Gen Digital Inc (GEN) — Q2 2017 Earnings Call Transcript

Good afternoon and thank you for joining our call to discuss our second quarter fiscal year 2017 earnings results. We've posted the earnings materials and prepared remarks to our Investor Relation events webpage. Speakers on today's call are Greg Clark, Symantec CEO, and Thomas Seifert, Executive Vice President and CFO. This is a live call that will be available for replay via webcast on our website. I'd like to remind everyone that all references to financial metrics are non-GAAP unless otherwise stated. We provide year-over-year constant currency growth rates in our prepared remarks for revenue. All non-GAAP revenue and expenses exclude the impact of Veritas. However, the continuing operations deferred revenue on the balance sheet includes a portion of Veritas deferred revenue from Symantec and Veritas bundled contracts entered into prior to operational separation. The Veritas deferred revenue from those contracts will amortize into discontinued operations. As a result, implied billings growth calculated from the change in deferred on the balance sheet will not be representative of standalone Symantec's performance as it will include an impact from Veritas. Please note, non-GAAP financial measures referenced during this call are reconciled to their comparable GAAP financial measure in the press release and supplemental materials posted on our website. Today's call contains forward-looking statements based on the environment as we currently see it. Those statements are based on current beliefs, assumptions, and expectations, speak only as of the current date and as such involve risk and uncertainties that may cause actual results to differ materially from our current expectations. Please refer to the cautionary statement in our press release for more information. You will also find a detailed discussion about our risk factors in our filings with the SEC, particularly on Form 10-K for the year ended April 1, 2016. And now I'd like to introduce our CEO, Greg Clark. Go ahead, Greg.

Thank you for joining us today. We were pleased with our performance during the second quarter as our results exceeded our guidance across all metrics. Our cost savings and synergy initiatives are tracking ahead of schedule. Within the first 10 weeks of closing Blue Coat, we've made multiple meaningful product improvements and integrations. The feedback on our product roadmap from customers, partners, and third-party influences has been overwhelmingly positive. Product integrations are already having a significant impact on our ability to better protect customers and further validate the rationale and power of our combination. In my prepared remarks today, I will review some of the key product integrations, highlight the exciting innovation underway within Symantec, discuss some market validation in our enterprise segment, and review our Consumer Security business. Protecting customers in the cloud generation against a multi-faceted adversary requires an integrated cyber defense platform. Symantec is best positioned in the cloud generation as one of the only vendors to deliver cyber defense solutions across users, information, web, and messaging. In support of that effort, I'd like to discuss significant advancements delivered since closing the Blue Coat acquisition on August 1. First, I'm particularly proud of the value we are providing our existing customers by integrating artificial intelligence with two of the largest threat databases in the world. This integration has improved our existing products, which are now blocking an additional 500,000 attacks per day across the endpoint and network. In a press release last week, we provided the market with insight into two attack campaigns that had we not innovated in this way, may have remained hidden. The first of the campaigns is a cyber espionage group called Buckeye, which targeted Hong Kong political organizations leading up to the elections. The second, we discovered a campaign impacting approximately 100 financial institutions worldwide, stealing millions of dollars across various methods, including the SWIFT wire transfer system. These examples of detections were made possible due to the power of integrating endpoint, email, and network threat telemetry. Moving on, we just completed a major integration of DLP and CASB, which combines the gold standard in data protection with the leading-edge CASB solution provided by the Blue Coat acquisition. This integration extends DLP's advanced artificial intelligence-based content detection to cloud applications for shadow IT analysis, granular visibility, encryption, and access controls. Further innovation on the CASB solution occurred from integrating Symantec's authentication solution. This integration allows any sensitive transaction within cloud apps to call for a second-factor authentication, eliminating key loggers and password-based hacks. For example, any company that places sensitive data inside of cloud applications can easily apply strong authentication to both users and data. This offering differentiates itself and it requires no on-premise solution; it's a pure cloud security technology enabling our customers to securely adopt cloud technology without delay from internal IT. Finally, two of our largest product lines, SEP and ProxySG, have been integrated to ensure advanced malware protection is coordinated between endpoint and network. This integration nearly eliminates the dwell time between detection and containment, thus limiting the damaging propagation of zero-day infections. Now turning to the market. Part of the industrial logic of combining Symantec and Blue Coat was the immense cross-sell and up-sell opportunity. Let me provide two customer wins during the quarter that demonstrate our teams working together to close highly competitive cross-sell transactions for meaningful outcomes. First, a large healthcare company, an existing Symantec DLP customer, had a multi-vendor environment in the network that was in search of a partner that could help them embrace the cloud and simplify their infrastructure. The value proposition of integration between the secure gateway and DLP, along with our vision for an integrated cyber defense, resulted in the customer making a multi-million dollar purchase of Symantec's network and cloud solutions. In another example, one of the world's largest departments of education, upon realizing the strategic nature of Symantec in its goal of delivering cloud-based learning, made a sizable commitment to the integrated stack, which included Symantec's network and endpoint technologies. Shifting back to R&D and the product side of the business, let me now discuss the organic innovation that is thriving across Symantec. Just a few days ago, we launched SEP 14, which is the most complete next-generation endpoint security solution available in the market. From a single lightweight agent, SEP 14 combines traditional and next-generation functionality such as machine learning, zero-day exploit prevention, and emulation. For the first time, these next-generation capabilities are available in one scalable enterprise platform. I'm also proud to share that based on recent third-party tests, SEP provides the best security in the industry, beating competitors and blocking real-world threats while minimizing false positives. Along with SEP 14, last quarter we launched SEP Cloud, which is a fully cloud-delivered version of Symantec endpoint protection. We now stand as the only company with endpoint, gateway, email, DLP, CASB, and encryption solutions for the cloud. Let me switch gears to our Consumer business. Our Norton solutions deliver secure Internet safety for consumers and their families as they transact and communicate across the web, whether on a desktop, laptop, or mobile device. Not only do our combined threat intelligence databases improve our Enterprise Security products, but they also significantly improve our Consumer Security solutions by adding Blue Coat's best-of-breed URL data set into the Norton threat prevention engines. During the second quarter, the traditional Consumer Security business continued to stabilize with slower declines and improving retention rates both year-over-year and sequentially. We have now fully repositioned the solution to a subscription offering and are focused on acquiring new customers while improving renewal rates and cross-selling new solutions to maximize customer lifetime value. Accordingly, although in its early stages, we are very pleased with the growth in mobile and the strong interest from service providers. We are extending the Norton value proposition well beyond the PC platform and look forward to some exciting product launches in the near future. We believe the market opportunity for protecting consumers is larger than what our current consumer products address today. As we move to further penetrate these opportunities, we expect the Consumer Security business to improve its growth trajectory as we move beyond the PC. In conclusion, we are very pleased with the second-quarter results. The Blue Coat integration is going very well. The fiscal responsibility and cost savings commitment remains on track. Innovation is alive and prospering at Symantec. We acknowledge the strong results in Q2; however, we believe it is prudent to maintain our fiscal 2017 top-line guidance for the year. Given the overachievement in Q2, we are raising our full-year fiscal 2017 operating margin and EPS expectations accordingly. In addition, we are reaffirming our fiscal year 2018 EPS guidance from $1.70 to $1.80, despite a headwind of approximately $0.10 from a higher share count. Finally, today we announced that Thomas Seifert has decided to step down as CFO at the end of the month. Thomas has been a tremendous asset to Symantec and an integral part of establishing our solid financial foundation. As CFO, Thomas led a number of key strategic initiatives for the company, including the acquisition of Blue Coat, the $7 billion divestiture of Veritas, and the implementation of Symantec's $5.5 billion capital return program and the execution of our $400 million cost efficiency initiative. As we prepare for this transition, we're fortunate to have such an incredible finance leader as Nick Noviello, who will succeed Thomas as Symantec's CFO. I've had the pleasure of working with Nick both at Blue Coat where he served as CFO and throughout the integration process here at Symantec, and I've been continually impressed by his leadership. In addition to his technology background and leadership experience, Nick brings an acute understanding and appreciation for Symantec's outstanding people and the critical threat protection we provide to our customers in today's increasingly complex security landscape. I'm confident he'll be an excellent CFO for Symantec during our next phase of growth. To ensure a smooth transition, Thomas will work closely with Nick on the transfer of responsibilities, which will occur on December 1. Thomas will remain with us in an advisory role until March 2017. While Thomas' departure is bittersweet, we all congratulate him on his many successes as Symantec's CFO and wish him the very best in his next chapter.

Thank you, Greg, for the kind words. Good afternoon, everyone. It's been an honor to serve as Symantec's CFO during such a pivotal time in the company's history. I joined Symantec to lay the groundwork for our strategic and financial transformation, and I'm proud of the incredible progress we have made over the past two and a half years. Symantec is now the leading pure play cyber security company in a strong financial position, and this is the right time for me to take on my next challenge. I'm confident Nick will be a strong CFO for the company and echo Greg's sentiment. I look forward to continuing to work with them over the next month and in an advisory role for the company until March of next year. Before I move to our second quarter results, I want to express my gratitude for the support of our board, our executive team, and, of course, my finance team. I look forward to maintaining our strong momentum throughout the transition process. Now turning to our results. Today I will provide an overview of our second quarter results, an update on our $500 million cost efficiencies and Blue Coat integration synergies, and conclude with our financial outlook. Additional details are provided in our CFO commentary, which is available on our Investor Relations website. Our second-quarter non-GAAP revenue was $1.015 billion, $25 million above the high end of our guided range of $960 million to $990 million, driven across both Consumer and Enterprise Security. Non-GAAP operating margin for the second quarter was 29.2%, and 520 basis points above the high end of our guided range of 21% to 24%. The upside was driven by top-line leverage and faster than expected realization of cost savings. Fully diluted earnings per share was $0.30, above our guidance of $0.18 to $0.21. Our fully diluted share count of 644 million was above our expectations of 640 million, due to higher than expected dilution from our convertible debt related to the increase in the share price. Cash flow from operations during the quarter was $55 million and included $45 million in cash outflows related to restructuring and separation. Let me now provide further detail on our performance by segment. Enterprise Security revenue, which includes two months' contribution from Blue Coat following the closing on August 1, was $610 million and increased 24% year-over-year, which exceeded the high end of our guidance of up 14% to 20%. Enterprise Security operating margin was 12%. Within Enterprise Security, both organic revenue performance and revenue from Blue Coat exceeded our expectations. Endpoint security grew in low single digits, and user authentication grew double digits. Cyber security services had another solid quarter, growing in the high single digits. Website security continues to grow in low single digits. And for the two months' period, Blue Coat contributed $124 million compared to our estimate of $100 million. We were pleased with the sales execution from the Symantec sales force, given the shorter than normal close period for Blue Coat products. Now on to the Norton Consumer Security segment. Consumer Security revenue was down 5%, an improvement from our guidance of down 7%, and Consumer operating margin was 55%. Let me now review some additional performance metrics for the business. Our renewal metrics continue to improve as we benefit from the shift to subscription and a focus on acquiring new customers. At the end of the September quarter, we reached the international one-year anniversary of the shift to subscription. In regards to mobile, we are seeing good momentum, with total active mobile users up 56% year-over-year. This momentum is encouraging, as it takes us beyond the PC form factor. We also had over 1 million downloads of our 30-day free trial of the mobile WiFi privacy app and plan to launch a multi-device version next year. However, WiFi privacy is still not material to our Consumer revenue. Turning to the balance sheet and capital allocation. We have $5.6 billion in cash and short-term investments and $7.2 billion in total debt, including $1.75 billion of convertible notes. We continue to expect to delever our balance sheet over the medium term. Our previous $1 billion ASR completed today on November 3. Lastly, we remain committed to maintaining our regular quarterly dividend. Turning to the $550 million cost savings initiative and the Blue Coat integration synergies. As of the end of September on a run-rate basis, we have recognized just over $100 million of cost savings and synergies, mainly across the areas of procurement and organizational effectiveness, while maintaining a strong investment in our products and R&D. For example, the procurement work stream contributed more than $65 million total run-rate by optimizing our supplier network. We are on track for more than $200 million of run rate net cost efficiencies exiting fiscal year 2017 and continue to expect to meet our goal of $550 million of net cost efficiencies and integration synergies by the end of fiscal year 2018. Now I will provide our updated financial outlook. We are encouraged by our Q2 top line results. However, as Greg indicated, we believe it's prudent to maintain our full year 2017 revenue guidance at this time. The integration of our offerings is resulting in more cross-selling of permanent licensed products with the subscription products, resulting in increased ratable revenue recognition. We continue to expect fiscal 2017 revenue to be up 11% to 13% to $4.040 billion to $4.120 billion. From a cost perspective, we are tracking ahead of schedule on our cost efficiency and synergies initiatives. Due to lower expenses in Q2, we now expect our fiscal 2017 operating margin to be 27% to 29%, up from 26% to 28%. With respect to fiscal 2017 EPS guidance, we benefit from the $0.10 EPS upside from the second quarter, however, that increase is partially offset by changes in our full year fully diluted share count between previous guidance and our current forecast. Our prior guidance for fully diluted shares outstanding for fiscal 2017 was 616 million shares and our current guidance is now 640 million shares. The difference in fully diluted shares outstanding is partially due to an additional 9 million shares of dilution from the convertible debt due to the increase in share price to approximately $25 from $21 at the time of previous guidance. You can find tables on the Investor Relations site related to the convertible debt dilution. The remaining difference is primarily related to the timing of share repurchases across the remainder of fiscal 2017. We continue to evaluate the method and timing of future share repurchases. Assuming our current forecast of a fully diluted average share count of 640 million, we are increasing our EPS guidance by $0.04 to $1.12 to $1.18. For fiscal third quarter, we expect our non-GAAP revenue to be up 15% to 18% in constant currency to $1.070 billion to $1.090 billion. We expect Enterprise Security to be up 34% to 37% in constant currency to $675 million to $690 million. We expect Consumer revenue to be down approximately 6% to $395 million to $400 million. We expect an operating margin of 27% to 28%. We expect non-GAAP EPS of $0.27 to $0.29, with a tax rate of 29% and fully diluted average share count of just over 650 million shares. As Greg stated, for fiscal 2018, we continue to expect $1.70 to $1.80 in EPS, despite a headwind of $0.10 from a higher share count. We continue to expect a non-GAAP operating margin of 30% as we enter fiscal 2018. Thank you.

All right, operator, please open the call for questions.

Okay. Thanks. Thomas, just want to start off by saying it's been a pleasure working with you. I thought you did a great job navigating the acquisitions, the spinoff, and the cost-cutting initiatives.

Thank you.

All right, so first question, I guess Blue Coat has been integrated now. It's essentially complete, and you've got a comprehensive security platform covering network, endpoint, and email, which is similar to a few other vendors like Palo Alto and Check Point. Can you give us your high-level views on how you'll differentiate from those other platforms?

Yes, I think that's a good question, Andrew. There are a substantial number of differences. One is that the threat telemetry that is sitting behind the Symantec threat platform is gargantuan. It comes from well over 100 million endpoints that are in production across the consumer threat telemetry as well in the enterprise, in addition to 15,000 Internet egresses coming in from the Blue Coat network points. That gives us telemetry, and some of the examples that I mentioned earlier in the call. It gives us telemetry into things that we believe we are unique in our ability to detect cyber problems from. In addition to that, I'd like to point out that for cloud generation, you can get the Symantec threat platform in a pure cloud instantiation, which means if you are a company that is using a bunch of cloud applications out there, whether it be Salesforce.com, SuccessFactors, all the things we know, that you can instantiate the cyber defense for the users that are using that, the data that's in it and get that without even purchasing an appliance or running a wire. And that's really differentiated between what you could get from the vendors that you mentioned. We've also spent a ton of time ensuring that we keep the platform open. Our customers do rely on best-of-breed products, and being able to integrate those into the Symantec integrated cyber defense platform is a huge competitive advantage. That's something we are committed to with our ISV partners as well.

Okay, got it. And then digging in a little deeper on the products side, I saw the integration of DLP with your CASB is now complete. Can you just give us any color on the proprietary advantages that that product will have over the competition and why others can't replicate that?

Yeah, that's a good question. Our CASB has a piece of it called Content IQ, which goes out into the cloud properties that an organization is using in shadow IT, and using machine learning techniques can actually detect the data that is inside of the cloud applications that may have compliance problems. We then use the data protection technology from the Symantec side to go after those problems and cure them so that that data can be allowed to still be in the cloud but be protected in a way where you don't have risk of compliance problems or other data loss. In addition to that, we have integrated the CASB technology with the product called VIP, which allows us to add a second factor of authentication to the cloud properties. That means if you are logging into Salesforce.com and you're worried about making sure that it's Greg logging into Salesforce.com, I have a second factor application on my phone or a fob that I use and plug into my computer, and then it adds that factor of authentication to all of those cloud applications without the organization's IT having to do anything. This is extremely powerful as many of the password and key loggers' breaches that happen across these technologies are solved by that problem. We’ve integrated those two things, and I’d like to point out that that and the threat telemetry integration that we've been talking about, we closed the acquisition on August 1, and our engineering teams are working together extremely well. We've got some rapid delivery there and real proof points in the market.

Okay.

Thank you. Next question.

Thank you. Hi, good afternoon, guys. Congrats on the upside to quarterly results. Let me also extend best wishes to Thomas going forward; it was a pleasure working with you.

Thanks.

So I want to start and ask on the endpoint front, what's the early feedback you are hearing from customers on Symantec Endpoint 14? In what way is it differentiated from a next-generation provider like Cylance or some of the other players out there?

So that's a very good question. We've been working very hard on SEP 14. It's a real major advancement for us over here at Symantec. We have tested it with over 400 beta customers that are using it already. We announced a GA for it this week. It contains the advanced machine learning and behavioral analysis technology that you hear about from what the market calls next-gen endpoint or signatureless endpoint technology. We've definitely delivered all of the defenses that work on zero-day attacks and signatureless threats, including machine learning behavioral analysis and reputational detection technology. We believe that we have now leapfrogged the current advanced endpoint competition. One of the major advantages of ours is that we have a very low false positive rate in the space. Think of it as a converged endpoint that includes all the stuff that you need from traditional endpoints with the next-generation capabilities. We've dramatically reduced the footprint size and bandwidth usage, and we're very optimistic. Feedback on the initial use of SEP 14 is extremely positive. We think that this will definitely have a major impact in the market.

Got it. And just as a follow-up, there is also encouraging upside to the Consumer division results. Can you talk to us about some of the trends you're seeing on that front? What's driving the upside? Is it the shift to subscription, the turning on of auto renewals, progress with telcos, moderating PC declines, or just all of the above? Or any unique reason behind the positive result?

So that's a very good question. It is a mix of all of the above. We actually have performed extremely well in our consumer sector. We've completed the transition to a subscription and auto-renewal framework in the Norton business, which has definitely helped with the traction. In addition to that, we have a very strong set of results coming in from some of the new offerings. In the last 30 days, we brought out our Wi-Fi protection for mobile users, which has seen substantial uptake and received great feedback. Furthermore, our mobile platforms, as Thomas mentioned in his remarks, have been growing at strong double-digit period compares on units. We've seen the service provider market really start to produce fantastic deployments of the mobile side of what we're doing. Those are a couple of proof points where we're executing well in the PC space. Again, we won the Editor's Choice for the most effective malware protection on the PC again, and the auto-renewals are helping. The move to subscription is helping. We feel good about maintaining our position there. Moving to markets that are off the PC, we have exciting pure mobile endpoint growth and also we have some things that we'll be launching in the future that will continue to move us into addressable markets that expand beyond the PC value proposition. We feel good about our future prospects on the Consumer side and the value that we're bringing, as many of us are aware, there is plenty of malware on mobile and Apple platforms, and we feel good about the future of our Consumer business.

Yeah, thanks, guys. Thomas, I'll offer my congrats as well. It was certainly great working with you over the years, and best of luck on your next endeavor. Greg, I think it was actually maybe in Thomas' prepared remarks, talking about a change in the product mix in conjunction with the integration. I’m wondering if you could expand on that a little bit more? What are you seeing in the pipeline and how might this impact revenue going forward?

Yes, very good question, Matt. Thanks for asking it. We've brought together two of the broadest portfolios in security software and we're going to package our products in the manner in which our customers want to buy them. If you think about what we would do walking into a large enterprise, we would offer, with the combination of products, different bundles and different packagings of our products. When we do that, this could result in less upfront revenue recognition; therefore, we're being conservative in our guidance.

Okay. That's great. And then maybe one more on the Consumer side. I'm wondering if you can give us an update on some of the consumer telco deals. I think you started in India, Germany, maybe Japan, and any thoughts about rolling that program out to other geographies?

Yeah, so we've had great results with our mobile defense platforms in some of the markets that you mentioned. India is a particular standout. We also have, I would say, outstanding interest in our capabilities for most of the world's Tier 1 service providers. We've seen, I think this year, with all of the wallets and easy-to-charge mobile platforms, a significant increase in malware appearing there. Symantec is very focused on protecting our customers in this area, and service providers are definitely interested in it. We will be addressing that route to market in a much more aggressive way in the coming quarters. Early results are very promising.

Hi. Thank you so much. Congratulations on your first quarter, Greg. And, Thomas, thank you for all the help you provided us; we really appreciate it. I had a couple of questions for you, Greg. One of the things we've been focused on is the partner ecosystem, given how important it is to the business. So we'd appreciate hearing from you a little bit about how partners are reacting to the integration and what opportunities you're seeing there to potentially drive revenues to the partners. And then second, how are you thinking about protecting IoT in light of all these recent denial of service attacks? Do you think consumers are going to start to protect their IoT, and where do you see yourself playing into that market?

Yes, they are two very good questions, Sarah. So let me start off with the partner one. We are very focused on maintaining our strong relationship with the channel. I think myself and Mike Fey have great reputations as taking care of that very large, extended sales force we have around the world at the Tier 2 VAR and also in the excellent Tier 1 value-added distributors that we use. Nothing is going to change there. We had an excellent partner conference earlier this month where we recommitted to the channel. I think we have a good trusted relationship there, and right now we're doing the same thing in APAC and also in EMEA this week. We feel good about our relevance to the VARs and resellers in the world, whether it be in the small/medium-sized business, the mid-market, or in the enterprise. We continue to be a substantial element of the economics in the channel. We are the largest pure play security vendor, and the combination between Blue Coat and Symantec makes this a very meaningful part of the channel economics. I think we have released a product in the last quarter which was called SEP Cloud. That is extremely powerful for that middle market and SMB part of the world, and we feel good about that. We believe we continue to deliver market relevance to the part of the market where those VARs and resellers are essential, which we think will drive up interest in continuing to do business with them and generate more revenue for both them and us. Moving on to your next question, which was about the IoT situation. IoT is, as we saw a couple of Fridays ago when some of the DNS issues arose and had significant knock-on effects, it’s a wake-up call for the power of when you bring a bunch of unmanned devices to the Internet without protecting them properly. That creates a potential weapon that can be quite difficult to manage. We are coming after that from two points. We do have some solid technology that will be coming out through our Norton brand to help protect consumer electronic devices in the home. We're also working hard to bring some network protection to this world and to utilize some of our behavioral analysis technologies to recognize when these devices are not performing as intended. This is an area that will be a long battle between adversaries in the industry as people weaponize IoT and consumer electronics. We believe we are an essential technology in the fight against this and it will require collaboration among governments, consumer electronics manufacturers, and security vendors to sort it out. I’d like to point out that when it comes to securing IoT and building secure infrastructure, we are a market leader in the tools necessary for that, including our Managed PKI, our code signing technologies, and what we do in that area of the Symantec portfolio. In terms of relevant vendors to tackle the IoT problem, we are definitely one of them, and we think this will lead to favorable conditions for us as it becomes more essential, potentially even supported by policy mandates from governments.

Thank you. I have a question, Greg, about the Consumer business. Can you just sort of give a refresh on how you think about this strategically? On one hand, it's a really high-margin business, but on the other hand, we've seen these continual revenue declines for some time. Is this something where you're going to focus? I know you talked a little bit about trying to turn that business in some way, but if you do that, is it going to have a material effect on profitability if you really start to invest there?

Yeah, so it's a really good question, John. This is something we work on a lot because we have a strategy that we believe can turn it around and return it to growth. That strategy is anchored in moving the value proposition we have from PC malware to a much larger superset of internet safety. Consumers are really interested in safety while using the Internet and protecting their families, a piece of which is the malware on the endpoint. We are pursuing a range of endpoints, whether they are Apple devices, mobile phones, tablets, and PCs. We're also exploring other value propositions that consumers find necessary when using the Internet, and we have some announcements coming out soon that I won't disclose on this call. We are working hard on enhancing the product offerings based on market demands to turn that business around and return it to growth. There are forces in the industry impacting PC sales, however we are committed to ensuring our products maintain strong market presence. Additionally, our brand recognition in Norton is robust, and we are focused on delivering substantial value to consumers through that brand for offerings that extend beyond traditional PC malware. Just hold on a bit.

Would this?

It's going to get better. Our guidance is conservative, John. Our guidance is conservative on the Consumer guide.

Okay. But the kind of investment that that might require, you've already done some, but is this something we should continue to expect, similar profitability in that business going forward at least for the foreseeable future? Or would this kind of, if in order to turn around the top line, could it have a material effect, a negative effect on the margin? Yeah.

Yeah, so a couple of examples. We already have released a pretty substantial Wi-Fi protection capability under the Norton brand. We did that while maintaining the margin contribution that we have in the business. That was a not insignificant R&D investment. One of the things about Symantec is we have many thousands of engineers, so we can move 50 of them around to a problem like that without any issues. We feel good about our ability to continue to deliver that at the margin we are at and we are reaffirming our margin commitments in the guidance we’re putting out for FY 2018 with those plans on board, okay? Our EPS range in 2018 that's with the engineering efforts and marketing efforts planned in Consumer.

Next question, please.

Greg, the Enterprise Security did very well during the quarter, I think we all look at that business and see there's a lot of opportunity both on top line and bottom line. Where do you see the nearest opportunity on the revenue side when you look at the joint Blue Coat/Symantec team? And then on the bottom line can you just talk a little bit about the margin structure at 12%, clearly a lot of the peers are a lot higher. Where do you think you can drive that to over time?

So let me just clarify something I said answering John's question. I think you have the FY 2018 guidance is EPS only on the $1.70 to $1.80 range. My comments around the FY 2017 margin guide were doing those things with the plans we have in Consumer baked in. Coming back to your question, can you ask it for me again, just to make sure I got it right?

Yeah, just as it relates to the Enterprise Security business, the low hanging fruit that you see in front of you just on the top line and then on the bottom line at the 12% operating margin, your competitors are considerably higher. Where do you think you can drive that margin to over time?

So the opportunities on the top line, as we talked about on prior calls, we have not really calculated a bunch of revenue synergies, cross-sell, and up-sell, into our thinking. Where they live is we do believe that in the network area where we're selling the gateway technologies that are highly adjacent to email and to DLP, we have a great opportunity for cross-selling the combined solutions there. The power that you get when you hook our networks with endpoint results in substantial enhanced cyber defense, and we do think that there are a number of cross-sell and up-sell opportunities. We mentioned in previous remarks a couple of examples of DLP customers where we were strongly advantaged with the network and endpoint technologies. We feel good about what we can put together in terms of product bundles that the market will appreciate. In outlying years, I think we'll be able to lead the market with the enterprise solution set for cyber defense. Margin-wise, I think at this point in time we're committed to taking out the $550 million of sustainable run rate expenses. We've given you guidance on the FY 2017 margin numbers. At this time, it's too early for us to guide the top line for 2018.

But I think it's fair to say that all the additional cost take-out will primarily benefit the Enterprise business from a profitability perspective. We are not at a $100 million run rate improvement so far. We said we're going to be north of $200 million by the end of the fiscal year. Still, there’s plenty to be implemented until we get to $550 million, and the delta will primarily contribute to the Enterprise margin.

Next question, please.

Thank you, guys, for taking the question, and nice quarter. Two questions I wanted to ask. One about distribution in terms of how far into the integration of Blue Coat sales people are we? And vice-versa, how well are we into the integration of the Symantec sales guys? Or who is properly being able to sell the Blue Coat portfolio? How much further do we have to go on that side of the equation?

So we've made a ton of progress there, Keith, and we've picked the leadership for those organizations across the world in the channel, in the mid-market, in the enterprise. That is going extremely well. We have had our integrated sales force kick-off. We brought them all to Las Vegas and had a week's worth of getting everything lined up and planned out. The regional teams are out now executing. We feel really good about where we're at on the integration of our go-to-market teams. Keith, I’d also like to point out that the initial results from Q1, if we were going to have problems, we'd be seeing them. We feel really good about that integrated sales force and how we're coming out of the blocks on that.

Got it. And the second question is more about how should we track the business going forward. You're talking a little bit about mix shift in terms of revenues, more coming through as attrition versus perpetual. At times, we’ve looked at Symantec on a billings basis, looking at billing growth as an indicator of overall growth. That's hard right now with the acquisition accounting. I'm just looking for some guidance on your part in terms of, what do you think is the best indicator of the underlying demand trends? Is there some adjusted billings number we should be looking to? Or is it just we have to fall back on revenues and just take into account the subscription versus perpetual adjustments that are going to be happening?

At this point, Keith, I think we want to stay on the revenue reporting that we have and we give you the cash flow information and the balance sheet. I think you'll be able to piece it back together. We feel that’s a good strategy for Q3 and Q4.

Operator, next question?

Hi. Thanks. Question for Thomas on the Blue Coat contribution, the $124 million that you saw in the quarter. Can you talk about the delta there between the $100 million you were expecting? Was it just simply timing of business that came in, or was that business indeed better than expected if you look at it on maybe a full quarter basis or whatever makes sense to calibrate?

Yeah, I'm not even sure we want to be this granular. First of all, we are very pleased that our sales team was able to provide that in the short period of time we had to close. I think there is a combination of both elements in that number. Overall, I think what we said in the prepared remarks holds true. We are encouraged by the momentum we see and the execution from the sales force in our first combined quarter. But it's one data point, and that's why we think it's still prudent to be very conservative in the outlook we provide.

And then, Thomas, just similar to that question on the billings from Blue Coat. Could you help us understand, did the billings exceed the revenue for the $124 million in the quarter, or were they less? Or any sort of color you could give us around that would be helpful as well.

Yeah, as you know, we've got a lot of moving parts. That's why we wanted to stay away from giving that granular business guidance. We have to digest the integration. We still have some noise in our billings numbers from a Veritas separation perspective. From an overall billings performance, I think if you look for a proxy, look at our GAAP revenue and the change in deferred, and that gives you an approximation of how billings have performed quarter-over-quarter for the combined company. If you do your math, it’s going to be approximately 12%. For now, we'd like to focus less on revenue and more on margin and EPS.