 million shares of our common stock for an aggregate cost of $401 million in the second quarter. The remaining share buyback authorization as of today is approximately $1.6 billion. Before moving on to guidance, I'd like to provide an update on our firewall upgrade cycle and the broader macro environment. During our analyst day last November, we shared that approximately 650,000 firewall units will reach end of service by the end of 2026, followed by another cohort of 350,000 low-end units in 2027. While the 2027 cohort is less significant than the 2026 cohort in terms of product revenue due to its lower price point, firewall upgrade discussions offer valuable opportunities to engage with both our customers and channel partners, allowing us to showcase our ongoing innovation in FortiOS. By upgrading to our new generation SASE firewalls, customers gain enhanced security capabilities and benefit from our unified platform approach. We estimate that we are approximately 40 to 50% of the way through the 2026 upgrade cycle at the end of the second quarter, based on the remaining active units and service contracts, and we expect continued upgrade activity for the remaining devices over the next six quarters. Our focus and open communication regarding the refresh allows us and our channel partners to have conversations with our customers around both the upgrade and the customer's overall security strategy, benefiting us longer term. Despite ongoing uncertainty surrounding tariffs and the global economic outlook, we have not experienced a negative impact on our business. The cybersecurity market and the demand for our solutions remain strong and resilient. Now moving on to guidance. As a reminder, our third quarter and full-year outlooks, which are summarized on slides 17 and 18, are subject to the disclaimers regarding forward-looking information that Aaron provided at the beginning of the call. For the third quarter, we expect billings in the range of $1.76 billion to $1.84 billion, which at the midpoint represents growth of 14%. Revenue in the range of $1.67 billion to $1.73 billion, which at the midpoint represents growth of 13%. Non-GAAP gross margins of 80 to 81%. Non-GAAP operating margin of 32.5 to 33.5%. Non-GAAP earnings per share of $0.62 to $0.64, which assumes a share count between 772 and 776 million. Infrastructure investments of $110 to $130 million. A non-GAAP tax rate of 18%. Cash taxes of $60 to $90 million. As a result of our strong results in the first half of the year, we are pleased to have raised the midpoint of our full-year billings guidance by $100 million. We maintained our total revenue guidance while adjusting the revenue mix by shifting $50 million from service to product revenue. Despite this shift towards product revenue for the full year, we maintained our gross margin range and slightly increased our operating margin guidance midpoint. We continue to remain on track to achieve the rule of 45 in 2025 for the sixth consecutive year. For the full year, we expect billings in the range of $7.325 billion to $7.475 billion, which at the midpoint represents growth of 13%. Revenue in the range of $6.675 billion to $6.825 billion, which at the midpoint represents growth of 30%. Service revenue in the range of $4.55 billion to $4.65 billion, which at the midpoint represents growth of 14%. Non-GAAP gross margin of 79 to 81%. Non-GAAP operating margin of 32 to 33.5%. Non-GAAP earnings per share of $2.47 to $2.53, which assumes a share count of between 773 and 777 million. Infrastructure investments of $380 to $430 million. A non-GAAP tax rate of 18% and cash taxes of between $400 million to $450 million, which is $125 million lower than our prior expectation, primarily due to new tax law changes. I'll now hand the call back over to Aaron to begin the Q&A session.

Thank you, Cristiana. As a reminder, during the Q&A session, we ask that you please limit yourself to one question and one follow-up question to allow others to participate. Operator, please open the line for questions.

Thank you. If you would like to ask a question, please click on the raise hand button at the bottom of your screen. When it is your turn, you will hear your name called and receive a message on your screen notifying you that you may unmute yourself. We will allow a moment for the queue to form. Our first question will come from Shaw E from TD Cohen. You may now unmute and ask your question.

All right. Thank you very much. Good afternoon team. Congrats on the improved outlook for the year. General question for Ken and Christiana. One of the questions we are constantly receiving from investors is whether sales of FortiSASE potentially cannibalize the core appliance business, but it would appear we're currently seeing tailwinds across both these segments. Can you help us maybe reconcile these views?

And let me add to what Ken just said. In our win-loss analysis, we see very little reason codes for customers moving to the cloud and not continuing to buy. So I think it's an expansion. It's not a replacement sale.

Understood. And Christiana, thank you so much for the color about where we stand in the refresh cycle. Maybe a little bit of a long-term view, already touching on the fiscal 2027 cohort of products that will be refreshed. Are there any specificities associated with those family of products as we think about the 2027 which is coming to a renewal or a refresh?

Yeah, I think I've shared that in previous meetings. Potentially the 2027 cohort is the low end. So it's not, unit-wise it's significant, product revenue-wise it's not as significant. But that's why we included the message in my remarks. It's significant because we can talk to a lot of customers about where the security is going, right? And so that's where it provides a lot of upsell potential for us.

Got it. Thank you so much.

Our next question comes from Brian Essex with JP Morgan. Please go ahead.

Great. Good afternoon. Thank you for taking the question. Maybe Christiana, I was wondering if you could tell us, you know, what are some of the maybe unpack the services guidance a little bit. It's great to see the upside in the quarter, particularly with regard to product billings and services strength this quarter, but how should we, I guess, what can we take away from the services guide and what's embedded in the guidance for the year given the strength that you're seeing this quarter?

So the services billings to revenue conversion takes a little bit longer, right? And that's what we are seeing based on the remaining waterfall. We are pleased with our current RPO growth, but for the rest of the year, we decided to be prudent, take the midpoint down, but we believe that we are confident that the product revenue is going to be stronger for the rest of the year based on the pipeline.

And do you have the split for FortiGate and is this a component of like, if you have a refresh, obviously like, you know, are customers not completely replacing their subscription revenue? In other words, they're just extending their subscription revenue with maybe less upside to that revenue line item. You know what I mean? So you have a new box with the same attach revenue.

Correct. So that's part of it. I think there's part of it that the devices that they're using to replace, they may use a higher box but they can consolidate one to two boxes. Right? So it's different components that factor into the service revenue attached to the boxes. And this is where it's so critical for us to upsell not only SASE but all our other revenue streams that benefit the customer.

Got it. Super helpful color. Thank you so much.

And based on the customer journeys, you can see the customer journeys work, right? The upsell is working. It's just not necessarily at the same point in time when they buy a firewall.

Got it. Understood.

Next question comes from Tal Leani with Bank of America. Please go ahead.

Ah, here we go. Now I unmuted myself. Can you hear me?

Okay. Sorry. The SASE, the profile of SASE customers, what is it? Meaning, are these displacements of existing vendors? Let's say a customer has Zscaler or Palo Alto and you're displacing them? Do they purchase at the end of a contract that they had before with someone else, or are these completely green fields? They didn't have anything before, now they're having. I'm just trying to understand where you have success with your SASE, what is kind of the profile of the deployment, the type of deployments you're seeing. Thanks.

You said in the past that 95% of the customers are existing firewall customers. Is that still the case?

Got it. If I can squeeze in one more, if not we can move on. But I want to ask about the margins. You said in the past that you want to invest. What is the margin outlook and where is the balance between investments and margin upside?

Thank you.

Our next question comes from Gabriella Borges with Goldman Sachs. Please go ahead.

Hi, good afternoon. Thank you, Ken and Christian. I wanted to follow up on your prepared remarks that we are 40 to 50% through the 2026 refresh cohort. What I wanted to understand is how to think about your growth rate through cycles. Because if I compare your billings growth, what you're guiding to this year, it's about similar to what you guided to and what you achieved in 2023, but 2025 is a really big or larger than normal refresh cohort. So I wanted to better understand why are we not seeing more upside in the numbers this year from the refresh cohort and the comment earlier on potentially consolidating down boxes. Is it possible that perhaps customers have excess capacity in their networks from a 2021 COVID type elevated throughput environment? Would love to get your thoughts. Thank you.

Gabriella, good points. I think we need to look at it by FortiGate model. The large firewalls that are end of support we have a really good reporting and handle on because we know where they are. These are always with enterprise customers. We have a good handle on the lower end of the firewalls where it's with enterprise customers and in retail or other scenarios, OT scenarios, where it's harder for us to predict and we can only track registration rates and similar in the lower end. There could be some excess capacity from prior years that has been replaced or is replacing some of the EOS models. We're comfortable with our guidance. The expectations by the street might have been a little bit higher, but we said we are outperforming the market and it was baked in. We've been consistent in our messaging year.

I would also say we have additional incremental TAM to address going forward with SASE and SecOps, where those are becoming meaningful parts of our business. So if you look at historical results, they were more focused on the firewall, but those are becoming real growth drivers for us.

Thank you for the call. Christian, maybe as a follow-up, your commentary last quarter on hesitancy in the sales force and in some of the sales force conversations, I think today you said macro didn't have an impact on the business. So maybe just reconcile those two data points. Are you still seeing hesitancy? Is the hesitancy gone? Thank you.

I would say that we've seen that we are resilient despite microeconomic uncertainty, and the pipeline for the rest of the year and the sales confidence is good. So that's where we are confident to raise our billings guidance.

Thank you for the thoughts.

Our next question comes from Rob Owens with Piper Sandler. Please go ahead.

Great. Thank you for taking my question. I'd love for you to expand a little bit on the OT opportunity because I don't think I recall anything from your prepared remarks in terms of what you're seeing there, either increased competition or is this opportunity also playing into the refresh cycle? Thanks.

And when you break down that over 20%, is that consistent internationally with domestically? Can you give me a view across the various theaters?

I think it's pretty consistent. We are strong in OT across the board. AMA has always been leading in OT for us, and that's aligned with the strong revenue growth that we see in the Americas as well. You also asked whether it plays into the upgrade cycle. It does. We have a number of FortiGate devices that are part of the 2026 cohort benefiting from that, but we see expansion and also the thought leadership that we've always had in OT and bringing this to the forefront of our customers as an important security area has helped us a lot.

Thank you.

Our next question comes from Janade Siki from Truist. Please go ahead.

Great. Thank you for taking my question. Just had a question. Your SASE business continues to show a lot of momentum. Could you just talk about how your sovereign SASE solution is tracking and how that's different from what your competitors are doing in that space? And how important of a differentiator do you think that is in furthering your competitive moat in SASE?

Great. Thank you.

Our next question comes from Patrick Kovville with Scotia Bank. Please go ahead.

Oh, terrific. Thank you for taking my question. Ken and Christina, I just want to circle back to the firewall upgrade comments. Very helpful disclosure that we're 40 to 50% through the 2026 upgrade cycle and that the 2027 end-of-life cycle is kind of lower throughput devices. The question we're getting from investors over the last half hour is what should we be excited about beyond this upgrade cycle? What is going to continue momentum when these tailwinds, which are clearly benefiting numbers now and you guys are executing very well in a tough environment, but if we look beyond 2026 upgrade and 2027 excitement, what can continue this rockish momentum?

Let me add to that. When we talk about the upgrade refresh cycle, we're only talking about the forced refresh due to end of support. But as Gabriella pointed out, there's the COVID cycle as well that's not end of support yet, but it's going to be five, six, seven years old in a year or two. So with security and with the additional functionalities that are part of the firewall and also the additional network requirements that you have with running ChatGPT, AI, you name it, we believe there are going to be enough tailwinds for us to continue to grow. To Ken's point, cloud services are growing really, really fast and we view that as largely an incremental additional total addressable market for us. Like Ken said, it's what we have in SASE right now and you can layer on additional cloud services over time. So that should be high growth and we really like our model of the common operating system between firewall, SASE, SD-WAN. We think that firewall market will continue to grow naturally as well and we'll take market share there too, but we've got all these other additional growth drivers in terms of SASE and SecOps, which are new TAM and really becoming meaningful to our business and high growth.

Okay, very helpful. And Ken, you've been a thought leader in security for many, many years. When we think about agentic AI security, how are you thinking about that domain and Fortinet's position as a vendor that can help in agentic AI security?

Our next question comes from Sacket Kalia with Barclays. Please go ahead.

Okay, great. Hey guys, thanks for taking my questions here. Christian, maybe for you, 40 to 50% through the upgrade cycle. Can you just talk about what that cadence is going to look like this year? I think last quarter we were talking about a 20% type of number. Maybe the real question is where do we end 2025 in terms of the percentage of that cohort that we're through?

Good question. If you look at our updated guidance, you see that we believe there's strength in product for the rest of the year. Where we exactly end is hard to say because it's not only upgrade refresh product that we are planning to sell. But I think we will get through those cycles faster than we expect.

Got it. That makes sense. Maybe the follow-up is, I think you're hearing the question about what the growth is going to look like after the upgrade cycle. Of course, it's Fortinet SASE, it's SecOps. I'm trying to think if we've talked about this before, but have you, can we touch on what percentage of the services revenue comes from those two businesses versus attached subscription? Because just to the earlier point, that mix shift has to happen. So any color you could give on where we are in that mix shift within services?

The mix shift between FortiGate and security subscriptions?

Yeah, maybe more specifically attached subscriptions and maintenance versus FortiSASE and SecOps. So firewall versus non-firewall in more lay terms.

The non-attached subscriptions are growing faster for sure.

Very helpful. Thank you.

Our next question comes from Shrenik Kathari with Baird. Please go ahead.

Hey, can you guys hear me? All right. So just a quick question on the go-to-market. You guys have been pushing towards platform adoption and multi-product. Can you talk a little bit about how the channel incentives are moving towards achieving your internal targets? In terms of the rewarding models that are favoring platform cross-sell over pure volume, can you just give us an update on what's been most effective in driving that and where are the areas where you're still working on? Would really appreciate that.

And to answer your question on the channel incentives, they are exactly aligned around multi-product. So we make sure that the channel introduces new products and that for that they get higher backend rebates.

Our next question comes from Eric Heath with KeyBank. Please go ahead.

Hi, good afternoon. Can you hear me?

Great. Thank you. Just to come back to the comments on the refresh cycle one more time, and sorry for belaboring this point, but if I'm understanding this correctly, you've done well in excess of $100 million in refresh activity in the past two or three quarters, which would suggest product revenue excluding this refresh benefit has been flat to negative in the last couple quarters. So can you just help me understand why the underlying firewall demand isn't stronger?

Our last question comes from Andrew Ninski with Wells Fargo. Please go ahead.

Okay, thank you for squeezing me in. I'm wondering, and I'm still a little bit unclear on why services revenue growth is decelerating so much, looking back over the last call it four quarters, and then also going forward. I'm wondering if you could just provide any color around what's really driving that deceleration, and then related to that, why is your unified SASE, if it has so much momentum right now, why would that be flat sequentially in Q2? Because it looked like it was about $1.15 billion in Q2 and the same thing that you had in your slide deck in Q1. So just wondering if you could comment on that. I know on a year-over-year basis it was up, but sequentially, why would it be flat? Thank you.

On your second question, sequentially it's flat because there are a number of products, some of them have not been growing or are turning a little bit, while unified SASE, while SSE has been growing nicely and is offsetting that. So that's part of this. On the service revenue growth, I think what you're seeing is that we had significant deferred revenues that were sold during the COVID period and they have come, so we've recognized service revenue over the last couple of years benefiting from that growth. Now the product revenue and the service revenue are aligning more with our billings growth, and so we need to grow faster and we are planning to grow faster to drive both revenue streams up.

I'd say we focus on the value to the customer and we've got 800,000 customers. That path to value from firewall to SD-WAN to SASE with the integrated single operating system approach is really pretty straightforward. So we see huge opportunity both there and with new sales of SASE, and that'll be a real growth driver for us.

This concludes our Q&A session. I will now hand it back to Aaron Ovardia for closing remarks.

Thank you. I'd like to thank everyone for joining today's call. We will be attending investor conferences hosted by Deutsche Bank, Citi, and Goldman Sachs during the third quarter. The fireside chat webcast links will be posted on the events and presentations section of our investor relations website. If you have any follow-up questions, please feel free to contact me. Have a great rest of your day.