As Internet-based infrastructure broadens, so do the risks associated with this exposure. These risks increase daily and threaten confidentiality, integrity, and secure availability of intellectual property, proprietary data, and computing resources. Such threats present themselves in many forms, including the following:
•
Malicious attacks are becoming more sophisticated and continuing to increase in volume. According to International Data Corporation (IDC), a global provider of market research, malicious code, spyware and spam continue to be the most serious threats facing corporations today, but protecting sensitive data from leaving the organization is rapidly climbing the priority list of enterprise security threats.
•
Hackers and attackers are no longer focused on hobby, but rather strict and prosperous financial gain, fraud and identity theft, which continue to be the leading drivers behind the increasing sophistication and volume of attacks.
•
Web-based malware programs sent on infected pages or through email downloaded from Web-based mailbox or via embedded images can attack automatically and in real time, making Web security concerns a top priority for organizations seeking protection from the jump in spyware, Trojans, worms, and other Web-traffic attacks.
•
Risks from exposure to malicious software, worms, and viruses that can enter networks from many sources and cause damage, install spyware, or open secret backdoors into private computing resources.
•
Theft by both infiltrators and employees of private citizen records and other proprietary information in violation of numerous federal regulations and statutes and state and local statutes, such as Sarbanes-Oxley, the Gramm-Leach Bliley Act, and the Health Insurance Portability and Accountability Act.
•
Intruders gaining unauthorized access to private computing resources and software applications.
•
Legal liability exposure resulting from employee Internet access, or from hijacked use of desktop personal computers and servers for unauthorized file storage and file-sharing schemes.
•
Identity theft and spoofing.
•
Network and application server downtime due to denial of service (DoS) and distributed denial of service attacks (DDoS).
•
Confidentiality leaks via email, instant messaging chat sessions, person to person file sharing, and unauthorized attachments that leave private networks unfiltered.
•
Productivity losses from spam clogged email inboxes. Application-Level Vulnerabilities
In today’s highly complex Internet environment, network attacks have evolved into application-level attacks, and recently, an entirely new class of application-specific threats have arisen that require far more stringent protection. Protecting the network is highly important, but by itself, is not sufficient. The network is the foundation for communication, and the conduit over which people connect to the application resources they need and it is precisely these applications that can expose an organization’s information resources to extreme vulnerability. Our products are designed to proactively address most, if not all, network security issues, whether its employees utilizing the Internet, or remote partners and customers accessing the intranet, Web services, and applications from outside the internal network. Our security measures extend beyond the network level, protecting applications and their resources so organizations can conduct their business, expand their reach, and drive success with confidence.
From email applications to Web services, File Transfer Protocol (FTP), customer relationship management (CRM) and sales force automation systems, people connect across networks to applications in order to conduct business every day. Misuse of applications and Web portals can result in the loss of valuable resources and
millions of dollars. As the applications we use have become more sophisticated, so have the attack capabilities that threaten them. Applications contain inherent vulnerabilities, and sophisticated attackers can exploit these vulnerabilities and undermine an organizations’ ability to conduct its business. Defensive measures must be even more sophisticated in their ability to protect against application-level threats—and our technology is designed with this in mind.
Along with protecting against known threats, today’s security solutions must be able to anticipate unknown threats before they enter the network. A central part of an organization’s business model must include provisions for safeguarding their business connections from being compromised to the highest degree possible.
Market Need and Strategy
More than ever before, organizations realize that they must take responsibility to protect their own confidential information and that of their customers and partners. Government regulations in recent years, such as the Federal Information Security Management Act, the Health Insurance Portability and Accountability Act, the Gramm-Leach Bliley Act, and the Children’s Internet Protection Act, have heightened awareness and mandated that organizations secure their information across multiple segments—financial, medical, educational, and more. Enterprises must know that the data residing on a given network is secure and that parameters are in place for managing access to their proprietary information. Even as deadlines are met on these laws, enterprises must continue to refine their compliance solutions and move towards focusing on ongoing compliance. In the coming years, larger enterprises which had to put in a “quick fix” to meet deadlines will be looking to implement longer-term and more efficient solutions. Smaller businesses, which enjoyed some extended deadlines from Congress, are still implementing their first-time compliance solutions, representing a significant opportunity for security companies with a broad range of solutions.
Our strategy is to provide organizations, both at the enterprise level as well as the Small and Medium Business (SMB) level, with a broad set of solutions when it comes to implementing their security objectives, beginning with knowledge about security risks and regulations, accompanied by industry-leading security products to assist with mitigating these risks, and lastly, providing comprehensive security management capabilities. Our goal is to help organizations build confidence in the overall functionality and security of their network and application operations. We accomplish this by providing scalable, manageable, highly available solutions that meet their needs today and in the future. This objective includes meeting our customers’ requirements for security products that provide broad solutions by integrating with each other and interoperate within current infrastructures. All of our products are designed to provide the strongest network protection available, along with central manageability, scalability, and interoperability.
Providing solutions that are manageable, easy to use and that lead the industry in total cost of ownership for the customer are our top objectives for organizations of all sizes. Our solutions enable best business practices that keep the workplace secure, productive, and easily manageable.
Our strategy also encompasses our award-winning service and support organization. We are able to provide our customers with unwavering service and support due, in part, to the knowledge base and technological expertise of our service and support staff.
Secure Computing Solutions
Our specialized solutions are designed to meet customers’ needs to balance security and accessibility, and to help them create trusted environments both inside and outside their organizations. Each of our products provide a complete solution in and of itself, and they also integrate with each other for a more comprehensive, unified, and centrally managed solution. We have developed a vision for comprehensive security on the enterprise gateway that embodies the following core design principles:
•
Appliance-based delivery. All security functionality related to application intelligence and awareness needs to reside on a contained appliance. These appliances must be built on a secure operating system platform, have a regulated set of interfaces to external systems, and be encased in strong, tamper-proof hardware. Essentially, the appliance must mitigate the many security management problems of deploying software on a standard operating system-server configuration.
•
Application and content awareness. Today’s security attacks have progressed far beyond the network and protocol level to that of the application and content. The gateway needs a deep knowledge of the underlying communication, an understanding of the context of the communication, and the ability to inspect and interpret the content.
•
Centralized policy, management and reporting. The security gateway must have the ability to be centrally configured, provisioned and managed. This, along with consolidated reporting, should provide immediate feedback on the effectiveness of the security appliance while helping reduce the cost of ownership.
•
Bi-directional protection. The security gateway needs to effectively scrutinize inbound traffic in order to block bad traffic from entering the network, while simultaneously performing deep inspection of outbound content to protect against leaks of confidential information or intellectual property.
•
Proactive protection. With the rapid increase in polymorphic threats, the ability to know immediately what could be dangerous is imperative. A gateway security system should be able to effectively thwart these attacks in real time.
•
User management and education. The security gateway needs to protect all types of sensitive data automatically, with easy-to-manage policies, comprehensive audit trails, and employee feedback loops.
•
Performance. As traffic volumes increase exponentially, the gateways must be able to keep up and scale for performance without having to replace them, or take them off-line for major upgrades.
•
Resiliency. Security gateways should not introduce points of failure to the mission at hand. Our solutions for securing critical connections fall into four categories: TrustedSource Global Intelligence, enterprise gateway security appliances (Network, Web, and Messaging Gateways), Identity and Access Management, and Security and Support services.
TrustedSource Global Intelligence
We believe TrustedSource technology is the most precise and comprehensive Internet host reputation system in the world, which we are rolling into many of our product lines as a key cornerstone of Global Intelligence security. TrustedSource characterizes Internet traffic and makes it understandable and actionable, and also creates a profile of all “sender” behavior on the Internet and then utilizes this profile to watch for deviations from expected behavior for any given sender. TrustedSource then calculates a “reputation score” based on the behavior of the sending host. We have an extensive network of thousands of sensors and other collection vehicles throughout the Internet which tracks and reports back to TrustedSource, data on all observed email traffic, giving TrustedSource a real-time view of Internet communication worldwide.
Originally developed to identify spammers, TrustedSource is able to recognize any “host” profile anomalies and immediately calculate new reputation scores for senders and propagate this information to all TrustedSource
clients. Analyzing not only email senders but Internet domains as well, this Global Intelligence technology is able to profile literally millions of entities connected to the Internet worldwide in real-time, and provide up-to-the minute host behavior analysis. TrustedSource is the first and only reputation system to combine traffic data, whitelists, blacklists and network characteristics with the unparalleled strength of our global network. We believe the result is the most complete reputation system in the industry with the ability to score every IP address across the Internet.
Enterprise Gateway Security Appliances
Network Gateway Security
Our enterprise gateway security platforms are the aggregation points not only for application-specific defense-in-depth technologies based on deep knowledge of the underlying protocols and application environment, but also a mechanism for introducing real-time intelligence to security-relevant decisions about the disposition of application-specific traffic. This incorporates host and domain intelligence as well as bi-directional security services in the areas of compliance, policy, encryption, email, Web, and anti-malware protection. These services leverage centralized policy and management and are fully integrated with TrustedSource and SafeWord ® Identity and Access Management technology.
The idea of the network perimeter has evolved significantly since the advent of the Web. A mobile workforce, extranets, distributed applications and an environment of highly sophisticated, blended threats has forced enterprises to deploy an array of separate security applications to provide services such as firewall, Virtual Private Network (VPN), Intrusion-Detection System (IDS)/Intrusion-Prevention System (IPS), anti-virus, anti-spam, and more. The recent movement toward all-in-one appliances has helped mitigate the problem to an extent, especially for small and mid-size companies, but three major issues still remain: 1) many solutions rely on known malware signatures and fail to offer protection against previously unknown attacks 2) the Internet is a dynamic environment, with a security profile that changes in real time, and 3) enterprise security applications often fail to adequately share policy and application intelligence between one another. Our Network Gateway Security products address each of these areas of concern, providing the industry’s strongest application firewall protections.
Sidewinder G2 Security Appliance —Our security appliances consolidate all major Internet security functions into a single system. Sidewinder G2 ® defends the network against all types of threats, both known and unknown. Through its unified threat management (UTM) approach, Sidewinder delivers best-of-breed anti-spyware, anti-virus, anti-spam and anti-fraud engines, Web content filtering, TrustedSource IP reputation services, secure Domain Name System (DNS), VPN, and Secure Sockets Layer (SSL) gateways, and more.
In 2006, we continued to differentiate our UTM appliance from the competition with demonstrable zero-hour attack protections on high profile Internet attacks (such as the Sendmail vulnerability in March and Microsoft Windows MetaFile “WMF” attack in January). We also announced plans to merge our newly-acquired CyberGuard ® Firewall/VPN technologies (TSP and Classic) with our Sidewinder G2 Security Appliance in our next generation UTM appliance that has come to market in the first quarter of 2007. The CyberGuard acquisition also brought to us a new paradigm in enterprise central management with the Command Center which we will continue to leverage going forward. We believe Command Center’s ability to do administration, configuration, monitoring, and management of software updates for a global appliance deployment coupled with our Security Reporter product’s central reporting, and full out-of-the box compliance reports, continue to ensure that both medium and large customers see our network gateway appliances as the product of choice.
Sidewinder G2 continues its proven security track record, in great part due to our SecureOS ® operating system with our patented Type Enforcement ® technology and flexible application level protection mechanisms. In 2006, our accomplishments of FIPS 140-2 validation and continued leadership with Common Criteria (CC) EAL4+ certification for application level firewalls puts us in an unparalleled class of product when competing in the U.S. and other government opportunities all around the world.
CyberGuard Total Stream Protection (TSP) —Like Sidewinder G2, CyberGuard Total Stream Protection (TSP) line of UTM appliances is designed to protect mid-size to large enterprises against both known and zero-hour attacks, using a hybrid architecture that combines stateful packet filtering, seven layer inspection, and secure content policy enforcement. The devices include a fully integrated IPSec VPN, flexible authentication and advanced filtering strategies. Sidewinder G2 and TSP share common hardware.
SnapGear —SnapGear ™ security appliances integrate networking, firewall, intrusion prevention security, and remote access requirements into one small form-factor appliance, fulfilling the lower end of the pricing scale of our network gateway security line of products. Designed to provide a complete office-in-a-box networking device for small and mid-sized organizations, SnapGear is the only networking device needed for office PCs to be networked with one another, connect securely to the Internet, connect to the corporate WAN, and service all remote access VPN needs, thereby providing small and midsize businesses with enterprise-level networking capabilities.
Web Gateway Security
Web Gateway Security appliances protect enterprises from malware, data leakage, and Internet misuse, while helping to ensure policy enforcement, regulatory compliance, and a productive application environment. These platforms analyze traffic bi-directionally. Inbound, they isolate and eliminate threats from all types of malware, including zero-day threats, viruses, Trojans, spam, phishing, and the like. They use a deep knowledge of the underlying protocols and application behavior combined with global intelligence to make security decisions. On the outbound side, in addition to preventing virus propagation and unwanted Web site access, our enterprise Web Gateway Security helps customers achieve regulatory compliance and prevent data leakage across both Web and messaging applications.
Webwasher —Webwasher ® Web Gateway Security appliances provide best-of-breed content security to secure Web-based enterprise traffic. Webwasher provides URL filtering to block access to inappropriate Web content and help prevent phishing attacks, and provide malware protection with Proactive Security technology to guard against zero-day attacks and blended threats. Webwasher also features SSL Scanning which identifies and blocks malicious content hidden in SSL-encrypted traffic from accessing the network and confidential information from leaving the network. All products can be managed from a single Web Graphical User Interface (GUI) and Content Reporter offers enterprise-class reporting on all Webwasher products and most gateway cache appliances and firewalls. In 2006, and continuing into 2007, WebWasher has begun integration, and will continue, to integrate SmartFilter for its current and future URL filtering capabilities.
SmartFilter —Our flagship URL filtering application, SmartFilter ® , is an enterprise solution currently shielding thousands of organizations from inappropriate use of the Web and the security threats often associated with viewing inappropriate, malicious or infected Web sites. SmartFilter provides deployment and platform flexibility with over 30 different options including leading firewalls, security appliances, proxy servers or caching systems. SmartFilter continues to be the de facto filtering standard for original equipment manufacturers (OEM). SmartFilter is integrated on market-leading solutions from vendors such as McAfee and Computer Associates.
Messaging Gateway Security
Messaging has undergone a fundamental change in enterprise environments. Not too long ago, most electronic messaging was confined to applications like Microsoft Outlook and Lotus Notes. Now with the advent of Web-based mail applications like hotmail and gmail, as well as instant messaging, there are many more channels both into and out of the enterprise network. In fact, messaging is now the preferred attack vector for hackers, and spam is their weapon of choice. Hackers now employ sophisticated networks of thousands of “zombie” computers or “botnets” to send messages infected with malware, putting the enterprise at a significant disadvantage. Even more discouraging is the sharp rise in zero-day attacks, where there is no known signature that can be used to block the attack.
Furthermore, messaging now represents a bi-directional challenge. Not only are inbound threats becoming much more sophisticated and targeted, but outbound data leakage and regulatory compliance have become huge and well-publicized liabilities for enterprises. Users can easily attach confidential documents to emails and Instant Message (IM) conversations, making it trivial for sensitive information to find its way outside the network. Outbound content checking is not common practice. And even in instances where such controls are in place, where the enterprise user is communicating over an SSL-encrypted link (i.e., HTTPS), there is typically no mechanism in place to decrypt and inspect the traffic to ensure that policies are being enforced.
Recognizing that messaging is now a primary business application in most enterprises, we have implemented a strategy to comprehensively address both inbound and outbound threats and to help our customers insure compliance with federally mandated requirements for the protection of sensitive data. Our Messaging Gateway Security platforms look at traffic bi-directionally. Inbound, they proactively isolate and eliminate threats from all types of malware—zero-day threats, viruses, Trojans, spam, phishing, and the like. We use a deep knowledge of the underlying protocols and application behavior combined with real-time global intelligence to add a new dimension to security-related processing.
On the outbound side, through sophisticated fingerprinting and data profiling techniques, our Messaging Gateways are able to determine which data (either in the form of text in a message or text within an attachment) need to be blocked or flagged due to security or compliance concerns. Our Messaging Gateways can also enforce mandatory outbound encryption for certain traffic types without requiring the installation of client software on the recipient’s system. We also prevent virus propagation throughout the messaging infrastructure, delivering maximum availability and security, effectiveness and global enterprise manageability across multiple messaging protocols including email, instant messaging and Webmail. This combination of easy-to-manage gateway appliances and sophisticated, centralized real-time network intelligence provides clean, efficient communications, eliminating both inbound and outbound risks.
IronMail —IronMail ® provides a centrally managed, integrated, best-of-breed messaging gateway security appliance for enterprises of all types and sizes. In one integrated appliance, IronMail protects enterprise email systems from inbound (spam, viruses, phishing, and hackers) as well as from outbound threats (regulatory or corporate policy compliance violations or theft/leakage of confidential information or intellectual property). We have integrated TrustedSource IP reputation identities into our IronMail Messaging Gateway Security appliances to provide real-time behavior analysis on more than one-third of the world’s enterprise messaging traffic with over 7,000 sensors located in 48 countries.
IronIM —The IronIM ™ instant messaging security appliance is the first and only solution that integrates policy to secure, log, monitor, and encrypt enterprise IM communications. IronIM allows administrators to control and manage the use of public and enterprise IM from a single management platform to eliminate risks from IM-borne threats, ensure compliance with various industry and government regulations, and monitor for information leakage or other policy violations. IronIM supports multiple instant messaging networks (including AOL Instant Messenger, MSN Messenger, Yahoo! Messenger, and corporate IM solutions including Microsoft LCS and IBM SameTime) and does not require deployment of a new IM client.
RADAR —RADAR ™ protects an organization’s online reputation, whether by detecting and stopping phishing scams or identifying and fixing PCs. RADAR receives a real-time stream of behavior-based intelligence from our TrustedSource global threat correlation engine to detect deviations from expected behavior for all senders and provides real-time alerting to customers.
Secure Computing Edge —Secure Computing Edge ™ is a hardened appliance positioned at the perimeter of the mail system, applying TrustedSource technology to control email traffic at the network border rather than at the mail server or desktop. Edge relies on TrustedSource for information about every sender, to allow or reject email before it even reaches critical mail servers.
Identity and Access Management
One important development in enterprise security has been recognition of the need for strong authentication as a prerequisite for access to corporate network resources (either remotely or from inside the network). Strong authentication has now been coupled with a fully-functional access gateway and the ability to coordinate policies governing the extent and scope of corporate resource access by individuals. This combination of strong authentication, centralized policy management and the ability to report at a very granular level on security-relevant activity is commonly referred to as Identity and Access Management (IAM), and is fundamental to any corporate security strategy.
We expanded our SafeWord ® product line in 2006, thereby providing a comprehensive Identity and Access Management portfolio that is fully integrated into our enterprise gateway security strategy and provides strong authentication and centralized policy and reporting across the entire enterprise gateway security portfolio.
Remote access to network resources is a requirement for many businesses, but verifying the identity of your remote users with strong authentication and a reliable identity management system is vital for security. Additionally, organizations are increasingly realizing the many vulnerabilities of passwords, and they require strong authentication systems that are easy to install and deploy, simple to manage, and able to grow with their needs.
Our SafeWord products meet these needs. By providing safe access to applications, data, and resources through policy-driven security initiatives, as well as positively identifying users through strong authentication, SafeWord products assure that only the right people can make connections to an organization’s applications and resources. SafeWord software and SafeWord tokens offer flexibility, scalability, and ease of use, and are used by thousands of organizations and millions of end users worldwide every day.
SafeWord SecureWire —In April 2006, we broadened our presence in the authentication market into the IAM space by introducing our SafeWord SecureWire ™ appliance. IDC defines the IAM market as a comprehensive set of solutions used to identify users in a system and control their access to resources within that system by associating user rights and restrictions with the established identity. SafeWord SecureWire is a new, robust technology that functions as the access, authentication, and compliance hub for the entire network. SecureWire is designed to simplify access to applications, data, and network resources by hosting and managing all external access methods on a single appliance, such as, VPNs, Citrix applications, extranets, and Webmail. SecureWire can also host and manage all internal access methods: LAN connections, wireless LANs, and even mainframes. By providing secure access management inside and outside the virtual perimeter, and by consolidating all policies on a single device, SecureWire helps enable our customers to achieve configuration compliance because only properly configured devices are allowed to access their networks.
We include SafeWord strong authentication tokens with every SecureWire shipment to allow customers to provide proof-positive identity of all users entering their network. SecureWire is also available in a wireless package, now bundled with our SnapGear wireless appliance to provide a complete wireless access management system. The access appliance also delivers a reliable mechanism to enable configuration compliance, enforcing every end-point device to adhere to corporate IT policy, including work PCs, laptops, home PCs, and workstations. SecureWire allows our customers to mandate that only properly configured, properly secured devices are granted access according to their security policy, and to ensure that system patches, anti-virus software, and firewall protection are all in place.
SafeWord PremierAccess is our leading strong authentication solution for Microsoft environments using Active Directory, providing proof-positive user identities via VPNs, Citrix applications, Outlook Web Access, Windows Domain and Terminal Services logins. SafeWord PremierAccess ® offers powerful management tools with the Enterprise Solution Pack (ESP), an optional add-on package that provides advanced user management, support for a wide range of authentication form factors, advanced reporting capabilities, and rich access control functionality.
SafeWord RemoteAccess is a simple, easy-to-use strong authentication solution designed to protect VPN, RADIUS, Citrix, and Outlook Web Access connections. With tight integration and simplified management through Active Directory, and with tokens that generate new passcodes with every user login, SafeWord RemoteAccess ™ lets you easily and cost-effectively eliminate the password risk. RemoteAccess is available in the following branded versions: SafeWord RemoteAccess, SafeWord RemoteAccess-Cisco compatible, SafeWord for Citrix, SafeWord for Check Point, and SafeWord for Nortel Networks.
Security and Support Services
Our services are designed to ensure that our customers make optimal use of our products when controlling access to their networks and applications. We provide a life cycle of support and services, including: Solution Planning, Solution Implementation, and Solution Support. These services are described below.
Solution Planning— Our Security Services offerings include a variety of options for rapid assessment of a company’s current network architecture and evaluation of the current status of network security. We then compare this information to the company’s business needs, both current and future, to help them plan a scalable and secure e-commerce solution. In addition, we offer security policy services that help customers prepare a policy and plan that transfers their security policy from paper to practice. We provide the following services: network architecture security assessment; security policy assessment and development; and product and audit configuration assessment.
Solution Implementation— Our Network Services team offers a full range of rapid-deployment integration services and training to assist our customers through implementation and integration of our products. Both the configuration process of a security system and the security products themselves, by their nature, may have an impact on several areas within a customer’s network. Accordingly, we offer a complete package of product integration assistance to ensure our customers maximize network uptime and maintain productivity during the process. We provide the following services: product implementation; product audit and configuration; and product training.
As part of our Network Services training program, we provide extensive product and network training online through our Web-based classes. In addition, we offer hands-on training at our training facilities, and these classes are also available worldwide onsite for our customers and partners. These services help our customers understand basic and advanced administration rules and tools that enable partners to configure, integrate, and maintain our products as part of a comprehensive e-business solution.
Solution Support – SecureSupport ® —We offer industry leading live answer support services. SecureSupport has a team of technical support engineers that provide customer support around the clock via email, the Web, or telephone. Service options are tailored for each of our enterprise gateway security products and customer requirements. Customers can select the SecureSupport option that best meets their needs. Our support center call statistics are published and posted to our corporate Web site at www.securecomputing.com .
We designed SecureSupport Online, a tool to assist our customers and channel partners with any problem they may experience with any of our products. Through this process, technical expertise is offered online through a searchable knowledge base, viewable support history, and email access. Product patches and release notes can also be downloaded.
We offer our customers the option to purchase software support and upgrade service for an annual fee. We provide software updates and technical support through this program.
Customers
Our expanded global footprint now encompasses more than 19,000 customers operating some of the largest and most sensitive networks and applications in the world. Our partners and customers include the majority of
the Dow Jones Global 50 Titans and numerous organizations in the Fortune 1000, as well as banking, financial services, healthcare, real estate, telecommunications, manufacturing, public utilities, schools, and federal, state and local governments. We have relationships with the largest agencies of the U.S. government. Our customer list also includes numerous international organizations and foreign governments. Overseas, our customers are concentrated primarily in Europe, Japan, China, the Pacific Rim, and Latin America.
No customer accounted for more than 10% of our total revenue in 2006, 2005 or 2004.
Sales
We sell our products and services both directly and indirectly through domestic and international distributors, value-added resellers, major integrators, and OEMs. For 2006, sales to major end users comprised 19% of total sales, while indirect channel sales comprised 81%. Our sales organization is divided geographically into the following territories: North America; Federal; Europe, the Middle East and Africa; Asia Pacific; and Latin America.
Our market strategy promotes our PartnersFirst reseller program, a channel program through which nearly all of our global indirect business is conducted. The program reflects our commitment to a partner-focused sales model and enhances access to our products by making them available through over 2,000 resellers via leading distribution partners and streamlined processes. Our channel program makes the process of doing business with us simple, while giving partners enhanced abilities to increase revenue.
We have a U.S. federal government sales team and a General Services Administration (GSA) schedule for our products maintained by a third party, to facilitate government orders. The U.S. government is the world’s largest buyer of security products and continues to be a strong market for us.
The following table summarizes our products and services revenues (in thousands):
| Year Ended December 31, | |||||||||
| 2006 |
2005 |
2004 | |||||||
| Revenues: |
|||||||||
| Products |
$ | 115,628 | $ | 79,339 | $ | 67,625 | |||
| Services |
61,069 | 29,836 | 25,753 | ||||||
| $ | 176,697 | $ | 109,175 | $ | 93,378 | ||||
Marketing
We market our products to existing customers and prospects worldwide using a variety of integrated marketing programs. Our marketing team creates and implements marketing campaigns in each of our major functional market areas: corporate marketing for company and brand awareness, product marketing, and partner marketing.
By leveraging relationships with our channel partners, we generate sales leads and brand awareness through customer focused initiatives. Additionally, we work closely with industry analysts and current customers to understand the trends and needs associated with the enterprise gateway security marketplace. Our research and experience help drive key marketing initiatives including: direct marketing, Web marketing, print advertising, customer seminars, Web seminars, and trade shows. We also work closely with outside vendors to help us pre-qualify leads in order to provide our partners with well qualified prospects.
An active international public relations program ensures that we receive appropriate press coverage for our various programs and announcements as well as obtain product reviews and speaking engagements. In addition to our marketing programs, we stimulate interest and demand for our solutions through our corporate Web site,
channel partner Web sites and other industry-specific Web sites, providing white papers, newsletters, and technical notes. Several of our senior technical staff contribute articles to industry periodicals as well as abstracts for presentations they provide to industry specific summits and events, further extending our ability to educate the industry about e-business security.
Competition
The market for enterprise gateway security is highly competitive and we expect competition to intensify in the future. Our products compete on the basis of quality of security, ease of installation and management, scalability, performance and flexibility. Each of our individual products competes with a different group of competitors and products. Current significant competitors for our existing products include: Check Point Software Technologies Ltd.; Cisco Systems, Inc.; Fortinet, Inc.; Juniper Networks; EMC Corporation (formerly RSA Security, Inc.); VASCO Data Security International, Inc.; SonicWall; SurfControl, plc; Blue Coat Systems, Inc.; Symantec Corporation; Postini, Inc.; Tumbleweed; IronPort Systems, Inc.; and Websense, Inc.
Seasonality
As is typical for many large software companies, a part of our business is seasonal. A slight decline in product orders is typical in the first quarter of our fiscal year when compared to product orders in the fourth quarter of the prior fiscal year. In addition, we generally receive a higher volume of orders in the last month of a quarter. We believe this seasonality primarily reflects customer spending patterns and budget cycles.
Backlog
Our backlog for products at any point in time is not significant since products are shipped upon receipt of order. We do not believe that our backlog at any particular point in time is indicative of future sales levels. The timing and volume of customer orders are difficult to forecast because our customers typically require prompt delivery of products and a majority of our sales are booked and shipped in the same quarter. In addition, sales are generally made pursuant to standard purchase orders that can be rescheduled, reduced, or canceled prior to shipment with little or no penalty.
Manufacturing
Our manufacturing operations consist primarily of light manufacturing of our software and appliance products. We use subcontractors to duplicate software media and print user documentation and product packaging for our software products. We have two different processes for manufacturing our appliances depending on the product line. We either procure computer servers from major computer manufacturers and then assemble the final software and hardware products at our facilities in St. Paul, Minnesota or we outsource all services to third party providers. The third party providers complete the hardware build per our configuration specifications, perform a final test, and then image and drop ship the product directly to our customers.
Our SafeWord product line includes a small token, available in various designs. We source these tokens through electronics assembly manufacturers located in China.
The majority of the materials used in our manufacturing operations are industry-standard parts. Typical materials required are media and media duplication services, user documentation and other printed materials, product packaging, and computer systems (computer servers, computer peripherals, memory disk drives, and storage devices).
Research and Development
Our internal engineering staff performs internal development of new products and features. For the years ended December 31, 2006, 2005, and 2004, our research and development expenses were $34.1 million, $16.8 million, and $16.1 million, respectively.
We intend to keep our products broadly compatible with industry standards, other information security products and other applications. In addition, we will introduce new products as market demand develops for such products. We design our products so that they support emerging or evolving security and content standards, such as Hypertext Transfer Protocol (HTTP), Extensible Markup Language (XML), Simple Mail Transfer Protocol (SMTP), the Public Key Cryptography Standards (PKCS), IPSec, Lightweight Directory Access Protocol (LDAP), Internet Protocol Version 6 (IPv6), Secure Sockets Layer (SSL), and others.
Patents and Proprietary Technology
We rely on patent, trademark, copyright, and trade secret laws, employee and third party nondisclosure agreements, and other methods to protect our proprietary rights. We currently hold a number of U.S. and foreign patents relating to computer security software and hardware products. We believe that our patents are broad and fundamental to information security computer products.
Our success depends, in part, upon our proprietary software and security technology. We also rely on trade secrets and proprietary expertise that we seek to protect, in part, through confidentiality agreements with employees, consultants, and other parties.
We have used, registered, and/or applied to register certain trademarks and service marks to distinguish genuine Secure Computing products, technologies and services from those of our competitors in the U.S. and in foreign countries and jurisdictions. We enforce our trademark, service mark and trade name rights in the U.S. and abroad.
Employees
As of December 31, 2006, we had 885 employees. Of these employees, 341 were involved in sales and marketing, 123 in customer support and services, 269 in research and development, 58 in production, 39 in information technology and 55 in administrative, human resources and finance. None of our employees are represented by a labor union or is subject to a collective bargaining agreement. We believe that we maintain good relations with our employees.
Executive Officers
Our executive officers and their ages as of March 12, 2007 are as follows:
| EXECUTIVE OFFICERS |
AGE |
POSITION WITH SECURE COMPUTING CORPORATION | ||
| John E. McNulty |
60 | Chief Executive Officer, President and Chairman of the Board | ||
| Jay S. Chaudhry |
48 | Vice Chairman and Chief Strategy Officer | ||
| Timothy J. Steinkopf |
45 | Senior Vice President of Operations and Chief Financial Officer | ||
| Vincent M. Schiavo |
49 | Senior Vice President of Worldwide Sales | ||
| Michael J. Gallagher |
43 | Senior Vice President of Product Development | ||
| Mary K. Budge |
51 | Senior Vice President, Secretary and General Counsel | ||
| Dr. Paul Q. Judge |
30 | Chief Technology Officer | ||
| Atri Chatterjee |
44 | Senior Vice President of Marketing |
JOHN E. MCNULTY is our Chairman, President and Chief Executive Officer. Mr. McNulty first joined us as President and Chief Operating Officer in May 1999 and assumed the positions of Chairman of the Board and Chief Executive Officer in July 1999. From 1997 until joining us, he served as Senior Vice President of Sales, Services, and Business Development at Genesys Telecommunications Laboratories. Mr. McNulty was also previously with Intel Corporation, where he held a number of positions, including Director of Marketing and Business Development for the Enterprise Server Group, which he launched.
JAY S. CHAUDHRY is our Vice Chairman and Chief Strategy Officer. Mr. Chaudhry joined us in August 2006 as a result of our acquisition of CipherTrust, Inc. which he founded in 2000 and where he served as Chief Executive Officer. Prior to that, his experience includes sales, marketing and engineering experience with IBM, NCR and Unisys Corporation, and the successful launch of several technology companies.
TIMOTHY J. STEINKOPF is our Senior Vice President of Operations and Chief Financial Officer. Mr. Steinkopf first joined us as Treasurer and Director of Investor Relations in September 2000 and assumed the positions of Vice President and Chief Financial Officer in March 2001. Mr. Steinkopf was appointed to Senior Vice President in January 2002. From 1999 until joining us, he was at Silicon Entertainment, Inc. where his last position was Chief Financial Officer and Vice President of Finance. He was the Vice President of Finance, Secretary and Treasurer at Watt/Peterson Inc. from 1991 to 1999. Prior to that, he was at Ernst & Young LLP.
VINCENT M. SCHIAVO is our Senior Vice President of Worldwide Sales. Mr. Schiavo joined us in April 2001. From 1998 until joining us, he served as President of PolyServe, Inc. Prior to that he served as Vice President of Worldwide Sales at Sonic Solutions and in various other sales management roles at Radius, Apple Computer and Data General Corporation.
MICHAEL J. GALLAGHER is our Senior Vice President of Product Development. Mr. Gallagher rejoined us as Vice President and General Manager of our Network Security Division in 1999 and assumed the position of Senior Vice President of Product Development in August 2003. From 1997 until rejoining us, he was the Vice President of Software and Systems Engineering at Datakey. In 1996 and into 1997, he was employed by us and was responsible for management of several firewall and security initiatives. Prior to that he held various software engineering and technical management positions with increasing responsibility at Unisys Corporation.
MARY K. BUDGE is our Senior Vice President, Secretary and General Counsel. Ms. Budge joined us in November 1996 as corporate counsel and was appointed Senior Vice President in February 2005. Prior to joining us, she was an attorney for Schwegman, Lundberg, Woessner & Kluth where she specialized in trademark and copyright law. Ms. Budge is a member of the Minnesota Bar Association and the American Corporate Counsel Association.
DR. PAUL Q. JUDGE is our Chief Technology Officer. Mr. Judge joined us in August 2006 as a result of our acquisition of CipherTrust, Inc., where he served as Chief Technology Officer since 2000. Prior to that, he worked with IBM and NASA.
ATRI CHATTERJEE is our Senior Vice President of Marketing. Mr. Chatterjee joined us in August 2006 as a result of our acquisition of CipherTrust, Inc., where he served as Senior Vice President of Marketing since April 2006. From September 2003 until joining CipherTrust, he co-founded Mercora and served as the Vice President of Marketing and Business Development. In 2001 and into 2003, he served as the Vice President of Marketing and Business Development for McAfee.
None of the executive officers are related to each other or to any other director of Secure Computing.
Other
Our Annual Report on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, and amendments to those reports are available, free of charge, on our website at www.securecomputing.com as soon as reasonably practicable after they are filed with the SEC.
The public may also read and copy any materials we file with the SEC at the SEC’s Public Reference Room at 100 F Street, NE, Room 1580, Washington, DC 20549. The public may obtain information on the operation of the Public Reference Room by calling the SEC at 1-800-SEC-0330. The SEC also maintains a website at www.sec.gov that contains reports, proxy and information statements, and other information regarding issuers, such as us, that file electronically with the SEC.
ITEM 1A. RISK FACTORS
The following important factors, among others, could cause actual results to differ materially from those indicated by forward-looking statements made in this Annual Report on Form 10-K and presented elsewhere by us from time to time.
We may be unable to integrate our operations successfully and realize all of the anticipated benefits of the mergers with CipherTrust and CyberGuard. Our mergers with CipherTrust and CyberGuard involve the integration of companies that previously have operated independently, which is a complex, costly and time-consuming process. The difficulties of combining the companies’ operations include, among other things:
•
Coordinating geographically disparate organizations, systems and facilities;
•
Integrating personnel with diverse business backgrounds;
•
Consolidating corporate and administrative functions;
•
Consolidating research and development, and manufacturing operations;
•
Coordinating sales and marketing functions;
•
Retaining key employees; and
•
Preserving the research and development, collaboration, distribution, marketing, promotion and other important relationships of the companies. The process of integrating operations could cause an interruption of, or loss of momentum in, the activities of the combined company’s business and the loss of key personnel. The diversion of management’s attention and any delays or difficulties encountered in connection with the merger and the integration of the two companies’ operations could harm the business, results of operations, financial condition or prospects of the combined company after the mergers. We believe that the operation integration of CyberGuard is essentially complete. However, as of December 31, 2006, we have only twelve months of combined operations, and we may, in the future, encounter again any or all of the difficulties in operation integration we have faced in the period since the merger with CyberGuard, particularly due to the ongoing integration of CipherTrust. We expect the integration of CipherTrust to be completed in 2007.
We have experienced operating losses in the past and may experience operating losses in the future. In 2006 we incurred operating profit of $769,000 in the quarter ended March 31, 2006 and operating losses of $2.7 million, $6.3 million, and $9.5 million in the quarters ended June 30, 2006, September 30, 2006, and December 31, 2006, respectively. In 2005 we had continuing operating profit, although we have incurred operating losses in the past. If we are unable to attain operating profits in the future, our stock price may decline, which could cause you to lose part or all of your investment.
In 2006 we were cash flow positive, however, we have experienced negative cash flow in the past and may experience negative cash flow in the future. If, at that time, sources of financing are not available, we may not have sufficient cash to satisfy working capital requirements. We believe that we have sufficient financial resources to satisfy our working capital requirements for at least the next twelve months. We may seek to sell additional equity or debt securities or obtain an additional credit facility at that time or sooner if our plans change or if we expend cash sooner than anticipated. Any additional financing may not be available in amounts or on terms acceptable to us, if at all. Our failure to obtain financing at that time could result in our insolvency and the loss to investors of their entire investment in our common stock.
If we fail to meet the borrowing requirements under our credit agreement, we may be unable to obtain necessary short-term financing and if we default on a secured loan, material assets of ours could be subject to forfeiture. We currently are party to a senior secured credit facility with a syndicate of banks led by Citigroup and UBS Investment Bank which provides us with a $90.0 million term loan facility, a $20.0 million revolving
credit facility and a swingline loan sub-facility. As of December 31, 2006, we had $88.0 million of outstanding indebtedness. Of this indebtedness, approximately $28.0 million bears interest at rates that fluctuate with changes in certain prevailing interest rates. An increase in interest rates would have a negative impact on our earnings due to an increase in interest expense. As is typical for credit facilities of this sort, the credit agreement for such credit facility imposes certain restrictions on us, including limitations on additional indebtedness, capital expenditures, restricted payments, the incurrence of liens, transactions with affiliates and sales of assets. In addition, the credit agreement requires us to comply with certain financial covenants, including maintaining leverage and interest coverage ratios and capital expenditure limitations. We can offer no assurances that we will be able to comply with such financial covenants when a loan is needed or continue to comply with such covenants when a loan is outstanding. If we fail to satisfy these covenants or if we are unable to meet the conditions for borrowing under our credit agreement when funds are required, we could be prevented from meeting our payment obligations, which could have a material adverse effect on our business, financial conditional and operating results.
Further, our obligations under the credit agreement are secured by substantially all of our material assets, including real and personal property, inventory, accounts, intellectual property and other intangibles. If we default under our credit agreement for any reason and are unable to cure the default pursuant to the terms of the credit agreement, our lenders could take possession of any and all of our assets in which they hold a security interest, including intellectual property, and dispose of those assets to the extent necessary to pay off our debts, which could materially harm our business.
Our significant stockholders could have significant influence over us . Warburg Pincus beneficially owns 100% of the outstanding shares of Secure Computing Series A Preferred Stock convertible into approximately 5.7 million shares or 7.0% of Secure Computing common stock on a fully diluted basis. The shares of Series A Preferred Stock are convertible into shares of our common stock at the holder’s option, at a rate determined by dividing the aggregate liquidation preference of the shares of Series A Preferred Stock to be converted by $12.75. This liquidation preference, and the shares of common stock issuable upon conversion of the Series A Preferred Stock, accretes at the rate of 5% per year, compounded semi-annually over time. Subject to certain exceptions and limitations, the liquidation preference shall accrete for 54 months from the date of issuance, giving Warburg Pincus approximately 6.7 million shares, or 8.2% of our company on a fully accreted basis. Also, Warburg Pincus holds a warrant to purchase 1,000,000 shares of common stock at an initial per share exercise price of $13.85. Additionally, Warburg Pincus is entitled to nominate a member to our board of directors and the consent of the holders of the Series A Preferred Stock is required for certain corporate actions.
Jay Chaudhry, Vice Chairman of the Board and Chief Strategy Officer, beneficially owns 5,252,636 shares of Secure Computing common stock, or 6.4% of Secure Computing common stock on a fully diluted basis. Richard Scott, a member of our Board of Directors, beneficially owns 3,977,431 shares of Secure Computing common stock, or 4.9% of Secure Computing common stock on a fully diluted basis.
Accordingly, Warburg Pincus, Jay Chaudhry, and Richard Scott could significantly influence the outcome of any corporate transaction or other matter submitted to the stockholders for approval. The interests of Warburg Pincus, Jay Chaudhry, and Richard Scott may differ from the interests of other stockholders.
Holders of our Series A Preferred Stock have rights that are senior to those of our Common Stock. Holders of our Series A Preferred Stock are entitled to receive benefits not available to holders of our common stock. These benefits include, but are not limited to, the following:
•
beginning July 2010, shares of Series A Preferred Stock will be entitled to receive semi-annual dividends equal to 5.0% of the Series A Preferred Stock liquidation preference per year, which dividend may be paid in cash or added to the Series A Preferred Stock liquidation preference;
•
each share of Series A Preferred Stock has an initial liquidation preference of $100 and the liquidation preference accretes daily at an annual rate of 5.0%, compounded semi-annually; •
upon a change of control of our company, Warburg Pincus may elect to (i) convert the shares of Series A Preferred Stock into shares of Common Stock and receive the consideration due to the holders of Common Stock upon conversion, or (ii) cause us to redeem the Series A Preferred Stock for cash at the liquidation preference then in effect;
•
if a change of control occurs within 5 years of the issuance of the Series A Preferred Stock, the liquidation preference shall be an amount equal to the liquidation preference then in effect plus a premium of (i) 15% if the change of control occurs prior to the first anniversary of the issuance of the Series A Preferred Stock, (ii) 10% if the change of control occurs after the first anniversary of the issuance of the Series A Preferred Stock but prior to the second anniversary of the issuance of the Series A Preferred Stock, (iii) 5% if the change of control occurs after the second anniversary of the issuance of the Series A Preferred Stock but prior to the fourth anniversary of the issuance of the Series A Preferred Stock or (iv) 1% if the change of control occurs after the fourth anniversary of the issuance of the Series A Preferred Stock but prior to the fifth anniversary of the issuance of the Series A Preferred Stock;
•
holders of Series A Preferred Stock have rights to acquire additional shares of our capital stock or rights to purchase property in the event of certain grants, issuances or sales;
•
the conversion price of the Series A Preferred Stock, which initially was $13.51 per share, is subject to customary broad-based weighted average anti-dilution adjustments and other customary adjustments upon the issuance of shares of Common Stock below the conversion price, such as the issuance of shares and options to purchase shares in the CipherTrust acquisition, which resulted in an adjustment to the conversion price of the Series A Preferred Stock to $12.75;
•
the approval of holders of majority of the Series A Preferred Stock is separately required to (i) approve changes to our certificate of incorporation or bylaws that adversely affect Warburg Pincus’s rights, (ii) adopt any stockholder rights plan that would dilute the economic or voting interest of Warburg Pincus, (iii) incur certain debt, distribute assets, pay dividends or repurchase securities, (iv) create or issue any equity security with rights senior to or on parity with the Series A Preferred Stock, (v) increase the size of our board of directors above nine members and (vi) take any action that adversely affects the rights, preferences and privileges of the Series A Preferred Stock; and
•
for so long as Warburg Pincus and its affiliates owns at least 50% of its shares of Series A Preferred Stock, the holders of Series A Preferred Stock will have the right, voting as a separate class, to appoint one member to our board of directors. The potential increase in sales from our relationships with various vendors of communications, security, and network management products or managed services may be reduced by requirements to provide volume price discounts and other allowances and significant costs incurred in customizing our products. Although we do not intend that such relationships be exclusive, we may be required to enter into an exclusive relationship or forego a significant sales opportunity. To the extent we become dependent on actions by such parties, we could be adversely affected if the parties fail to perform as expected. To minimize our risk, we often set minimum quotas with our customers as a condition of exclusivity.
Competition from companies producing enterprise gateway security products could reduce our sales and market share. The market for enterprise gateway security products is intensely competitive and characterized by rapid technological change. We believe that competition in this market is likely to persist and to intensify as a result of increasing demand for security products. Each of our individual products competes with a different group of competitors and products. Because the market for our products is highly competitive, it may be difficult to significantly increase our market share or our market share may actually decline.
Our customers’ purchasing decisions are based heavily upon the quality of the security our products provide, the ease of installation and management, the ability to increase the numbers of individuals using our software simultaneously, and the flexibility of our software. If a competitor can offer our customers a better
solution in these areas or others and we are unable to rapidly offer a competitive product, we may lose customers. Competitors with greater resources could offer new solutions rapidly and at relatively low costs which could lead to increased price pressure, reduced margins, and a loss of market share.
Many of our competitors and potential competitors have significantly greater financial, marketing, technical, and other competitive resources than we have. Our larger actual and potential competitors may be able to leverage an installed customer base and/or other existing or future enterprise-wide products, adapt more quickly to new or emerging technologies and changes in customer requirements, or devote greater resources to the promotion and sale of their products than we can. Additionally, we may lose product sales to these competitors because of their greater name recognition and reputation among potential customers.
Our future potential competitors could include developers of operating systems or hardware suppliers not currently offering competitive enterprise gateway security products, including Microsoft, Sun Microsystems, Inc., IBM, Computer Associates, and Hewlett Packard. If any of those potential competitors begins to offer enterprise-wide security systems as a component of its hardware, demand for our solutions could decrease. Ultimately, approaches other than ours may dominate the market for enterprise gateway security products.
In the future, we may also face competition from our competitors and other parties that develop or acquire enterprise gateway security products based upon approaches that we employ. There are no guarantees that our approach will dominate the market for enterprise gateway security products. While we believe that we do not compete against manufacturers of other classes of security products, such as encryption, due to the complementary functions performed by such other classes, our customers may perceive such other companies as our competitors.
Consolidation among competitors may erode our market share . Current and potential competitors have established, or may in the future establish, cooperative relationships among themselves or with third parties to increase the ability of their products to address the needs of our prospective customers. Accordingly, it is possible that new competitors or alliances may emerge and rapidly acquire significant market share. If this were to occur, it could materially and adversely affect our financial condition or results of operations.
The trend toward multi-function security solutions may result in a consolidation of the market around a smaller number of vendors that are able to provide the necessary breadth of products and services. In the event that we are unable to internally develop all of the products needed for a complete, secure e-business solution, we may need to acquire such technology or be acquired by a larger entity. However, there can be no assurance that, in the event that we are not able to internally develop all of the products needed for an enterprise-wide security solution, we will be able to acquire or merge with other entities on terms favorable to us and our stockholders.
The pricing policies of our competitors may impact the overall demand for our products and services and therefore, impacting our profitability. Some of our competitors are capable of operating at significant losses for extended periods of time, enabling them to sell their products and services at a lower price. If we do not maintain competitive pricing, the demand for our products and/or services, as well as our market share, may decline, having an adverse effect on our business. From time to time, in responding to competitive pressures we lower the price of our products and services. When this happens, if we are unable to reduce our component costs or improve operating efficiencies, our margins could be adversely affected.
Other vendors may include products similar to ours in their hardware or software and render our products obsolete. In the future, vendors of hardware and of operating systems or other software may continue to enhance their products or bundle separate products to include functions that are currently provided primarily by enterprise gateway security software. If network security functions become standard features of computer hardware or of operating system software or other software, our products may become obsolete and unmarketable, particularly if the quality of these security features is comparable to that of our products. Furthermore, even if the enterprise gateway security and/or management functions provided as standard features
by hardware providers or operating systems or other software is more limited than that of our products, our customers might accept this limited functionality in lieu of purchasing additional software. Sales of our products would suffer materially if we were then unable to develop new enterprise gateway security and management products to further enhance operating systems or other software and to replace any obsolete products.
If an OEM customer reduces or delays purchases, our revenue may decline and/or our business could be adversely affected. We currently have formed relationships with several OEMs including Cisco, Blue Coat, McAfee, Computer Associates, F5 Networks, Inc. and Network Appliance. If we fail to sell to such OEMs in the quantities expected, or if any OEM terminates our relationship, this could adversely affect our reputation, the perception of our products and technology in the marketplace and the growth of our business, and your investment in our common stock may decline in value.
Technology in the enterprise gateway security market is changing rapidly, and if we fail to develop new products that are well accepted, our market share will erode. To compete successfully, we must enhance our existing products and develop and introduce new products in a timely manner. Our net sales and operating results could be materially affected if we fail to introduce new products on a timely basis. The rate of new enterprise gateway security product introductions is substantial and security products have relatively short product life cycles. Our customer requirements and preferences change rapidly. Our net sales and operating results will be materially affected if the market adopts, as industry standards, solutions other than those we employ.
Denial of our patent applications or invalidation or circumvention of our patents may weaken our ability to compete in the enterprise gateway security market. While we believe that our pending applications relate to patentable devices or concepts, there can be no assurances that any pending or future patent applications will be granted. There is also the risk that a current or future patent, regardless of whether we are an owner or a licensee of such patent, may be challenged, invalidated or circumvented. In addition, there are no assurances that the rights granted under a patent or under licensing agreements will provide competitive advantages to us.
If another party alleges that we infringe its patents or proprietary rights, we may incur substantial litigation costs . Other than a claim made by Finjan Software Ltd., we are not aware of any third party claims that we or our products have infringed a patent or other proprietary rights. However, the computer technology market is characterized by frequent and substantial intellectual property litigation. Intellectual property litigation is complex and expensive, and the outcome of such litigation is difficult to predict. In the event that a third party were to make a claim of infringement against us, we could be required to devote substantial resources and management time to the defense of such claim, which could have a material adverse effect on our business and results of operations.
Disclosure of our trade secrets or proprietary information may undermine our competitive advantages . There can be no assurances that the confidentiality agreements protecting our trade secrets and proprietary expertise will not be breached, that we will have adequate remedies for any breach, or that our trade secrets will not otherwise become known to or independently developed by competitors.
If the use of public switched networks such as the Internet does not continue to grow, our market and ability to sell our products and services may be limited. Our sales also depend upon a robust industry and infrastructure for providing access to public switched networks, such as the Internet. If the infrastructure or complementary products necessary to take these networks into viable commercial marketplaces are not developed or, if developed, these networks do not become and continue to be viable commercial marketplaces, our net sales and operating results could suffer.
Our reliance on third party manufacturers of hardware components and subassemblies that are used in our appliances and SafeWord token product lines could cause a delay in our ability to fill orders. We currently purchase the hardware components for our appliance and Safeword token product lines from several major suppliers. Delays in receiving components would harm our ability to deliver our products on a timely basis and net sales and operating results could suffer.
Our product lines are not diversified beyond providing enterprise gateway security solutions to our customers, and any drop in the demand for enterprise gateway security products would materially harm our business . Substantially all of our revenue comes from sales of enterprise gateway security products and related services. We expect this will continue for the foreseeable future. As a result, if for any reason our sales of these products and services are impeded, our net sales and operating results will be significantly reduced.
Our stock price is highly volatile, which may cause our investors to lose money and may impair our ability to raise money, if necessary. The price of our common stock, like that of many technology companies, has fluctuated widely. During 2006, our stock price ranged from a per share high of $15.29 to a low of $4.82. Fluctuation in our stock price may cause our investors to lose money and impair our ability to raise additional capital, if necessary. Factors that may affect stock price volatility include:
•
Unexpected fluctuations in operating results;
•
Our competitors or us announcing technological innovations or new products;
•
General economic conditions and weaknesses in geographic regions of the world;
•
Threat of terrorist attacks or acts of war in the U.S. or abroad;
•
Developments with respect to our patents or other proprietary rights or those of our competitors;
•
Our ability to successfully execute our business plan and compete in the enterprise gateway security industry;
•
Relatively low trading volume;
•
Product failures; and
•
Analyst reports and media stories. If our products fail to function properly or are not properly designed, our reputation may be harmed, and customers may make product liability and warranty claims against us . Our customers rely on our enterprise gateway security products to prevent unauthorized access to their networks and data transmissions. These customers include major financial institutions, defense-related government agencies protecting national security information, and other large organizations. These customers use our products to protect confidential business information with commercial value far in excess of our net worth. Therefore, if our products malfunction or are not properly designed, we could face warranty and other legal claims, which may exceed our ability to pay. We seek to reduce the risk of these losses by attempting to negotiate warranty disclaimers and liability limitation clauses in our sales agreements. However, these measures may ultimately prove ineffective in limiting our liability for damages.
In addition to any monetary liability for the failure of our products, an actual or perceived breach of network or data security at one of our customers could harm the market’s perception of our products and our business. The harm could occur regardless of whether that breach is attributable to our products.
We also face the more general risk of bugs and other errors in our software. Software products often contain undetected errors or bugs when first introduced or as new versions are released, and software products or media may contain undetected viruses. Errors or bugs may also be present in software that we license from third parties and incorporate into our products. Errors, bugs, or viruses in our products may result in loss of or delay in market acceptance, recalls of hardware products incorporating the software, or loss of data. Our net sales and operating results could be materially reduced if we experience delays or difficulties with new product introductions or product enhancements.
If we lose a significant customer, we will realize smaller profits. We derive a significant portion of our revenues from a limited number of customers. For example, our top five customers made up 10% of our sales in 2006. If we lose any of these customers or if our revenues from any of these customers are reduced, and we fail to replace the customer or fail to increase sales from other customers, we will incur smaller profits.
If we fail to collect amounts due from our customers on a timely basis, our cash flow and operating results may suffer . Because the timing of our revenues is difficult to predict and our expenses are often difficult to reduce in the short run, management of our cash flow is very important to us. Like most companies, we anticipate that a portion of the amounts owed to us will never be paid. However, if our actual collection of amounts owed to us is less than we have estimated, we will have less cash to fund our operations than we anticipated, and our financial condition and operating results could be adversely affected.
In addition, collection of amounts due us from sales to international customers generally takes longer than for other sales. Therefore, if our sales to international customers increase as a percentage of our total revenue, the average number of days it takes for us to collect amounts due from our customers may increase. If there is an increase in the time required for us to collect amounts due us, we will have less cash to fund our operations than we anticipated. This in turn could adversely affect our financial condition and operating results.
We have taken and may from time to time take various forms of action to manage the amounts due us from customers and grant customer discounts in exchange for earlier payment.
Quarterly net sales and operating results depend on the volume and timing of orders received, which may be affected by large individual transactions and which sometimes are difficult to predict . Our quarterly operating results may vary significantly depending on a number of other factors, including:
•
The timing of the introduction or enhancement of products by us or our competitors;
•
The size, timing, and shipment of individual orders;
•
Market acceptance of new products;
•
Changes in our operating expenses;
•
Personnel departures and new hires and the rate at which new personnel become productive;
•
Mix of products sold;
•
Changes in product pricing;
•
Development of our direct and indirect distribution channels;
•
Costs incurred when anticipated sales do not occur; and
•
General economic conditions. Sales of our products generally involve a significant commitment of capital by customers, with the attendant delays frequently associated with large capital expenditures. For these and other reasons, the sales cycle for our products is typically lengthy and subject to a number of significant risks over which we have little or no control. We are often required to ship products shortly after we receive orders, and consequently, order backlog, if any, at the beginning of any period has in the past represented only a small portion, if any, of that period’s expected revenue. As a result, our product sales in any period substantially depends on orders booked and shipped in that period. We typically plan our production and inventory levels based on internal forecasts of customer demand, which are highly unpredictable and can fluctuate substantially.
If customer demand falls below anticipated levels, it could seriously harm our operating results. In addition, our operating expenses are based on anticipated revenue levels, and a high percentage of our expenses are generally fixed in the short term. Based on these factors, a small fluctuation in the timing of sales can cause operating results to vary significantly from period to period.
The Internet may become subject to increased regulation by government agencies . Due to the increasing popularity and use of the Internet, it is possible that a number of laws and regulations may be adopted with respect to the Internet, covering issues such as user privacy, pricing and characteristics, and quality of products
and services. In addition, the adoption of laws or regulations may slow the growth of the Internet, which could in turn decrease the demand for our products and increase our cost of doing business or otherwise have an adverse effect on our business, operating results or financial condition.
Anti-takeover provisions in our charter documents, share rights agreement, and Delaware law could discourage a takeover or future financing . The terms of our certificate of incorporation and share rights agreement permit our Board of Directors to issue up to 2,000,000 shares of preferred stock and determine the price, rights, preferences, privileges, and restrictions, including voting rights, of those shares without any further vote or action by our stockholders.
The Board may authorize the issuance of additional preferred stock with voting or conversion rights that could materially weaken the voting power or other rights of the holders of our common stock. The issuance of preferred stock, while providing desirable flexibility in connection with possible acquisitions and other corporate purposes could make it more difficult for a third party to acquire a majority of our outstanding voting stock. Further, provisions of Delaware law, our certificate of incorporation and our bylaws, such as a classified board and limitations on the ability of stockholders to call special meetings, and provisions of our share rights agreement could delay or make more difficult a merger, tender offer, proxy contest, or other takeover attempts.
The ability to attract and retain highly qualified personnel to develop our products and manage our business is extremely important, and our failure to do so could harm our business. We believe our success depends to a large extent upon a number of key technical and management employees. We may be unable to achieve our sales and operating performance objectives unless we can attract and retain technically qualified and highly skilled engineers and sales, consulting, technical, financial, operations, marketing, and management personnel. These personnel are particularly important to our research and development efforts and, as such, we employ a large number of technical personnel holding advanced degrees and special professional certification. Competition for qualified personnel is intense, and we expect it to remain so for the foreseeable future. We may not be successful in retaining our existing key personnel and in attracting and retaining the personnel we require. Our operating results and our ability to successfully execute our business plan will be adversely affected if we fail to retain and increase our key employee population.
Our international operations subject us to risks related to doing business in foreign countries . International sales are a substantial portion of our business. Although all of our sales are payable in U.S. dollars as of December 31, 2006, several factors could make it difficult for customers from foreign countries to purchase our products and services or pay us for obligations already incurred. Such factors include:
•
Severe economic decline in one of our major foreign markets; and
•
Substantial decline in the exchange rate for foreign currencies with respect to the U.S. dollar. A decline in our international sales or collections of amounts due us from customers could materially affect our operations and financial conditions. For fiscal year 2006, 39% of our total revenue came from international sales compared to 38% in 2005. A very large drop in our sales or collections of amounts due us in these specific countries as a result of recession or other economic or political disturbances would likely harm our net sales and operating results.
In addition, we face a number of general risks inherent in doing business in international markets including, among others:
•
Unexpected changes in regulatory requirements;
•
Tariffs and other trade barriers;
•
Legal uncertainty regarding liability;
•
Threat of terrorist attacks or acts of war; •
Political instability;
•
Potentially greater difficulty in collecting amounts due us;
•
Longer periods of time to collect amounts due us; and
•
A higher rate of piracy of our products in countries with a high incidence of software piracy. ITEM 2. PROPERTIES
We are currently headquartered in 10,895 square feet of office space in San Jose, California. We have a facility in St. Paul, Minnesota with 107,344 square feet occupied by production, research and development, customer support and administration. We have a facility in Alpharetta, Georgia with a square footage of 75,288 that is occupied by research and development, customer support and sales. We have research facilities located in Concord, California and Deerfield Beach, Florida that occupy 17,240 and 30,148 square feet, respectively. We have foreign research facilities located in Woolongabong, Australia and Paderborn, Germany that occupy 9,529 square feet and 11,006 square feet, respectively. In support of our U.S. field sales organization, we also lease 8,198 square feet of office space in Reston, Virginia, and 10,102 in Seattle, Washington. We terminated our operations at the Seattle, Washington facility during the first quarter of 2007 but expect to sublease the facility in the future. We occupy these premises under leases expiring at various times through the year 2016. We also have foreign offices in London, England; Sydney, Australia; Munich, Germany; Paris, France; Singapore; Japan; Dubai; China and Hong Kong. We believe that our facilities are adequate for our current needs.
ITEM 3. LEGAL PROCEEDINGS
On June 5, 2006, Finjan Software, Ltd. filed a complaint entitled Finjan Software, Ltd. v. Secure Computing Corporation in the United States District Court for the District of Delaware against Secure Computing Corporation, CyberGuard Corporation, and Webwasher AG. The complaint alleges that Secure Computing and its named subsidiaries infringe U.S. Patent No. 6,092,194 (“‘194 Patent”) based on the manufacture, use, and sale of the Webwasher Secure Content Management suite. Secure Computing denies infringing any valid claims of the ‘194 Patent. The answer to the complaint was filed on July 26, 2006. Discovery is proceeding.
On January 19, 2007, Rosenbaum Capital, LLC filed a putative securities class action complaint in the United States District Court for the Northern District of California against us and certain directors and officers of the company. The alleged plaintiff class includes persons who acquired our stock between May 4, 2006 through July 11, 2006. The complaint alleges generally that defendants made false and misleading statements about our business condition and prospects for the fiscal quarter ended June 30, 2006, in violation of Section 10(b) and 20(a) of the Securities Exchange Act of 1934 and SEC Rule 10b-5. The complaint seeks unspecified monetary damages. While there can be no assurance as to the outcome of this or any other litigation we believe there are meritorious legal and factual defenses to this action and we intend to defend ourselves vigorously.
ITEM 4. SUBMISSION OF MATTERS TO A VOTE OF SECURITY HOLDERS
No matters were submitted to a vote of the stockholders during the three months ended December 31, 2006.
PART II
ITEM 5. MARKET FOR REGISTRANT’S COMMON EQUITY, RELATED STOCKHOLDER MATTERS AND ISSUER PURCHASES OF EQUITY SECURITIES
Market Information
Our common stock is listed on the NASDAQ national market under ticker symbol: SCUR. As of March 12, 2007, there were approximately 3,900 registered holders. The number of registered holders represents the number of shareholders of record plus the number of individual participants in security position listings. We believe, however, that many beneficial holders of our common stock have registered their shares in nominee or street name and that there are approximately 14,000 beneficial owners. The low and high sale price of our common stock during the last eight quarters is as follows:
| 2006 |
2005 | |||||||
| Quarter |
High |
Low |
High |
Low | ||||
| First |
15.29 | 11.08 | 10.75 | 7.38 | ||||
| Second |
11.85 | 7.65 | 11.83 | 8.01 | ||||
| Third |
8.68 | 4.82 | 12.91 | 10.32 | ||||
| Fourth |
7.27 | 6.15 | 14.70 | 10.74 |
We have not paid any dividends on our common stock during the periods set forth above. It is presently the policy of the Board of Directors to retain earnings for use in expanding and developing our business. Accordingly, we do not anticipate paying dividends on the common stock in the foreseeable future.
Sale of Unregistered Securities
On August 17, 2005, we entered into a Securities Purchase Agreement with Warburg Pincus IX, L.P., as amended December 9, 2005. Pursuant to the terms of the Securities Agreement, we agreed to issue to Warburg Pincus 700,000 shares of Series A Preferred Stock and a warrant to purchase 1,000,000 shares of our common stock in exchange for $70 million, subject to stockholder approval, among other conditions. The shares of Series A Preferred Stock are convertible at $12.75 a share, and include a 5% accretive dividend. The warrant is exercisable at a price of $13.85 per share. On January 11, 2006, our stockholders approved the issuance of shares of Series A Preferred Stock and a warrant to purchase shares of our common stock to Warburg Pincus, and we issued the shares of Series A Preferred Stock and the warrant on January 12, 2006. The issuance was deemed to be exempt from registration under the Securities Act of 1933 in reliance upon Section 4(2) thereof as transactions by an issuer not involving any public offering. We filed a Registration Statement on Form S-3 which registered the shares of common stock issuable upon conversion of the Series A Preferred Stock and the common stock issuable upon exercise of the warrant for resale.
On August 31, 2006, we acquired 100% of the outstanding common shares of CipherTrust, Inc., a privately-held company. The aggregate purchase price was $270.1 million consisting primarily of $188.1 million in cash, the issuance of 10.0 million shares of common stock valued at $68.1 million, the conversion of outstanding CipherTrust stock options into options to purchase 2.5 million shares of our common stock with a fair value of $7.8 million, and direct costs of the acquisition of $6.1 million. The issuance of 10.0 million shares of common stock was exempt from registration pursuant to Section 4(2) of the Securities Act of 1933, as amended, and pursuant to Rule 506 of Regulation D of the Securities Act.
Performance Evaluation
The graph below compares total cumulative stockholders’ return on the common stock for the period from the close of the NASDAQ Stock Market—U.S. Companies on December 31, 2001 to December 31, 2006, with the total cumulative return on the Computer Index for the NASDAQ Stock Market—U.S. Companies (the “Computer Index”) and the Composite Index for the NASDAQ Stock Market (the “Composite Index”) over the same period. The index level for the graph and table was set to 100 on December 31, 2001 for the common stock, the Computer Index and the Composite Index and assumes the reinvestment of all dividends.
ITEM 6. SELECTED FINANCIAL DATA
The consolidated statement of operations data set forth below for the fiscal years ended December 31, 2006, 2005 and 2004, and the consolidated balance sheet data at December 31, 2006 and 2005, are derived from the audited consolidated financial statements included elsewhere in this Form 10-K. The consolidated statement of operations data set forth below for the fiscal years ended December 31, 2003 and 2002 and the consolidated balance sheet data at December 31, 2004, 2003 and 2002, are derived from audited consolidated financial statements which are not included in this Form 10-K. You should read the data set forth below in conjunction with the financial statements and notes thereto and “Management’s Discussion and Analysis of Financial Condition and Results of Operations” included elsewhere in this Form 10-K.
| Year Ended December 31, |
||||||||||||||||||
| (Table in thousands, except per share amounts) | ||||||||||||||||||
| 2006 |
2005 |
2004 |
2003 |
2002 |
||||||||||||||
| STATEMENT OF OPERATIONS DATA: |
||||||||||||||||||
| Revenue |
$ | 176,697 | $ | 109,175 | $ | 93,378 | $ | 76,213 | $ | 61,960 | ||||||||
| Gross profit |
127,539 | 87,126 | 75,991 | 63,578 | 51,654 | |||||||||||||
| Net (loss) income from continuing operations |
(27,398 | ) | 21,374 | 12,835 | 9,290 | (5,166 | ) | |||||||||||
| Net loss from discontinued operations/disposal of AT division |
— | — | — | (1,034 | ) | (1,310 | ) | |||||||||||
| Net (loss) income |
(27,398 | ) | 21,374 | 12,835 | 8,256 | (6,476 | ) | |||||||||||
| Net (loss) income applicable to common shareholders |
(43,551 | ) | 21,374 | 12,835 | 8,256 | (6,476 | ) | |||||||||||
| Basic (loss) income per share: |
||||||||||||||||||
| Continuing operations |
(0.76 | ) | 0.59 | 0.36 | 0.29 | (0.18 | ) | |||||||||||
| Discontinued operations |
— | — | — | (0.03 | ) | (0.04 | ) | |||||||||||
| Basic (loss) income per share |
$ | (0.76 | ) | $ | 0.59 | $ | 0.36 | $ | 0.26 | $ | (0.22 | ) | ||||||
| Diluted (loss) income per share: |
||||||||||||||||||
| Continuing operations |
(0.76 | ) | 0.57 | 0.34 | 0.28 | (0.18 | ) | |||||||||||
| Discontinued operations |
— | — | — | (0.03 | ) | (0.04 | ) | |||||||||||
| Diluted (loss) income per share |
$ | (0.76 | ) | $ | 0.57 | $ | 0.34 | $ | 0.25 | $ | (0.22 | ) | ||||||
| BALANCE SHEET DATA: |
||||||||||||||||||
| Total assets (1) |
724,128 | 171,763 | 130,914 | 108,475 | 60,943 | |||||||||||||
| Debt, net of fees |
85,023 | — | — | — | — | |||||||||||||
| Convertible preferred stock |
65,558 | — | — | — | — | |||||||||||||
| Stockholders’ equity |
409,741 | 121,883 | 91,826 | 72,014 | 29,663 |
ITEM 7. MANAGEMENT’S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS
Information Regarding Forward-Looking Statements
The following discussion contains forward-looking statements, including statements regarding our expectations, beliefs, intentions, or strategies regarding the future. These statements are not guarantees of future performance and are subject to risks, uncertainties, and other factors, some of which are beyond our control and difficult to predict and could cause actual results to differ materially from those expressed or forecasted in the forward-looking statements. The risks and uncertainties are summarized in Item 1A above and in the other documents we file with the SEC. These forward-looking statements reflect our view only as of the date of this report. We cannot guarantee future results, levels of activity, performance, or achievement. We do not undertake any obligation to update or correct any forward-looking statements.
Executive Overview
We are a leading provider of enterprise gateway security solutions. Our best-of-breed portfolio of solutions provides Web Gateway, Messaging Gateway, and Network Gateway security, as well as Identity and Access Management that are further differentiated by the proactive protection provided by TrustedSource (global intelligence).
Our specialized solutions are designed to meet customers’ needs to balance security and accessibility, and to help them create trusted environments both inside and outside their organizations. Each of our products provides a complete solution in and of itself, and they also integrate with each other for a more comprehensive, unified, and centrally managed solution. We have developed a vision for comprehensive security on the enterprise gateway that embodies the following core design principles: appliance-based delivery; application and content awareness; centralized policy, management and reporting; bi-directional protection; proactive protection; user management and education; performance; and resiliency.
In 2005 we embarked on a strategy to significantly increase our presence in the industry and to define and become the leader in the enterprise gateway security market. We believe that our acquisitions of CyberGuard and CipherTrust in 2006 have laid a strong foundation for our future success.
Through the CipherTrust acquisition in 2006, we acquired TrustedSource technology and entered the Messaging Gateway security market. We believe TrustedSource technology is the most precise and comprehensive Internet host reputation system in the world, and we are rolling this system into many of our product lines as a key cornerstone of Global Intelligence security. Recognizing that messaging is now a primary business application in most enterprises, we have implemented a strategy to comprehensively address both inbound and outbound threats and to help our customers insure compliance with federally mandated requirements for the protection of sensitive data. Our Messaging Gateway Security products include IronMail, IronIM, RADAR, and Secure Computing Edge.
Also in 2006, we added the Webwasher Web Gateway security product to our Web Security Gateway product line through the CyberGuard acquisition. Web Gateway Security appliances protect enterprises from malware, data leakage, and Internet misuse, while helping to ensure policy enforcement, regulatory compliance, and a productive application environment.
This year we continued to differentiate our UTM appliance from the competition with demonstrable zero-hour attack protections on high profile Internet attacks (such as the Sendmail vulnerability in March and Microsoft Windows MetaFile “WMF” attack in January). We also announced plans to merge our newly-acquired CyberGuard Firewall/VPN technologies (TSP and Classic) with our Sidewinder G2 Security Appliance in our next generation UTM appliance that has come to market in the first quarter of 2007. The CyberGuard acquisition also brought to us a new paradigm in enterprise central management with the Command Center which we will continue to leverage going forward. We believe Command Center’s ability to do administration, configuration, monitoring, and management of software updates for a global appliance deployment coupled with our Security Reporter product’s central reporting, and full out-of-the box compliance reports, continue to ensure that both medium and large customers see our network gateway appliances as the product of choice.
Early in 2006 we broadened our presence in the authentication market into the IAM space by introducing our SafeWord SecureWire appliance. SafeWord SecureWire is a new, robust technology that functions as the access, authentication, and compliance hub for the entire network. By providing secure access management inside and outside the virtual perimeter, and by consolidating all policies on a single device, SecureWire helps enable our customers to achieve configuration compliance because only properly configured devices are allowed to access their networks.
Our Network Gateway Security revenue represented 53% of total revenue and an 87% or $43.3 million increase over the prior year. The acquired CyberGuard TSP and Classic product lines contributed $44.7 million.
Our Web Gateway Security revenue represented 26% of total revenue and a 46% or $14.6 million increase over the prior year. The acquired Webwasher product line contributed $18.4 million. This increase was slightly offset by a $3.5 million decline in sales of our Bess and Sentian product lines when these products were discontinued in 2006. Our Identity and Access Management revenue represented 17% of total revenue, which is a 9% increase over the prior year. This increase was driven by sustained demand for high assurance solutions. Messaging Gateway Security revenue, added through the sales of the acquired CipherTrust product line, represented 4% of total revenue for the full year 2006. Because we are unable to establish vendor specific objective evidence (VSOE) of fair value on the CipherTrust product line revenues, the majority of the revenue from those product lines has been deferred and will be recognized as revenue over the term of the undelivered elements.
Our customers operate some of the largest and most sensitive networks and applications in the world. Our partners and customers include the majority of the Dow Jones Global 50 Titans and numerous organizations in the Fortune 1000, as well as banking, financial services, healthcare, telecommunications, manufacturing, public utilities, schools and federal, state and local governments. We also have close relationships with the largest agencies in the U.S. government.
International sales accounted for 39% of total revenue during 2006. Major foreign markets for our products include Europe, Japan, China, the Pacific Rim and Latin America. In each market, we have independent channel partners responsible for marketing, selling and supporting our products to resellers and end users. In 2006, our market presence continued to expand through our extensive worldwide network of value-added resellers, distributors, and OEM partners. These partners generated 81% of our sales in 2006.
Each of our individual products competes with a different group of competitors and products. In this highly competitive market, characterized by rapid technological change, our customers’ purchasing decisions are based heavily upon the quality of the security our products provide, the ease of installation and management, and the scalability and flexibility of our software.
Specific challenges and risks that our product lines face include, but are not limited to: responding to competitor pricing policies and competitive features; rapid technological change in the network security market; and risk of bugs and other errors in our software.
On January 11, 2006, we completed our acquisition of CyberGuard Corporation, a leading provider of network security solutions designed to protect enterprises that use the Internet for electronic commerce and secure communication, in a stock and cash transaction valued at $310.7 million. This acquisition strengthened our position as one of the market leaders in Network Gateway Security appliances, and strengthened our position in the Web Gateway Security space. CyberGuard was a logical fit for Secure Computing, enhancing our strategic vision and better positioning us in two rapidly growing segments of the security industry. Along with an expanded customer and partner base, this merger provided us with important competitive advantages in the Network and Web Gateway Security markets.
On January 12, 2006, we received from Warburg Pincus Private Equity IX, L.P., a global private equity fund, $70.0 million in proceeds from the issuance of 700,000 of Series A Convertible Preferred Stock (the preferred stock), a warrant to acquire 1.0 million shares of our common stock that vested on that date and an election of a member to our Board of Directors. Based on a quoted market price as of January 12, 2006 and the fair value of the warrant as determined using the Black-Scholes model, we valued the preferred stock at $62.0 million and the warrant at $8.0 million. The proceeds from this transaction were used to finance most of the cash portion of the CyberGuard acquisition. On August 31, 2006, the conversion price for the preferred stock was adjusted from the original price of $13.51 to $12.75 per share and the exercise price for the warrant was adjusted from the original price of $14.74 to $13.85 per share in accordance with an anti-dilution provision triggered by the CipherTrust acquisition.
On August 31, 2006, we acquired 100% of the outstanding common shares of CipherTrust, Inc., a privately-held company. The CipherTrust products provide innovative layered security solutions to stop inbound
messaging threats such as spam, viruses, intrusions and phishing, and protect against outbound policy and compliance violations associated with sensitive data leakage. The acquired products from CipherTrust include IronMail, powered by TrustedSource, IronIM, IronMail Edge, IronNet, and RADAR. As a result of the acquisition we expect to establish ourselves as a leader in the Messaging Gateway Security market. In addition to protecting corporate network infrastructures, our combined solutions will address the fast-growing Web and Messaging Gateway security needs.
On August 31, 2006, we entered into a senior secured credit facility with a syndicate of banks led by Citigrou