ftnt-20230630
0001262039false2023Q212/312.55P1YP2YP3YP1YP2YP3Y45600012620392023-01-012023-06-3000012620392023-08-04xbrli:shares00012620392023-06-30iso4217:USD00012620392022-12-31iso4217:USDxbrli:shares0001262039us-gaap:ProductMember2023-04-012023-06-300001262039us-gaap:ProductMember2022-04-012022-06-300001262039us-gaap:ProductMember2023-01-012023-06-300001262039us-gaap:ProductMember2022-01-012022-06-300001262039us-gaap:ServiceMember2023-04-012023-06-300001262039us-gaap:ServiceMember2022-04-012022-06-300001262039us-gaap:ServiceMember2023-01-012023-06-300001262039us-gaap:ServiceMember2022-01-012022-06-3000012620392023-04-012023-06-3000012620392022-04-012022-06-3000012620392022-01-012022-06-300001262039us-gaap:CommonStockMember2023-03-310001262039us-gaap:AdditionalPaidInCapitalMember2023-03-310001262039us-gaap:AccumulatedOtherComprehensiveIncomeMember2023-03-310001262039us-gaap:RetainedEarningsMember2023-03-310001262039us-gaap:NoncontrollingInterestMember2023-03-3100012620392023-03-310001262039us-gaap:CommonStockMember2023-04-012023-06-300001262039us-gaap:AdditionalPaidInCapitalMember2023-04-012023-06-300001262039us-gaap:AccumulatedOtherComprehensiveIncomeMember2023-04-012023-06-300001262039us-gaap:NoncontrollingInterestMember2023-04-012023-06-300001262039us-gaap:RetainedEarningsMember2023-04-012023-06-300001262039us-gaap:CommonStockMember2023-06-300001262039us-gaap:AdditionalPaidInCapitalMember2023-06-300001262039us-gaap:AccumulatedOtherComprehensiveIncomeMember2023-06-300001262039us-gaap:RetainedEarningsMember2023-06-300001262039us-gaap:NoncontrollingInterestMember2023-06-300001262039us-gaap:CommonStockMember2022-03-310001262039us-gaap:AdditionalPaidInCapitalMember2022-03-310001262039us-gaap:AccumulatedOtherComprehensiveIncomeMember2022-03-310001262039us-gaap:RetainedEarningsMember2022-03-310001262039us-gaap:NoncontrollingInterestMember2022-03-3100012620392022-03-310001262039us-gaap:CommonStockMember2022-04-012022-06-300001262039us-gaap:AdditionalPaidInCapitalMember2022-04-012022-06-300001262039us-gaap:RetainedEarningsMember2022-04-012022-06-300001262039us-gaap:AccumulatedOtherComprehensiveIncomeMember2022-04-012022-06-300001262039us-gaap:NoncontrollingInterestMember2022-04-012022-06-300001262039us-gaap:CommonStockMember2022-06-300001262039us-gaap:AdditionalPaidInCapitalMember2022-06-300001262039us-gaap:AccumulatedOtherComprehensiveIncomeMember2022-06-300001262039us-gaap:RetainedEarningsMember2022-06-300001262039us-gaap:NoncontrollingInterestMember2022-06-3000012620392022-06-300001262039us-gaap:CommonStockMember2022-12-310001262039us-gaap:AdditionalPaidInCapitalMember2022-12-310001262039us-gaap:AccumulatedOtherComprehensiveIncomeMember2022-12-310001262039us-gaap:RetainedEarningsMember2022-12-310001262039us-gaap:NoncontrollingInterestMember2022-12-310001262039us-gaap:CommonStockMember2023-01-012023-06-300001262039us-gaap:AdditionalPaidInCapitalMember2023-01-012023-06-300001262039us-gaap:AccumulatedOtherComprehensiveIncomeMember2023-01-012023-06-300001262039us-gaap:NoncontrollingInterestMember2023-01-012023-06-300001262039us-gaap:RetainedEarningsMember2023-01-012023-06-300001262039us-gaap:CommonStockMember2021-12-310001262039us-gaap:AdditionalPaidInCapitalMember2021-12-310001262039us-gaap:AccumulatedOtherComprehensiveIncomeMember2021-12-310001262039us-gaap:RetainedEarningsMember2021-12-310001262039us-gaap:NoncontrollingInterestMember2021-12-3100012620392021-12-310001262039us-gaap:CommonStockMember2022-01-012022-06-300001262039us-gaap:AdditionalPaidInCapitalMember2022-01-012022-06-300001262039us-gaap:RetainedEarningsMember2022-01-012022-06-300001262039us-gaap:AccumulatedOtherComprehensiveIncomeMember2022-01-012022-06-300001262039us-gaap:NoncontrollingInterestMember2022-01-012022-06-300001262039ftnt:SecuritySubscriptionMember2023-04-012023-06-300001262039ftnt:SecuritySubscriptionMember2022-04-012022-06-300001262039ftnt:SecuritySubscriptionMember2023-01-012023-06-300001262039ftnt:SecuritySubscriptionMember2022-01-012022-06-300001262039ftnt:TechnicalSupportandOtherMember2023-04-012023-06-300001262039ftnt:TechnicalSupportandOtherMember2022-04-012022-06-300001262039ftnt:TechnicalSupportandOtherMember2023-01-012023-06-300001262039ftnt:TechnicalSupportandOtherMember2022-01-012022-06-3000012620392023-07-012023-06-3000012620392024-07-012023-06-300001262039us-gaap:USTreasuryAndGovernmentMember2023-06-300001262039us-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMember2023-06-300001262039us-gaap:CorporateDebtSecuritiesMember2023-06-300001262039ftnt:CertificatesofDepositandTermDepositsMember2023-06-300001262039us-gaap:MunicipalBondsMember2023-06-300001262039us-gaap:USTreasuryAndGovernmentMember2022-12-310001262039us-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMember2022-12-310001262039us-gaap:CorporateDebtSecuritiesMember2022-12-310001262039ftnt:CertificatesofDepositandTermDepositsMember2022-12-310001262039us-gaap:MunicipalBondsMember2022-12-310001262039ftnt:EquitySecuritiesLineItemMemberus-gaap:CarryingReportedAmountFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039ftnt:EquitySecuritiesLineItemMemberus-gaap:CarryingReportedAmountFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:USTreasuryAndGovernmentMember2023-06-300001262039us-gaap:FairValueInputsLevel1Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:USTreasuryAndGovernmentMember2023-06-300001262039us-gaap:FairValueInputsLevel2Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:USTreasuryAndGovernmentMember2023-06-300001262039us-gaap:FairValueInputsLevel3Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:USTreasuryAndGovernmentMember2023-06-300001262039us-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:USTreasuryAndGovernmentMember2022-12-310001262039us-gaap:FairValueInputsLevel1Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:USTreasuryAndGovernmentMember2022-12-310001262039us-gaap:FairValueInputsLevel2Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:USTreasuryAndGovernmentMember2022-12-310001262039us-gaap:FairValueInputsLevel3Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberus-gaap:USTreasuryAndGovernmentMember2022-12-310001262039us-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:FairValueInputsLevel1Memberus-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:FairValueInputsLevel2Memberus-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:FairValueInputsLevel3Memberus-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:FairValueInputsLevel1Memberus-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:FairValueInputsLevel2Memberus-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:FairValueInputsLevel3Memberus-gaap:CommercialPaperNotIncludedWithCashAndCashEquivalentsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:CorporateDebtSecuritiesMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueInputsLevel1Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueInputsLevel2Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:FairValueInputsLevel3Memberus-gaap:CorporateDebtSecuritiesMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:CorporateDebtSecuritiesMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueInputsLevel1Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:CorporateDebtSecuritiesMemberus-gaap:FairValueInputsLevel2Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:FairValueInputsLevel3Memberus-gaap:CorporateDebtSecuritiesMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:CertificatesofDepositandTermDepositsMember2023-06-300001262039us-gaap:FairValueInputsLevel1Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:CertificatesofDepositandTermDepositsMember2023-06-300001262039us-gaap:FairValueInputsLevel2Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:CertificatesofDepositandTermDepositsMember2023-06-300001262039us-gaap:FairValueInputsLevel3Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:CertificatesofDepositandTermDepositsMember2023-06-300001262039us-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:CertificatesofDepositandTermDepositsMember2022-12-310001262039us-gaap:FairValueInputsLevel1Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:CertificatesofDepositandTermDepositsMember2022-12-310001262039us-gaap:FairValueInputsLevel2Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:CertificatesofDepositandTermDepositsMember2022-12-310001262039us-gaap:FairValueInputsLevel3Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:CertificatesofDepositandTermDepositsMember2022-12-310001262039us-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:MoneyMarketFundsExcludingCommercialPaperMember2023-06-300001262039us-gaap:FairValueInputsLevel1Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:MoneyMarketFundsExcludingCommercialPaperMember2023-06-300001262039us-gaap:FairValueInputsLevel2Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:MoneyMarketFundsExcludingCommercialPaperMember2023-06-300001262039us-gaap:FairValueInputsLevel3Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:MoneyMarketFundsExcludingCommercialPaperMember2023-06-300001262039us-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:MoneyMarketFundsExcludingCommercialPaperMember2022-12-310001262039us-gaap:FairValueInputsLevel1Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:MoneyMarketFundsExcludingCommercialPaperMember2022-12-310001262039us-gaap:FairValueInputsLevel2Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:MoneyMarketFundsExcludingCommercialPaperMember2022-12-310001262039us-gaap:FairValueInputsLevel3Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:MoneyMarketFundsExcludingCommercialPaperMember2022-12-310001262039us-gaap:MunicipalBondsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:FairValueInputsLevel1Memberus-gaap:MunicipalBondsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:FairValueInputsLevel2Memberus-gaap:MunicipalBondsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:FairValueInputsLevel3Memberus-gaap:MunicipalBondsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:MunicipalBondsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:FairValueInputsLevel1Memberus-gaap:MunicipalBondsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:FairValueInputsLevel2Memberus-gaap:MunicipalBondsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:FairValueInputsLevel3Memberus-gaap:MunicipalBondsMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:EquitySecuritiesMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:FairValueInputsLevel1Memberus-gaap:EquitySecuritiesMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:FairValueInputsLevel2Memberus-gaap:EquitySecuritiesMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:FairValueInputsLevel3Memberus-gaap:EquitySecuritiesMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:EquitySecuritiesMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:FairValueInputsLevel1Memberus-gaap:EquitySecuritiesMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:FairValueInputsLevel2Memberus-gaap:EquitySecuritiesMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:FairValueInputsLevel3Memberus-gaap:EquitySecuritiesMemberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:FairValueInputsLevel1Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:FairValueInputsLevel2Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:FairValueInputsLevel3Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:FairValueInputsLevel1Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:FairValueInputsLevel2Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:FairValueInputsLevel3Memberus-gaap:EstimateOfFairValueFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:CarryingReportedAmountFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:CashEquivalentsLineItemMember2023-06-300001262039us-gaap:CarryingReportedAmountFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:CashEquivalentsLineItemMember2022-12-310001262039us-gaap:CarryingReportedAmountFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:ShortTermInvestmentsLineItemMember2023-06-300001262039us-gaap:CarryingReportedAmountFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:ShortTermInvestmentsLineItemMember2022-12-310001262039us-gaap:CarryingReportedAmountFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:LongTermInvestmentsLineItemMember2023-06-300001262039us-gaap:CarryingReportedAmountFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMemberftnt:LongTermInvestmentsLineItemMember2022-12-310001262039us-gaap:CarryingReportedAmountFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2023-06-300001262039us-gaap:CarryingReportedAmountFairValueDisclosureMemberus-gaap:FairValueMeasurementsRecurringMember2022-12-310001262039us-gaap:LandMember2023-06-300001262039us-gaap:LandMember2022-12-310001262039us-gaap:BuildingAndBuildingImprovementsMember2023-06-300001262039us-gaap:BuildingAndBuildingImprovementsMember2022-12-310001262039us-gaap:ComputerEquipmentMember2023-06-300001262039us-gaap:ComputerEquipmentMember2022-12-310001262039us-gaap:LeaseholdsAndLeaseholdImprovementsMember2023-06-300001262039us-gaap:LeaseholdsAndLeaseholdImprovementsMember2022-12-310001262039ftnt:EvaluationUnitsMember2023-06-300001262039ftnt:EvaluationUnitsMember2022-12-310001262039us-gaap:FurnitureAndFixturesMember2023-06-300001262039us-gaap:FurnitureAndFixturesMember2022-12-310001262039us-gaap:ConstructionInProgressMember2023-06-300001262039us-gaap:ConstructionInProgressMember2022-12-310001262039ftnt:SpainAndUSMember2023-04-012023-06-300001262039ftnt:SpainAndUSMemberus-gaap:LandMember2023-06-300001262039ftnt:SpainAndUSMemberus-gaap:BuildingAndBuildingImprovementsMember2023-06-300001262039ftnt:LinksysMember2021-01-012021-12-310001262039ftnt:LinksysMember2021-12-31xbrli:pure0001262039ftnt:LinksysMember2022-10-012022-12-310001262039ftnt:AlaxaIANetworksCorporationMember2021-08-310001262039ftnt:AlaxaIANetworksCorporationMember2021-08-312021-08-310001262039ftnt:AlaxaIANetworksCorporationMember2022-10-030001262039ftnt:AlaxaIANetworksCorporationMember2022-10-032022-10-030001262039us-gaap:DevelopedTechnologyRightsMember2023-01-012023-06-300001262039us-gaap:DevelopedTechnologyRightsMember2023-06-300001262039us-gaap:CustomerRelationshipsMember2023-01-012023-06-300001262039us-gaap:CustomerRelationshipsMember2023-06-300001262039us-gaap:TradeNamesMember2023-01-012023-06-300001262039us-gaap:TradeNamesMember2023-06-300001262039ftnt:BacklogMember2023-01-012023-06-300001262039ftnt:BacklogMember2023-06-300001262039us-gaap:DevelopedTechnologyRightsMember2022-01-012022-12-310001262039us-gaap:DevelopedTechnologyRightsMember2022-12-310001262039us-gaap:CustomerRelationshipsMember2022-01-012022-12-310001262039us-gaap:CustomerRelationshipsMember2022-12-310001262039us-gaap:TradeNamesMember2022-01-012022-12-310001262039us-gaap:TradeNamesMember2022-12-310001262039ftnt:BacklogMember2022-01-012022-12-310001262039ftnt:BacklogMember2022-12-310001262039us-gaap:RestrictedStockUnitsRSUMember2023-04-012023-06-300001262039us-gaap:RestrictedStockUnitsRSUMember2022-04-012022-06-300001262039us-gaap:RestrictedStockUnitsRSUMember2023-01-012023-06-300001262039us-gaap:RestrictedStockUnitsRSUMember2022-01-012022-06-300001262039us-gaap:EmployeeStockOptionMember2023-04-012023-06-300001262039us-gaap:EmployeeStockOptionMember2022-04-012022-06-300001262039us-gaap:EmployeeStockOptionMember2023-01-012023-06-300001262039us-gaap:EmployeeStockOptionMember2022-01-012022-06-300001262039us-gaap:PerformanceSharesMember2023-04-012023-06-300001262039us-gaap:PerformanceSharesMember2022-04-012022-06-300001262039us-gaap:PerformanceSharesMember2023-01-012023-06-300001262039us-gaap:PerformanceSharesMember2022-01-012022-06-300001262039us-gaap:StockCompensationPlanMemberus-gaap:RestrictedStockUnitsRSUMember2023-04-012023-06-300001262039us-gaap:StockCompensationPlanMemberus-gaap:RestrictedStockUnitsRSUMember2022-04-012022-06-300001262039us-gaap:StockCompensationPlanMemberus-gaap:RestrictedStockUnitsRSUMember2023-01-012023-06-300001262039us-gaap:StockCompensationPlanMemberus-gaap:RestrictedStockUnitsRSUMember2022-01-012022-06-300001262039us-gaap:EmployeeStockOptionMemberus-gaap:StockCompensationPlanMember2023-04-012023-06-300001262039us-gaap:EmployeeStockOptionMemberus-gaap:StockCompensationPlanMember2022-04-012022-06-300001262039us-gaap:EmployeeStockOptionMemberus-gaap:StockCompensationPlanMember2023-01-012023-06-300001262039us-gaap:EmployeeStockOptionMemberus-gaap:StockCompensationPlanMember2022-01-012022-06-300001262039us-gaap:SeniorNotesMember2021-03-050001262039us-gaap:SeniorNotesMemberftnt:A2026SeniorNotesMember2021-03-050001262039us-gaap:SeniorNotesMemberftnt:A2031SeniorNotesMember2021-03-050001262039us-gaap:SeniorNotesMemberftnt:A2026SeniorNotesMember2023-06-300001262039us-gaap:SeniorNotesMemberftnt:A2026SeniorNotesMember2022-12-310001262039us-gaap:SeniorNotesMemberftnt:A2031SeniorNotesMember2023-06-300001262039us-gaap:SeniorNotesMemberftnt:A2031SeniorNotesMember2022-12-310001262039us-gaap:SeniorNotesMember2022-12-310001262039us-gaap:SeniorNotesMember2023-06-300001262039us-gaap:SeniorNotesMember2023-04-012023-06-300001262039us-gaap:SeniorNotesMember2022-04-012022-06-300001262039us-gaap:SeniorNotesMember2022-01-012022-06-300001262039us-gaap:SeniorNotesMember2023-01-012023-06-300001262039us-gaap:FairValueInputsLevel2Memberus-gaap:SeniorNotesMember2023-06-300001262039us-gaap:StockCompensationPlanMember2023-06-300001262039us-gaap:RestrictedStockUnitsRSUMember2022-12-310001262039us-gaap:RestrictedStockUnitsRSUMember2023-06-300001262039us-gaap:EmployeeStockOptionMember2022-12-310001262039us-gaap:EmployeeStockOptionMember2022-01-012022-12-310001262039us-gaap:EmployeeStockOptionMember2023-06-300001262039us-gaap:PerformanceSharesMembersrt:MinimumMember2023-06-300001262039us-gaap:PerformanceSharesMembersrt:MaximumMember2023-06-300001262039us-gaap:PerformanceSharesMemberus-gaap:ShareBasedCompensationAwardTrancheOneMember2023-01-012023-06-300001262039us-gaap:PerformanceSharesMemberus-gaap:ShareBasedCompensationAwardTrancheTwoMember2023-01-012023-06-300001262039us-gaap:ShareBasedCompensationAwardTrancheThreeMemberus-gaap:PerformanceSharesMember2023-01-012023-06-300001262039us-gaap:PerformanceSharesMemberftnt:ShareBasedPaymentArrangementTrancheFourMember2023-01-012023-06-300001262039us-gaap:PerformanceSharesMember2023-01-012023-03-310001262039us-gaap:PerformanceSharesMember2023-06-300001262039ftnt:CostOfGoodsSoldMember2023-04-012023-06-300001262039ftnt:CostOfGoodsSoldMember2022-04-012022-06-300001262039ftnt:CostOfGoodsSoldMember2023-01-012023-06-300001262039ftnt:CostOfGoodsSoldMember2022-01-012022-06-300001262039ftnt:CostOfServicesMember2023-04-012023-06-300001262039ftnt:CostOfServicesMember2022-04-012022-06-300001262039ftnt:CostOfServicesMember2023-01-012023-06-300001262039ftnt:CostOfServicesMember2022-01-012022-06-300001262039us-gaap:ResearchAndDevelopmentExpenseMember2023-04-012023-06-300001262039us-gaap:ResearchAndDevelopmentExpenseMember2022-04-012022-06-300001262039us-gaap:ResearchAndDevelopmentExpenseMember2023-01-012023-06-300001262039us-gaap:ResearchAndDevelopmentExpenseMember2022-01-012022-06-300001262039us-gaap:SellingAndMarketingExpenseMember2023-04-012023-06-300001262039us-gaap:SellingAndMarketingExpenseMember2022-04-012022-06-300001262039us-gaap:SellingAndMarketingExpenseMember2023-01-012023-06-300001262039us-gaap:SellingAndMarketingExpenseMember2022-01-012022-06-300001262039us-gaap:GeneralAndAdministrativeExpenseMember2023-04-012023-06-300001262039us-gaap:GeneralAndAdministrativeExpenseMember2022-04-012022-06-300001262039us-gaap:GeneralAndAdministrativeExpenseMember2023-01-012023-06-300001262039us-gaap:GeneralAndAdministrativeExpenseMember2022-01-012022-06-300001262039ftnt:ShareRepurchaseProgramMember2023-04-012023-04-300001262039ftnt:ShareRepurchaseProgramMember2023-04-300001262039us-gaap:SubsequentEventMemberftnt:ShareRepurchaseProgramMember2023-07-012023-07-310001262039ftnt:ShareRepurchaseProgramMember2023-01-012023-06-300001262039ftnt:ShareRepurchaseProgramMember2023-06-30ftnt:business_activityftnt:segment_managerftnt:operating_segmentftnt:reportable_segment0001262039country:US2023-04-012023-06-300001262039country:US2022-04-012022-06-300001262039country:US2023-01-012023-06-300001262039country:US2022-01-012022-06-300001262039ftnt:OtherAmericasMember2023-04-012023-06-300001262039ftnt:OtherAmericasMember2022-04-012022-06-300001262039ftnt:OtherAmericasMember2023-01-012023-06-300001262039ftnt:OtherAmericasMember2022-01-012022-06-300001262039srt:AmericasMember2023-04-012023-06-300001262039srt:AmericasMember2022-04-012022-06-300001262039srt:AmericasMember2023-01-012023-06-300001262039srt:AmericasMember2022-01-012022-06-300001262039ftnt:EuropeMiddleEastAndAfricaMember2023-04-012023-06-300001262039ftnt:EuropeMiddleEastAndAfricaMember2022-04-012022-06-300001262039ftnt:EuropeMiddleEastAndAfricaMember2023-01-012023-06-300001262039ftnt:EuropeMiddleEastAndAfricaMember2022-01-012022-06-300001262039ftnt:AsiaPacificAndJapanMember2023-04-012023-06-300001262039ftnt:AsiaPacificAndJapanMember2022-04-012022-06-300001262039ftnt:AsiaPacificAndJapanMember2023-01-012023-06-300001262039ftnt:AsiaPacificAndJapanMember2022-01-012022-06-300001262039country:US2023-06-300001262039country:US2022-12-310001262039country:CA2023-06-300001262039country:CA2022-12-310001262039srt:LatinAmericaMember2023-06-300001262039srt:LatinAmericaMember2022-12-310001262039srt:AmericasMember2023-06-300001262039srt:AmericasMember2022-12-310001262039ftnt:EuropeMiddleEastAndAfricaMember2023-06-300001262039ftnt:EuropeMiddleEastAndAfricaMember2022-12-310001262039ftnt:AsiaPacificAndJapanMember2023-06-300001262039ftnt:AsiaPacificAndJapanMember2022-12-310001262039us-gaap:SalesRevenueNetMemberftnt:DistributorAMemberus-gaap:CustomerConcentrationRiskMember2023-04-012023-06-300001262039us-gaap:SalesRevenueNetMemberftnt:DistributorAMemberus-gaap:CustomerConcentrationRiskMember2022-04-012022-06-300001262039us-gaap:SalesRevenueNetMemberftnt:DistributorAMemberus-gaap:CustomerConcentrationRiskMember2023-01-012023-06-300001262039us-gaap:SalesRevenueNetMemberftnt:DistributorAMemberus-gaap:CustomerConcentrationRiskMember2022-01-012022-06-300001262039us-gaap:SalesRevenueNetMemberftnt:DistributorBMemberus-gaap:CustomerConcentrationRiskMember2023-04-012023-06-300001262039us-gaap:SalesRevenueNetMemberftnt:DistributorBMemberus-gaap:CustomerConcentrationRiskMember2022-04-012022-06-300001262039us-gaap:SalesRevenueNetMemberftnt:DistributorBMemberus-gaap:CustomerConcentrationRiskMember2023-01-012023-06-300001262039us-gaap:SalesRevenueNetMemberftnt:DistributorBMemberus-gaap:CustomerConcentrationRiskMember2022-01-012022-06-300001262039us-gaap:SalesRevenueNetMemberftnt:DistributorCMemberus-gaap:CustomerConcentrationRiskMember2023-04-012023-06-300001262039us-gaap:SalesRevenueNetMemberftnt:DistributorCMemberus-gaap:CustomerConcentrationRiskMember2022-04-012022-06-300001262039us-gaap:SalesRevenueNetMemberftnt:DistributorCMemberus-gaap:CustomerConcentrationRiskMember2023-01-012023-06-300001262039us-gaap:SalesRevenueNetMemberftnt:DistributorCMemberus-gaap:CustomerConcentrationRiskMember2022-01-012022-06-300001262039us-gaap:AccountsReceivableMemberftnt:DistributorAMemberus-gaap:CustomerConcentrationRiskMember2023-01-012023-06-300001262039us-gaap:AccountsReceivableMemberftnt:DistributorAMemberus-gaap:CustomerConcentrationRiskMember2022-01-012022-12-310001262039us-gaap:AccountsReceivableMemberftnt:DistributorBMemberus-gaap:CustomerConcentrationRiskMember2023-01-012023-06-300001262039us-gaap:AccountsReceivableMemberftnt:DistributorBMemberus-gaap:CustomerConcentrationRiskMember2022-01-012022-12-310001262039us-gaap:AccountsReceivableMemberftnt:DistributorCMemberus-gaap:CustomerConcentrationRiskMember2023-01-012023-06-300001262039us-gaap:AccountsReceivableMemberftnt:DistributorCMemberus-gaap:CustomerConcentrationRiskMember2022-01-012022-12-310001262039us-gaap:SubsequentEventMember2023-08-012023-08-010001262039us-gaap:SubsequentEventMemberftnt:ShareRepurchaseProgramMember2023-07-310001262039us-gaap:SubsequentEventMemberftnt:ShareRepurchaseProgramMember2023-08-070001262039us-gaap:SubsequentEventMemberftnt:ShareRepurchaseProgramMember2023-07-012023-08-07
Table of Contents
UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549

FORM 10-Q 
(Mark One)
QUARTERLY REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
For the quarterly period ended June 30, 2023
or
TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
 For the transition period from              to             
Commission file number: 001-34511
______________________________________
FORTINET, INC.
(Exact name of registrant as specified in its charter)
______________________________________

Delaware77-0560389
(State or other jurisdiction of
incorporation or organization)
(I.R.S. Employer
Identification No.)

899 Kifer Road
Sunnyvale, California 94086
(Address of principal executive offices, including zip code)

(408) 235-7700
(Registrant’s telephone number, including area code)
Securities registered pursuant to Section 12(b) of the Exchange Act:
Title of each classTrading SymbolName of each exchange on which registered
Common Stock, $0.001 Par ValueFTNTThe Nasdaq Stock Market LLC

Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 (“Exchange Act”) during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.    Yes      No  
Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files).    Yes    No   
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Exchange Act. 


Table of Contents
Large accelerated filerAccelerated filer
Non-accelerated filerSmaller reporting company
Emerging growth company
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act.  
Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Act).    Yes       No  
As of August 4, 2023, there were 785,336,937 shares of the registrant’s common stock outstanding.




FORTINET, INC.
QUARTERLY REPORT ON FORM 10-Q
For the Quarter Ended June 30, 2023
Table of Contents
 
  Page
PART IFINANCIAL INFORMATION
Item 1.
Item 2.
Item 3.
Item 4.
PART II—OTHER INFORMATION
Item 1.
Item 1A.
Item 2.
Item 5.
Item 6.






Summary of Risk Factors

Our business is subject to numerous risks and uncertainties, including those described in Part II, Item 1A, “Risk Factors” in this Quarterly Report on Form 10-Q. You should carefully consider these risks and uncertainties when investing in our common stock. Some of the principal risks and uncertainties include:

Our operating results are likely to vary significantly and be unpredictable.

Adverse economic conditions, such as a possible economic downturn or recession, and possible impacts of inflation or stagflation, increasing or decreasing interest rates, instability in the global banking system or reduced information technology spending may adversely impact our business.

We have been, and may in the future be, susceptible to supply chain constraints, supply shortages and disruptions, long or less predictable lead times for components and finished goods and supply changes because some of the key components in our products come from limited sources of supply.

As a result of supply chain disruptions in recent periods, we increased our purchase order commitments in recent periods and, as a result, may be required to accept or pay for components and finished goods regardless of our level of sales in a particular period, which may negatively impact our operating results and financial condition.

Our real estate investments, including construction, acquisition and ongoing maintenance and management of office buildings, data centers and points of presence, as well as data center expansions or enhancements, could involve significant risks to our business.

Our billings, revenue, and free cash flow growth may slow or may not continue, and our operating margins may decline.

Our backlog has fluctuated over past quarters and any decrease in growth or negative growth of in-quarter billings and revenue may not be reflected by our aggregate billings and revenue. As we fulfill, ship and bill during a quarter to satisfy backlog, this will increase our aggregate billings and revenue during any particular quarter.

Any weakness in sales strategy, productivity and execution could negatively impact our results of operations.

We are dependent on the continued services and performance of our senior management, as well as our ability to hire, retain and motivate qualified personnel.

We rely on third-party channel partners for substantially all of our billings, revenue and a small number of distributors represents a large percentage of our revenue and accounts receivable.

Reliance on a concentration of shipments at the end of the quarter could cause our billings and revenue to fall below expected levels.

We rely significantly on revenue from FortiGuard security subscription and FortiCare technical support services, and revenue from these services may decline or fluctuate.

We have incurred indebtedness and may incur other debt in the future, which may adversely affect our financial condition and future financial results.

We generate a majority of billings, revenue and cash flow from sales outside of the United States.

We may not be successful in executing our strategy to increase our sales to large- and medium-sized end-customers.

A portion of our revenue is generated by sales to government organizations and other customers, which are subject to a number of regulatory requirements, challenges and risks.

The war in Ukraine, its related macroeconomic effects and our decision to reduce operations in Russia have affected and may continue to affect our business.

We face intense competition in our market and we may not maintain or improve our competitive position.

1


We order components from third-party manufacturers based on our forecasts of future demand and targeted inventory levels, which exposes us to the risk of both product shortages, may result in lost sales and higher expenses, including excess inventory charges and costs related to future purchase commitments, and may require us to sell our products at discounts or offer various other incentives.

We depend on third parties to provide various components for our products and build our products and are susceptible to manufacturing delays, capacity constraints and cost increases.

We are susceptible to defects or vulnerabilities in our products or services, as well as reputational harm from the failure or misuse of our products or services, and any actual or perceived defects or vulnerabilities in our products or services or the failure of our products or services to detect or prevent a security incident, or the failure to help secure our customers or cause our products or services to allow unauthorized access to our customers network, could harm our operational results and reputation more significantly as compared to certain other companies given we are a security company.

Our inability to successfully acquire and integrate other businesses, products or technologies, or to successfully invest in and form successful strategic alliances with other businesses, could seriously harm our competitive position and could negatively affect our financial condition and results of operations. In addition, any additional future impairment of the value of our investment in Linksys Holdings, Inc. (“Linksys”) could negatively affect our financial condition and results of operations.

Investors’ and regulators’ expectations of our performance relating to environmental, social and governance factors may impose additional costs and expose us to new risks.

We are exposed to fluctuations in currency exchange rates, which could negatively affect our financial condition and results of operations.

Our proprietary rights may be difficult to enforce and we may be subject to claims by others that we infringe their proprietary technology.

The trading price of our common stock may be volatile, which volatility may be exacerbated by share repurchases under our Share Repurchase Program (the “Repurchase Program”).

Anti-takeover provisions contained in our certificate of incorporation and bylaws, as well as provisions of Delaware law, could impair a takeover attempt.

Global economic uncertainty and weakening product demand caused by political instability, changes in trade agreements, wars and foreign conflicts, such as the war in Ukraine or tensions between China and Taiwan, could adversely affect our business and financial performance.
2

Table of Contents
PART I—FINANCIAL INFORMATION

ITEM 1.     Financial Statements
FORTINET, INC.
CONDENSED CONSOLIDATED BALANCE SHEETS
(unaudited, in millions, except per share amounts)
 June 30,
2023
December 31,
2022
ASSETS
CURRENT ASSETS:
Cash and cash equivalents$2,376.3 $1,682.9 
Short-term investments915.1 502.6 
Marketable equity securities22.1 25.5 
Accounts receivable—net 1,078.8 1,261.7 
Inventory376.3 264.6 
Prepaid expenses and other current assets109.5 73.1 
Total current assets4,878.1 3,810.4 
LONG-TERM INVESTMENTS4.2 45.5 
PROPERTY AND EQUIPMENT—NET981.9 898.5 
DEFERRED CONTRACT COSTS558.8 518.2 
DEFERRED TAX ASSETS729.2 569.4 
GOODWILL126.0 128.0 
OTHER INTANGIBLE ASSETS—NET44.6 56.0 
OTHER ASSETS163.3 202.0 
TOTAL ASSETS$7,486.1 $6,228.0 
LIABILITIES AND STOCKHOLDERS’ EQUITY (DEFICIT)
CURRENT LIABILITIES:
Accounts payable$238.3 $243.4 
Accrued liabilities266.8 248.7 
Accrued payroll and compensation224.8 219.4 
Income taxes payable183.0 17.6 
Deferred revenue2,587.7 2,349.3 
Total current liabilities3,500.6 3,078.4 
DEFERRED REVENUE2,540.9 2,291.0 
INCOME TAX LIABILITIES59.1 67.8 
LONG-TERM DEBT991.3 990.4 
OTHER LIABILITIES73.0 82.0 
Total liabilities7,164.9 6,509.6 
COMMITMENTS AND CONTINGENCIES (Note 11)
STOCKHOLDERS’ EQUITY (DEFICIT):
Common stock, $0.001 par value—1,500.0 shares authorized; 785.6 and 781.5 shares issued and outstanding on June 30, 2023 and December 31, 2022, respectively
0.8 0.8 
Additional paid-in capital1,375.9 1,284.2 
Accumulated other comprehensive loss(23.1)(20.2)
Accumulated deficit(1,032.4)(1,546.4)
Total stockholders’ equity (deficit)321.2 (281.6)
TOTAL LIABILITIES AND STOCKHOLDERS’ EQUITY (DEFICIT)$7,486.1 $6,228.0 
See notes to condensed consolidated financial statements.
3

Table of Contents

FORTINET, INC.
CONDENSED CONSOLIDATED STATEMENTS OF INCOME
(unaudited, in millions, except per share amounts)
 Three Months EndedSix Months Ended
June 30,
2023
June 30,
2022
June 30,
2023
June 30,
2022
REVENUE:
Product$472.6 $400.7 $973.3 $771.7 
Service 820.2 629.4 1,581.8 1,213.2 
Total revenue1,292.8 1,030.1 2,555.1 1,984.9 
COST OF REVENUE:
Product174.5 155.2 368.1 316.2 
Service 121.3 95.6 235.5 188.4 
Total cost of revenue295.8 250.8 603.6 504.6 
GROSS PROFIT:
Product298.1 245.5 605.2 455.5 
Service 698.9 533.8 1,346.3 1,024.8 
Total gross profit997.0 779.3 1,951.5 1,480.3 
OPERATING EXPENSES:
Research and development153.3 124.3 304.4 249.2 
Sales and marketing515.9 415.5 994.2 803.1 
General and administrative49.9 45.4 102.7 84.0 
Gain on intellectual property matter(1.1)(1.2)(2.3)(2.3)
Total operating expenses718.0 584.0 1,399.0 1,134.0 
OPERATING INCOME279.0 195.3 552.5 346.3 
INTEREST INCOME31.6 2.4 52.2 3.7 
INTEREST EXPENSE(5.2)(4.5)(10.2)(9.0)
OTHER EXPENSE—NET(6.2)(9.3)(4.2)(18.4)
INCOME BEFORE INCOME TAXES AND LOSS FROM EQUITY METHOD INVESTMENT299.2 183.9 590.3 322.6 
PROVISION FOR (BENEFIT FROM) INCOME TAXES27.6 2.4 48.9 (5.7)
LOSS FROM EQUITY METHOD INVESTMENT
(5.3)(8.1)(27.4)(16.6)
NET INCOME INCLUDING NON-CONTROLLING INTERESTS266.3 173.4 514.0 311.7 
LESS: NET LOSS ATTRIBUTABLE TO NON-CONTROLLING INTERESTS, NET OF TAX
 (0.1) (0.2)
NET INCOME ATTRIBUTABLE TO FORTINET, INC.$266.3 $173.5 $514.0 $311.9 
Net income per share attributable to Fortinet, Inc. (Note 9):
Basic$0.34 $0.22 $0.66 $0.39 
Diluted$0.33 $0.21 $0.65 $0.38 
Weighted-average shares used to compute net income per share attributable to Fortinet, Inc.:
Basic785.0 795.4 784.1 799.4 
Diluted795.9 810.1 794.7 815.4 
See notes to condensed consolidated financial statements.
4

Table of Contents
FORTINET, INC.
CONDENSED CONSOLIDATED STATEMENTS OF COMPREHENSIVE INCOME
(unaudited, in millions)
 Three Months EndedSix Months Ended
 June 30,
2023
June 30,
2022
June 30,
2023
June 30,
2022
Net income including non-controlling interests$266.3 $173.4 $514.0 $311.7 
Other comprehensive loss:
Change in foreign currency translation(6.7)(8.3)(7.5)(12.8)
Change in unrealized gains (losses) on investments2.1 (2.4)5.9 (11.7)
Less: tax provision (benefit) related to items of other comprehensive income or loss0.4 (0.6)1.3 (2.7)
Other comprehensive loss(5.0)(10.1)(2.9)(21.8)
Comprehensive income including non-controlling interests261.3 163.3 511.1 289.9 
Less: comprehensive loss attributable to non-controlling interests (2.2) (3.4)
Comprehensive income attributable to Fortinet, Inc.$261.3 $165.5 $511.1 $293.3 
See notes to condensed consolidated financial statements.
5

Table of Contents
FORTINET, INC.
CONDENSED CONSOLIDATED STATEMENTS OF EQUITY (DEFICIT)
(unaudited, in millions)
Three Months Ended June 30, 2023
 Common StockAdditional
Paid-In
Capital
Accumulated
Other
Comprehensive Loss
Accumulated DeficitNon-Controlling InterestsTotal
Stockholders’ Equity
SharesAmount
BALANCE—March 31, 2023784.4 $0.8 $1,327.4 $(18.1)$(1,298.7)$ $11.4 
Issuance of common stock in connection with equity incentive plans - net of tax withholding1.2 — (16.5)— — — (16.5)
Stock-based compensation expense— — 65.0 — — — 65.0 
Net unrealized gain on investments - net of tax— — — 1.7 — — 1.7 
Foreign currency translation adjustment— — — (6.7)—  (6.7)
Net income— — — — 266.3  266.3 
BALANCE—June 30, 2023785.6 $0.8 $1,375.9 $(23.1)$(1,032.4)$ $321.2 
Three Months Ended June 30, 2022
 Common StockAdditional
Paid-In
Capital
Accumulated
Other
Comprehensive Loss
Accumulated DeficitNon-Controlling InterestsTotal
Equity (Deficit)
SharesAmount
BALANCE—March 31, 2022801.3 $0.8 $1,235.7 $(15.4)$(1,003.4)$15.5 $233.2 
Issuance of common stock in connection with equity incentive plans - net of tax withholding1.5 — (30.8)— — — (30.8)
Repurchase and retirement of common stock(14.4)— (22.3)— (777.7)— (800.0)
Stock-based compensation expense— — 54.7 — — — 54.7 
Net unrealized loss on investments - net of tax— — — (1.8)— — (1.8)
Foreign currency translation adjustment— — — (6.2)— (2.1)(8.3)
Net income (loss)— — — — 173.5 (0.1)173.4 
BALANCE—June 30, 2022788.4 $0.8 $1,237.3 $(23.4)$(1,607.6)$13.3 $(379.6)
See notes to condensed consolidated financial statements.
6

Table of Contents
Six Months Ended June 30, 2023
Common StockAdditional
Paid-In
Capital
Accumulated
Other
Comprehensive Loss
Accumulated DeficitNon-Controlling InterestsTotal
Stockholders’ Equity (Deficit)
SharesAmount
BALANCE—December 31, 2022781.5 $0.8 $1,284.2 $(20.2)$(1,546.4)$ $(281.6)
Issuance of common stock in connection with equity incentive plans - net of tax withholding4.1 — (29.6)— — — (29.6)
Stock-based compensation expense— — 121.3 — — — 121.3 
Net unrealized gain on investments - net of tax— — — 4.6 — — 4.6 
Foreign currency translation adjustment— — — (7.5)—  (7.5)
Net income— — — — 514.0  514.0 
BALANCE—June 30, 2023785.6 $0.8 $1,375.9 $(23.1)$(1,032.4)$ $321.2 
Six Months Ended June 30, 2022
Common StockAdditional
Paid-In
Capital
Accumulated
Other
Comprehensive Loss
Accumulated DeficitNon-Controlling InterestsTotal
Equity (Deficit)
SharesAmount
BALANCE—December 31, 2021810.0 $0.8 $1,253.6 $(4.8)$(467.9)$16.7 $798.4 
Issuance of common stock in connection with equity incentive plans - net of tax withholding4.2 — (84.6)— — — (84.6)
Repurchase and retirement of common stock(25.8)— (39.6)— (1,451.6)— (1,491.2)
Stock-based compensation expense— — 107.9 — — — 107.9 
Net unrealized loss on investments - net of tax— — — (9.0)— — (9.0)
Foreign currency translation adjustment— — — (9.6)— (3.2)(12.8)
Net income (loss)— — — — 311.9 (0.2)311.7 
BALANCE—June 30, 2022788.4 $0.8 $1,237.3 $(23.4)$(1,607.6)$13.3 $(379.6)
See notes to condensed consolidated financial statements.
7

Table of Contents
FORTINET, INC.
CONDENSED CONSOLIDATED STATEMENTS OF CASH FLOWS
(unaudited, in millions)
 Six Months Ended
 June 30,
2023
June 30,
2022
CASH FLOWS FROM OPERATING ACTIVITIES:
Net income including non-controlling interests$514.0 $311.7 
Adjustments to reconcile net income to net cash provided by operating activities:
Stock-based compensation121.3 107.9 
Amortization of deferred contract costs127.9 107.1 
Depreciation and amortization54.9 50.6 
Amortization of investment premiums (discounts)(5.9)2.8 
Loss from equity method investment27.4 16.6 
Other 8.8 22.8 
Changes in operating assets and liabilities, net of impact of business combinations:
Accounts receivable—net179.0 (119.3)
Inventory(130.2)(31.2)
Prepaid expenses and other current assets(35.4)(18.2)
Deferred contract costs(168.5)(140.6)
Deferred tax assets(161.8)(136.3)
Other assets10.8 (16.7)
Accounts payable(3.6)52.7 
Accrued liabilities11.4 32.0 
Accrued payroll and compensation6.0 (6.8)
Income taxes payable156.9 (1.9)
Other liabilities(9.7)5.7 
Deferred revenue489.3 480.6 
Net cash provided by operating activities1,192.6 719.5 
CASH FLOWS FROM INVESTING ACTIVITIES:
Purchases of investments(804.6)(389.1)
Sales of investments 3.0 
Maturities of investments445.1 797.3 
Purchases of property and equipment(107.1)(162.5)
Other0.1  
Net cash provided by (used in) investing activities(466.5)248.7 
CASH FLOWS FROM FINANCING ACTIVITIES:
Repurchase and retirement of common stock (1,491.2)
Proceeds from issuance of common stock29.3 15.9 
Taxes paid related to net share settlement of equity awards(59.7)(99.9)
Other(1.0)(1.1)
Net cash used in financing activities(31.4)(1,576.3)
EFFECT OF EXCHANGE RATE CHANGES ON CASH AND CASH EQUIVALENTS
(1.3)(1.0)
NET INCREASE (DECREASE) IN CASH AND CASH EQUIVALENTS693.4 (609.1)
CASH AND CASH EQUIVALENTS—Beginning of period1,682.9 1,319.1 
CASH AND CASH EQUIVALENTS—End of period$2,376.3 $710.0 
SUPPLEMENTAL DISCLOSURES OF CASH FLOW INFORMATION:
Cash paid for income taxes—net $58.6 $129.1 
Operating lease liabilities arising from obtaining right-of-use assets$7.3 $30.8 
NON-CASH INVESTING AND FINANCING ACTIVITIES:
Transfers of evaluation units from inventory to property and equipment$15.8 $6.9 
Liability for purchase of property and equipment$22.0 $21.4 
See notes to condensed consolidated financial statements.
8

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS
(unaudited)

1.     SUMMARY OF SIGNIFICANT ACCOUNTING POLICIES

Basis of Presentation and Preparation—The unaudited condensed consolidated financial statements of Fortinet, Inc. and its subsidiaries (collectively, “we,” “us” or “our”) have been prepared in accordance with generally accepted accounting principles in the United States (“GAAP”) for interim financial information, as well as the instructions to Form 10-Q pursuant to the rules and regulations of the U.S. Securities and Exchange Commission (the “SEC”). Accordingly, they do not include all of the information and footnotes required by GAAP for complete financial statements, and should be read in conjunction with our audited consolidated financial statements as of and for the year ended December 31, 2022, contained in our Annual Report on Form 10-K filed with the SEC on February 24, 2023. In the opinion of management, all adjustments, which include normal recurring adjustments, considered necessary for a fair presentation, have been included. The results of operations for the three and six months ended June 30, 2023 are not necessarily indicative of the results to be expected for the full year or for any future periods. The condensed consolidated balance sheet as of December 31, 2022 is derived from the audited consolidated financial statements for the year ended December 31, 2022.

Amounts related to income taxes payable have been reclassified in prior periods to conform with current period presentation.

The condensed consolidated financial statements include the accounts of Fortinet, Inc. and its subsidiaries. We consolidate all legal entities in which we have an absolute controlling financial interest. All intercompany balances and transactions have been eliminated in consolidation.

The preparation of the condensed consolidated financial statements in accordance with GAAP requires management to make estimates and assumptions that affect the amounts reported in the condensed consolidated financial statements and accompanying notes. Actual results could differ materially from those estimates.

There have been no material changes to our significant accounting policies as of and for the three and six months ended June 30, 2023, as compared to the significant accounting policies described in the Form 10-K.

Recently Adopted and Recently Issued Accounting Standards

There were no recently adopted accounting standards which would have a material effect on our condensed consolidated financial statements and accompanying disclosures, and no recently issued accounting standards that are expected to have a material impact on our condensed consolidated financial statements and accompanying disclosures.

9

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

2.     REVENUE RECOGNITION

Disaggregation of Revenue

The following table presents our revenue disaggregated by major product and service lines (in millions):
Three Months EndedSix Months Ended
June 30,
2023
June 30,
2022
June 30,
2023
June 30,
2022
Product$472.6 $400.7 $973.3 $771.7 
Service:
Security subscription457.3 340.4 879.0 653.3 
Technical support and other362.9 289.0 702.8 559.9 
Total service revenue820.2 629.4 1,581.8 1,213.2 
Total revenue$1,292.8 $1,030.1 $2,555.1 $1,984.9 

Deferred Revenue

During the three and six months ended June 30, 2023, we recognized $609.8 million and $1.29 billion in service revenue that was included in the deferred revenue balance as of December 31, 2022, respectively. During the three and six months ended June 30, 2022, we recognized $457.6 million and $964.9 million in service revenue that was included in the deferred revenue balance as of December 31, 2021, respectively.

Transaction Price Allocated to the Remaining Performance Obligations

As of June 30, 2023, the aggregate amount of the transaction price allocated to remaining performance obligations was $5.15 billion, which was substantially comprised of deferred security subscription, technical support services revenue and unbilled contract revenue from non-cancellable contracts that will be recognized in future periods. We expect to recognize approximately $2.60 billion as revenue over the next 12 months and the remainder thereafter.

Accounts receivable

Trade accounts receivable are recorded at the invoiced amount, net of an allowance for expected credit losses. We measure expected credit losses of accounts receivable on a collective (pooled) basis, aggregating accounts receivable that are either current or no more than 60 days past due, and aggregating accounts receivable that are more than 60 days past due. We apply a credit-loss percentage to each of the pools that is based on our historical credit losses. We review whether each of our significant accounts receivable that is more than 60 days past due continues to exhibit similar risk characteristics with the other accounts receivable in the pool. If we determine that it does not, we evaluate it for expected credit losses on an individual basis. Expected credit losses are recorded as general and administrative expenses on our consolidated statements of income.

The allowance for credit losses was $5.3 million and $3.6 million as of June 30, 2023 and December 31, 2022, respectively. Provisions, write-offs and recoveries were not material during the six months ended June 30, 2023 and 2022.

Deferred Contract Costs
    
Amortization of deferred contract costs during the three months ended June 30, 2023 and 2022 were $65.4 million and $54.6 million, respectively. Amortization of deferred contract costs during the six months ended June 30, 2023 and 2022 were $127.9 million and $107.1 million, respectively.

10

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

3.     FINANCIAL INSTRUMENTS AND FAIR VALUE

Available-for-sale Securities

The following tables summarize our available-for-sale securities (in millions):
 
 June 30, 2023
 Amortized
Cost
Unrealized
Gains
Unrealized
Losses
Fair
Value
U.S. government and agency securities$404.4 $0.1 $(1.3)$403.2 
Commercial paper368.0  (0.3)367.7 
Corporate debt securities109.5  (1.3)108.2 
Certificates of deposit and term deposits35.2   35.2 
Municipal bonds5.0   5.0 
Total available-for-sale securities$922.1 $0.1 $(2.9)$919.3 
 December 31, 2022
 Amortized
Cost
Unrealized
Gains
Unrealized
Losses
Fair
Value
U.S. government and agency securities$198.0 $ $(4.4)$193.6 
Commercial paper26.5  (0.1)26.4 
Corporate debt securities293.0  (4.1)288.9 
Certificates of deposit and term deposits34.2   34.2 
Municipal bonds5.1  (0.1)5.0 
Total available-for-sale securities$556.8 $ $(8.7)$548.1 
The following tables show the gross unrealized losses and the related fair values of our available-for-sale securities that have been in a continuous unrealized loss position (in millions):
June 30, 2023
 Less Than 12 Months12 Months or GreaterTotal
 Fair
Value
Unrealized
Losses
Fair
Value
Unrealized
Losses
Fair
Value
Unrealized
Losses
U.S. government and agency securities$125.9 $(0.1)$83.8 $(1.2)$209.7 $(1.3)
Commercial paper349.6 (0.3)  349.6 (0.3)
Corporate debt securities12.7 (0.1)83.1 (1.2)95.8 (1.3)
Total available-for-sale securities$488.2 $(0.5)$166.9 $(2.4)$655.1 $(2.9)
December 31, 2022
 Less Than 12 Months12 Months or GreaterTotal
 Fair
Value
Unrealized
Losses
Fair
Value
Unrealized
Losses
Fair
Value
Unrealized
Losses
U.S. government and agency securities$3.9 $(0.1)$189.8 $(4.3)$193.7 $(4.4)
Commercial paper26.4 (0.1)  26.4 (0.1)
Corporate debt securities90.5 (0.8)190.0 (3.3)280.5 (4.1)
Municipal bonds5.0 (0.1)  5.0 (0.1)
Total available-for-sale securities$125.8 $(1.1)$379.8 $(7.6)$505.6 $(8.7)

11

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

The contractual maturities of our investments were (in millions):
 June 30,
2023
December 31,
2022
Due within one year$915.1 $502.6 
Due within one to three years4.2 45.5 
Total$919.3 $548.1 

Available-for-sale securities are reported at fair value, with unrealized gains and losses and the related tax impact included as a separate component of equity (deficit) and in comprehensive income. We do not intend to sell any of the securities in an unrealized loss position and it is not more likely than not that we would be required to sell these securities before recovery of their amortized cost basis, which may be at maturity.

Realized gains and losses on available-for-sale securities were insignificant in the periods presented.

Marketable Equity Securities

Our marketable equity securities were $22.1 million and $25.5 million as of June 30, 2023 and December 31, 2022. The changes in fair value of our marketable equity securities are recorded in other expense—net on the condensed consolidated statements of income. We recognized a $4.0 million and $3.4 million loss during the three and six months ended June 30, 2023, respectively. We recognized a $8.1 million and $14.3 million loss during the three and six months ended June 30, 2022, respectively.

Fair Value of Financial Instruments

Fair Value Accounting—We apply the following fair value hierarchy for disclosure of the inputs used to measure fair value. This hierarchy prioritizes the inputs into three broad levels:

Level 1—Inputs are unadjusted quoted prices in active markets for identical assets or liabilities.

Level 2—Inputs are quoted prices for similar assets and liabilities in active markets or inputs that are observable for the assets or liabilities, either directly or indirectly through market corroboration, for substantially the full term of the financial instruments.

Level 3—Unobservable inputs based on our own assumptions used to measure assets and liabilities at fair value. The inputs require significant management judgment or estimation.

We measure the fair value of money market funds, certain U.S. government and agency securities and marketable equity securities using quoted prices in active markets for identical assets. The fair value of all other financial instruments was based on quoted prices for similar assets in active markets, or model-driven valuations using significant inputs derived from or corroborated by observable market data.

We classify investments within Level 1 if quoted prices are available in active markets for identical securities.

We classify items within Level 2 if the investments are valued using model-driven valuations using observable inputs such as quoted market prices, benchmark yields, reported trades, broker/dealer quotes or alternative pricing sources with reasonable levels of price transparency. Investments are held by custodians who obtain investment prices from a third-party pricing provider that incorporates standard inputs in various asset price models.

12

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

Assets Measured at Fair Value on a Recurring Basis

The following tables present the fair value of our financial assets measured at fair value on a recurring basis (in millions):
 June 30, 2023December 31, 2022
 Aggregate
Fair
Value
Quoted
Prices in
Active
Markets For
Identical
Assets
Significant
Other
Observable
Remaining
Inputs
Significant
Other
Unobservable
Remaining
Inputs
Aggregate
Fair
Value
Quoted
Prices in
Active
Markets For
Identical
Assets
Significant
Other
Observable
Remaining
Inputs
Significant
Other
Unobservable
Remaining
Inputs
  (Level 1)(Level 2)(Level 3) (Level 1)(Level 2)(Level 3)
Assets:
U.S. government and agency securities$490.8 $415.9 $74.9 $ $268.6 $259.3 $9.3 $ 
Commercial paper490.8  490.8  115.8  115.8  
Corporate debt securities108.2  108.2  288.9  288.9  
Certificates of deposit and term deposits61.6  61.6  50.4  50.4  
Money market funds241.4 241.4   593.9 593.9   
Municipal bonds5.0  5.0  5.0  5.0  
Marketable equity securities22.1 22.1   25.5 25.5   
Total$1,419.9 $679.4 $740.5 $ $1,348.1 $878.7 $469.4 $ 
Reported as:
Cash equivalents$478.5 $774.5 
Marketable equity securities22.1 25.5 
Short-term investments915.1 502.6 
Long-term investments4.2 45.5 
Total$1,419.9 $1,348.1 

There were no transfers between Level 1 and Level 2 of the fair value hierarchy during the six months ended June 30, 2023 and year ended December 31, 2022.

4.     INVENTORY

Inventory consisted of (in millions):
 June 30,
2023
December 31,
2022
Raw materials$74.3 $46.3 
Work in process10.2 12.0 
Finished goods291.8 206.3 
Inventory$376.3 $264.6 

13

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS—(Continued)


5.     PROPERTY AND EQUIPMENT—Net

Property and equipment—net consisted of (in millions):
 
 June 30,
2023
December 31,
2022
Land$330.1 $310.0 
Buildings and improvements553.9 490.3 
Computer equipment and software237.8 222.7 
Leasehold improvements55.6 53.5 
Evaluation units25.7 19.2 
Furniture and fixtures32.5 31.3 
Construction-in-progress64.7 51.7 
Total property and equipment1,300.3 1,178.7 
Less: accumulated depreciation(318.4)(280.2)
Property and equipment—net$981.9 $898.5 

For the three months ended June 30, 2023, we purchased certain real estate in Spain and the United States totaling $51.9 million (“the Aggregate Purchase Price”). The purchases were accounted for under the asset acquisition method. The cost of the assets acquired was allocated to land and buildings and improvements based on their relative fair values. Of the Aggregate Purchase Price, $6.5 million was allocated to land and $45.4 million was allocated to buildings and improvements.

Depreciation expense was $22.9 million and $19.1 million during the three months ended June 30, 2023 and 2022, respectively. Depreciation expense was $45.7 million and $38.2 million during the six months ended June 30, 2023 and 2022, respectively.

6.     INVESTMENTS IN PRIVATELY HELD COMPANIES

Linksys Holdings, Inc.

During 2021, we invested $160 million in cash for shares of the Series A Preferred Stock of privately held Linksys Holdings, Inc. (“Linksys”), representing a 50.8% ownership interest in the outstanding common stock (on an as-converted basis). Linksys provides router connectivity solutions to the consumer and small business markets.

We have concluded that our investment in Linksys is an in-substance common stock investment and that we do not hold an absolute controlling financial interest in Linksys, but that we have the ability to exercise significant influence over the operating and financial policies of Linksys. Determining that we have significant influence but not control over the operating and financial policies of Linksys required significant judgement of many factors, including but not limited to the ownership interest in Linksys, board representation, participation in policy-making processes and participation rights in certain significant financial and operating decisions of Linksys in the ordinary course of business. Therefore, we determined to account for this investment using the equity method of accounting. We record our share of Linksys’ financial results on a three-month lag basis. We determined that there was a basis difference between the cost of our investment in Linksys and the amount of underlying equity in net assets of Linksys. Our share of loss of Linksys’ financial results, as well as our share of the amortization of the basis differences, in total was $5.3 million and $8.1 million for the three months ended June 30, 2023 and 2022, respectively, and has been recorded in loss from equity method investment on the condensed consolidated statements of income. Our share of loss of Linksys’ financial results, as well as our share of the amortization of the basis differences, in total was $27.4 million and $16.6 million for the six months ended June 30, 2023 and 2022, respectively, and has been recorded in loss from equity method investment on the condensed consolidated statements of income. As of June 30, 2023 and December 31, 2022, the investment was included in other assets on our condensed consolidated balance sheets.

In the fourth quarter of 2022, we recorded a non-cash charge of $22.2 million related to other-than-temporary impairment (“OTTI”) recognized on our equity method investment in Linksys and our proportionate share of Linksys' financial results included a $17.5 million charge in connection with a valuation allowance established on deferred tax assets at Linksys. Due to the presence of impairment indicators, such as a series of operating losses, we evaluated our equity method investment
14

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

for an OTTI during the three months ended June 30, 2023. We considered various factors in determining whether an OTTI has occurred, including the limited operating history available, our ability and intent to hold the investment until its fair value recovers, the implied revenue valuation multiples compared to guideline public companies, Linksys’ ability to achieve milestones and any notable operational and strategic changes. After the evaluation, we determined that an additional OTTI has not occurred as of June 30, 2023. However, we may be required to recognize an impairment loss in future reporting periods if and when our evaluation of the aforementioned factors indicates that the investment in Linksys is determined to be other than temporarily impaired. Such determination will be based on the prevailing facts and circumstances at that time, including the results and disclosures of Linksys.


7.     BUSINESS COMBINATIONS

Alaxala Networks Corporation

On August 31, 2021, we closed an acquisition of 75% of equity interests as controlling interests in Alaxala Networks Corporation (“Alaxala”), a privately held network hardware equipment company in Japan, for $64.2 million in cash. On October 3, 2022, we acquired the remaining 25% of equity interests in Alaxala for $13.5 million in cash, and Alaxala became our wholly owned subsidiary. We acquired the equity interests in Alaxala to broaden our offering of secure switches integrated with our Core Platform and Enhanced Platform Technology functionality, and over time, to innovate and rebrand certain of Alaxala’s switches to offer a broader suite of secure switches globally.


8.     GOODWILL AND OTHER INTANGIBLE ASSETS—Net

Goodwill

The following table presents the changes in the carrying amount of goodwill (in millions):
Amount
Balance—December 31, 2022$128.0 
Foreign currency translation adjustments(2.0)
Balance—June 30, 2023$126.0 

There were no impairments to goodwill during the six months ended June 30, 2023 or during prior periods.

Other Intangible Assets—Net

The following tables present other intangible assets—net (in millions, except years):
June 30, 2023
 Weighted-Average Useful Life (in Years)GrossAccumulated AmortizationNet
Other intangible assets—net:
Finite-lived intangible assets:
Developed technologies4.3$83.0 $56.5 $26.5 
Customer relationships7.130.2 16.0 14.2 
Trade name10.04.8 0.9 3.9 
Backlog1.03.8 3.8  
Total other intangible assets—net$121.8 $77.2 $44.6 
15

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

December 31, 2022
 Weighted-Average Useful Life (in Years)GrossAccumulated AmortizationNet
Other intangible assets—net:
Finite-lived intangible assets:
Developed technologies4.1$85.1 $50.3 $34.8 
Customer relationships7.131.0 14.4 16.6 
Trade name10.05.3 0.7 4.6 
Backlog1.04.2 4.2  
Total other intangible assets—net$125.6 $69.6 $56.0 

Amortization expense was $4.5 million and $6.0 million during the three months ended June 30, 2023 and 2022, respectively. Amortization expense was $9.2 million and $12.4 million during the six months ended June 30, 2023 and 2022, respectively.

The following table summarizes estimated future amortization expense of finite-lived intangible assets—net (in millions):
 Amount
Years:
2023 (the remainder of 2023)$8.5 
202412.8 
20258.3 
20264.2 
20273.9 
Thereafter6.9 
Total$44.6 

9.     NET INCOME PER SHARE

Basic net income per share is computed by dividing net income attributable to Fortinet, Inc., by the weighted-average number of shares of common stock outstanding during the period. Diluted net income per share is computed by dividing net income attributable to Fortinet, Inc. by the weighted-average number of shares of common stock outstanding during the period, plus the dilutive effects of restricted stock units (“RSUs”), stock options and performance stock units (“PSUs”). Dilutive shares of common stock are determined by applying the treasury stock method.

16

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

A reconciliation of the numerator and denominator used in the calculation of basic and diluted net income per share attributable to Fortinet, Inc. is (in millions, except per share amounts):
 Three Months EndedSix Months Ended
 June 30,
2023
June 30,
2022
June 30,
2023
June 30,
2022
Numerator:
Net income including non-controlling interests$266.3 $173.4 $514.0 $311.7 
Net loss attributable to non-controlling interests (0.1) (0.2)
Net income attributable to Fortinet, Inc.$266.3 $173.5 $514.0 $311.9 
Denominator:
Basic shares:
Weighted-average common stock outstanding-basic785.0 795.4 784.1 799.4 
Diluted shares:
Weighted-average common stock outstanding-basic785.0 795.4 784.1 799.4 
Effect of potentially dilutive securities:
RSUs 4.1 6.4 3.9 7.5 
Stock options6.6 8.3 6.6 8.5 
PSUs0.2  0.1  
Weighted-average shares used to compute diluted net income per share attributable to Fortinet, Inc.795.9 810.1 794.7 815.4 
Net income per share attributable to Fortinet, Inc.:
Basic$0.34 $0.22 $0.66 $0.39 
Diluted$0.33 $0.21 $0.65 $0.38 

The following weighted-average shares of common stock were excluded from the computation of diluted net income per share attributable to Fortinet, Inc. for the periods presented, as their effect would have been antidilutive (in millions):
 Three Months EndedSix Months Ended
 June 30,
2023
June 30,
2022
June 30,
2023
June 30,
2022
RSUs  0.4 0.9 0.4 
Stock options3.0 1.6 2.6 1.2 
Total 3.0 2.0 3.5 1.6 


17

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

10.     DEBT

2026 and 2031 Senior Notes

On March 5, 2021, we issued $1.0 billion aggregate principal amount of senior notes (collectively, the “Senior Notes”), consisting of $500.0 million aggregate principal amount of 1.0% notes due March 15, 2026 (the “2026 Senior Notes”) and $500.0 million aggregate principal amount of 2.2% notes due March 15, 2031 (the “2031 Senior Notes”), in an underwritten registered public offering. The Senior Notes are senior unsecured obligations and rank equally with each other in right of payment and with our other outstanding obligations. We may redeem the Senior Notes at any time in whole or in part for cash, at specified redemption prices that include accrued and unpaid interest, if any, and a make-whole premium. However, no make-whole premium will be paid for redemptions of the 2026 Senior Notes on or after February 15, 2026, or the 2031 Senior Notes on or after December 15, 2030. Interest on the Senior Notes is payable on March 15 and September 15 of each year, beginning on September 15, 2021. As of June 30, 2023 and December 31, 2022, the Senior Notes were recorded as long-term debt, net of discount and issuance costs, which are amortized to interest expense over the respective contractual terms of these notes using the effective interest method.

The total outstanding debt is summarized below (in millions, except percentages):
 MaturityCoupon RateEffective Interest RateJune 30,
2023
December 31,
2022
Debt
2026 Senior NotesMarch 20261.0%1.3%$500.0 $500.0 
2031 Senior NotesMarch 20312.2%2.3%500.0 500.0 
Total debt1,000.0 1,000.0 
Less: Unamortized discount and debt issuance costs8.7 9.6 
Total long-term debt$991.3 $990.4 

As of June 30, 2023 and December 31, 2022, we accrued interest payable of $4.7 million, and there are no financial covenants with which we must comply. During the three months ended June 30, 2023 and 2022, we recorded $4.5 million of total interest expense in relation to these Senior Notes in each quarter. During the six months ended June 30, 2023 and 2022, we recorded $9.0 million of total interest expense in relation to the Senior Notes in each period. No interest costs were capitalized for the six months ended June 30, 2023 and 2022, as the costs that qualified for capitalization were not material.

The total estimated fair value of the outstanding Senior Notes was approximately $856.3 million, including accrued and unpaid interest, as of June 30, 2023. The fair value was determined based on observable market prices of identical instruments in less active markets. The estimated fair values are based on Level 2 inputs.

11.     COMMITMENTS AND CONTINGENCIES

The following table summarizes our inventory purchase commitments as of June 30, 2023 (in millions):
Total2023Thereafter
Inventory purchase commitments$1,010.2 $813.2 $197.0 

Inventory Purchase Commitments—Our independent contract manufacturers and certain component suppliers procure components and build our products based on our forecasts, the availability of various components and their capacity. These forecasts are based on estimates of future demand for our products, which are in turn based on historical trends and an analysis from our sales and marketing organizations, adjusted for extended lead times, changes in supplier delivery commitments and other supply chain matters and market conditions. In order to manage manufacturing lead times, plan for adequate component supply and incentivize suppliers to deliver, we may issue purchase orders to some of our independent contract manufacturers, which are non-cancelable. As of June 30, 2023, we had $1.01 billion of open purchase orders with our independent contract manufacturers that consist of non-cancelable commitments. In certain instances, these agreements allow us the option to reschedule and adjust our requirements based on our business needs prior to firm orders being placed.

18

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

Other Contractual Commitments and Open Purchase Orders—In addition to commitments with contract manufacturers, we have open purchase orders and contractual obligations in the ordinary course of business for which we have not received goods or services. A significant portion of our reported purchase commitments consist of non-cancelable commitments. In certain instances, contractual commitments allow us the option to cancel, reschedule and adjust our requirements based on our business needs prior to firm orders being placed. As of June 30, 2023, we had $84.6 million in other contractual commitments having a remaining term in excess of one year that are non-cancelable.

As of June 30, 2023, we had $93.9 million in contractual commitments related to payments for operating leases.

Litigation—We are involved in disputes, litigation, and other legal actions. For lawsuits where we are the defendant, we are in the process of defending these litigation matters, and while there can be no assurances and the outcome of certain of these matters is currently not determinable and not predictable, we currently are unaware of any existing claims or proceedings that we believe are likely to have a material adverse effect on our financial position. There are many uncertainties associated with any litigation and these actions or other third-party claims against us may cause us to incur costly litigation fees, costs and substantial settlement charges, and possibly subject us to damages and other penalties. In addition, the resolution of any intellectual property (“IP”) litigation may require us to make royalty payments, which could adversely affect our gross margins in future periods. If any of those events were to occur, our business, financial condition, results of operations, and cash flows could be adversely affected. Litigation is unpredictable and the actual liability in any such matters may be materially different from our current estimates, which could result in the need to adjust any accrued liability and record additional expenses. We accrue for contingencies when we believe that a loss is probable and that we can reasonably estimate the amount of any such loss. These accruals are generally based on a range of possible outcomes that require significant management judgement. If no amount within a range is a better estimate than any other, we accrue the minimum amount. Litigation loss contingency accruals associated with outstanding cases were not material as of June 30, 2023, and December 31, 2022.

On March 21, 2019, we were sued by Alorica Inc. (“Alorica”) in Santa Clara County Superior Court in California. Alorica has alleged breach of warranty and misrepresentation claims, which we deny. We have counter-claimed and are seeking monetary damages. Fact discovery closed during the quarter ended June 30, 2023, and the trial is scheduled to commence in October 2023. Although we believe that the ultimate outcome of this matter will not materially impact our financial position, results of operations or cash flows, legal proceedings are subject to inherent uncertainties, and an unfavorable ruling could occur, which may result in a material adverse impact on our business, financial position, results of operations and cash flows. No loss accrual had been recorded as of June 30, 2023 or December 31, 2022 related to this litigation.

Indemnification and Other Matters—Under the indemnification provisions of our standard sales contracts, we agree to defend our customers against third-party claims asserting various allegations such as product defects and infringement of certain IP rights, which may include patents, copyrights, trademarks or trade secrets, and to pay judgments entered on such claims. In some contracts, our exposure under these indemnification provisions is limited by the terms of the contracts to certain defined limits, such as the total amount paid by our customer under the agreement. However, certain agreements include covenants, penalties and indemnification provisions including and beyond indemnification for third-party claims of IP infringement that could potentially expose us to losses in excess of the amount received under the agreement, and in some instances to potential liability that is not contractually limited. Although from time to time there are indemnification claims asserted against us and currently there are pending indemnification claims, to date there have been no material awards under such indemnification provisions.

Similar to other security companies and companies in other industries, we have experienced and may experience in the future, cybersecurity threats, malicious activity directed against our information technology infrastructure or unauthorized attempts to gain access to our and our customers’ sensitive information and systems. We currently are unaware of any existing claims or proceedings related to these types of matters, including any that we believe are likely to have a material adverse effect on our financial position.

12.     EQUITY PLANS AND SHARE REPURCHASE PROGRAM

Stock-Based Compensation Plans

We maintain the Amended and Restated Fortinet, Inc. 2009 Equity Incentive Plan (the “Amended Plan”) pursuant to which we have granted RSUs, stock options and PSUs. As of June 30, 2023, there were a total of 53.0 million shares of common stock available for grant under the Amended Plan.

19

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

Restricted Stock Units

The following table summarizes the activity and related information for RSUs for the periods presented below (in millions, except per share amounts):
 Restricted Stock Units Outstanding
 Number of SharesWeighted-Average Grant Date Fair Value per Share
Balance—December 31, 202210.5 $40.94 
Granted4.1 61.17 
Forfeited(0.2)45.47 
Vested(3.1)34.47 
Balance—June 30, 2023
11.3 $49.97 


Stock compensation expense is recognized on a straight-line basis over the vesting period of each RSU. As of June 30, 2023, total compensation expense related to unvested RSUs granted to employees and non-employees under the Amended Plan, but not yet recognized, was $509.9 million, with a weighted-average remaining vesting period of 2.9 years.

RSUs settle into shares of common stock upon vesting. Upon the vesting of the RSUs, we net-settle the RSUs and withhold a portion of the shares to satisfy employee withholding tax requirements. The payment of the withheld taxes to the tax authorities is reflected as a financing activity within the condensed consolidated statements of cash flows.

The following summarizes the number and value of the shares withheld for employee taxes (in millions):
Three Months EndedSix Months Ended
June 30,
2023
June 30,
2022
June 30,
2023
June 30,
2022
Shares withheld for taxes0.4 0.6 1.1 1.7 
Amount withheld for taxes$25.1 $35.3 $59.7 $100.1 

Employee Stock Options

The following table summarizes the weighted-average assumptions relating to our employee stock options: 
 Three Months EndedSix Months Ended
 June 30,
2023
June 30,
2022
June 30,
2023
June 30,
2022
Expected term in years4.44.44.44.4
Volatility41.0 %43.6 %41.9 %41.1 %
Risk-free interest rate3.8 %2.9 %4.2 %1.9 %
Dividend rate % % % %

20

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

The following table summarizes the stock option activity and related information for the periods presented below (in millions, except exercise prices and contractual life):
 Options Outstanding
 Number
of Shares
Weighted-
Average
Exercise
Price
Weighted-
Average
Remaining
Contractual
Life (Years)
Aggregate
Intrinsic
Value
Balance—December 31, 202213.2 $24.37 3.5$344.8 
Granted1.2 60.80 
Forfeited(0.1)44.99 
Exercised(2.1)14.13 
Balance—June 30, 2023
12.2 $29.64 
Options vested and expected to vest—June 30, 2023
12.2 $29.64 3.6$559.8 
Options exercisable—June 30, 2023
8.2 $20.26 2.8$456.3 

The aggregate intrinsic value represents the difference between the exercise price of stock options and the quoted market price of our common stock for all in-the-money stock options. Stock compensation expense is recognized on a straight-line basis over the vesting period of each stock option. As of June 30, 2023, total compensation expense related to unvested stock options granted to employees but not yet recognized was $68.0 million, with a weighted-average remaining vesting period of 2.8 years.

Additional information related to our stock options is summarized below (in millions, except per share amounts):
Three Months EndedSix Months Ended
June 30,
2023
June 30,
2022
June 30,
2023
June 30,
2022
Weighted-average fair value per share granted $26.55 $21.33 $24.41 $22.28 
Intrinsic value of options exercised $24.3 $13.8 $97.0 $43.7 
Fair value of options vested$5.7 $4.8 $17.4 $15.0 

Market/Performance-Based PSUs

We granted market/performance-based PSUs under the Amended Plan to certain of our executives. Based on the achievement of the market/performance-based vesting conditions during the performance period, the final settlement of the PSUs will range between 0% and 200% of the target shares underlying the PSUs based on the percentile ranking of our total stockholder return over one-, two-, three- and four-year periods among companies included in the S&P 500 Index. 20%, 20%, 20% and 40% of the PSUs vest over one-, two-, three- and four-year service periods, respectively.

The following table summarizes the weighted-average assumptions relating to our PSUs for the three months ended March 31, 2023:
 Three Months Ended
 March 31,
2023
Expected term in years2.7
Volatility47.5 %
Risk-free interest rate4.6 %
Dividend rate %

We granted approximately 0.3 million shares of PSU awards with a grant date fair value of $90.96 per share to certain of our executives during the first quarter of 2023. The grant date fair value of these awards was determined using a Monte Carlo simulation pricing model. None of these PSU awards were vested or forfeited during the six months ended June 30, 2023.

21

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

As of June 30, 2023, total compensation expense related to unvested PSUs that were granted to certain of our executives, but not yet recognized, was $23.2 million. This expense is expected to be amortized on a graded vesting method over a weighted-average vesting period of 2.6 years.

Stock-Based Compensation Expense

Stock-based compensation expense, including stock-based compensation expense related to awards classified as liabilities, is included in costs and expenses (in millions):
 Three Months EndedSix Months Ended
 June 30,
2023
June 30,
2022
June 30,
2023
June 30,
2022
Cost of product revenue$0.5 $0.4 $0.9 $0.8 
Cost of service revenue6.0 4.7 11.1 9.2 
Research and development20.0 16.1 37.0 31.2 
Sales and marketing29.3 26.4 55.6 53.1 
General and administrative9.9 7.7 18.1 14.9 
Total stock-based compensation expense$65.7 $55.3 $122.7 $109.2 

The following table summarizes stock-based compensation expense, including stock-based compensation expense related to awards classified as liabilities, by award type (in millions):
 Three Months EndedSix Months Ended
 June 30,
2023
June 30,
2022
June 30,
2023
June 30,
2022
RSUs$55.1 $49.0 $104.2 $97.3 
Stock options7.3 6.3 14.0 11.9 
PSUs3.3  4.5  
Total stock-based compensation expense$65.7 $55.3 $122.7 $109.2 

Total income tax benefit associated with stock-based compensation that is recognized in the condensed consolidated statements of income is as follows (in millions):
Three Months EndedSix Months Ended
June 30,
2023
June 30,
2022
June 30,
2023
June 30,
2022
Income tax benefit associated with stock-based compensation $14.5 $12.2 $27.1 $24.0 

Share Repurchase Program

In February 2023, our board of directors approved an extension of the Repurchase Program originally approved by our board of directors in January 2016 to February 29, 2024. In April 2023, our board of directors approved a $1.0 billion increase in the authorized amount under the Repurchase Program, bringing the aggregate amount authorized to be repurchased to $6.25 billion of our outstanding common stock through February 29, 2024. Share repurchases may be made by us from time to time in privately negotiated transactions or in open-market transactions. The Repurchase Program does not require us to purchase a minimum number of shares, and may be suspended, modified or discontinued at any time without prior notice. Refer to Note 16, Subsequent Events, for information regarding the approved $500.0 million increase in the authorized stock repurchase amount under the Repurchase Program in July 2023.

There were no shares repurchased under the Repurchase Program during the six months ended June 30, 2023. As of June 30, 2023, $1.53 billion remained available for future share repurchases under the Repurchase Program.

22

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

13.    INCOME TAXES

Our effective tax rate was 9% for the three months ended June 30, 2023, compared to an effective tax rate of 1for the same period last year. Our effective tax rate was 8% for the six months ended June 30, 2023, compared to an effective tax rate of negative 2% for the same period last year. The tax rates for the three months ended June 30, 2023 and 2022 were composed of U.S. federal and state taxes, withholding taxes and foreign taxes that amounted to $84.8 million and $54.5 million, respectively. The tax rate for the three months ended June 30, 2023 was impacted by a tax benefit of $25.8 million from the FDII deduction, excess tax benefits from stock-based compensation expense of $13.3 million, and the release of reserves of $18.1 million on uncertain tax positions and the accrued interest thereon due to the expiration of statutes of limitations. The tax rate for the three months ended June 30, 2022 was impacted by a tax benefit of $18.6 million from the FDII deduction, excess tax benefits from stock-based compensation expense of $17.3 million, and the release of reserves of $16.2 million on uncertain tax positions and the accrued interest thereon due to the expiration of statutes of limitations.

The tax rates for the six months ended June 30, 2023 and 2022 were composed of U.S. federal and state taxes, withholding taxes and foreign taxes that amounted to $170.6 million and $93.3 million, respectively. The tax rate for the six months ended June 30, 2023 was impacted by a tax benefit of $64.0 million from the FDII deduction, excess tax benefits from stock-based compensation expense of $39.6 million, and the release of reserves of $18.1 million on uncertain tax positions and the accrued interest thereon due to the expiration of statutes of limitations. The tax rate for the six months ended June 30, 2022 was impacted by a tax benefit of $33.3 million from the FDII deduction, excess tax benefits from stock-based compensation expense of $49.5 million, and the release of reserves of $16.2 million on uncertain tax positions and the accrued interest thereon due to the expiration of statutes of limitations.

As of June 30, 2023 and December 31, 2022, unrecognized tax benefits were $63.4 million and $67.4 million, respectively. If recognized, $53.8 million of the unrecognized tax benefits as of June 30, 2023 would favorably affect our effective tax rate. It is our policy to include accrued interest and penalties related to unrecognized tax benefits in income tax expense. As of June 30, 2023 and December 31, 2022, accrued interest and penalties were $5.3 million and $9.3 million, respectively. It is reasonably possible that our gross unrecognized tax benefits will decrease by up to $1.9 million in the next 12 months, due to the lapse of statutes of limitation in various jurisdictions. This decrease, if recognized, would favorably impact our effective tax rate, and would be recognized as an additional tax benefit.

We file income tax returns in the U.S. federal jurisdiction and in various U.S. state and foreign jurisdictions. Generally, we are no longer subject to examination by U.S federal income tax authorities for tax years prior to 2015. We are no longer subject to U.S. state and foreign income tax examinations by tax authorities for tax years prior to 2010. We currently have ongoing tax audits in the United Kingdom, Canada, Germany and several other foreign jurisdictions. The focus of these audits is the inter-company profit allocation.

Effective January 1, 2022, research and development expenses are required to be capitalized and amortized for U.S. tax purposes, which delays the deductibility of these expenses, and increases our current provision.

On January 4, 2022, the U.S. Treasury published another tranche of final regulations regarding the foreign tax credit. These final regulations impose new requirements that a foreign tax must meet in order to be creditable against U.S. income taxes, and generally apply to tax years beginning on or after December 28, 2021. On July 26, 2022, the U.S. Treasury released corrections to the final regulations. These final regulations adversely impact our ability to claim foreign tax credits in the United States for certain taxes imposed by certain foreign jurisdictions.

On August 16, 2022, the United States enacted the Inflation Reduction Act of 2022 that provides for certain changes to the U.S. corporate income tax system, including a 15% minimum tax based on financial statement income for companies with three-year average annual adjusted financial statement income exceeding $1 billion, and a 1% excise tax on net repurchases of stock after December 31, 2022, if any. The applicable tax law changes have had no impact to our tax provision for the six months ended June 30, 2023. We will continue to monitor the impact, if any, of these tax law changes on future periods.

14.     DEFINED CONTRIBUTION PLANS

Our tax-deferred savings plan under our 401(k) Plan permits participating U.S. employees to contribute a portion of their pre-tax or after-tax earnings. In Canada, we have a Group Registered Retirement Savings Plan Program (the “RRSP”), which permits participants to make pre-tax contributions. Our board of directors approved 50% matching contributions on employee contributions up to 4% of each employee’s eligible earnings. Our matching contributions to our 401(k) Plan and the RRSP for the three months ended June 30, 2023 and 2022 were $5.7 million and $3.2 million, respectively. Our matching
23

Table of Contents
FORTINET, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

contributions to our 401(k) Plan and the RRSP for the six months ended June 30, 2023 and 2022 were $10.1 million and $6.6 million, respectively.

15.     SEGMENT INFORMATION

Operating segments are defined as components of an enterprise about which separate financial information is available that is evaluated regularly by the chief operating decision maker in deciding how to allocate resources and in assessing performance. Our chief operating decision maker is our chief executive officer. Our chief executive officer reviews financial information presented on a consolidated basis, accompanied by information about revenue by geographic region for purposes of allocating resources and evaluating financial performance. We have one business activity, and there are no segment managers who are held accountable for operations, operating results and plans for levels or components below the consolidated unit level. Accordingly, we have determined that we have one operating segment, and therefore, one reportable segment.

Revenue by geographic region is based on the billing address of our customers. The following tables set forth revenue and property and equipment—net by geographic region (in millions):
Three Months EndedSix Months Ended
RevenueJune 30,
2023
June 30,
2022
June 30,
2023
June 30,
2022
Americas:
United States$404.7 $312.9 $788.8 $598.7 
Other Americas132.3 100.7 271.7 197.5 
Total Americas537.0 413.6 1,060.5 796.2 
Europe, Middle East and Africa (“EMEA”)506.9 391.8 985.1 737.8 
Asia Pacific (“APAC”)248.9 224.7 509.5 450.9 
Total revenue$1,292.8 $1,030.1 $2,555.1 $1,984.9 

Property and Equipmentnet
June 30,
2023
December 31,
2022
Americas:
United States$686.5 $638.1 
Canada208.3 204.4 
Latin America0.8 1.1 
Total Americas895.6 843.6 
EMEA69.4 35.9 
APAC16.9 19.0 
Total property and equipment—net$981.9 $898.5 

The following distributors accounted for 10% or more of our revenue:
 Three Months EndedSix Months Ended
June 30,
2023
June 30,
2022
June 30,
2023
June 30,
2022
Distributor A27 %29 %28 %29 %
Distributor B15 %14 %14 %14 %
Distributor C14 %13 %14 %14 %


24


The following distributors accounted for 10% or more of net accounts receivable:
June 30,
2023
December 31,
2022
Distributor A29 %32 %
Distributor B12 %12 %
Distributor C13 %13 %


16.     SUBSEQUENT EVENTS

Investment in Privately Held Company

On August 1, 2023, we invested $8.5 million in cash in a privately held company.

Share Repurchase Program

In July 2023, our board of directors approved a $500.0 million increase in the authorized stock repurchase amount under the Repurchase Program, bringing the aggregate amount authorized to be repurchased to $6.75 billion of our outstanding common stock through February 29, 2024. As of August 7, 2023, approximately $1.87 billion remained available for future share repurchases. Subsequent to June 30, 2023 through the filing of this Quarterly Report on Form 10-Q, we repurchased approximately 2.8 million shares of our common stock at an average price of $57.44 per share for an aggregate purchase price of approximately $161.1 million under the Repurchase Program.













25

Table of Contents
ITEM 2.     Management’s Discussion and Analysis of Financial Condition and Results of Operations

In addition to historical information, this Quarterly Report on Form 10-Q contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities and Exchange Act of 1934, as amended (the “Exchange Act”). These statements include, among other things, statements concerning our expectations regarding:

continued growth and market share gains;

variability in sales in certain product and service categories from year to year and between quarters;

expected impact of sales from certain products and services;

instability in the global banking system;

increasing or decreasing inflation or stagflation, and rising interest rates in many geographies and changes in currency exchange rates and currency regulations;

macroeconomic, geopolitical factors and other disruption on our manufacturing or sales, including public health issues, wars and natural disasters;

real estate investments and management, expansions and enhancements of current properties;

government regulation, tariffs and other policies;

drivers of long-term growth and operating leverage, such as pricing of our products and services, sales productivity and capacity, functionality and value in our service offerings;

growing our solution sales through channel partners to businesses, service providers and government organizations, our ability to execute these sales and the complexity of providing solutions to all segments (including the increased competition and unpredictability of timing associated with sales to larger enterprises), the impact of sales to these organizations on our long-term growth, expansion and operating results, and the effectiveness of our sales organization;

supply chain constraints, component availability and other factors affecting our manufacturing capacity, delivery, cost and inventory management, as well as improving supply chain dynamics;

forecasts of future demand and targeted inventory levels;

the effect of backlog from prior quarters, including its effect on growth of in-quarter billings and revenue;

our ability to hire properly qualified and effective sales, support and engineering employees;

risks and expectations related to acquisitions and equity interests in private and public companies, including integration issues related to go-to-market plans, product plans, employees of such companies, controls and processes and the acquired technology, and risks of negative impact by such acquisitions and equity investments on our financial results;

trends in revenue, cost of revenue and gross margin, including expectations regarding product revenue and service revenue growth;
 
trends in our operating expenses, including sales and marketing expense, research and development expense, general and administrative expense, and expectations regarding these expenses;

plans and strategy for the acceleration of our points of presence (“PoP”) deployment;

expectations that our operating expenses will increase in absolute dollars during the remainder of 2023;

26

Table of Contents
expectations that proceeds from the exercise of stock options in future years will be adversely impacted by the increased mix of restricted stock units and performance stock units versus stock options granted;

expectations regarding uncertain tax benefits and our effective domestic and global tax rates, the impact of interpretations of or changes to tax law, and the timing of tax payments;

expectations regarding spending related to real estate acquisitions and development, data center investments, as well as other capital expenditures and to the impact on free cash flow and expenses;

estimates of a range of 2023 spending on capital expenditures;

competition in our markets;

expected outcomes and liabilities in litigation;

our intentions regarding share repurchases and the sufficiency of our existing cash, cash equivalents and investments to meet our cash needs, including our debt servicing requirements, for at least the next 12 months;

other statements regarding our future operations, financial condition and prospects and business strategies; and

adoption and impact of new accounting standards.

These forward-looking statements are subject to certain risks and uncertainties that could cause our actual results to differ materially from those reflected in the forward-looking statements. Factors that could cause or contribute to such differences include, but are not limited to, those discussed in this Quarterly Report on Form 10-Q and, in particular, the risks discussed under the heading “Risk Factors” in Part II, Item 1A of this Quarterly Report on Form 10-Q and those discussed in other documents we file with the SEC. We undertake no obligation, and specifically disclaim any obligation, to revise or publicly release the results of any revision to these and any other forward-looking statements. Given these risks and uncertainties, readers are cautioned not to place undue reliance on such forward-looking statements.

Business Overview

Fortinet is a global leader in cybersecurity and secure networking solutions. Our mission is to secure people, devices and data everywhere. We deliver cybersecurity everywhere our customers need it with an integrated portfolio of over 50 enterprise-grade products. As of June 30, 2023, over half a million customers, including enterprises, communication service providers and security service providers, government organizations and small and medium-sized businesses, trusted our solutions.

Our product offerings are designed to converge networking and security into a single solution, consolidate cybersecurity point products into an integrated platform and deliver operational-technology (“OT”) aware features to secure OT environments. This allows customers to realize automated protection, improve detection and response times, and provide visibility across both Fortinet-developed solutions and a broad ecosystem of over 500 third-party solutions and technologies. As a U.S.-based company, the majority of Fortinet’s research and development is based in North America, with a global footprint of support and centers of excellence across time zones from North America to Europe to Asia. We held 1,285 U.S. and foreign-issued patents as of June 30, 2023, a testament to our dedication to innovation that delivers leading cybersecurity and networking solutions.

As a cybersecurity leader, Fortinet believes it is our duty to help make the world a safer and more sustainable place. That is why, beyond our commitment to cybersecurity and networking technology innovation, we strive to:

Reduce the environmental footprint of our technology with a commitment to ensure each generation of our products consumes less energy;

Eliminate the global cyber skills shortage by maintaining one of the largest and broadest training programs in the industry; and

Foster cooperation against cybercrime through partnerships that help shape the future of cyber threat
27

Table of Contents
mitigation and by sharing actionable threat intelligence between public and private organizations.

The focus areas of our business consist of:

Secure Networking

Cybersecurity Platform

OT Security

Secure Networking—Our Secure Networking solutions enable the convergence of networking and security by integrating multiple markets and use cases into a single operating system: the Fortinet Operating System (“FortiOS”). It can be delivered to customers through an application-specific integrated circuit (“ASIC”)-accelerated hardware appliance, virtual machine, as-a-Service, cloud native and container. When delivered via our appliances, functionality is accelerated with the use of our proprietary ASIC technology, which consists of three processors. First, a seventh generation network processor, FortiNP7, accelerates the processing of firewall traffic and offloads this function from the central processing unit (“CPU”). Second, a ninth generation content processor, FortiCP9, helps the CPU with deep packet inspection functions such as intrusion prevention and antivirus. Multiple CPUs, NP7s and CP9s can be placed in larger firewalls to provide more scale. Third, the CPU, network processor and content processor functions are all brought together in a single ASIC, our fifth generation Security Processor, FortiSP5. These proprietary ASICs, along with off the shelf CPU and ASICs, allow our systems to scale from the smallest branch to a hyperscale cloud and run multiple applications at higher performance and lower power consumption.

The following markets and use cases are supported by the FortiOS converged operating system:

Network Firewall, including Hybrid Mesh Firewall

Software-Defined Wide Area Network (“SD-WAN”)

Local Area Network/Wireless Local Area Network (Wi-Fi and Switch)

Universal Secure Access Service Edge

Cloud Security

Universal Zero Trust Network Access

Encryption Applications (SSL Inspection, Virtual Private Network and IPsec Connectivity)

Cybersecurity Platform—Many enterprises are looking to consolidate point products into a cybersecurity platform to improve the efficiency and efficacy of their security. This platform approach is also known as a Cybersecurity Mesh Architecture, or our more expansive Fortinet Security Fabric, which includes FortiGuard AI-powered services and integrated security products engineered with automation in mind to support customers in building a cybersecurity platform. The Fortinet Security Fabric facilitates dynamic information sharing across customers’ security infrastructure as well as the automation of workflows, including response. The result is improved prevention while significantly reducing Mean-Time-to-Detect and Mean-Time-to-Respond to cyber threats. The major cybersecurity markets of our business include:

Endpoint Protection Platforms

Next-Generation Firewall

Intrusion Prevention Systems (“IPS”)

Secure Web Gateway

Identity and Access Management

Cloud Access Security Broker

Security Information and Event Management
28

Table of Contents

Security Orchestration and Automated Response

Secure Email Gateway

Web Application Firewalls

Cloud Security

Network Detection and Response

External Attack Surface Monitoring

Network Access and Control

To support our broad portfolio of cybersecurity products, we deliver the following AI-powered FortiGuard Threat Intelligence Services:

Content Security, including Antivirus, In-Line Sandboxing and Credential Stuffing

Web Security, including URL Filtering, DNS Security and IP Reputation

Device Security, including IPS, OT Security, Internet of Things (“IoT”) Security and Botnet protection

Application Security, including Anti-Spam and Web Application protection

Security Operations Center (“SOC”) Services, including SOC-as-a-Service, Managed Detection and Response, Incident Readiness and Response (active incident and proactive services), Outbreak Protection, Attack Surface Monitoring, Threat Hunting, and Indicators of Compromise services.

Operational Technology Security—OT uses hardware and software to detect or cause a change through the direct monitoring and/or control of industrial equipment, assets, processes and events. The security of such environments is sometimes described as Cyber-Physical Systems. The increased connectivity of OT environments and the need for employee and vendor access has increased the risk across OT industries such as manufacturing, energy, utilities, medical, transport, and critical infrastructure. While the basic concepts of Secure Networking and Cybersecurity Platform apply, OT systems are very different from a traditional information technology system. Fortinet delivers OT-Aware security capabilities that are purpose-built for operational technology environments. These capabilities underpin our OT-Aware Security Fabric, which spans the following products and services:

Secure Network and Connectivity

Secure Remote Access

OT-Specific InfoSec Tools

OT-Specific Threat Intelligence

Integration with third-party OT solutions

Financial Highlights

Total revenue was $1.29 billion and $2.56 billion during the three and six months ended June 30, 2023, an increase of 26% and 29%, respectively, compared to $1.03 billion and $1.98 billion in the same periods last year. Product revenue was $472.6 million and $973.3 million during the three and six months ended June 30, 2023, an increase of 18% and 26%, respectively, compared to $400.7 million and $771.7 million in the same periods last year. Service revenue was $820.2 million and $1.58 billion during the three and six months ended June 30, 2023, an increase of 30%, in each period respectively, compared to $629.4 million and $1.21 billion in the same periods last year.

29

Table of Contents
Total gross profit was $997.0 million and $1.95 billion during the three and six months ended June 30, 2023, an increase of 28% and 32%, respectively, compared to $779.3 million and $1.48 billion in the same periods last year.

Operating income was $279.0 million and $552.5 million during the three and six months ended June 30, 2023, an increase of 43% and 60%, respectively, compared to $195.3 million and $346.3 million in the same periods last year.

Cash, cash equivalents, short-term and long-term investments and marketable equity securities were $3.32 billion as of June 30, 2023.

Deferred revenue was $5.13 billion as of June 30, 2023, an increase of $488.3 million, or 11%, compared to $4.64 billion as of December 31, 2022 and an increase of $1.20 billion, or 30%, compared to $3.93 billion as of June 30, 2022. Deferred revenue was $3.93 billion as of June 30, 2022, an increase of $479.1 million, or 14%, compared to $3.45 billion as of December 31, 2021 and an increase of $1.03 billion, or 35%, compared to $2.91 billion as of June 30, 2021.

Short-term deferred revenue was $2.59 billion as of June 30, 2023, an increase of $238.4 million, or 10%, compared to $2.35 billion as of December 31, 2022 and an increase of $574.5 million, or 29%, compared to $2.01 billion as of June 30, 2022. Short-term deferred revenue was $2.01 billion as of June 30, 2022, an increase of $235.8 million, or 13%, compared to $1.78 billion as of December 31, 2021 and an increase of $480.2 million, or 31%, compared to $1.53 billion as of June 30, 2021.

We generated cash flows from operating activities of $1.19 billion during the six months ended June 30, 2023, an increase of $473.1 million, or 66%, compared to the same period last year.

On a geographic basis, revenue continues to be diversified, which remains a key strength of our business. During the three months ended June 30, 2023, the Americas region, the Europe, Middle East and Africa (“EMEA”) region and the Asia Pacific (“APAC”) region contributed 42%, 39% and 19% of our total revenue, respectively, and increased 30%, 29% and 11% compared to the same period last year, respectively. During the six months ended June 30, 2023, the Americas region, the EMEA region and the APAC region contributed 41%, 39% and 20% of our total revenue, respectively, and increased by 33%, 34% and 13% compared to the same period last year, respectively.

Our revenue growth was driven by growth in service revenue and in Enhanced Platform Technology product revenue. Product revenue grew 18% and 26%, respectively, during the three and six months ended June 30, 2023, compared to the same periods last year. Product revenue growth was consistent with an elevated cyber threat landscape, the convergence of security and networking and included the benefit of certain historical pricing actions, improving supply chain dynamics and changes in the backlog balance. The product revenue growth was primarily due to strong growth in our Enhanced Platform Technology products, including our secure access products. Service revenue growth of 30% during both the three and six months ended June 30, 2023, compared to the same periods last year, was primarily driven by the strength of our FortiGuard and other security subscription revenue, which grew 34% and 35%, respectively.

Our billings were diversified on a geographic basis. During the three months ended June 30, 2023, approximately 50% of our billings in the aggregate were from over 100 countries that each individually contributed less than 3% of our billings.

Operating expenses as a percentage of revenue benefited from the favorable impact of foreign currency fluctuations and decreased 1.2 and 2.3 percentage points, respectively, during the three and six months ended June 30, 2023, compared to the same periods last year. Headcount increased to 13,677 employees and contractors as of June 30, 2023, a 9% increase compared to 12,595 as of December 31, 2022.

Impact of Macroeconomic Developments

Our overall performance depends in part on worldwide economic and geopolitical conditions and their impact on customer behavior. Worsening economic conditions, including inflation, higher interest rates, slower growth, any recession, fluctuations in foreign exchange rates, instability in the global banking industry, and other changes in economic conditions, may result in decreased sales productivity and growth and adversely affect our results of operations and financial performance. We have seen certain impacts on our business, results of operations, financial condition, cash flows, liquidity and capital and financial resources such as longer sales cycles, delayed purchases and increased commitments with certain suppliers and excess product inventory.

30

Table of Contents
Our days sales outstanding decreased to 75 days in the second quarter of 2023, compared to 80 days in the same period last year. The accounts receivable allowance for credit losses was $5.3 million as of June 30, 2023, an increase of $1.7 million compared to $3.6 million as of December 31, 2022, primarily due to an increase in past due invoices over 60 and 90 days.

Worsening economic conditions may have a material negative impact on our results in future periods and may negatively impact our billings, revenue and costs, and may decrease growth and profitability. The extent of the impact of economic conditions on our operational and financial performance will depend on ongoing developments, including those discussed above and others identified in Part II, Item 1A “Risk Factors” in this Form 10-Q. Given the dynamic nature of these circumstances, the full impact of worsening economic conditions on our business and operations, results of operations, financial condition, cash flows, liquidity and capital and financial resources cannot be reasonably estimated at this time.

Business Model

We typically sell our security solutions to distributors that sell to networking security focused resellers and to certain service providers and managed security service providers (“MSSPs”), who, in turn, sell to end-customers or use our products and services to provide hosted solutions to other enterprises. At times, we also sell directly to certain large enterprise customers, large service providers and major systems integrators. Our end-customers are located in over 100 countries and include small, medium and large enterprises and government organizations across a wide range of industries, including financial services, government, healthcare, manufacturing, retail, technology and telecommunications. An end-customer deployment may involve as few as one or as many as thousands of Core Platform products as well as Enhanced Platform Technology products, depending on the end-customer’s size and security requirements.

Our customers purchase our hardware products and software licenses, as well as our FortiGuard and other security subscription and FortiCare technical support services. We generally invoice at the time of our sale for the total price of the products and services. Standard payment terms are generally no more than 60 days, though we may offer extended payment terms to certain distributors or related to certain transactions.

We also offer our products hosted in our own data centers, PoPs and through co-locations and major cloud providers, including Amazon Web Services, Microsoft Azure and Google Cloud. We have also recognized revenue from customers who deploy our products in a bring-your-own-license (“BYOL”) arrangements at cloud providers or at private clouds. In a BYOL arrangement, a customer purchases a software license through our channel partners and deploys the software in a cloud provider’s environment, in third-party clouds or in their private cloud.

Key Metrics

We monitor several key metrics, including the key financial metrics set forth below, to evaluate growth trends, establish budgets, measure the effectiveness of our sales and marketing efforts, and assess operational efficiencies. The following table summarizes revenue, deferred revenue, billings (non-GAAP), net cash provided by operating activities, and free cash flow (non-GAAP). We discuss revenue below under “Results of Operations,” and we discuss net cash provided by operating activities below under “—Liquidity and Capital Resources.” Deferred revenue, billings (non-GAAP), and free cash flow (non-GAAP) are discussed immediately below the following table:
 Three Months Ended Or As Of
June 30, 2023June 30, 2022
(in millions)
Revenue$1,292.8 $1,030.1 
Deferred revenue$5,128.6 $3,932.0 
Billings (non-GAAP)$1,540.5 $1,304.2 
Net cash provided by operating activities$515.1 $323.4 
Free cash flow (non-GAAP)$438.3 $283.5 

Deferred revenue. Our deferred revenue consists of amounts that have been invoiced but that have not yet been recognized as revenue. The majority of our deferred revenue balance consists of the unrecognized portion of service revenue from FortiGuard and other security subscriptions and FortiCare technical support service contracts, which is recognized as revenue ratably over the service term. We monitor our deferred revenue balance, short-term and total deferred revenue growth and the mix of short-term and long-term deferred revenue because deferred revenue represents a significant portion of free cash flow and of revenue to be recognized in future periods. Deferred revenue was $5.13 billion as of June 30, 2023, an increase of $488.3 million, or 11%, from December 31, 2022. Short term deferred revenue was $2.59 billion as of June 30, 2023, an increase of $238.4 million, or 10%, from December 31, 2022.

31

Table of Contents
Billings (non-GAAP). We define billings as revenue recognized in accordance with GAAP plus the change in deferred revenue from the beginning to the end of the period. We consider billings to be a useful metric for management and investors because billings drive current and future revenue, which is an important indicator of the health and viability of our business. There are several limitations related to the use of billings instead of GAAP revenue. First, billings include amounts that have not yet been recognized as revenue and are impacted by the term of FortiGuard security subscription and FortiCare technical support agreements. Second, we may calculate billings in a manner that is different from peer companies that report similar financial measures. Management accounts for these limitations by providing specific information regarding GAAP revenue and evaluating billings together with GAAP revenue. Total billings were $1.54 billion for the three months ended June 30, 2023, an increase of 18% compared to $1.30 billion in the same period last year.

Our backlog has fluctuated over past quarters and any decrease in growth or negative growth of in-quarter billings and revenue may not be reflected by our aggregate billings and revenue. As we fulfill, ship and bill during a quarter to satisfy backlog, this will increase our aggregate billings and revenue during any particular quarter.

A reconciliation of revenue, the most directly comparable financial measure calculated and presented in accordance with GAAP, to billings is provided below:
 Three Months Ended
June 30, 2023June 30, 2022
(in millions)
Billings:
Revenue$1,292.8 $1,030.1 
Add: Change in deferred revenue247.7 274.1 
Total billings (non-GAAP)$1,540.5 $1,304.2 

Free cash flow (non-GAAP). We define free cash flow as net cash provided by operating activities minus purchases of property and equipment and excluding any significant non-recurring items. We believe free cash flow to be a liquidity measure that provides useful information to management and investors about the amount of cash generated by the business that, after capital expenditures, can be used for strategic opportunities, including repurchasing outstanding common stock, investing in our business, making strategic acquisitions, and strengthening the balance sheet. A limitation of using free cash flow rather than the GAAP measures of cash provided by or used in operating activities, investing activities, and financing activities is that free cash flow does not represent the total increase or decrease in the cash and cash equivalents balance for the period because it excludes cash flows from investing activities other than capital expenditures and cash flows from financing activities. Management accounts for this limitation by providing information about our capital expenditures and other investing and financing activities on the consolidated statements of cash flows and under “—Liquidity and Capital Resources” and by presenting cash flows from investing and financing activities in our reconciliation of free cash flow. In addition, it is important to note that other companies, including companies in our industry, may not use free cash flow, may calculate free cash flow in a different manner than we do or may use other financial measures to evaluate their performance, all of which could reduce the usefulness of free cash flow as a comparative measure. A reconciliation of net cash provided by operating activities, the most directly comparable financial measure calculated and presented in accordance with GAAP, to free cash flow is provided below:
 Three Months Ended
June 30, 2023June 30, 2022
(in millions)
Free Cash Flow:
Net cash provided by operating activities$515.1 $323.4 
Less: Purchases of property and equipment(76.8)(39.9)
Free cash flow (non-GAAP)$438.3 $283.5 
Net cash provided by (used in) investing activities$(424.1)$294.1 
Net cash used in financing activities$(17.7)$(830.3)

Critical Accounting Policies and Estimates

Our discussion and analysis of our financial condition and results of operations are based upon our financial statements, which have been prepared in accordance with GAAP. These principles require us to make estimates and judgments that affect the reported amounts of assets, liabilities, revenue, cost of revenue and expenses, and related disclosures. We base
32

Table of Contents
our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances. To the extent that there are material differences between these estimates and our actual results, our future financial statements will be affected.

There were no material changes to our critical accounting policies and estimates as of and for the three and six months ended June 30, 2023, as compared to the critical accounting policies and estimates described in our Annual Report on Form 10-K filed with the SEC on February 24, 2023 (the “Form 10-K”).

See Note 1 of the notes to condensed consolidated financial statements included in Part I, Item 1 of this Quarterly Report on Form 10-Q for information regarding recent accounting pronouncements.


Results of Operations

Three Months Ended June 30, 2023 and 2022

Revenue
 Three Months Ended  
June 30,
2023
June 30,
2022
  
Amount% of
Revenue
Amount% of
Revenue
Change% Change
(in millions, except percentages)
Revenue:
Product$472.6 37 %$400.7 39 %$71.9 18 %
Service820.2 63 629.4 61 190.8 30 
Total revenue$1,292.8 100 %$1,030.1 100 %$262.7 26 %
Revenue by geography:
Americas$537.0 42 %$413.6 40 %$123.4 30 %
EMEA506.9 39 391.8 38 115.1 29 
APAC248.9 19 224.7 22 24.2 11 
Total revenue$1,292.8 100 %$1,030.1 100 %$262.7 26 %

Total revenue increased $262.7 million, or 26%, during the three months ended June 30, 2023 compared to the same period last year. We continued to experience significant organic revenue growth (i.e., revenue growth excluding attribution from recent acquisitions) with diversification of revenue geographically, and across both customers and industries. Revenue from all regions grew, with the Americas contributing the largest portion of the increase on an absolute dollar basis and on a percentage basis.

Product revenue increased $71.9 million, or 18%, during the three months ended June 30, 2023 compared to the same period last year. Product revenue growth was consistent with an elevated cyber threat landscape, the convergence of security and networking and included the benefit of certain historical pricing actions, improving supply chain dynamics and changes in the backlog balance. The product revenue growth was primarily due to strong growth in our Enhanced Platform Technology products, including our secure access products. We expect growth in product revenue to be impacted by product lead times and backlog approaching normal levels beginning in the third quarter of 2023.

Service revenue increased $190.8 million, or 30%, during the three months ended June 30, 2023 compared to the same period last year. FortiGuard and other security subscription revenue increased $116.9 million, or 34%, and technical support and other services revenue increased $73.9 million, or 26%, during the three months ended June 30, 2023 compared to the same period last year. Excluding Alaxala, technical support growth increased 28% during the three months ended June 30, 2023. The increases were primarily due to pricing actions in prior periods, strength in our SaaS offerings and the recognition of revenue from our growing deferred revenue balance related to FortiGuard and other security subscriptions as well as FortiCare technical support and other services. FortiGuard outpaced technical support growth due to expansion of our SaaS-based security subscription service offerings, while technical support growth was impacted by lower service revenue of Alaxala. We expect that our ability to grow our service revenue will be impacted by our expansion to secure access service edge (SASE) delivery model.

33

Table of Contents
Of the service revenue recognized during the three months ended June 30, 2023, 89% was included in the deferred revenue balance as of March 31, 2023. Of the service revenue recognized during the three months ended June 30, 2022, 87% was included in the deferred revenue balance as of March 31, 2022. We expect service revenue will continue to benefit from previous pricing actions. However, there are risks to service revenue growth rates, including customers reducing their spending, pricing actions, supply chain constraints, customers taking longer to buy their service and other risks.


Cost of revenue and gross margin
 Three Months Ended  
June 30,
2023
June 30,
2022
Change% Change
(in millions, except percentages)
Cost of revenue:
Product$174.5 $155.2 $19.3 12 %
Service121.3 95.6 25.7 27 
Total cost of revenue$295.8 $250.8 $45.0 18 %
Gross margin (%):
Product63.1 %61.3 %
Service85.2 84.8 
Total gross margin77.1 %75.7 %

Total gross margin increased 1.4 percentage points during the three months ended June 30, 2023 compared to the same period last year, primarily driven by increased product and service gross margins and a shift in the revenue mix. As a percentage of total revenue, the revenue mix shifted 2.3 percentage points from product revenue to service revenue.

Product gross margin increased 1.8 percentage points during the three months ended June 30, 2023 compared to the same period last year. The product margin primarily benefited from earlier pricing actions, lower expedite fees and freight costs and partially offset by higher inventory related reserve expense. Cost of product revenue was comprised primarily of third-party contract manufacturers’ costs and the costs of materials used in production.

Service gross margin increased 0.4 percentage points during the three months ended June 30, 2023 compared to the same period last year. Cost of service revenue was comprised primarily of personnel and data center costs. The increase in service gross margin was primarily driven by pricing actions in earlier periods and the favorable impact of foreign currency fluctuations, partially offset by increased labor cost and increased cloud delivery costs as we continue to expand our cloud to SASE delivery models. We consider our single vendor SASE solution opening to be a new market, and one where our SD-WAN installed base can be leveraged as a market access point. We plan to accelerate our PoPs, or PoP deployment, with our dual strategy to invest in our own PoPs as well as working with third-party providers to accelerate our deployment.

34

Table of Contents
Operating expenses
 Three Months EndedChange% Change
June 30,
2023
June 30,
2022
Amount% of
Revenue
Amount% of
Revenue
(in millions, except percentages)
Operating expenses:
Research and development$153.3 12 %$124.3 12 %$29.0 23 %
Sales and marketing515.9 40 415.5 40 100.4 24 
General and administrative49.9 45.4 4.5 10 
Gain on IP matter(1.1)— (1.2)— 0.1 (8)
Total operating expenses$718.0 56 %$584.0 57 %$134.0 23 %
Percentages have been rounded for presentation purposes and may differ from unrounded results.
Research and development

Research and development expense increased $29.0 million, or 23%, during the three months ended June 30, 2023 compared to the same period last year, primarily due to a $21.7 million increase in personnel-related costs as a result of increased headcount to support the development of new products and continued enhancements to our existing products. In addition, we incurred an increase of $3.5 million of depreciation and other occupancy costs and an increase of $3.3 million of product development costs, partially offset by the favorable impact of foreign currency fluctuations. We currently intend to continue investing in our research and development organization, and expect our research and development expense to increase in absolute dollars during the remainder of 2023.

Sales and marketing

Sales and marketing expense increased $100.4 million, or 24%, during the three months ended June 30, 2023 compared to the same period last year, primarily due to a $74.0 million increase in personnel-related costs as we increased our sales and pipeline generation capacity. The increase in headcount is expected to help drive global market revenue increases. In addition, we incurred increases in marketing-related expense of $13.1 million, travel expense of $6.5 million, and depreciation and other occupancy expense of $5.3 million. We currently intend to continue making investments in sales and marketing resources critical to support our future growth and expect our sales and marketing expense to increase in absolute dollars during the remainder of 2023.

General and administrative

General and administrative expense increased $4.5 million, or 10%, during the three months ended June 30, 2023 compared to the same period last year, primarily due to an increase of $5.4 million in personnel-related costs, $2.8 million in legal and other professional service fees, and partially offset by a decrease of $4.1 million in provision for expected credit losses. We currently expect general and administrative expense to increase in absolute dollars during the remainder of 2023.

Operating income and margin

We generated operating income of $279.0 million during the three months ended June 30, 2023, an increase of $83.7 million, or 43%, compared to $195.3 million in the same period last year. Operating income as a percentage of revenue was 21.6% during the three months ended June 30, 2023, compared to 19.0% in the same period last year, due to the stronger gross margin performance. The increase in operating margin primarily benefits from 1.4 percentage points increase in gross margin, and 0.5 percentage points, 0.4 percentage points and 0.2 percentage points decreases in general and administrative expense, sales and marketing expense and research and development expense as a percentage of revenue, respectively.

35

Table of Contents
Interest income, interest expense and other expensenet
 Three Months Ended  
June 30,
2023
June 30,
2022
Change% Change
(in millions, except percentages)
Interest income$31.6 $2.4 $29.2 1,217 %
Interest expense$(5.2)$(4.5)$(0.7)16 %
Other expense—net$(6.2)$(9.3)$3.1 (33)%

Interest income increased $29.2 million during the three months ended June 30, 2023 compared to the same period last year, as a result of higher interest rates and greater investment balances. Interest income varies depending on our average investment balances during the period, types and mix of investments, and market interest rates. Interest expense remained comparatively flat during the three months ended June 30, 2023 compared to the same period last year. The $3.1 million decrease in Other expense—net during the three months ended June 30, 2023 compared to the same period last year, was primarily due to a $4.1 million recovery in the loss on marketable equity securities, offset by a $1.8 million increase in foreign currency exchange loss.

Provision for income taxes
 Three Months EndedChange% Change
June 30,
2023
June 30,
2022
(in millions, except percentages)
Provision for income taxes$27.6 $2.4 $25.2 1,050 %
Effective tax rate (%)%%

Our effective tax rate was 9% for the three months ended June 30, 2023 compared to an effective tax rate of 1% for the same period last year. The provision for income taxes for the three months ended June 30, 2023 was primarily comprised of U.S. federal and state taxes, withholding taxes and foreign taxes totaling $84.8 million, which were favorably affected by a tax benefit of $25.8 million from the foreign-derived intangible income deduction (the “FDII deduction”), excess tax benefits from stock-based compensation expense of $13.3 million, and the release of reserves of $18.1 million on uncertain tax positions and the accrued interest thereon due to the expiration of statutes of limitations.

The provision for income taxes for the three months ended June 30, 2022 was comprised of U.S. federal and state taxes, withholding taxes, and foreign taxes totaling $54.5 million, which were favorably affected by a tax benefit of $18.6 million from the FDII deduction, excess tax benefits from stock-based compensation expense of $17.3 million, and the release of reserves of $16.2 million on uncertain tax positions and the accrued interest thereon due to the expiration of statutes of limitations.

Loss from Equity Method Investment
 Three Months EndedChange% Change
June 30,
2023
June 30,
2022
(in millions, except percentages)
Loss from equity method investment$(5.3)$(8.1)$2.8 (35)%

Loss from equity method investment decreased $2.8 million during the three months ended June 30, 2023 compared to the same period last year, due to the decrease in our proportionate share of loss of Linksys’ financial results as well as our share of the amortization of the basis differences.

36

Table of Contents
Six Months Ended June 30, 2023 and 2022

Revenue
 Six Months Ended  
June 30,
2023
June 30,
2022
  
Amount% of
Revenue
Amount% of
Revenue
Change% Change
(in millions, except percentages)
Revenue:
Product$973.3 38 %$771.7 39 %$201.6 26 %
Service1,581.8 62 1,213.2 61 368.6 30 
Total revenue$2,555.1 100 %$1,984.9 100 %$570.2 29 %
Revenue by geography:
Americas$1,060.5 41 %$796.2 40 %$264.3 33 %
EMEA985.1 39 737.8 37 247.3 34 
APAC509.5 20 450.9 23 58.6 13 
Total revenue$2,555.1 100 %$1,984.9 100 %$570.2 29 %

Total revenue increased $570.2 million, or 29%, during the six months ended June 30, 2023 compared to the same period last year. We continued to experience significant organic revenue growth (i.e., revenue growth excluding attribution from recent acquisitions) with diversification of revenue geographically, and across both customers and industries. Revenue from all regions grew, with the Americas contributing the largest portion of the increase on an absolute dollar basis and EMEA contributing the largest portion of the increase on a percentage basis.

Product revenue increased $201.6 million, or 26%, during the six months ended June 30, 2023 compared to the same period last year. Product revenue growth was consistent with an elevated cyber threat landscape, the convergence of security and networking and included the benefit of certain historical pricing actions, improving supply chain dynamics and changes in the backlog balance. The product revenue growth was primarily due to strong growth across many of our Enhanced Platform Technology products, including our secure access products.

Service revenue increased $368.6 million, or 30%, during the six months ended June 30, 2023 compared to the same period last year. FortiGuard and other security subscription revenue increased $225.7 million, or 35%, and technical support and other services revenue increased $142.9 million, or 26%, during the six months ended June 30, 2023 compared to the same period last year. Excluding Alaxala, technical support growth increased 27% during the six months ended June 30, 2023. The increases were primarily due to pricing actions in prior periods, strength in our SaaS offerings and the recognition of revenue from our growing deferred revenue balance related to FortiGuard and other security subscriptions as well as FortiCare technical support and other services. FortiGuard outpaced technical support growth due to expansion of our SaaS-based security subscription service offerings, while technical support growth was impacted by the lower service revenue of Alaxala.

Of the service revenue recognized during the six months ended June 30, 2023, 81% was included in the deferred revenue balance as of December 31, 2022. Of the service revenue recognized during the six months ended June 30, 2022, 80% was included in the deferred revenue balance as of December 31, 2021. We expect service revenue will continue to increase throughout the remainder of 2023, as our business is expected to grow, and as service revenue benefits from previous pricing actions. However, there are risks to service revenue growth rates, including customers reducing their spending, pricing actions, supply chain constraints, customers taking longer to buy their service and other risks.

37

Table of Contents
Cost of revenue and gross margin
 Six Months Ended  
June 30,
2023
June 30,
2022
Change% Change
(in millions, except percentages)
Cost of revenue:
Product$368.1 $316.2 $51.9 16 %
Service235.5 188.4 47.1 25 %
Total cost of revenue$603.6 $504.6 $99.0 20 %
Gross margin (%):
Product62.2 %59.0 %
Service85.1 84.5 
Total gross margin76.4 %74.6 %

Total gross margin increased 1.8 percentage points during the six months ended June 30, 2023 compared to the same period last year, primarily driven by increased product and service gross margins and a shift in the revenue mix. As a percentage of total revenue, the revenue mix shifted 0.8 percentage points from product revenue to service revenue.

Product gross margin increased 3.2 percentage points during the six months ended June 30, 2023 compared to the same period last year. The product margin was primarily benefited from earlier pricing actions and lower expedite fees and freight costs, partially offset by higher inventory related reserve expense. Cost of product revenue was comprised primarily of third-party contract manufacturers’ costs and the costs of materials used in production.

Service gross margin increased 0.6 percentage points during the six months ended June 30, 2023 compared to the same period last year. Cost of service revenue was comprised primarily of personnel and data center costs. The increase in service gross margin was primarily driven by pricing actions in earlier periods and the favorable impact of foreign currency fluctuations, partially offset by increased labor cost and our increased cloud delivery costs as we continue to expand our cloud to SASE delivery models.

Operating expenses
 Six Months EndedChange% Change
June 30,
2023
June 30,
2022
Amount% of
Revenue
Amount% of
Revenue
(in millions, except percentages)
Operating expenses:
Research and development$304.4 12 %$249.2 13 %$55.2 22 %
Sales and marketing994.2 39 803.1 41 191.1 24 
General and administrative102.7 84.0 18.7 22 
Gain on IP matter(2.3)— (2.3)— — — 
Total operating expenses$1,399.0 55 %$1,134.0 57 %$265.0 23 %
Percentages have been rounded for presentation purposes and may differ from unrounded results.
Research and development

Research and development expense increased $55.2 million, or 22%, during the six months ended June 30, 2023 compared to the same period last year, primarily due to an increase of $41.3 million in personnel-related costs as a result of increased headcount to support the development of new products and continued enhancements to our existing products. In addition, product development costs increased by $8.7 million and depreciation expense and other occupancy-related expense increased by $3.4 million, partially offset by the favorable impact of foreign currency fluctuations.

38

Table of Contents
Sales and marketing

Sales and marketing expense increased $191.1 million, or 24%, during the six months ended June 30, 2023 compared to the same period last year, primarily due to an increase of $140.7 million in personnel-related costs. We significantly increased our sales and pipeline generation capacity, including newer non-tenured sales people. The increase in headcount is expected to help drive global market revenue increases. In addition, marketing-related expense increased by $21.1 million, travel expense increased by $14.8 million and depreciation expense and other occupancy-related expense increased by $10.2 million, partially offset by the favorable impact of foreign currency fluctuations.

General and administrative

General and administrative expense increased $18.7 million, or 22%, during the six months ended June 30, 2023 compared to the same period last year, primarily due to an increase of $9.7 million in personnel-related costs, an increase of $8.2 million in legal and other professional service fees, partially offset by a decrease of $1.2 million in provision for expected credit losses.

Operating income and margin

We generated operating income of $552.5 million during the six months ended June 30, 2023, an increase of $206.2 million, or 60%, compared to $346.3 million in the same period last year. Operating income as a percentage of revenue increased to 21.6% during the six months ended June 30, 2023 compared to 17.4% in the same period last year, due to the stronger gross margin performance. The increase in our operating margin was primarily due to 1.8 percentage points increase in gross margin, and 1.6 percentage points, 0.7 percentage points and 0.2 percentage points decreases in sales and marketing expense, research and development expense and general and administrative expense as percentage of revenue, respectively.

Interest income, interest expense and other expensenet
 Six Months Ended
June 30,
2023
June 30,
2022
Change% Change
(in millions, except percentages)
Interest income$52.2 $3.7 $48.5 1,311 %
Interest expense$(10.2)$(9.0)$(1.2)13 %
Other expense—net$(4.2)$(18.4)$14.2 (77)%

Interest income increased $48.5 million during the six months ended June 30, 2023 compared to the same period last year, primarily as a result of higher interest rates and greater investment balances. Interest income varies depending on our average investment balances during the period, types and mix of investments, and market interest rates. Interest expense remained comparatively flat during the six months ended June 30, 2023 compared to the same period last year. Other expense—net decreased by $14.2 million during the six months ended June 30, 2023 compared to the same period last year, due to a $10.9 million recovery in the loss on marketable equity securities and a $3.0 million decrease of foreign currency exchange loss.

Provision for (benefit from) income taxes
 Six Months EndedChange% Change
June 30,
2023
June 30,
2022
(in millions, except percentages)
Provision for (benefit from) income taxes$48.9 $(5.7)$54.6 (958)%
Effective tax rate (%)%(2)%

Our effective tax rate was 8% for the six months ended June 30, 2023 compared to an effective tax rate of negative 2% for the same period last year. The provision for income taxes for the six months ended June 30, 2023 was primarily comprised of U.S. federal and state taxes, withholding taxes and foreign taxes that were $170.6 million. This provision for income taxes was favorably affected by a tax benefit of $64.0 million from the FDII deduction, excess tax benefits from stock-based compensation expense of $39.6 million, and the release of reserves of $18.1 million on uncertain tax positions and the accrued interest thereon due to the expiration of statutes of limitations.
39

Table of Contents

The benefit from income taxes for the six months ended June 30, 2022 was comprised of U.S. federal and state taxes, withholding taxes, and foreign taxes that were $93.3 million, which were offset by a tax benefit of $33.3 million from the FDII deduction, excess tax benefits from stock-based compensation expense of $49.5 million, and the release of reserves of $16.2 million on uncertain tax positions and the accrued interest thereon due to the expiration of statutes of limitations.

Loss from Equity Method Investment
 Six Months EndedChange% Change
June 30,
2023
June 30,
2022
(in millions, except percentages)
Loss from equity method investment$(27.4)$(16.6)$(10.8)65 %

Loss from equity method investment increased $10.8 million during the six months ended June 30, 2023 compared to the same period last year, due to the increase in our proportionate share of loss of Linksys’ financial results as well as our share of the amortization of the basis differences from prior quarter.

Liquidity and Capital Resources
 As of
 June 30,
2023
December 31,
2022
 (in millions)
Cash and cash equivalents$2,376.3 $1,682.9 
Short-term and long-term investments919.3 548.1 
Marketable equity securities22.1 25.5 
Total cash, cash equivalents, investments and marketable equity securities$3,317.7 $2,256.5 
Working capital$1,377.5 $732.0 
 Six Months Ended
 June 30,
2023
June 30,
2022
 (in millions)
Net cash provided by operating activities$1,192.6 $719.5 
Net cash provided by (used in) investing activities(466.5)248.7 
Net cash used in financing activities(31.4)(1,576.3)
Effect of exchange rate changes on cash and cash equivalents(1.3)(1.0)
Net increase (decrease) in cash and cash equivalents$693.4 $(609.1)

Liquidity and capital resources are primarily impacted by our operating activities, as well as payment of taxes in connection with the net settlement of equity awards, real estate and other capital expenditures, proceeds from the issuance of common stock, cash used for stock repurchases and the timing of income tax payments. In accordance with disaster relief announced by the Internal Revenue Service, we have postponed U.S. federal tax payments from the second quarter of 2023 to the fourth quarter of 2023. We expect to postpone additional U.S. federal tax payments from the third quarter of 2023 to the fourth quarter of 2023, and we expect that our cash payments for income taxes to be significantly higher, in the range of $370.0 million to $380.0 million in the fourth quarter of 2023.

In recent years, we have received significant capital resources from our billings to customers, issuance of investment grade debt and, to some extent, from the exercise of stock options by our employees. Additional increases in billings may depend on a number of factors, including demand for and availability of our products and services, competition, pricing actions, market or industry changes, macroeconomic events such as rising inflation and interest rates, economic strength, supply chain capacity and disruptions, international conflicts, including the war in Ukraine, and our ability to execute. We expect proceeds from the exercise of stock options in future years to be impacted by the increased mix of restricted stock units and performance stock units versus stock options granted to our employees and to vary based on our share price.

40

Table of Contents
In February 2023, our board of directors approved an extension of the Repurchase Program to February 29, 2024. In April 2023, our board of directors approved a $1.0 billion increase in the authorized amount under the Repurchase Program, bringing the aggregate amount authorized to be repurchased to $6.25 billion of our outstanding common stock through February 29, 2024. There were no shares repurchased under the Repurchase Program during the six months ended June 30, 2023. In July 2023, our board of directors approved a $500.0 million increase in the authorized stock repurchase amount under the Repurchase Program, bringing the aggregate amount authorized for repurchase to $6.75 billion of our outstanding common stock through February 29, 2024. As of August 7, 2023, approximately $1.87 billion remained available for future share repurchases.

We expect to continue to increase our data centers, PoPs, office and warehouse capacity to support growth and the expansion of existing services or introduction of new services. As we purchase new properties, we will work to incorporate these properties into the environmental goals we have established. We estimate capital expenditures to be between approximately $225 million and $275 million in the second half of 2023.

We believe that our cash provided by operating activities, together with our existing cash, cash equivalents and investments will be sufficient to meet our anticipated cash needs and do not currently intend to retire our Senior Notes early. Refer to Note 10, Debt, in Part I, Item 1 of this Quarterly Report on Form 10-Q for information on the Senior Notes. As of June 30, 2023, the long-term debt, net of unamortized discount and debt issuance costs, was $991.3 million.

We enter into non-cancellable agreements with contract manufacturers and certain component suppliers to procure inventory based on our requirements in order to negotiate manufacturing lead times and encourage and incentivize vendors to deliver components and finished goods. In certain instances, these agreements allow us the option to reschedule and adjust our requirements based on our business needs prior to firm orders being placed. These purchase commitments as of June 30, 2023 totaled $1.01 billion, a decrease of $324.8 million compared to $1.34 billion as of December 31, 2022 due to fulfillment of customer demand as our supply availability improved and our continued efforts to work with contract manufacturers and suppliers to optimize our inventory and purchase commitment position. We increased our purchase commitments in prior years to address significant supply constraints seen industry-wide due to component shortages. Our agreements secured supply and pricing for certain product components commitments with contract manufacturers to meet customer demand and to address extended lead times. We also have open purchase orders and contractual obligations in the ordinary course of business for which we have not received goods or services. As of June 30, 2023, we had $84.6 million in other contractual commitments having a remaining term in excess of one year that are non-cancelable.

There have been no significant changes to our leases as disclosed in our Annual Report on Form 10-K for the year ended December 31, 2022.

As of June 30, 2023, our cash, cash equivalents, short-term and long-term investments of $3.30 billion were invested primarily in deposit accounts, money market funds, corporate debt securities, commercial paper, certificates of deposit and term deposits, U.S. government and agency securities and municipal bonds. It is our investment policy to invest excess cash in a manner that preserves capital, provides liquidity and generates return without significantly increasing risk. We do not enter into investments for trading or speculative purposes.

The amount of cash, cash equivalents and investments held by our international subsidiaries was $208.0 million as of June 30, 2023 and $218.1 million as of December 31, 2022.

We believe that our existing cash and cash equivalents and cash flow from operations will be sufficient for at least the next 12 months to meet our requirements and plans for cash, including meeting our working capital requirements and capital expenditure requirements. In the long term, our ability to support our requirements and plans for cash, including our working capital and capital expenditure requirements will depend on many factors, including our growth rate; the timing and amount of our share repurchases; the expansion of sales and marketing activities, pricing actions, the introduction of new and enhanced products and services offerings; the continuing market acceptance of our products; the timing and extent of spending to support development efforts; our investments in purchasing, developing or leasing real estate; cash tax payments and macroeconomic impacts such as rising inflation and interest rates; the war in Ukraine; and instability in the global banking system. Historically, we have required capital principally to fund our working capital needs, share repurchases, capital expenditures and acquisition activities. In the event that additional financing is required from outside sources, we may not be able to raise it on terms acceptable to us or at all.

As of June 30, 2023, we did not have any relationships with unconsolidated organizations or financial partnerships, such as structured finance or special purpose entities that would have been established for the purpose of facilitating off-balance sheet arrangements or other contractually narrow or limited purposes.

41

Table of Contents
Operating Activities

Cash generated by operating activities is our primary source of liquidity. It is primarily comprised of net income, as adjusted for non-cash items and changes in operating assets and liabilities. Non-cash adjustments consist primarily of amortization of deferred contract costs, stock-based compensation and depreciation and amortization. Changes in operating assets and liabilities consist primarily of changes in deferred revenue, accounts receivable—net, deferred contract costs, income taxes payable, deferred tax assets and inventory.

Our operating activities during the six months ended June 30, 2023 provided cash flows of $1.19 billion, an increase of $473.1 million compared to the same period last year, as a result of the continued growth of our business, improved profitability and our ability to successfully manage our working capital. Changes in operating assets and liabilities primarily resulted from an increase in sales of our FortiGuard and other security subscription services and FortiCare technical support services to new and existing customers, as reflected by an increase of $489.3 million in our deferred revenue during the six months ended June 30, 2023. In addition, changes in operating assets and liabilities were driven by a decrease of $179.0 million in accounts receivable—net, an increase of $168.5 million in deferred contract costs, an increase of $161.8 million in deferred tax assets, an increase of $156.9 million in income taxes payable as we deferred our U.S. federal tax payments in the second quarter of 2023 following the disaster relief provided by the Internal Revenue Service and an increase of $130.2 million in inventory.


42

Table of Contents
Investing Activities

The changes in cash flows from investing activities primarily relate to timing of purchases, maturities and sales of investments and purchases of property and equipment. Historically, in making a lease-versus-ownership decision related to warehouse, office or data space, we have considered various factors including financial metrics, expected long-term growth rates, time to market and changes in asset values. In certain cases, we have elected to own a facility if we believe that purchasing or developing buildings rather than leasing is more closely aligned with our long-term strategy. We expect to make similar decisions in the future. We may also make cash payments in connection with future business combinations.

During the six months ended June 30, 2023, cash used in investing activities was $466.5 million, primarily driven by $359.5 million spent for purchases of investments, net of maturities and sales of investments and $107.1 million of purchases of property and equipment.

Financing Activities

The changes in cash flows from financing activities primarily relate to repurchase and retirement of common stock, and taxes paid related to net share settlement of equity awards, net of proceeds from the issuance of common stock under the Amended and Restated Fortinet, Inc. 2009 Equity Incentive Plan.

During the six months ended June 30, 2023, cash used in financing activities was $31.4 million, primarily driven by $30.4 million used to pay tax withholding, net of proceeds from the issuance of common stock.

ITEM 3.     Quantitative and Qualitative Disclosures about Market Risk

There were no material changes in our market risk during the six months ended June 30, 2023 compared to the disclosures in Part II, Item 7A of the Form 10-K.

ITEM 4.     Controls and Procedures
 
Evaluation of Disclosure Controls and Procedures

Our management, with the participation of our chief executive officer and chief financial officer, evaluated the effectiveness of our disclosure controls and procedures (as defined in Rule 13a-15(e) or 15d-15(e) under the Exchange Act as of June 30, 2023. In designing and evaluating the disclosure controls and procedures, management recognized that any controls and procedures, no matter how well designed and operated, can provide only reasonable assurance of achieving the desired control objectives. In addition, the design of disclosure controls and procedures must reflect the fact that there are resource constraints and that management is required to apply its judgment in evaluating the benefits of possible controls and procedures relative to their costs.

Based on that evaluation, our chief executive officer and chief financial officer concluded that our disclosure controls and procedures were effective as of June 30, 2023 to provide reasonable assurance that information we are required to disclose in reports that we file or submit under the Exchange Act is recorded, processed, summarized and reported within the time periods specified in SEC rules and forms, and that such information is accumulated and communicated to our management, including our chief executive officer and chief financial officer, as appropriate, to allow timely decisions regarding required disclosure.

Changes in Internal Control over Financial Reporting

There were no changes in our internal controls over financial reporting (as defined in Rules 13a-15(f) or 15d-15(f) under the Exchange Act) during the quarter ended June 30, 2023, that have materially affected, or are reasonably likely to materially affect, our internal controls over financial reporting.

43

Table of Contents
PART II—OTHER INFORMATION

ITEM 1.     Legal Proceedings

We are subject to various claims, complaints and legal actions that arise from time to time. We accrue for contingencies when we believe that a loss is probable and that we can reasonably estimate the amount of any such loss. There can be no assurance that existing or future legal proceedings arising in the ordinary course of business or otherwise will not have a material adverse effect on our business, consolidated financial position, results of operations or cash flows. Refer to Note 11. Commitments and Contingencies in Part I, Item 1 of this Quarterly Report on Form 10-Q for additional information.

ITEM 1A.     Risk Factors

Investing in our common stock involves a high degree of risk. Investors should carefully consider the following risks and all other information contained in this Quarterly Report on Form 10-Q, including our condensed consolidated financial statements and the related notes, before investing in our common stock. The risks and uncertainties described below are not the only ones we face. Additional risks and uncertainties that we are unaware of, or that we currently believe are not material, also may become important factors that affect us. If any of the following risks materialize, our business, financial condition and results of operations could be materially harmed. In that case, the trading price of our common stock could decline substantially, and investors may lose some or all of their investment. We have summarized risks immediately below and encourage investors to carefully read the entirety of this Risk Factors section.

Risks Related to Our Business and Financial Position

Our operating results are likely to vary significantly and be unpredictable.
 
Our operating results have historically varied from period to period, and we expect that they will continue to do so as a result of a number of factors, many of which are outside of our control or may be difficult to predict, including:
 
economic conditions, including macroeconomic and regional economic challenges resulting, for example, from a recession or other economic downturn, increased inflation or possible stagflation in certain geographies, rising interest rates, the war in Ukraine, tensions between China and Taiwan, or other factors;

sales strategy, productivity and execution, and our ability to attract and retain new end-customers or sell additional products and services to our existing end-customers, including customer demand for platform solutions like ours versus point solutions;

component shortages, including chips and other components, and product inventory shortages, including those caused by factors outside of our control, such as epidemics and pandemics, supply chain disruptions, inflation and other cost increases, international trade disputes or tariffs, natural disasters, health emergencies, power outages, civil unrest, labor disruption, international conflicts, terrorism, wars, such as the war in Ukraine, and critical infrastructure attacks;

inventory management, including future inventory purchase order commitments;

the level of demand for our products and services, which may render forecasts inaccurate, increase backlog or future inventory purchase order commitments and lead to price decreases;

based on supply chain shortages, including component and other shortages, our backlog has fluctuated over past quarters and any decrease in growth or negative growth of in-quarter billings and revenue may not be reflected by our aggregate billings and revenue. As we fulfill, ship and bill during a quarter to satisfy backlog, this will increase our aggregate billings and revenue during any particular quarter;

supplier cost increases and any lack of market acceptance of our price increases designed to help offset any supplier cost increases;

the effects of our reduction of operations in Russia;

the timing of channel partner and end-customer orders and our reliance on a concentration of shipments at the end of each quarter;

44

Table of Contents
the impact to our business, the global economy, disruption of global supply chains and creation of significant volatility and disruption of the financial markets due to factors such as increased inflation or possible stagflation in certain geographies, increasing or decreasing interest rates, the war in Ukraine and other factors;

any actual or perceived vulnerabilities in our products or services, and any actual or perceived breach of our network or our customers’ networks;
 
the timing of shipments, which may depend on factors such as inventory levels, logistics, manufacturing or shipping delays, our ability to ship products on schedule and our ability to accurately forecast inventory requirements and our suppliers’ ability to deliver components and finished goods;

increased expenses, unforeseen liabilities or write-downs and any negative impact on results of operations from any acquisition or equity investment consummated, as well as accounting risks, integration risks related to product plans and products and risks of negative impact by such acquisitions and equity investments on our financial results;

investors’ expectations of our performance relating to environmental, social and governance (“ESG”) and commitment to carbon neutrality;

certain customer agreements which contain service-level agreements, under which we guarantee specified availability of our platform and solutions;

data security requirements that may be inconsistently enforced in certain jurisdictions;

impairments as a result of certain events or changes in circumstances;

the mix of products sold and the mix of revenue between products and services, as well as the degree to which products and services are bundled and sold together for a package price;

the purchasing practices and budgeting cycles of our channel partners and end-customers, including the effect of the end of product lifecycles or refresh cycles;

any decreases in demand by channel partners or end-customers, including any such decreases caused by factors outside of our control such as natural disasters and health emergencies, including earthquakes, droughts, fires, power outages, typhoons, floods, pandemics or epidemics and manmade events such as civil unrest, labor disruption, international trade disputes, international conflicts, terrorism, wars, such as the war in Ukraine, and critical infrastructure attacks;

the effectiveness of our sales organization, generally or in a particular geographic region, including the time it takes to hire sales personnel, the timing of hiring and our ability to hire and retain effective sales personnel, as well as our efforts to align our sales capacity and market demand;

sales productivity and sales execution risk related to effectively selling to all segments of the market, including enterprise and small- and medium-sized businesses, government organizations and service providers, and to selling our broad security product and services portfolio, including, among other execution risks, risks associated with the complexity and distraction in selling to all segments, increased competition and unpredictability of timing to close larger enterprise and large organization deals, and the risk that our sales representatives do not effectively sell products and services;

execution risk associated with our efforts to capture the opportunities related to our identified growth drivers, such as risk associated with our ability to capitalize on the convergence of networking and security, vendor consolidation of various cyber security solutions, SD-WAN, infrastructure security, security operations, SASE and other cloud security solutions, endpoint protection, and IoT and OT security opportunities;

the seasonal buying patterns of our end-customers;

the timing and level of our investments in sales and marketing, and the impact of such investments on our operating expenses, operating margin and the productivity, capacity, tenure and effectiveness of execution of our sales and marketing teams;
 
45

Table of Contents
the timing of revenue recognition for our sales, including any impacts resulting from extension of payment terms to distributors and fluctuations in backlog levels, which could result in more variability and less predictability in our quarter-to-quarter revenue and operating results;
 
the level of perceived threats to network security, which may fluctuate from period to period;
 
changes in the requirements, market needs or buying practices and patterns of our distributors, resellers or end-customers;
 
changes in the growth rates of the network security market in particular and other security and networking markets, such as SD-WAN, OT, switches, access points, security operations, SASE and other cloud solutions for which we and our competitors sell products and services;
 
the timing and success of new product and service introductions or enhancements by us or our competitors, or any other change in the competitive landscape of our industry, including consolidation among our competitors, partners or end-customers;
 
the deferral of orders from distributors, resellers or end-customers in anticipation of new products or product enhancements announced by us or our competitors, price decreases or changes in our registration policies, or the acceleration of orders in response to our announced or expected price list increases;
 
increases or decreases in our billings, revenue and expenses caused by fluctuations in foreign currency exchange rates or a strengthening of the U.S. dollar, as a significant portion of our expenses is incurred and paid in currencies other than the U.S. dollar, and the impact such fluctuations may have on the actual prices that our partners and customers are willing to pay for our products and services;

compliance with existing laws and regulations;

our ability to obtain and maintain permits, clearances and certifications that are applicable to our ability to conduct business with the U.S. federal government, other international and local governments and other industries and sectors;

litigation, litigation fees and costs, settlements, judgments and other equitable and legal relief granted related to litigation;

the impact of cloud-based security solutions on our billings, revenue, operating margins and free cash flow;
 
decisions by potential end-customers to purchase network security solutions from newer technology providers, from larger, more established security vendors or from their primary network equipment vendors;
 
price competition and increased competitiveness in our market, including the competitive pressure caused by product refresh cycles;

our ability to both increase revenue and manage and control operating expenses in order to maintain or improve our operating margins;
 
changes in customer renewal rates or attach rates for our services;
 
changes in the timing of our billings, collection for our contracts or the contractual term of service sold;

changes in our estimated annual effective tax rates and the tax treatment of research and development expenses and the related impact of cash from operations;

changes in circumstances and challenges in business conditions, including decreased demand, which may negatively impact our channel partners’ ability to sell the current inventory they hold and negatively impact their future purchases of products from us;

increased demand for cloud-based services and the uncertainty associated with transitioning to providing such services;
 
our channel partners having insufficient financial resources to withstand changes and challenges in business conditions;
46

Table of Contents
 
disruptions in our channel or termination of our relationship with important channel partners, including as a result of consolidation among distributors and resellers of security solutions;
 
insolvency, credit or other difficulties confronting our key suppliers and channel partners, which could affect their ability to purchase or pay for products and services and which could disrupt our supply or distribution chain;

policy changes and uncertainty with respect to immigration laws, trade policy and tariffs, including increased tariffs applicable to countries where we manufacture our products, foreign imports and tax laws related to international commerce;

political, economic and social instability, including geo-political instability and uncertainty, such as that caused by the war in Ukraine and tensions between China and Taiwan, and any disruption or negative impact on our ability to sell to, ship product to and support customers in certain regions based on trade restrictions, embargoes and export control law restrictions;

general economic conditions, both in domestic and foreign markets;

future accounting pronouncements or changes in our accounting policies as well as the significant costs that may be incurred to adopt and comply with these new pronouncements;

possible impairments or acceleration of depreciation of our existing real estate due to our current real estate investments and future acquisition and development plans; and

legislative or regulatory changes, such as with respect to privacy, information and cybersecurity, exports, the environment, regional component bans, and requirements for local manufacture.

Any one of the factors above or the cumulative effect of some of the factors referred to above may result in significant fluctuations in our quarterly financial and other operating results. This variability and unpredictability could result in our failing to meet our internal operating plan or the expectations of securities analysts or investors for any period. If we fail to meet or exceed such expectations for these or any other reasons, the market price of our shares could fall substantially and we could face costly lawsuits, including securities class action suits. In addition, a significant percentage of our operating expenses are fixed in nature over the near term. Accordingly, in the event of revenue shortfalls, we are generally unable to mitigate the negative impact on margins in the short term.

Adverse economic conditions, such as a possible recession and possible impacts of inflation or stagflation, increasing or decreasing interest rates, reduced information technology spending or any economic downturn or recession, may adversely impact our business.
 
Our business depends on the overall demand for information technology and on the economic health of our current and prospective customers. In addition, the purchase of our products is often discretionary and may involve a significant commitment of capital and other resources. Weak global and regional economic conditions and spending environments, based on a downturn in the economy, a possible recession and the effects of ongoing or increased inflation or possible stagflation in certain geographies, increasing or decreasing interest rates, geopolitical instability and uncertainty, a reduction in information technology spending regardless of macroeconomic conditions, the effects of epidemics and pandemics and the impact of the war in Ukraine each could have a material adverse impacts on our financial condition and results of operations and our business, including resulting in longer sales cycles, lower prices for our products and services, increased component costs, higher default rates among our channel partners, reduced unit sales, lower prices and slower or declining growth. These can negatively impact our business by putting downward pressure on growth if we are unable to achieve the increases in product prices necessary to appropriately offset the additional costs in a manner sufficient to maintain margins. Any of these impacts may materially and adversely affect our business, financial condition, results of operations and liquidity.

The existence of inflation in certain economies has resulted in, and may continue to result in, increasing or decreasing interest rates and capital costs, increased component or shipping costs, increased costs of labor, weakening exchange rates and other similar effects. Although we take measures to mitigate risks such as those associated with inflation, the mitigating measures may not be effective or their impact may not offset the increased cost of inflation in a timely manner. Inflation, an economic downturn, a recession and any other economic challenges may also adversely impact spending patterns by our distributors, resellers and end-customers.


47

Table of Contents
Our real estate investments, including construction or acquisition of new data centers, data center expansions or office buildings, could involve significant risks to our business.

In order to sustain our growth in certain of our existing and new markets, we may expand existing data centers, lease new facilities or acquire suitable land, with or without structures, to build new data centers or office buildings. These projects expose us to risks which could have an adverse effect on our results of operations and financial condition. The current global supply chain and inflation issues have exacerbated many of these construction risks and created additional risks for our business. Some of the risks associated with construction projects include:

construction delays;

lack of availability and delays for data center equipment, including items such as generators and switchgear;

unexpected budget changes;

increased prices for and delays in obtaining building supplies, raw materials and data center equipment;

labor availability, labor disputes and work stoppages with contractors, subcontractors and other third parties;

unanticipated environmental issues and geological problems;

delays related to permitting and approvals to open from public agencies and utility companies;

unexpected lack of power access;

failure or inability for any reason to meet customer requirements;

investor expectations regarding ESG;

delays in site readiness leading to our failure to meet commitments made to customers; and

unanticipated customer requirements that would necessitate alternative data center design, making our sites less desirable or leading to increased costs in order to make necessary modifications or retrofits.

All construction-related projects require us to carefully select and rely on the experience of one or more designers, general contractors and associated subcontractors during the design and construction process. Should a designer, general contractor, significant subcontractor or key supplier experience financial problems or other problems during the design or construction process, we could experience significant delays, increased costs to complete the project and/or other negative impacts to our expected returns.

We have broad insurance programs covering our properties and operating activities with limits of liability, deductibles and self-insured retentions that we believe are comparable to similarly situated companies. We believe the policy specifications and insured limits of these policies are adequate and appropriate. There are, however, certain types of extraordinary losses which may not be adequately covered under our insurance program. In addition, we could sustain losses due to insurance deductibles, self-insured retention, uninsured claims or casualties or losses in excess of applicable coverage. If an uninsured loss or a loss in excess of insured limits occurs, we could lose all or a portion of the capital we have invested in a property, as well as the anticipated future revenue from the property. In such an event, we might nevertheless remain obligated for any mortgage debt or other financial obligations related to the property. Material losses in excess of insurance proceeds may occur in the future. Such events could materially and adversely affect our financial condition and results of operations.

Additionally, under various federal, state and local environmental laws, ordinances and regulations, a current or previous owner or operator of real property may be liable for the costs of removal or remediation of hazardous or toxic substances on, under or in that property. Those laws often impose liability even if the owner or operator did not cause or know of the presence of hazardous or toxic substances and even if the storage of those substances was in violation of a customer’s lease. In addition, the presence of hazardous or toxic substances, or the failure of the owner to address their presence on the property, may adversely affect the owner’s ability to borrow using that real property as collateral. Any environmental issues related to our real estate activities could materially and adversely affect our financial condition and results of operations.

48

Table of Contents
Our billings, revenue and free cash flow growth may slow or may not continue, and our operating margins may decline.
 
We may experience slowing growth or a decrease in billings, revenue, operating margin and free cash flow for a number of reasons, including a slowdown in demand for our products or services, a shift in demand from products to services, decrease in services revenue growth, increased competition, worldwide or regional economic challenges based on inflation or possible stagflation, a regional recession or a recession in the global economy, rising interest rates, the war in Ukraine, a decrease in the growth of our overall market or softness in demand in certain geographies or industry verticals, such as the service provider industry, changes in our strategic opportunities, execution risks, lower sales productivity and our failure for any reason to continue to capitalize on sales and growth opportunities due to other risks identified in the risk factors described in this periodic report. Our expenses as a percentage of total revenue may be higher than expected if our revenue is lower than expected. If our investments in sales and marketing and other functional areas do not result in expected billings and revenue growth, we may experience margin declines. In addition, we may not be able to sustain profitability in future periods if we fail to increase billings, revenue or deferred revenue, and do not appropriately manage our cost structure, free cash flow, or encounter unanticipated liabilities. As a result, any failure by us to maintain profitability and margins and continue our billings, revenue and free cash flow growth could cause the price of our common stock to materially decline.

We are dependent on the continued services and performance of our senior management, the loss of any of whom could adversely affect our business, operating results and financial condition.

Our future performance depends on the continued services and continuing contributions of our senior management to execute on our business plan and to identify and pursue new opportunities and product innovations. The loss of services of members of senior management, particularly Ken Xie, our Co-Founder, Chief Executive Officer and Chairman, or Michael Xie, our Co-Founder, President and Chief Technology Officer, or of any of our senior sales leaders or functional area leaders, could significantly delay or prevent the achievement of our development and strategic objectives. The loss of the services or the distraction of our senior management for any reason could adversely affect our business, financial condition and results of operations.

We rely on third-party channel partners for substantially all of our revenue. If our partners fail to perform, our ability to sell our products and services will be limited, and if we fail to optimize our channel partner model going forward, our operating results may be harmed. Additionally, a small number of distributors represents a large percentage of our revenue and gross accounts receivable, and one distributor accounted for 29% of our total net accounts receivable as of June 30, 2023.
 
A significant portion of our sales is generated through a limited number of distributors, and substantially all of our revenue is from sales by our channel partners, including distributors and resellers. We depend on our channel partners to generate a significant portion of our sales opportunities and to manage our sales process. To the extent our channel partners are unsuccessful in selling our products, or if we are unable to enter into arrangements with and retain a sufficient number of high-quality channel partners in each of the regions in which we sell products, we are unable to keep them motivated to sell our products, or our channel partners shift focus to other vendors and/or our competitors, our ability to sell our products and operating results may be harmed. The termination of our relationship with any significant channel partner may adversely impact our sales and operating results. 

In addition, a small number of channel partners represents a large percentage of our revenue and gross accounts receivable. We are exposed to the credit and liquidity risk of some of our channel partners and to credit exposure in weakened markets, which could result in material losses. Our dependence on a limited number of key channel partners means that our billings, revenue and operating results may be harmed by the inability of these key channel partners to successfully sell our products and services, or if any of these key channel partners is unable or unwilling to pay us, terminates its relationship with us or goes out of business. Although we have programs in place that are designed to monitor and mitigate credit and liquidity risks, we cannot guarantee these programs will be effective in reducing our credit risks. If we are unable to adequately control these risks, our business, operating results, and financial condition could be harmed. If channel partners fail to pay us under the terms of our agreements or we are otherwise unable to collect on our accounts receivable from these channel partners, we may be adversely affected both from the inability to collect amounts due and the cost of enforcing the terms of our contracts, including litigation. Our channel partners may seek bankruptcy protection or other similar relief and fail to pay amounts due to us, or pay those amounts more slowly, either of which could adversely affect our operating results, financial position, and cash flow. We may be further impacted by consolidation of our existing channel partners. In such instances, we may experience changes to our overall business and operational relationships due to dealing with a larger combined entity, and our ability to maintain such relationships on favorable contractual terms may be more limited. We may also become increasingly dependent on a more limited number of channel partners, as consolidation increases the relative proportion of our business for which each channel partner is responsible, which may magnify the risks described in the preceding paragraphs.

49

Table of Contents
Six distributor customers accounted for 66% of our total net accounts receivable in the aggregate as of June 30, 2023. See Note 15. Segment Information in Part I, Item 1 of this Quarterly Report on Form 10-Q for distributor customers that accounted for 10% or more of our revenue or net accounts receivable. Our largest distributors may experience financial difficulties, face liquidity risk or other financial challenges, which may harm our ability to collect on our accounts receivable.

We provide sales channel partners with specific programs to assist them with selling our products and incentivize them to sell our products, but there can be no assurance that these programs will be effective. In addition, our channel partners may be unsuccessful in marketing, selling and supporting our products and services and may purchase more inventory than they can sell. Our channel partners generally do not have minimum purchase requirements. Some of our channel partners may have insufficient financial resources to withstand changes and challenges in business conditions. Moreover, many of our channel partners are privately held, including some of our largest partners, and we may not have sufficient information to assess their financial condition. If our channel partners’ financial condition or operations weaken, their ability to sell our product and services could be negatively impacted. Our channel partners may also market, sell and support products and services that are competitive with ours, and may devote more resources to the marketing, sales and support of such products, or may decide to cease selling our products and services altogether in favor of a competitor’s products and services. They may also have incentives to promote our competitors’ products to the detriment of our own, or they may cease selling our products altogether. We cannot ensure that we will retain these channel partners or that we will be able to secure additional or replacement partners or that existing channel partners will continue to perform. The loss of one or more of our significant channel partners or the failure to obtain and ship a number of large orders each quarter through them could harm our operating results.

Any new sales channel partner will require extensive training and may take several months or more to achieve productivity. Our channel partner sales structure could subject us to lawsuits, potential liability and reputational harm if, for example, any of our channel partners misrepresent the functionality of our products or services to end-customers, our service provider customers suffer a cyber event impacting end-users, or our channel partners violate laws or our corporate policies. We depend on our global channel partners to comply with applicable legal and regulatory requirements. To the extent that they fail to do so, that could have a material adverse effect on our business, operating results and financial condition. If we fail to optimize our channel partner model or fail to manage existing sales channels, our business will be seriously harmed.

Reliance on a concentration of shipments at the end of the quarter could cause our billings and revenue to fall below expected levels.

As a result of customer buying patterns and the efforts of our sales force and channel partners to meet or exceed quarterly quotas, we have historically received a substantial portion of each quarter’s sales orders and generated a substantial portion of each quarter’s billings and revenue during the last two weeks of the quarter. We typically arrange for a logistics partner to pick up the last shipment of our products a few hours prior to the end of the quarter, and a delay in the arrival of the logistics partner or other factors such as a power outage could prevent us from shipping and billing for a material amount of products for which we have orders. Further, it is possible that the dollar value of these products intended to be shipped late on the last day of the quarter may be material. Additionally, our service billings are dependent on the completion of certain automated processes by our internal business management systems, some of which cannot be performed until after the related products have been shipped. If we do not have enough time after shipping our products for our systems to perform these processes prior to the end of the quarter, we have system issues that prevent processing in time to realize service billings in a quarter, or there are delays in deals closing or deals are lost, we will not be able to bill and realize billings for those services until possibly the following quarter at the earliest, which may materially negatively impact our billings for a particular quarter. We implemented a cloud-based quoting tool to help provide our sales team with the ability to have faster quote generation, reduce quote errors and increase sales productivity. Our ability to integrate the data from this tool into our order processing may cause order processing delays that could have an effect on our financial results. Our billings and revenue for any quarter could fall below our expectations or those of securities analysts and investors, resulting in a decline in our stock price, if expected orders at the end of any quarter are delayed or deals are lost for any reason or our ability to fulfill orders at the end of any quarter is hindered for any reason, including, among others:

the failure of anticipated purchase orders to materialize;

our logistics partners’ failure or inability to ship products prior to quarter-end to fulfill purchase orders received near the end of the quarter;

disruption in manufacturing or shipping based on power outages, system failures, labor disputes or constraints, excessive demand, natural disasters or widespread public health problems including pandemics and epidemics;

50

Table of Contents
our failure to accurately forecast our inventory requirements and to appropriately manage inventory to meet demand;

our inability to release new products on schedule;

any failure of our systems related to order review and processing; and

any delays in shipments due to trade compliance requirements, labor disputes or logistics changes at shipping ports, airline strikes, severe weather or otherwise.

We rely significantly on revenue from FortiGuard and other security subscription and FortiCare technical support services, and revenue from these services may decline or fluctuate. Because we recognize revenue from these services over the term of the relevant service period, downturns or upturns in sales of FortiGuard and other security subscription and FortiCare technical support services are not immediately reflected in full in our operating results.

Our FortiGuard and other security subscription and FortiCare technical support services revenue has historically accounted for a significant percentage of our total revenue. Revenue from the sale of new, or from the renewal of existing, FortiGuard and other security subscription and FortiCare technical support service contracts may decline and fluctuate as a result of a number of factors, including fluctuations in purchases of Core Platform appliances or our Enhanced Platform Technology products, changes in the sales mix between products and services, end-customers’ level of satisfaction with our products and services, the prices of our products and services, the prices of products and services offered by our competitors, reductions in our customers’ spending levels and the timing of revenue recognition with respect to these arrangements. If our sales of new, or renewals of existing, FortiGuard and other security subscription and FortiCare technical support service contracts decline, our revenue and revenue growth may decline and our business could suffer. In addition, in the event significant customers require payment terms for FortiGuard and other security subscription and FortiCare technical support services in arrears or for shorter periods of time than annually, such as monthly or quarterly, this may negatively impact our billings and revenue. Furthermore, we recognize FortiGuard and other security subscription and FortiCare technical support services revenue ratably over the term of the service period, which is typically from one to five years. As a result, much of the FortiGuard and other security subscription and FortiCare technical support services revenue we report each quarter is the recognition of deferred revenue from FortiGuard and other security subscription and FortiCare technical support services contracts entered into during previous quarters or years. Consequently, a decline in new or renewed FortiGuard and other security subscription and FortiCare technical support services contracts in any one quarter will not be fully reflected in revenue in that quarter but will negatively affect our revenue in future quarters. Accordingly, the effect of significant downturns in sales of new, or renewals of existing, FortiGuard and other security subscription and FortiCare technical support services is not reflected in full in our statements of income until future periods. Our FortiGuard and other security subscription and FortiCare technical support services revenue also makes it difficult for us to rapidly increase our revenue through additional service sales in any period, as revenue from new and renewal support services contracts must be recognized over the applicable service term.

If we are unable to hire, retain and motivate qualified personnel, our business will suffer.
 
Our future success depends, in part, on our ability to continue to attract and retain highly skilled personnel. The loss of the services of any of our key personnel, the inability to attract or retain qualified personnel, any failure to have in place and execute an effective succession plan for key executives or delays in hiring required personnel, particularly in engineering, sales and marketing, may seriously harm our business, financial condition and results of operations. From time to time, we experience turnover in our management-level personnel. None of our key employees has an employment agreement for a specific term, and any of our employees may terminate their employment at any time. Our ability to continue to attract and retain highly skilled personnel will be critical to our future success.

Competition for highly skilled personnel is frequently intense, especially for qualified sales, support and engineering employees in network security and especially in the locations where we have a substantial presence and need for highly skilled personnel, such as the San Francisco Bay Area and the Vancouver, Canada area. We may not be successful in attracting, assimilating or retaining qualified personnel to fulfill our current or future needs. In addition, to the extent we hire personnel from competitors, we may be subject to allegations that they have been improperly solicited or divulged proprietary or other confidential information. Changes in immigration laws, including changes to the rules regarding H1-B visas, may also harm our ability to attract personnel from other countries. Our inability to hire properly qualified and effective sales, support and engineering employees could harm our growth and our ability to effectively support growth.


51

Table of Contents
We have incurred indebtedness and may incur other debt in the future, which may adversely affect our financial condition and future financial results.

As of June 30, 2023, we had an aggregate of $991.3 million of indebtedness outstanding under our Senior Notes. Under the agreements governing our indebtedness, we are permitted to incur additional debt. This debt, and any debt that we may incur in the future, may adversely affect our financial condition and future financial results by, among other things:

increasing our vulnerability to downturns in our business, to competitive pressures and to adverse economic and industry conditions;

requiring the dedication of a portion of our expected cash from operations to service our indebtedness, thereby reducing the amount of expected cash flow available for other purposes, including capital expenditures, share repurchases and acquisitions; and

limiting our flexibility in planning for, or reacting to, changes in our businesses and our industries;

If we are unable to generate sufficient cash flow from operations in the future to service our debt, we may be required, among other things, to seek additional financing in the debt or equity markets, refinance or restructure all or a portion of our indebtedness, sell selected assets or reduce or delay planned capital, operating or investment expenditures. Such measures may not be sufficient to enable us to service our debt.

Additionally, the agreements governing our indebtedness impose restrictions on us and require us to comply with certain covenants. If we breach any of these covenants and do not obtain a waiver from the noteholders, then, subject to applicable cure periods, any or all of our outstanding indebtedness may be declared immediately due and payable. There can be no assurance that any refinancing or additional financing would be available on terms that are favorable or acceptable to us, if at all.

Under the terms of our outstanding Senior Notes, we may be required to repurchase the notes for cash prior to their maturity in connection with the occurrence of certain changes of control that are accompanied by certain downgrades in the credit ratings of the notes. The repayment obligations under the notes may have the effect of discouraging, delaying or preventing a takeover of our company. If we were required to pay the notes prior to their scheduled maturity, it could have a negative impact on our cash position and liquidity and impair our ability to invest financial resources in other strategic initiatives.

In addition, changes by any rating agency to our credit rating may negatively impact the value and liquidity of both our debt and equity securities, as well as affect our ability to obtain additional financing in the future and may negatively impact the terms of any such financing.

Risks Related to Our Sales and End-Customers

We generate a majority of revenue from sales to distributors, resellers and end-customers outside of the United States, and we are therefore subject to a number of risks associated with international sales and operations.
 
We market and sell our products throughout the world and have established sales offices in many parts of the world. Our international sales have represented a majority of our total revenue in recent periods. Therefore, we are subject to risks associated with having worldwide operations. We are also subject to a number of risks typically associated with international sales and operations, including:

disruption in the supply chain or in manufacturing or shipping, or decreases in demand by channel partners or end-customers, including any such disruption or decreases caused by factors outside of our control such as natural disasters and health emergencies, including earthquakes, droughts, fires, power outages, typhoons, floods, pandemics or epidemics and manmade events such as civil unrest, labor disruption, international trade disputes, international conflicts, terrorism, wars or other foreign conflicts, such as the war in Ukraine or tensions between China and Taiwan, and critical infrastructure attacks;

fluctuations in foreign currency exchange rates or a strengthening of the U.S. dollar, as a significant portion of our expenses is incurred and paid in currencies other than the U.S. dollar, and the impact such fluctuations may have on the actual prices that our partners and customers are willing to pay for our products and services;

52

Table of Contents
economic or political instability in foreign markets, such as any economic or political instability caused by economic downturns and wars or other foreign conflicts, such as the war in Ukraine, tensions between China and Taiwan and any expansions thereof;

instability in the global banking system;

greater difficulty in enforcing contracts and accounts receivable collection, including longer collection periods;

longer sales processes for larger deals;

changes in regulatory requirements;

difficulties and costs of staffing and managing foreign operations;

the uncertainty of protection for Intellectual Property (“IP”) rights in some countries;

costs of compliance with foreign policies, laws and regulations and the risks and costs of non-compliance with such policies, laws and regulations;

protectionist policies and penalties, and local laws, requirements, policies and perceptions that may adversely impact a U.S.-headquartered business’s sales in certain countries outside of the United States;
 
costs of complying with, and the risks, reputational damage and other costs of non-compliance with, U.S. or other foreign laws and regulations for foreign operations, including the U.S. Foreign Corrupt Practices Act, the United Kingdom Bribery Act 2010, the General Data Protection Regulation (the “GDPR”), import and export control laws, trade laws and regulations, tariffs and retaliatory measures, trade barriers and economic sanctions;

other regulatory or contractual limitations on our ability to sell our products in certain foreign markets, and the risks and costs of non-compliance;

heightened risks of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales or sales-related arrangements, such as sales “side agreements” to allow return rights, that could disrupt the sales team through terminations of employment or otherwise, and may adversely impact financial results as compared to those already reported or forecasted and result in restatements of financial statements and irregularities in financial statements;

our ability to effectively implement and maintain adequate internal controls to properly manage our international sales and operations;

political unrest, changes and uncertainty associated with terrorism, hostilities, war or natural disasters;
 
management communication and integration problems resulting from cultural differences and geographic dispersion; and

changes in tax, tariff, employment and other laws.
 
Product and service sales and employee and contractor matters may be subject to foreign governmental regulations, which vary substantially from country to country. Further, we may be unable to keep up to date with changes in government requirements as they change over time. Failure to comply with these regulations could result in adverse effects to our business. In many foreign countries, it is common for others to engage in business practices that are prohibited by our internal policies and procedures or U.S. regulations applicable to us. Although we implemented policies and procedures designed to ensure compliance with these laws and policies, there can be no assurance that all of our employees, contractors, channel partners and agents will comply with these laws and policies. Violations of laws or key control policies by our employees, contractors, channel partners or agents could result in litigation, regulatory action, costs of investigation, delays in revenue recognition, delays in financial reporting, financial reporting misstatements, fines, penalties or the prohibition of the importation or exportation of our products and services, any of which could have a material adverse effect on our business and results of operations.

53

Table of Contents
We may undertake corporate operating restructurings or transfers of assets that involve our group of foreign country subsidiaries through which we do business abroad, in order to maximize the operational and tax efficiency of our group structure. If ineffectual, such restructurings or transfers could increase our income tax liabilities, and in turn, increase our global effective tax rate. Moreover, our existing corporate structure and intercompany arrangements have been implemented in a manner we believe reasonably ensures that we are in compliance with current prevailing tax laws. However, the tax authorities of the jurisdictions in which we operate may challenge our methodologies for valuing developed technology or intercompany arrangements, which could impact our worldwide effective tax rate and harm our financial position and operating results.

If we are not successful in continuing to execute our strategy to increase our sales to large and medium-sized end-customers, our results of operations may suffer.
 
An important part of our growth strategy is to increase sales of our products to large- and medium-sized businesses, service providers and government organizations. While we have increased sales in recent periods to large- and medium-sized businesses, our sales volume varies by quarter and there is a risk as to our level of success selling to these target customers. Such sales involve unique sales skillsets, processes and structures, are often more complex and feature a longer contract term and may be at higher discount levels. We also have experienced uneven traction selling to certain government organizations and service providers and MSSPs, and there can be no assurance that we will be successful selling to these customers. Sales to these organizations involve risks that may not be present, or that are present to a lesser extent, with sales to smaller entities. These risks include:

increased competition from competitors that traditionally target large and medium-sized businesses, service providers and government organizations and that may already have purchase commitments from those end-customers;
 
increased purchasing power and leverage held by large end-customers in negotiating contractual arrangements;

unanticipated changes in the capital resources or purchasing behavior of large end-customers, including changes in the volume and frequency of their purchases and changes in the mix of products and services, willingness to change to cloud delivery model and related payment terms;
 
more stringent support requirements in our support service contracts, including stricter support response times, more complex requirements and increased penalties for any failure to meet support requirements;

longer sales cycles and the associated risk that deals are delayed and that substantial time and resources may be spent on a potential end-customer that elects not to purchase our products and services;

increased requirements from these customers that we have certain third-party security or other certifications, which we may not have, the lack of which may adversely affect our ability to successfully sell to such customers;

uncertainty as to timing to close large deals and any delays in closing those deals; and

longer ramp-up periods for enterprise sales personnel as compared to other sales personnel.
 
Large and medium-sized businesses, service providers and MSSPs and government organizations often undertake a significant evaluation process that results in a lengthy sales cycle, in some cases longer than 12 months. Although we have a channel sales model, our sales representatives typically engage in direct interaction with end-customers, along with our distributors and resellers, in connection with sales to large- and medium-sized end-customers. We may spend substantial time, effort and money in our sales efforts without being successful in producing any sales. In addition, purchases by large- and medium-sized businesses, service providers and government organizations are frequently subject to budget constraints, multiple approvals and unplanned administrative, processing and other delays; in light of current economic conditions and regulations in place by various government authorities, some of these sales cycles are being further extended. Furthermore, service providers and MSSPs represent our largest industry vertical and consolidation or continued changes in buying behavior by larger customers within this industry could negatively impact our business. Large- and medium-sized businesses, service providers and MSSPs and government organizations typically have longer implementation cycles, require greater product functionality and scalability, expect a broader range of services, including design, implementation and post go-live services, demand that vendors take on a larger share of risks, require acceptance provisions that can lead to a delay in revenue recognition and expect greater payment flexibility from vendors. In addition, large- and medium-sized businesses, service providers and government
54

Table of Contents
organizations may require that our products and services be sold differently from how we offer our products and services, which could negatively impact our operating results. Our large business and service provider customers may also become more deliberate in their purchases as they plan their next-generation network security architecture, leading them to take more time in making purchasing decisions or to purchase based only on their immediate needs. All these factors can add further risk to business conducted with these customers. In addition, if sales expected from a large- and medium-sized end-customer for a particular quarter are not realized in that quarter or at all, our business, operating results and financial condition could be materially and adversely affected.

If we do not increase the effectiveness of our sales organization, we may have difficulty adding new end-customers or increasing sales to our existing end-customers and our business may be adversely affected.

Although we have a channel sales model, sales in our industry are complex and members of our sales organization often engage in direct interaction with our prospective end-customers, particularly for larger deals involving larger end-customers. Therefore, we continue to be substantially dependent on our sales organization to obtain new end-customers and sell additional products and services to our existing end-customers. There is significant competition for sales personnel with the skills and technical knowledge that we require, including experienced enterprise sales employees and others. Our ability to grow our revenue depends, in large part, on our success in recruiting, training and retaining sufficient numbers of sales personnel to support our growth and on the effectiveness of our sales strategy, sales execution, and sales personnel selling successfully in different contexts, each of which has its own different complexities, approaches and competitive landscapes, such as managing and growing the channel business for sales to small businesses and more actively selling to the end-customer for sales to larger organizations. New hires require substantial training and may take significant time before they achieve full productivity. Our recent hires and planned hires may not become productive as quickly as we expect, and we may be unable to hire or retain sufficient numbers of qualified individuals in the markets where we do business or plan to do business. Furthermore, hiring sales personnel in new countries requires additional setup and upfront costs that we may not recover if the sales personnel fail to achieve full productivity. If our sales employees do not become fully productive on the timelines that we have projected, our revenue may not increase at anticipated levels and our ability to achieve long-term projections may be negatively impacted. If we are unable to hire and train sufficient numbers of effective sales personnel, the sales personnel are not successful in obtaining new end-customers or increasing sales to our existing customer base or sales personnel do not effectively sell our Enhanced Platform Technology products, our business, operating results and prospects may be adversely affected. If we do not hire properly qualified and effective sales employees and organize our sales team effectively to capture the opportunities in the various customer segments we are targeting, our growth and ability to effectively support growth may be harmed.

In addition, in light of macroeconomic trends and in the event of sales execution challenges for any reason, we may face excess sales capacity, low sales productivity generally, and a decline in productivity in our sales organization. If we are not able to align our sales capacity and market demand, or if the productivity of our sales organization decreases, our operating results and financial condition could be harmed.

Unless we continue to develop better market awareness of our company and our products, and to improve lead generation and sales enablement, our revenue may not continue to grow.

Increased market awareness of our capabilities and products and increased lead generation are essential to our continued growth and our success in all of our markets, particularly the market for sales to large businesses, service providers and government organizations. While we have increased our investments in sales and marketing, it is not clear that these investments will continue to result in increased revenue. If our investments in additional sales personnel or our marketing programs are not successful in continuing to create market awareness of our company and products or increasing lead generation, in growing billings for our broad product suite or if we experience turnover and disruption in our sales and marketing teams, we may not be able to achieve sustained growth, and our business, financial condition and results of operations may be adversely affected.

Some of our sales are to government organizations, which subjects us to a number of regulatory requirements, challenges and risks.

Sales to U.S. and foreign federal, state and local government organizations are subject to a number of risks. Because of public sector budgetary cycles and laws or regulations governing public procurements, such sales often require significant upfront time and expense without any assurance of winning a sale.

Government demand, sales and payment for our products and services may be negatively impacted by numerous factors and requirements unique to selling to government agencies, such as:

55

Table of Contents
policies, laws and regulations have in the past, and may in the future, require us to obtain and maintain certain security and other certifications in order to sell our products and services into certain government organizations, and such certifications may be costly and time-consuming to obtain and maintain;

funding authorizations and requirements unique to government agencies, with funding or purchasing reductions or delays adversely affecting public sector demand for our products; and

geopolitical matters, including tariff and trade disputes, government shutdowns, impact of the war in Ukraine, tensions between China and Taiwan and trade protectionism and other political dynamics that may adversely affect our ability to sell in certain locations or obtain the requisite permits and clearances required for certain purchases by government organizations of our products and services.

In addition, if we do not have certain certifications, this may restrict our ability to sell to certain government customers until we have obtained certain certifications and we may not obtain the certifications in a timely manner or at all.

The rules and regulations applicable to sales to government organizations may also negatively impact sales to other organizations. For example, government organizations may have contractual or other legal rights to terminate contracts with our distributors and resellers for convenience or due to a default, and any such termination may adversely impact our future results of operations. If the distributor receives a significant portion of its revenue from sales to government organizations, the financial health of the distributor could be substantially harmed, which could negatively affect our future sales to such distributor. Governments routinely investigate, review and audit government vendors’ administrative and other processes, and any unfavorable investigation, audit, other review or unfavorable determination related to any government clearance or certification could result in the government’s refusing to continue buying our products and services, a limitation and reduction of government purchases of our products and services, a reduction of revenue or fines, or civil or criminal liability if the investigation, audit or other review uncovers improper, illegal or otherwise concerning activities. Any such penalties could adversely impact our results of operations in a material way. Further, any refusal to grant certain certifications or clearances by one government agency, or any decision by one government agency that our products do not meet certain standards, may reduce business opportunities and cause reputational harm and cause concern with other government agencies, governments and businesses and cause them to not buy our products and services and/or lead to a decrease in demand for our products generally.

Finally, some governments, including the U.S. federal government, may require certain products to be manufactured in, and services to be provided from, certain identified countries which may be high-cost locations. We may not manufacture all products or provide all services in locations that meet such requirements and consequently our products and services may not be eligible for certain government purchases.

Risks Related to Our Industry, Customers, Products and Services

We face intense competition in our market and we may not maintain or improve our competitive position.
 
The market for network security products is intensely competitive and dynamic, and we expect competition to continue to intensify. We face many competitors across the different cybersecurity markets. Our competitors include companies such as Arista Networks, Inc., Aruba Networks, LLC, Barracuda Networks, Inc., Check Point Software Technologies Ltd., Cisco Systems, Inc. (“Cisco”), CrowdStrike Holdings, Inc., F5 Networks, Inc., Huawei Technologies Co., Ltd., Juniper Networks, Inc., Palo Alto Networks, Inc., SonicWALL, Inc., Sophos Group Plc, Trend Micro Incorporated, VMware, Inc. and Zscaler, Inc. (“Zscaler”).
 
Some of our existing and potential competitors enjoy competitive advantages such as:
 
greater name recognition and/or longer operating histories;
 
larger sales and marketing budgets and resources;
 
broader distribution and established relationships with distribution partners and end-customers;
 
access to larger customer bases;
 
greater customer support resources;
 
greater resources to make acquisitions;

56

Table of Contents
stronger U.S. government relationships;
 
lower labor and development costs; and
 
substantially greater financial, technical and other resources.
 
In addition, certain of our larger competitors have broader product offerings, and leverage their relationships based on other products or incorporate functionality into existing products in a manner that discourages customers from purchasing our products. These larger competitors often have broader product lines and market focus, and are in a better position to withstand any significant reduction in capital spending by end-customers in these markets. Therefore, these competitors will not be as susceptible to downturns in a particular market. Also, many of our smaller competitors that specialize in providing protection from a single type of security threat are often able to deliver these specialized security products to the market more quickly than we can.

Conditions in our markets could change rapidly and significantly as a result of technological advancements or continuing market consolidation. Our competitors and potential competitors may also be able to develop products or services, and leverage new business models, that are equal or superior to ours, achieve greater market acceptance of their products and services, disrupt our markets, and increase sales by utilizing different distribution channels than we do. For example, certain of our competitors are focusing on delivering security services from the cloud which include cloud-based security providers, such as CrowdStrike and Zscaler. In addition, current or potential competitors may be acquired by third parties with greater available resources, and new competitors may arise pursuant to acquisitions of network security companies or divisions. As a result of such acquisitions, competition in our market may continue to increase and our current or potential competitors might be able to adapt more quickly to new technologies and customer needs, devote greater resources to the promotion or sale of their products and services, initiate or withstand substantial price competition, take advantage of acquisition or other opportunities more readily, or develop and expand their product and service offerings more quickly than we do. In addition, our competitors may bundle products and services competitive with ours with other products and services. Customers may accept these bundled products and services rather than separately purchasing our products and services. As our customers refresh the security products bought in prior years, they may seek to consolidate vendors, which may result in current customers choosing to purchase products from our competitors on an ongoing basis. Due to budget constraints or economic downturns, organizations may be more willing to incrementally add solutions to their existing network security infrastructure from competitors than to replace it with our solutions. These competitive pressures in our market or our failure to compete effectively may result in price reductions, fewer customer orders, reduced revenue and gross margins and loss of market share.

Managing inventory of our products and product components is complex. We order components from third-party manufacturers based on our forecasts of future demand and targeted inventory levels, which exposes us to the risk of both product shortages, which may result in lost sales and higher expenses, and excess inventory, which may require us to sell our products at discounts and lead to write-offs.

Managing our inventory is complex, especially in times of supply chain disruption. Our channel partners may increase orders during periods of product shortages, cancel orders or not place orders commensurate with our expectations if their inventory is too high, return products or take advantage of price protection (if any is available to the particular partner) or delay orders in anticipation of new products, and accurately forecasting inventory requirements and demand can be challenging. Our channel partners also may adjust their orders in response to the supply of our products and the products of our competitors that are available to them and in response to seasonal fluctuations in end-customer demand. If we cannot manufacture and ship our products due to, for example, global chip shortages, excessive demand on contract manufacturers capacity, natural disasters and health emergencies such as earthquakes, fires, power outages, typhoons, floods, cyber events, pandemics and epidemics such as the COVID-19 pandemic or manmade events such as civil unrest, labor disruption, international trade disputes, international conflicts, terrorism, wars or other foreign conflicts, such as the war in Ukraine or tensions between China and Taiwan, and critical infrastructure attacks, our business and financial results could be materially and adversely impacted.

In response to component shortages in recent quarters, we increased our purchase order commitments. Our suppliers may require us to accept or pay for components and finished goods regardless of our level of sales in a particular period, which may negatively impact our operating results and financial condition.

Inventory management remains an area of focus as we balance the need to maintain inventory levels that are sufficient to ensure competitive lead times against the risk of inventory obsolescence because of rapidly changing technology, product transitions, customer requirements or excess inventory levels. If we ultimately determine that we have excess inventory, we may have to reduce our prices and write-down inventory, which in turn could result in lower gross margins. Alternatively, insufficient inventory levels may lead to shortages that result in delayed billings and revenue or loss of sales opportunities altogether as potential end-customers turn to competitors’ products that are readily available. For example, we have in the past
57

Table of Contents
experienced inventory shortages and excesses due to the variance in demand for certain products from forecasted amounts. Our inventory management systems and related supply chain visibility tools may be inadequate to enable us to effectively manage inventory. If we are unable to effectively manage our inventory and that of our channel partners, our results of operations could be adversely affected.

If our new products, services and enhancements do not achieve sufficient market acceptance, our results of operations and competitive position will suffer.

We spend substantial amounts of time and money to develop internally and acquire new products and services and enhance versions of our existing products and services in order to incorporate additional features, improved functionality or other enhancements in order to meet our customers’ rapidly evolving demands for network security in our highly competitive industry. When we develop a new product or service, or an enhanced version of an existing product or service, we typically incur expenses and expend resources upfront to market, promote and sell the new offering. Therefore, when we develop and introduce new or enhanced products or services, they must achieve high levels of market acceptance in order to justify the amount of our investment in developing and bringing them to market.

Our new products, services or enhancements could fail to attain sufficient market acceptance for many reasons, including:
 
delays in releasing our new products, services or enhancements to the market;
 
failure to accurately predict market demand in terms of product and service functionality and to supply products and services that meet this demand in a timely fashion;

failure to have the appropriate research and development expertise and focus to make our top strategic products and services successful;
 
failure of our sales force and partners to focus on selling new products and services;
 
inability to interoperate effectively with the networks or applications of our prospective end-customers;
 
inability to protect against new types of attacks or techniques used by hackers;
 
actual or perceived defects, vulnerabilities, errors or failures;
 
negative publicity about their performance or effectiveness;
 
introduction or anticipated introduction of competing products and services by our competitors;
 
poor business conditions for our end-customers, causing them to delay IT purchases;
 
changes to the regulatory requirements around security; and
 
reluctance of customers to purchase products or services incorporating open source software.
 
If our new products, services or enhancements do not achieve adequate acceptance in the market, our competitive position will be impaired, our revenue will be diminished and the effect on our operating results may be particularly acute because of the significant research, development, marketing, sales and other expenses we incurred in connection with the new product, service or enhancement.

Demand for our products may be limited by market perception that individual products from one vendor that provide multiple layers of security protection in one product are inferior to point solution network security solutions from multiple vendors.
 
Sales of many of our products depend on increased demand for incorporating broad security functionality into one appliance. If the market for these products fails to grow as we anticipate, our business will be seriously harmed. Target customers may view “all-in-one” network security solutions as inferior to security solutions from multiple vendors because of, among other things, their perception that such products of ours provide security functions from only a single vendor and do not allow users to choose “best-of-breed” defenses from among the wide range of dedicated security applications available. Target
58

Table of Contents
customers might also perceive that, by combining multiple security functions into a single platform, our solutions create a “single point of failure” in their networks, which means that an error, vulnerability or failure of our product may place the entire network at risk. In addition, the market perception that “all-in-one” solutions may be suitable only for small and medium-sized businesses because such solution lacks the performance capabilities and functionality of other solutions may harm our sales to large businesses, service provider and government organization end-customers. If the foregoing concerns and perceptions become prevalent, even if there is no factual basis for these concerns and perceptions, or if other issues arise with our market in general, demand for multi-security functionality products could be severely limited, which would limit our growth and harm our business, financial condition and results of operations. Further, a successful and publicized targeted attack against us, exposing a “single point of failure”, could significantly increase these concerns and perceptions and may harm our business and results of operations.

If functionality similar to that offered by our products is incorporated into existing network infrastructure products, organizations may decide against adding our appliances to their network, which would have an adverse effect on our business.
 
Large, well-established providers of networking equipment, such as Cisco, offer, and may continue to introduce, network security features that compete with our products, either in standalone security products or as additional features in their network infrastructure products. The inclusion of, or the announcement of an intent to include, functionality perceived to be similar to that offered by our security solutions in networking products that are already generally accepted as necessary components of network architecture may have an adverse effect on our ability to market and sell our products. Furthermore, even if the functionality offered by network infrastructure providers is more limited than our products, a significant number of customers may elect to accept such limited functionality in lieu of adding appliances from an additional vendor such as us. Many organizations have invested substantial personnel and financial resources to design and operate their networks and have established deep relationships with other providers of networking products, which may make them reluctant to add new components to their networks, particularly from other vendors such as us. In addition, an organization’s existing vendors or new vendors with a broad product offering may be able to offer concessions that we are not able to match because we currently offer only network security products and have fewer resources than many of our competitors. If organizations are reluctant to add additional network infrastructure from new vendors or otherwise decide to work with their existing vendors, our business, financial condition and results of operations will be adversely affected.

Because we depend on several third-party manufacturers to build our products, we are susceptible to manufacturing delays that could prevent us from shipping customer orders on time, if at all, and may result in the loss of sales and customers, and third-party manufacturing cost increases could result in lower gross margins and free cash flow.

We outsource the manufacturing of our security appliance products to contract manufacturing partners and original design manufacturing partners, including manufacturers with facilities located in Taiwan and other countries outside the United States such as ADLINK, IBASE, Micro-Star, Senao and Wistron. Our reliance on our third-party manufacturers reduces our control over the manufacturing process, exposing us to risks, including reduced control over quality assurance, costs, supply and timing and possible tariffs. Any manufacturing disruption related to our third-party manufacturers or their component suppliers for any reason, including global chip shortages, natural disasters and health emergencies such as earthquakes, fires, power outages, typhoons, floods, health pandemics and epidemics such as the COVID-19 pandemic and manmade events such as civil unrest, labor disruption, cyber events, international trade disputes, international conflicts, terrorism, wars, such as the war in Ukraine, and critical infrastructure attacks, could impair our ability to fulfill orders. If we are unable to manage our relationships with these third-party manufacturers effectively, or if these third-party manufacturers experience delays, increased manufacturing lead-times, disruptions, capacity constraints or quality control problems in their manufacturing operations, or fail to meet our future requirements for timely delivery, our ability to ship products to our customers could be impaired and our business would be seriously harmed. Further, certain components for our products come from Taiwan and approximately 90% of our hardware is manufactured in Taiwan. Any increase in tensions between China and Taiwan, including threats of military actions or escalation of military activities, could adversely affect our manufacturing operations in Taiwan.
 
These manufacturers fulfill our supply requirements on the basis of individual purchase orders. We have no long-term contracts or arrangements with our third-party manufacturers that guarantee capacity, the continuation of particular payment terms or the extension of credit limits. Accordingly, they are not obligated to continue to fulfill our supply requirements, and the prices we are charged for manufacturing services could be increased on short notice. If we are required to change third-party manufacturers, our ability to meet our scheduled product deliveries to our customers would be adversely affected, which could cause the loss of sales and existing or potential customers, delayed revenue or an increase in our costs, which could adversely affect our gross margins. Our individual product lines are generally manufactured by only one manufacturing partner. Any production or shipping interruptions for any reason, such as a natural disaster, epidemics, pandemics, capacity shortages, quality problems or strike or other labor disruption at one of our manufacturing partners or locations or at shipping ports or
59

Table of Contents
locations, would severely affect sales of our product lines manufactured by that manufacturing partner. Furthermore, manufacturing cost increases for any reason could result in lower gross margins.
 
Our proprietary application-specific integrated circuits (“ASIC”), which are key to the performance of our appliances, are built by contract manufacturers including Renesas and Toshiba America. These contract manufacturers use foundries operated by TSMC or Renesas on a purchase-order basis, and these foundries do not guarantee their capacity and could delay orders or increase their pricing. Accordingly, the foundries are not obligated to continue to fulfill our supply requirements, and due to the long lead time that a new foundry would require, we could suffer inventory shortages of our ASIC as well as increased costs. In addition to our proprietary ASIC, we also purchase off-the-shelf ASICs or integrated circuits from vendors for which we have experienced, and may continue to experience, long lead times. Our suppliers may also prioritize orders by other companies that order higher volumes or more profitable products. If any of these manufacturers materially delays its supply of ASICs or specific product models to us, or requires us to find an alternate supplier and we are not able to do so on a timely and reasonable basis, or if these foundries materially increase their prices for fabrication of our ASICs, our business would be harmed.

In addition, our reliance on third-party manufacturers and foundries limits our control over environmental regulatory requirements such as the hazardous substance content of our products and therefore our ability to ensure compliance with the Restriction of Hazardous Substances Directive (the “EU RoHS”) adopted in the European Union (the “EU”) and other similar laws. It also exposes us to the risk that certain minerals and metals, known as “conflict minerals”, that are contained in our products have originated in the Democratic Republic of the Congo or an adjoining country. As a result of the passage of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (“Dodd-Frank”), the Securities and Exchange Commission (the “SEC”) adopted disclosure requirements for public companies whose products contain conflict minerals that are necessary to the functionality or production of such products. Under these rules, we are required to obtain sourcing data from suppliers, perform supply chain due diligence, and file annually with the SEC a specialized disclosure report on Form SD covering the prior calendar year. We have incurred and expect to incur additional costs to comply with the rules, including costs related to efforts to determine the origin, source and chain of custody of the conflict minerals used in our products and the adoption of conflict minerals-related governance policies, processes and controls. Moreover, the implementation of these compliance measures could adversely affect the sourcing, availability and pricing of materials used in the manufacture of our products to the extent that there may be only a limited number of suppliers that are able to meet our sourcing requirements, which would make it more difficult to obtain such materials in sufficient quantities or at competitive prices. We may also encounter customers who require that all of the components of our products be certified as conflict-free. If we are not able to meet customer requirements, such customers may choose to not purchase our products, which could impact our sales and the value of portions of our inventory.

Because some of the key components in our products come from limited sources of supply, we are susceptible to supply shortages, long or uncertain lead times for components, and supply changes, each of which could disrupt or delay our scheduled product deliveries to our customers, result in inventory shortage, cause loss of sales and customers or increase component costs resulting in lower gross margins and free cash flow.

We and our contract manufacturers currently purchase several key parts and components used in the manufacture of our products from limited sources of supply. We are therefore subject to the risk of shortages and long or uncertain lead times in the supply of these components and the risk that component suppliers may discontinue or modify components used in our products. We have in the past experienced, and are currently experiencing, shortages and long or uncertain lead times for certain components. Our limited source components for particular appliances and suppliers of those components include specific types of CPUs from Intel and Advanced Micro Devices, Inc. (“AMD”), network and wireless chips from Broadcom, Marvell, Qualcomm and Intel, and memory devices from Intel, Micron, ADATA, Toshiba, Samsung and Western Digital. We also may face shortages in the supply of the capacitors and resistors that are used in the manufacturing of our products. . This shortage may persist for an indefinite period of time. The introduction by component suppliers of new versions of their products, particularly if not anticipated by us or our contract manufacturers, could require us to expend significant resources to incorporate these new components into our products. In addition, if these suppliers were to discontinue production of a necessary part or component, we would be required to expend significant resources and time in locating and integrating replacement parts or components from another vendor. Qualifying additional suppliers for limited source parts or components can be time-consuming and expensive.

Although we have increased our purchase order commitments to support long-term customer demand, if we are unable to obtain sufficient quantities of any of these components on commercially reasonable terms or in a timely manner, or if we are unable to obtain alternative sources for these components, shipments of our products could be delayed or halted entirely or we may be required to redesign our products. Any of these events could result in a cancellation of orders, lost sales, reduced gross margins or damage to our end customer relationships, which would adversely impact our business, financial condition, results of operations and prospects. Additionally, if actual demand does not directly match with our demand forecasts, due to our
60

Table of Contents
purchase order commitments, we could be required to accept or pay for components and finished goods. This may result in us discounting our products or excess or obsolete inventory, which we would be required to write down to its estimated realizable value, which in turn could result in lower gross margins. Our reliance on a limited number of suppliers involves several additional risks, including:

a potential inability to obtain an adequate supply of required parts or components when required;

financial or other difficulties faced by our suppliers;
 
infringement or misappropriation of our IP;
 
price increases;
 
failure of a component to meet environmental or other regulatory requirements;
 
failure to meet delivery obligations in a timely fashion;
 
failure in component quality; and

inability to ship products on a timely basis.
 
The occurrence of any of these events would be disruptive to us and could seriously harm our business. Any interruption or delay in the supply of any of these parts or components, or the inability to obtain these parts or components from alternate sources at acceptable prices and within a reasonable amount of time, would harm our ability to meet our scheduled product deliveries to our distributors, resellers and end-customers. This could harm our relationships with our channel partners and end-customers and could cause delays in shipment of our products and adversely affect our results of operations. In addition, increased component costs could result in lower gross margins.

We offer retroactive price protection to certain of our major North America distributors, and if we fail to balance their inventory with end-customer demand for our products, our allowance for price protection may be inadequate, which could adversely affect our results of operations.

We provide certain of our major North America distributors with price protection rights for inventories of our products held by them. If we reduce the list price of our products, as we have recently done, certain North America distributors receive refunds or credits from us that reduce the price of such products held in their inventory based upon the new list price. Future credits for price protection will depend on the percentage of our price reductions for the products in inventory and our ability to manage the levels of certain of our major North America distributors’ inventories. If future price protection adjustments are higher than expected, our future results of operations could be materially and adversely affected.

The sales prices of our products and services may decrease, which may reduce our gross profits and operating margin and may adversely impact our financial results and the trading price of our common stock.
 
The sales prices for our products and services may decline for a variety of reasons or our product mix may change, resulting in lower growth and margins based on a number of factors, including competitive pricing pressures, discounts or promotional programs we offer, a change in our mix of products and services and anticipation of the introduction of new products and services. We have recently conducted such price decreases. Competition continues to increase in the market segments in which we participate, and we expect competition to further increase in the future, thereby leading to increased pricing pressures. Larger competitors with more diverse product offerings may reduce the price of products and services that compete with ours in order to promote the sale of other products or services or may bundle them with other products or services. Additionally, although we price our products and services worldwide in U.S. dollars, currency fluctuations in certain countries and regions have in the past, and may in the future, negatively impact actual prices that partners and customers are willing to pay in those countries and regions. Furthermore, we anticipate that the sales prices and gross profits for our products or services will decrease over product life cycles. We cannot ensure that we will be successful in developing and introducing new offerings with enhanced functionality on a timely basis, or that our product and service offerings, if introduced, will enable us to maintain our prices, gross profits and operating margin at levels that will allow us to maintain profitability.
 

61

Table of Contents
Actual, possible or perceived defects, errors or vulnerabilities in our products or services, the failure of our products or services to detect or prevent a security incident, or the misuse of our products could harm our operational results and reputation.

Our products and services are complex, and they have contained and may contain defects, errors or vulnerabilities that are not detected until after their commercial release and deployment by our customers. Defects, errors or vulnerabilities may impede or block network traffic, cause our products or services to be vulnerable to electronic break-ins, cause them to fail to help secure our customers or cause our products or services to allow unauthorized access to our customers’ networks. Following a period of internal review and sometimes other steps, our Product Security Incident Response Team publicly posts on our FortiGuard Labs website known product vulnerabilities, including critical vulnerabilities, and methods for customers to mitigate the risk of vulnerabilities. There can be no assurance, however, that such posts will be sufficiently timely, accurate or complete or that those customers will take steps to mitigate the risk of vulnerabilities, and certain customers may be negatively impacted. Additionally, any perception that our products have vulnerabilities, whether or not accurate, and any actual vulnerabilities may harm our operational results and reputation, more significantly as compared to certain other companies in other industries because we are a security company. Our products are also susceptible to errors, defects, logic flaws, vulnerabilities and inserted vulnerabilities that may arise in, or be included in our products in, different stages of our supply chain, manufacturing and shipment processes, and a threat actor’s exploitation of these weaknesses may be difficult to anticipate, prevent, and detect. If we are unable to maintain an effective supply chain security risk management and products security program, then the security and integrity of our products and the updates to those products that our customers receive could be exploited by third parties or insiders. Different customers deploy and use our products in different ways, and certain deployments and usages may subject our products to adverse conditions that may negatively impact the effectiveness and useful lifetime of our products. Our networks and products, including cloud-based technology, could be targeted by attacks specifically designed to disrupt our business and harm our operational results and reputation. We cannot ensure that our products will prevent all adverse security events. Because the techniques used by malicious adversaries to access or sabotage networks change frequently and generally are not recognized until launched against a target, we may be unable to anticipate these techniques. In addition, defects or errors in our FortiGuard and other security subscription or FortiCare updates or our Fortinet appliances and operating systems could result in a failure of our FortiGuard and other security subscription services to effectively or correctly update end-customers’ Fortinet appliances and cloud-based products and thereby leave customers vulnerable to attacks. Furthermore, our solutions may also fail to detect or prevent viruses, worms, ransomware attacks or similar threats due to a number of reasons such as the evolving nature of such threats and the continual emergence of new threats that we may fail to anticipate or add to our FortiGuard databases in time to protect our end-customers’ networks. Our data centers and networks and those of our hosting vendors and cloud service providers may also experience technical failures and downtime, and may fail to distribute appropriate updates, or fail to meet the increased requirements of our customer base. Any such technical failure, downtime or failures in general may temporarily or permanently expose our end-customers’ networks, leaving their networks unprotected against the latest security threats.

An actual, possible or perceived security incident or infection of the network of one of our end-customers, regardless of whether the incident is attributable to the failure of our products or services to prevent or detect the security incident, or any actual or perceived security risk in our supply chain, could adversely affect the market’s perception of our security products and services, cause customers and customer prospects not to buy from us and, in some instances, subject us to potential liability that is not contractually limited. We may not be able to correct any security flaws or vulnerabilities promptly, or at all. Our products may also be misused or misconfigured by end-customers or third parties who obtain access to our products. For example, our products could be used to censor private access to certain information on the internet. Such use of our products for censorship could result in negative press coverage and negatively affect our reputation, even if we take reasonable measures to prevent any improper shipment of our products or if our products are provided by an unauthorized third party. Any actual, possible or perceived defects, errors or vulnerabilities in our products, or misuse of our products, could result in:
 
the expenditure of significant financial and product development resources in efforts to analyze, correct, eliminate or work around errors or defects or to address and eliminate vulnerabilities;
 
the loss of existing or potential end-customers or channel partners;
 
delayed or lost revenue;
 
delay or failure to attain market acceptance;
 
negative publicity and harm to our reputation; and
 
disclosure requirements, litigation, regulatory inquiries or investigations that may be costly and harm our reputation and, in some instances, subject us to potential liability that is not contractually limited.
62

Table of Contents

The network security market is rapidly evolving and the complex technology incorporated in our products makes them difficult to develop. If we do not accurately predict, prepare for and respond promptly to technological and market developments and changing end-customer needs, our competitive position and prospects may be harmed.

The network security market is expected to continue to evolve rapidly. Moreover, many of our end-customers operate in markets characterized by rapidly changing technologies and business plans, which require them to add numerous network access points and adapt increasingly complex networks, incorporating a variety of hardware, software applications, operating systems and networking protocols. In addition, computer hackers and others who try to attack networks employ increasingly sophisticated techniques to gain access to and attack systems and networks. The technology in our products is especially complex because it needs to effectively identify and respond to new and increasingly sophisticated methods of attack, while minimizing the impact on network performance. Additionally, some of our new products and enhancements may require us to develop new hardware architectures and ASICs that involve complex, expensive and time-consuming research and development processes. For example, we enter into development agreements with third parties. If our contract development projects are not successfully completed, or are not completed in a timely fashion, our product development could be delayed and our business generally could suffer. Costs for contract development can be substantial and our profitability may be harmed if we are unable to recover these costs. Although the market expects rapid introduction of new products or product enhancements to respond to new threats, the development of these products is difficult and the timetable for commercial release and availability is uncertain and there can be long time periods between releases and availability of new products. We have in the past and may in the future experience unanticipated delays in the availability of new products and services and fail to meet previously announced timetables for such availability. If we do not quickly respond to the rapidly changing and rigorous needs of our end-customers by developing, releasing and making available on a timely basis new products and services or enhancements that can respond adequately to new security threats, our competitive position and business prospects may be harmed.

Moreover, business models based on a subscription software as a service (“SaaS”) cloud-based services have become increasingly in-demand by our end-customers and adopted by other providers, including our competitors. While we have introduced additional cloud-based products and services and will continue to do so, most of our platform is currently deployed on premise, and therefore, if customers demand that our platform be provided through a subscription SaaS business model, we would be required to make additional investments in our infrastructure and personnel to be able to more fully provide our platform through a subscription SaaS model in order to maintain the competitiveness of our platform. Such investments may involve expanding our data centers, servers and networks, and increasing our technical operations and engineering teams. These risks are compounded by the uncertainty concerning the future success of any of our particular subscription SaaS business models and the future demand for our subscription SaaS models by customers. Additionally, if we are unable to meet the demand to provide our services through a subscription SaaS model, we may lose customers to competitors.

Our uniform resource locator (“URL”) database for our web filtering service may fail to keep pace with the rapid growth of URLs and may not categorize websites in accordance with our end-customers expectations.

The success of our web filtering service depends on the breadth and accuracy of our URL database. Although our URL database currently catalogs millions of unique URLs, it contains only a portion of the URLs for all of the websites that are available on the internet. In addition, the total number of URLs and software applications is growing rapidly, and we expect this rapid growth to continue in the future. Accordingly, we must identify and categorize content for our security risk categories at an extremely rapid rate. Our database and technologies may not be able to keep pace with the growth in the number of websites, especially the growing amount of content utilizing foreign languages and the increasing sophistication of malicious code and the delivery mechanisms associated with spyware, phishing and other hazards associated with the internet. Further, the ongoing evolution of the internet and computing environments will require us to continually improve the functionality, features and reliability of our web filtering function. Any failure of our databases to keep pace with the rapid growth and technological change of the internet could impair the market acceptance of our products, which in turn could harm our business, financial condition and results of operations.

In addition, our web filtering service may not be successful in accurately categorizing internet and application content to meet our end-customers’ expectations. We rely upon a combination of automated filtering technology and human review to categorize websites and software applications in our proprietary databases. Our end-customers may not agree with our determinations that particular URLs should be included or not included in specific categories of our databases. In addition, it is possible that our filtering processes may place material that is objectionable or that presents a security risk in categories that are generally unrestricted by our customers’ internet and computer access policies, which could result in such material not being blocked from the network. Conversely, we may miscategorize websites such that access is denied to websites containing information that is important or valuable to our customers. Any miscategorization could result in customer dissatisfaction and
63

Table of Contents
harm our reputation. Any failure to effectively categorize and filter websites according to our end-customers’ and channel partners’ expectations could impair the growth of our business.

False detection of vulnerabilities, viruses or security incidents or false identification of spam or spyware could adversely affect our business.

Our FortiGuard and other security subscription services may falsely detect, report and act on viruses or other threats that do not actually exist. This risk is heightened by the inclusion of a “heuristics” feature in our products, which attempts to identify viruses and other threats not based on any known signatures but based on characteristics or anomalies that may indicate that a particular item is a threat. When our end-customers enable the heuristics feature in our products, the risk of falsely identifying viruses and other threats significantly increases. These false positives, while typical in the industry, may impair the perceived reliability of our products and may therefore adversely impact market acceptance of our products. Also, our FortiGuard and other security subscription services may falsely identify emails or programs as unwanted spam or potentially unwanted programs, or alternatively fail to properly identify unwanted emails or programs, particularly as spam emails or spyware are often designed to circumvent anti-spam or spyware products. Parties whose emails or programs are blocked by our products may seek redress against us for labeling them as spammers or spyware, or for interfering with their business. In addition, false identification of emails or programs as unwanted spam or potentially unwanted programs may reduce the adoption of our products. If our system restricts important files or applications based on falsely identifying them as malware or some other item that should be restricted, this could adversely affect end-customers’ systems and cause material system failures. In addition, our threat researchers periodically identify vulnerabilities in various third-party products, and, if these identifications are perceived to be incorrect or are in fact incorrect, this could harm our business. Any such false identification or perceived false identification of important files, applications or vulnerabilities could result in negative publicity, loss of end-customers and sales, increased costs to remedy any problem and costly litigation.

Our ability to sell our products is dependent on our quality control processes and the quality of our technical support services, and our failure to offer high-quality technical support services could have a material adverse effect on our sales and results of operations.

Once our products are deployed within our end-customers’ networks, our end-customers depend on our technical support services, as well as the support of our channel partners and other third parties, to resolve any issues relating to our products. If we, our channel partners or other third parties do not effectively assist our customers in planning, deploying and operational proficiency for our products, succeed in helping our customers quickly resolve post-deployment issues and provide effective ongoing support, our ability to sell additional products and services to existing customers could be adversely affected and our reputation with potential customers could be damaged. Many large end-customers, and service provider or government organization end-customers, require higher levels of support than smaller end-customers because of their more complex deployments and more demanding environments and business models. If we, our channel partners or other third parties fail to meet the requirements of our larger end-customers, it may be more difficult to execute on our strategy to increase our penetration with large businesses, service providers and government organizations. Our failure to maintain high-quality support services could have a material adverse effect on our business, financial condition and results of operations and may subject us to litigation, reputational damage, loss of customers and additional costs.

Our business is subject to the risks of warranty claims, product returns, product liability and product defects.

Our products are very complex and, despite testing prior to their release, have contained and may contain undetected defects or errors, especially when first introduced or when new versions are released. Product errors have affected the performance and effectiveness of our products and could delay the development or release of new products or new versions of products, adversely affect our reputation and our end-customers’ willingness to buy products from us, result in litigation and disputes with customers and adversely affect market acceptance or perception of our products. Any such errors or delays in releasing new products or new versions of products or allegations of unsatisfactory performance could cause us to lose revenue or market share, increase our service costs, cause us to incur substantial costs in redesigning the products, cause us to lose significant end-customers, subject us to litigation, litigation costs and liability for damages and divert our resources from other tasks, any one of which could materially and adversely affect our business, results of operations and financial condition. Our products must successfully interoperate with products from other vendors. As a result, when problems occur in a network, it may be difficult to identify the sources of these problems. The occurrence of hardware and software errors, whether or not caused by our products, could delay or reduce market acceptance of our products and have an adverse effect on our business and financial performance, and any necessary revisions may cause us to incur significant expenses. The occurrence of any such problems could harm our business, financial condition and results of operations.
 
64

Table of Contents
Although we generally have limitation of liability provisions in our standard terms and conditions of sale, they may not fully or effectively protect us from claims if exceptions apply or if the provisions are deemed unenforceable, and in some circumstances, we may be required to indemnify a customer in full, without limitation, for certain liabilities, including liabilities that are not contractually limited. The sale and support of our products also entail the risk of product liability claims. We maintain insurance to protect against certain claims associated with the use of our products, but our insurance coverage may not adequately cover any claim asserted against us, if at all, and in some instances may subject us to potential liability that is not contractually limited. In addition, even claims that ultimately are unsuccessful could result in our expenditure of funds in litigation and divert management’s time and other resources.

If the availability of our cloud-based subscription services does not meet our service-level commitments to our customers, our current and future revenue may be negatively impacted.

We typically commit to our customers that our cloud-based subscription services will maintain a minimum service-level of availability. If we are unable to meet these commitments, this could negatively impact our business. We rely on public cloud providers, such as Amazon Web Services, Microsoft Azure and Google Cloud, co-location providers, such as Equinix, and our own data centers and PoPs, and any availability interruption in the public cloud could result in us not meeting our service-level commitments to our customers. In some cases, we may not have a contractual right with our public cloud or co-location providers that compensates us for any losses due to availability interruptions in our cloud-based subscription services. Further, any failure to meet our service-level commitments could damage our reputation and adoption of our cloud-based subscription services, and we could face loss of revenue from reduced future subscriptions and reduced sales and face additional costs associated with any failure to meet service-level agreements. Any service-level failures could adversely affect our business, financial condition and results of operations.

Risks Related to our Systems and Technology

If our internal enterprise IT networks, on which we conduct internal business and interface externally, our operational networks, through which we connect to customers, vendors and partners systems and provide services, or our research and development networks, our back-end labs and cloud stacks hosted in our data centers, colocation vendors or public cloud providers, through which we research, develop and host products and services, are compromised, public perception of our products and services may be harmed, our customers may be breached and harmed, we may become subject to liability, and our business, operating results and stock price may be adversely impacted.

Our success depends on the market’s confidence in our ability to provide effective network security protection. Despite our efforts and processes to prevent breaches of our internal networks, systems and websites, we are still vulnerable to computer viruses, break-ins, phishing attacks, ransomware attacks, attempts to overload our servers with denial-of-service, vulnerabilities in vendor hardware and software that we leverage, advanced persistent threats from sophisticated actors and other cyber-attacks and similar disruptions from unauthorized access to our internal networks, systems or websites. Our security measures may also be breached due to employee error, malfeasance or otherwise, which breaches may be more difficult to detect than outsider threats, and the existing programs and trainings we have in place to prevent such insider threats may not be effective or sufficient. Third parties may also attempt to fraudulently induce our employees to transfer funds or disclose information in order to gain access to our networks and confidential information. Third parties may also send our customers or others malware or malicious emails that falsely indicate that we are the source, potentially causing lost confidence in us and reputational harm. We cannot guarantee that the measures we have taken to protect our networks, systems and websites will provide adequate security. Moreover, because we provide network security products, we may be a more attractive target for attacks by computer hackers and any security breaches and other security incidents involving us may result in more harm to our reputation and brand than companies that do not sell network security solutions. Hackers and malicious parties may be able to develop and deploy viruses, worms, ransomware and other malicious software programs that attack our products and customers, that impersonate our update servers in an effort to access customer networks and negatively impact customers, or otherwise exploit any security vulnerabilities of our products, or attempt to fraudulently induce our employees, customers or others to disclose passwords or other sensitive information or unwittingly provide access to our internal networks, systems or data.

For example, from time to time, we have discovered that unauthorized parties have targeted us using sophisticated techniques, including by stealing technical data and attempting to steal private encryption keys, in an effort to both impersonate our products and threat intelligence update services and possibly attempt other attack methodologies. Using these techniques, these unauthorized parties have tried, and may in the future try, to gain access to certain of our and our customers’ systems. We have also, for example, discovered that unauthorized parties have targeted vulnerabilities in our product software and infrastructure in an effort to gain entry into our customers’ networks. In addition, in general threat actors use dark web forums to sell organizations’ stolen credentials. If threat actors sell valid credentials used by our customers to access our services, it is possible that unauthorized third parties may use such stolen credentials to try to gain access to our services. These and other hacking efforts against us and our customers may be ongoing and may happen in the future.

65

Table of Contents
Although we take numerous measures and implement multiple layers of security to protect our networks, we cannot guarantee that our security products, processes and services will secure against all threats. Further, we cannot be sure that third parties have not been, or will not in the future be, successful in improperly accessing our systems and our customers’ systems, which could negatively impact us and our customers. An actual breach could significantly harm us and our customers, and an actual or perceived breach, or any other actual or perceived data security incident, threat or vulnerability, that involves our supply chains, networks, systems or websites and/or our customers’ supply chains, networks, systems or websites could adversely affect the market perception of our products and services and investor confidence in our company. Any breach of our networks, systems or websites could impair our ability to operate our business, including our ability to provide FortiGuard and other security subscription and FortiCare technical support services to our end-customers, lead to interruptions or system slowdowns, cause loss of critical data or lead to the unauthorized disclosure or use of confidential, proprietary or sensitive information. We could also be subject to liability and litigation and reputational harm and our channel partners and end-customers may be harmed, lose confidence in us and decrease or cease using our products and services. Any breach of our internal networks, systems or websites could have an adverse effect on our business, operating results and stock price.

In addition, there has been a general increase in phishing attempts and spam emails as well as social engineering attempts from hackers, and many of our employees continue to work remotely which may pose additional data security risks in the event remote work environments are not as secure as office environments. Any security incident could negatively impact our reputation and results of operations.
 
If we do not appropriately manage any future growth, including through the expansion of our real estate facilities, or are unable to improve our systems, processes and controls, our operating results will be negatively affected.
 
We rely heavily on information technology to help manage critical functions such as order configuration, pricing and quoting, revenue recognition, financial forecasts, inventory and supply chain management and trade compliance reviews. In addition, we have been slow to adopt and implement certain automated functions, which could have a negative impact on our business. For example, our order processing relies on both manual data entry of customer purchase orders received through email and electronic data interchange (EDI). Due to the use of manual processes and the fact that we may receive a large amount of our orders in the last few weeks of any given quarter, an interruption in our email service or other systems could result in delayed order fulfillment and decreased billings and revenue for that quarter.

To manage any future growth effectively, we must continue to improve and expand our information technology and financial, operating, security and administrative systems and controls, and our business continuity and disaster recovery plans and processes. We must also continue to manage headcount, capital and processes in an efficient manner. We may not be able to successfully implement requisite improvements to these systems, controls and processes, such as system capacity, access, security and change management controls, in a timely or efficient manner. Our failure to improve our systems and processes, or their failure to operate in the intended manner, whether as a result of the significant growth of our business or otherwise, may result in our inability to manage the growth of our business and to accurately forecast our revenue, expenses and earnings, or to prevent certain losses. Moreover, the failure of our systems and processes could undermine our ability to provide accurate, timely and reliable reports on our financial and operating results and could impact the effectiveness of our internal control over financial reporting.

In addition, our systems, processes and controls may not prevent or detect all errors, omissions, malfeasance or fraud, such as corruption and improper “side agreements” that may impact revenue recognition or result in financial liability. Our productivity and the quality of our products and services may also be adversely affected if we do not integrate and train our new employees quickly and effectively. Any future growth would add complexity to our organization and require effective coordination throughout our organization. Failure to ensure appropriate systems, processes and controls and to manage any future growth effectively could result in increased costs and harm our reputation and results of operations.

We have expanded our office real estate holdings to meet our projected growing need for office space. These plans will require significant capital expenditure over the next several years and involve certain risks, including impairment charges and acceleration of depreciation, changes in future business strategy that may decrease the need for expansion (such as a decrease in headcount or increase in work from home) and risks related to construction. Future changes in growth or fluctuations in cash flow may also negatively impact our ability to pay for these projects or free cash flow. Additionally, inaccuracies in our projected capital expenditures could negatively impact our business, operating results and financial condition.
 
We may experience difficulties maintaining and expanding our internal business management systems.
 
The maintenance of our internal business management systems, such as our Enterprise Resource Planning (“ERP”) and Customer Relationship Management (“CRM”) systems, has required, and will continue to require, the investment of significant
66

Table of Contents
financial and human resources. In addition, we may choose to upgrade or expand the functionality of our internal systems, leading to additional costs. Deficiencies in our design or maintenance of our internal systems may adversely affect our ability to sell products and services, forecast orders, process orders, ship products, provide services and customer support, send invoices and track payments, fulfill contractual obligations, accurately maintain books and records, provide accurate, timely and reliable reports on our financial and operating results or otherwise operate our business. Additionally, if any of our internal systems does not operate as intended, the effectiveness of our internal control over financial reporting could be adversely affected or our ability to assess it adequately could be delayed. Further, we may expand the scope of our ERP and CRM systems. Our operating results may be adversely affected if these upgrades or expansions are delayed or if the systems do not function as intended or are not sufficient to meet our operating requirements.

Risks Related to our Intellectual Property

Our proprietary rights may be difficult to enforce and we may be subject to claims by others that we infringe their propriety technology.
 
We rely primarily on patent, trademark, copyright and trade secrets laws and confidentiality procedures and contractual provisions to protect our technology. Valid patents may not issue from our pending applications, and the claims eventually allowed on any patents may not be sufficiently broad to protect our technology or products. Any issued patents may be challenged, invalidated or circumvented, and any rights granted under these patents may not actually provide adequate defensive protection or competitive advantages to us. Patent applications in the United States are typically not published until at least 18 months after filing, or, in some cases, not at all, and publications of discoveries in industry-related literature lag behind actual discoveries. We cannot be certain that we were the first to make the inventions claimed in our pending patent applications or that we were the first to file for patent protection. Additionally, the process of obtaining patent protection is expensive and time-consuming, and we may not be able to prosecute all necessary or desirable patent applications at a reasonable cost or in a timely manner. In addition, recent changes to the patent laws in the United States may bring into question the validity of certain software patents and may make it more difficult and costly to prosecute patent applications. As a result, we may not be able to obtain adequate patent protection or effectively enforce our issued patents.
 
Despite our efforts to protect our proprietary rights, unauthorized parties may attempt to copy aspects of our products or obtain and use information that we regard as proprietary. We generally enter into confidentiality or license agreements with our employees, consultants, vendors and customers, and generally limit access to and distribution of our proprietary information. However, we cannot guarantee that the steps taken by us will prevent misappropriation of our technology. Policing unauthorized use of our technology or products is difficult. In addition, the laws of some foreign countries do not protect our proprietary rights to as great an extent as the laws of the United States, and many foreign countries do not enforce these laws as diligently as government agencies and private parties in the United States. From time to time, legal action by us may be necessary to enforce our patents and other IP rights, to protect our trade secrets, to determine the validity and scope of the proprietary rights of others or to defend against claims of infringement or invalidity. Such litigation could result in substantial costs and diversion of resources and could negatively affect our business, operating results and financial condition. If we are unable to protect our proprietary rights (including aspects of our software and products protected other than by patent rights), we may find ourselves at a competitive disadvantage to others who need not incur the additional expense, time and effort required to create the innovative products that have enabled us to be successful to date.

Our products contain third-party open-source software components, and failure to comply with the terms of the underlying open-source software licenses could restrict our ability to sell our products.
 
Our products contain software modules licensed to us by third-party authors under “open source” licenses, including but not limited to, the GNU Public License, the GNU Lesser Public License, the BSD License, the Apache License, the MIT X License and the Mozilla Public License. From time to time, there have been claims against companies that distribute or use open-source software in their products and services, asserting that open-source software infringes the claimants’ IP rights. We could be subject to suits by parties claiming infringement of IP rights in what we believe to be licensed open-source software. Use and distribution of open-source software may entail greater risks than use of third-party commercial software, as, for example, open-source licensors generally do not provide warranties or other contractual protections regarding infringement claims or the quality of the code. Some open-source licenses contain requirements that we make available source code for modifications or derivative works we create based upon the type of open-source software we use. If we combine our proprietary software with open-source software in a certain manner, we could, under certain open-source licenses, be required to release the source code of our proprietary software to the public. This would allow our competitors to create similar products with lower development effort and time and ultimately could result in a loss of product sales for us.
 
67

Table of Contents
Although we monitor our use of open source software to avoid subjecting our products to conditions we do not intend, the terms of many open source licenses have not been interpreted by U.S. courts, and there is a risk that these licenses could be construed in a way that, for example, could impose unanticipated conditions or restrictions on our ability to commercialize our products. In this event, we could be required to seek licenses from third parties to continue offering our products, to make our proprietary code generally available in source code form, to re-engineer our products or to discontinue the sale of our products if re-engineering could not be accomplished on a timely basis, any of which requirements could adversely affect our business, operating results and financial condition.
 
Claims by others that we infringe their proprietary technology or other litigation matters could harm our business.
 
Patent and other IP disputes are common in the network security industry. Third parties are currently asserting, have asserted and may in the future assert claims of infringement of IP rights against us. Third parties have also asserted such claims against our end-customers or channel partners whom we may indemnify against claims that our products infringe the IP rights of third parties. As the number of products and competitors in our market increases and overlaps occur, infringement claims may increase. Any claim of infringement by a third party, even those without merit, could cause us to incur substantial costs defending against the claim and could distract our management from our business. In addition, litigation may involve patent holding companies, non-practicing entities or other adverse patent owners who have no relevant product revenue and against whom our own patents may therefore provide little or no deterrence or protection.
 
Although third parties may offer a license to their technology, the terms of any offered license may not be acceptable, and the failure to obtain a license or the costs associated with any license could cause our business, financial condition and results of operations to be materially and adversely affected. In addition, some licenses may be non-exclusive and, therefore, our competitors may have access to the same technology licensed to us.
 
Alternatively, we may be required to develop non-infringing technology, which could require significant time, effort and expense, and may ultimately not be successful. Furthermore, a successful claimant could secure a judgment or we may agree to a settlement that prevents us from distributing certain products or performing certain services or that requires us to pay substantial damages (including treble damages if we are found to have willfully infringed such claimant’s patents or copyrights), royalties or other fees. Any of these events could seriously harm our business, financial condition and results of operations.

From time to time, we are subject to lawsuits claiming patent infringement. We are also subject to other litigation in addition to patent infringement claims, such as employment-related litigation and disputes, as well as general commercial litigation, such as the Alorica litigation, and could become subject to other forms of litigation and disputes, including stockholder litigation. If we are unsuccessful in defending any such claims, our operating results and financial condition and results may be materially and adversely affected. For example, we may be required to pay substantial damages and could be prevented from selling certain of our products. Litigation, with or without merit, could negatively impact our business, reputation and sales in a material fashion.

We have several ongoing patent lawsuits, certain companies have sent us demand letters proposing that we license certain of their patents, and organizations have sent letters demanding that we provide indemnification for patent claims. Given this and the proliferation of lawsuits in our industry and other similar industries by both non-practicing entities and operating entities, and recent non-practicing entity and operating entity patent litigation against other companies in the security space, we expect that we will be sued for patent infringement in the future, regardless of the merits of any such lawsuits. The cost to defend such lawsuits and any settlement payment or adverse result in such lawsuits could have a material adverse effect on our results of operations and financial condition.

We rely on the availability of third-party licenses.

Many of our products include software or other IP licensed from third parties. It may be necessary in the future to renew licenses relating to various aspects of these products or to seek new licenses for existing or new products. Licensors may claim we owe them additional license fees for past and future use of their software and other IP or that we cannot utilize such software or IP in our products going forward. There can be no assurance that the necessary licenses would be available on acceptable terms, if at all. The inability to obtain certain licenses or other rights or to obtain such licenses or rights on favorable terms or for reasonable pricing, or the need to engage in litigation regarding these matters, could result in delays in product releases until equivalent technology can be identified, licensed or developed, if at all, and integrated into our products and may result in significant license fees and have a material adverse effect on our business, operating results, and financial condition. Moreover, the inclusion in our products of software or other IP licensed from third parties on a non-exclusive basis could limit our ability to differentiate our products from those of our competitors.
68

Table of Contents

We also rely on technologies licensed from third parties in order to operate functions of our business. If any of these third parties allege that we have not properly paid for such licenses or that we have improperly used the technologies under such licenses, we may need to pay additional fees or obtain new licenses, and such licenses may not be available on terms acceptable to us or at all or may be costly. In any such case, or if we were required to redesign our internal operations to function with new technologies, our business, results of operations and financial condition could be harmed.

Other Risks Related to Our Business and Financial Position

Our inability to successfully acquire and integrate other businesses, products or technologies, or to successfully invest in and form successful strategic alliances with other businesses, could seriously harm our competitive position and could negatively affect our financial condition and results of operations.

In order to remain competitive, we may seek to acquire additional businesses, products, technologies or IP, such as patents, and to make equity investments in businesses coupled with strategic alliances. For any possible future acquisitions or investments, we may not be successful in negotiating the terms of the acquisition or investment or financing the acquisition or investment. For both our prior and future acquisitions, we may not be successful in effectively integrating the acquired business, product, technology, IP or sales force into our existing business and operations, and the acquisitions may negatively impact our financial results. We may have difficulty incorporating acquired technologies, IP or products with our existing product lines, integrating reporting systems and procedures, and maintaining uniform standards, controls, procedures and policies. For example, we may experience difficulties integrating an acquired company’s ERP or CRM systems, sales support and other processes and systems, with our current systems and processes. The results of certain businesses that we invest in, such as Linksys Holdings, Inc. (“Linksys”), are, or may in the future, be reflected in our operating results, and we depend on these companies to provide us financial information in a timely manner in order to meet our financial reporting requirements. We may experience difficulty in timely obtaining financial information from the companies in which we have invested in order to meet our financial reporting requirements. Our due diligence for acquisitions and investments may fail to identify all of the problems, liabilities or other shortcomings or challenges of an acquired business, product or technology, including issues with IP, product quality or product architecture, regulatory compliance practices, environmental and sustainability compliance practices, revenue recognition or other accounting practices or employee or customer issues. We also may not accurately forecast the financial impact of an acquisition or an investment and alliance. In addition, any acquisitions and significant investments we are able to complete may be dilutive to revenue growth and earnings and may not result in any synergies or other benefits we had expected to achieve, which could negatively impact our operating results and result in impairment charges that could be substantial. We may have to pay cash, incur debt or issue equity securities to pay for any acquisition, each of which could affect our financial condition or the value of our capital stock and could result in dilution to our stockholders. Acquisitions or investments during a quarter may result in increased operating expenses and adversely affect our cash flows or our results of operations for that period and future periods compared to the results that we have previously forecasted or achieved. Further, completing a potential acquisition or investment and alliance and integrating acquired businesses, products, technologies or IP are challenging to do successfully and could significantly divert management time and resources.

Linksys sells predominantly into the consumer Wi-Fi market, and its sales have declined since our investment. Because we are accounting for our Linksys investment using the equity method of accounting, we are required to assess the investment for other-than-temporary impairment (“OTTI”) when events or circumstances suggest that the carrying amount of the investment may be impaired. We have analyzed whether there should be an OTTI of the value of our investment in Linksys and in fiscal 2022, we recorded an OTTI charge of $22.2 million. In evaluating OTTI, we considered factors such as Linksys’ financial results and operating history, our ability and intent to hold the investment until its fair value recovers, the implied revenue valuation multiples compared to guideline public companies, Linksys’ ability to achieve milestones and any notable operational and strategic changes. We intend to continue to analyze our investment in Linksys to determine whether any further impairment is appropriate. If any further decline in fair value is determined to be other-than-temporary, we will adjust the carrying value of the investment to its fair value and record the impairment expense in our consolidated statements of income. The cost basis of the investment is not adjusted for subsequent recoveries in fair value. We may experience additional volatility to our statements of operations due to the underlying operating results of Linksys or impairments of our Linksys investment. This volatility could be material to our results in any given quarter and may cause our stock price to decline.

Failure to comply with laws and regulations applicable to our business could subject us to fines and penalties and could also cause us to lose end-customers in the public sector or negatively impact our ability to contract with the public sector.

Our business is subject to regulation by various federal, state, regional, local and foreign governmental agencies, including agencies responsible for monitoring and enforcing employment and labor laws, workplace safety, product safety, product labeling, environmental laws, consumer protection laws, anti-bribery laws, data privacy laws, import and export controls, federal securities laws and tax laws and regulations. In certain jurisdictions, these regulatory requirements may be more stringent than in the United States. Non-compliance with applicable regulations or requirements could subject us to investigations, sanctions, enforcement actions, disgorgement of profits, fines, damages and civil and criminal penalties or
69

Table of Contents
injunctions. If any governmental sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation, our business, operating results and financial condition could be adversely affected. In addition, responding to any action will likely result in a significant diversion of management’s attention and resources and an increase in professional fees. Enforcement actions and sanctions could harm our business, operating results and financial condition.

For example, the GDPR imposes stringent data handling requirements on companies that operate in the EU or receive or process personal data about individuals in the EU in certain contexts. Non-compliance with the GDPR could result in data protection audits and significant penalties, heavy fines imposed on us and bans on other businesses’ use of our services. Compliance with, and the other burdens imposed by, the GDPR and local regulatory authorities may limit our ability to operate or expand our business in the EU and could adversely impact our operating results. In July 2020, the European Court of Justice issued a judgment declaring invalid the EU-U.S. Privacy Shield Framework (the “Privacy Shield”) as a mechanism for the transfer of GDPR-regulated personal data to recipients in the United States and calling into question the validity of certain popular alternative mechanisms for addressing GDPR restrictions on transfers to the United States and other areas where we operate. The Privacy Shield has now been replaced with the EU-U.S. Data Privacy Framework following certain changes to U.S. law intended to address the concerns underlying that court decision with respect to transfers of personal data to the United States. However, there remains a possibility that our business could be negatively impacted by restrictions on transfers of GDPR-regulated personal data (including transfers made by our customers) to other areas we operate. In addition, it is possible that the updates to U.S. law may ultimately be deemed insufficient in a court case similar to the one that invalidated Privacy Shield. The mere possibility of this outcome, and our reliance on global data transfers within our corporate family and between us and our service providers, may create challenges for us to compete with companies that may be able to offer services in which personal data never exits the EU, thereby avoiding risks of noncompliance with GDPR data transfer restrictions.

Additionally, we may be subject to other legal regimes throughout the world governing data handling, protection and privacy. For example, in June 2018, California passed the California Consumer Privacy Act (the “CCPA”), which provides new data privacy rights for consumers and new operational requirements for companies and became effective on January 1, 2020. The CCPA was expanded pursuant to the California Privacy Rights Act, which was passed in 2020 and became effective in 2023. Other states have since passed similar laws, adding to the complexity of compliance with overlapping and sometimes conflicting requirements. The costs of compliance with and the penalties for violations of the GDPR, the CCPA and other laws, along with other burdens imposed by these regulations, may limit the use and adoption of our products and services and could have an adverse impact on our business. For example, our sales cycles may lengthen and face an increased risk of failure as customers take more time to vet our services for compliance with these legal requirements and to negotiate data-related contract terms with us, causing delays or loss of revenue.

Selling our solutions to the U.S. government, whether directly or through channel partners, also subjects us to certain regulatory and contractual requirements, government permit and clearance requirements and other risks. Failure to comply with these requirements or to obtain and maintain government permits and clearances required to do certain business, by either us or our channel partners, could subject us to investigations, fines, suspension, limitations on business or debarment from doing business with the U.S. government or one of its divisions, as well as other penalties, damages and reputational harms, which could have an adverse effect on our business, operating results, financial condition and prospects. Any violations of regulatory and contractual requirements could result in us being suspended or debarred from future government contracting. Any of these outcomes could have an adverse effect on our revenue, operating results, financial condition and prospects.

These laws, regulations and other requirements impose added costs on our business, and failure to comply with these or other applicable regulations and requirements, including non-compliance in the past, could lead to claims for damages from our channel partners, penalties, termination of contracts, loss of exclusive rights in our IP and temporary suspension, permanent debarment from government contracting, or other limitations on doing business. Any such damages, penalties, disruptions or limitations in our ability to do business with the public sector could have an adverse effect on our business and operating results.

We are subject to governmental export and import controls that could subject us to liability or restrictions on sales, and that could impair our ability to compete in international markets.

Because we incorporate encryption technology into our products, certain of our products are subject to U.S. export controls and may be exported outside the United States only with the required export license or through an export license exception, or may be prohibited altogether from export to certain countries. If we were to fail to comply with U.S. export laws, U.S. Customs regulations and import regulations, U.S. economic sanctions and other countries’ import and export laws, we could be subject to substantial civil and criminal penalties, including fines for the company and incarceration for responsible employees and managers, and the possible loss of export or import privileges. In addition, if our channel partners fail to obtain appropriate import, export or re-export licenses or permits (e.g., for stocking orders placed by our partners), we may also be adversely affected through reputational harm and penalties and we may not be able to provide support related to appliances
70

Table of Contents
shipped pursuant to such orders. Obtaining the necessary export license for a particular sale may be time-consuming and may result in the delay or loss of sales opportunities.

Furthermore, U.S. export control laws and economic sanctions prohibit the shipment of certain products to U.S. embargoed or sanctioned countries, governments and persons, such as the sanctions and trade restrictions that have been implemented against Russia and Belarus. Even though we take precautions to prevent our product from being shipped to U.S. sanctions targets, our products could be shipped to those targets by our channel partners, despite such precautions. Any such shipment could have negative consequences including government investigations and penalties and reputational harm. In addition, various countries regulate the import of certain encryption technology, including import permitting and licensing requirements, and have enacted laws that could limit our ability to distribute our products or could limit our customers’ ability to implement our products in those countries. Changes in our products or changes in export and import regulations may create delays in the introduction of our products in international markets, prevent our customers with international operations from deploying our products globally or, in some cases, prevent the export or import of our products to certain countries, governments or persons altogether. Any change in export or import regulations, economic sanctions or related legislation, shift in the enforcement or scope of existing regulations, or change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential customers with international operations. Any decreased use of our products or limitation on our ability to export or sell our products would likely adversely affect our business, financial condition and results of operations.

Efforts to withdraw from or materially modify international trade agreements, to change tax provisions related to global manufacturing and sales or to impose new tariffs, economic sanctions or related legislation, any of which could adversely affect our financial condition and results of operations.

Our business benefits directly and indirectly from free trade agreements, and we also rely on various corporate tax provisions related to international commerce, as we develop, market and sell our products and services globally. Efforts to withdraw from or materially modify international trade agreements, or to change corporate tax policy related to international commerce, could adversely affect our financial condition and results of operations as could the continuing uncertainty regarding whether such actions will be taken.

Moreover, efforts to implement changes related to export or import regulations (including the imposition of new border taxes or tariffs on foreign imports), trade barriers, economic sanctions and other related policies could harm our results of operations. For example, in recent years, the United States has imposed additional import tariffs on certain goods from different countries and on most goods imported from China. As a result, China and other countries imposed retaliatory tariffs on goods exported from the United States and both the United States and foreign countries have threatened to alter or leave current trade agreements. While we do not currently expect these tariffs to have a significant effect on our raw material and product import costs, if the United States expands increased tariffs, or retaliatory trade measures are taken by other countries in response to the tariffs, the cost of our products could increase, our operations could be disrupted or we could be required to raise our prices, which may result in the loss of customers and harm to our reputation and operating performance.

Any modification in these areas, any shift in the enforcement or scope of existing regulations or any change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential end-customers with international operations and could result in increased costs. Any decreased use of our products or limitation on our ability to export or sell our products would likely adversely affect our business, financial condition and results of operations.

If we fail to comply with environmental requirements, our business, financial condition, operating results and reputation could be adversely affected.

We are subject to various environmental laws and regulations, including laws governing the hazardous material content of our products, laws relating to our real property and future expansion plans and laws concerning the recycling of Electrical and Electronic Equipment (“EEE”). The laws and regulations to which we are subject include the EU RoHS Directive, EU Regulation 1907/2006 – Registration, Evaluation, Authorization and Restriction of Chemicals (the “REACH” Regulation) and the EU Waste Electrical and Electronic Equipment Directive (the “WEEE Directive”), as well as the implementing legislation of the EU member states. Similar laws and regulations have been passed or are pending in China, South Korea, Taiwan, Japan, Norway, Saudi Arabia and the UAE and may be enacted in other regions, including in the United States, and we are, or may in the future be, subject to these laws and regulations. These legal and regulatory regimes, including the laws, rules and regulations thereunder, evolve frequently and may be modified, interpreted and applied in an inconsistent manner from one jurisdiction to another, and may conflict with one another. Moreover, the timing and effect of these laws and regulations on our business may be uncertain. To the extent we have not complied with such laws, rules and regulations, we could be subject to significant fines, revocation of licenses, limitations on our products and services, reputational harm and other regulatory consequences, each of which may be significant and could adversely affect our business, operating results and
71

Table of Contents
financial condition. These laws and regulations may also impact our suppliers, which could have, among other things, an adverse impact on the costs of components in our products.

The EU RoHS Directive and the similar laws of other jurisdictions ban or restrict the presence of certain hazardous substances such as lead, mercury, cadmium, hexavalent chromium and certain fire-retardant plastic additives in electrical equipment, including our products. We have incurred costs to comply with these laws, including research and development costs and costs associated with assuring the supply of compliant components. We expect to continue to incur costs related to environmental laws and regulations in the future. With respect to the EU RoHS, we and our competitors rely on exemptions for lead and other substances in network infrastructure equipment. It is possible one or more of these use exemptions will be revoked in the future. Additionally, although some of the EU RoHS exemptions have been extended, it is possible that some of these exemptions may expire in the future without being extended. If this exemption is revoked or expires without extension, if there are other changes to these laws (or their interpretation) or if new similar laws are passed in other jurisdictions, we may be required to re-engineer our products to use components compatible with these regulations. This re-engineering and component substitution could result in additional costs to us and/or disrupt our operations or logistics.

As part of the Circular Economy Action Plan, the European Commission amended the EU Waste Framework Directive (“WFD”) to include a number of measures related to waste prevention and recycling, whereby we are responsible for submitting product data to a Substances of Concern In articles as such or in complex objects (Products) (“SCIP”) database containing information on Substances of Very High Concern (“SVHC”) in articles and in complex objects. The SCIP database is established under the WFD and managed by the European Chemicals Agency (“ECHA”). We have incurred costs in order to comply with this new requirement. Similar laws and regulations have been passed or are pending in the European Economic Area and the UK.

The EU’s WEEE Directive, which requires electronic goods producers to be responsible for the collection, recycling and treatment of such products. Although currently our EU international channel partners are responsible for the requirements of this directive as the importer of record in most of the European countries in which we sell our products, changes in interpretation of the regulations may cause us to incur costs or have additional regulatory requirements in the future to meet in order to comply with this directive, or with any similar laws adopted in other jurisdictions including the United States.

Our failure to comply with these and future environmental rules and regulations could result in decreased demand for our products and services resulting in reduced sales of our products, increased demand for competitive products and services that result in lower emissions than our products, increased costs, substantial product inventory write-offs, reputational damage, penalties and other sanctions, any of which could harm our business and financial condition. To date, our expenditures for environmental compliance have not had a material impact on our operating results or cash flows, and, although we cannot predict the future impact of such laws or regulations, they will likely result in additional costs. New laws may result in increased penalties associated with violations or require us to change the content of our products or how they are manufactured, which could have a material adverse effect on our business, operating results and financial condition.

Investors’ expectations of our performance relating to environmental, social and governance factors may impose additional costs and expose us to new risks.

There is an increasing focus from certain investors, employees, customers and other stakeholders concerning corporate responsibility, specifically related to ESG matters. Some investors may use these non-financial performance factors to guide their investment strategies and, in some cases, may choose not to invest in us if they believe our policies and actions relating to corporate responsibility are inadequate. The growing investor demand for measurement of non-financial performance is addressed by third-party providers of sustainability assessment and ratings on companies. The criteria by which our corporate responsibility practices are assessed may change due to the constant evolution of the sustainability landscape, which could result in greater expectations of us and cause us to undertake costly initiatives to satisfy such new criteria. If we elect not to or are unable to satisfy such new criteria, investors may conclude that our policies and/or actions with respect to corporate social responsibility are inadequate. We may face reputational damage in the event that we do not meet the ESG standards set by various constituencies.

Furthermore, in the event that we communicate certain initiatives and goals regarding ESG matters, such as our commitment to target Net-Zero on Scope 1 and Scope 2 emissions resulting from our owned facilities worldwide by 2030 or our commitment to the Paris Agreement via the Science Based Targets Initiative, we could fail, or be perceived to fail, in our achievement of such initiatives or goals, or we could be criticized for the scope, target and timelines of such initiatives or goals. If we fail to satisfy the expectations of investors, customers, employees, and other stakeholders or our initiatives are not executed as planned, our reputation and business, operating results and financial condition could be adversely impacted. In addition, the SEC has also proposed a draft rule that requires climate disclosures in financial filings. To the extent the SEC proposal becomes effective for our company, we will be required to establish additional internal controls, engage additional consultants and incur additional costs related to evaluating, managing and reporting on our environmental impact and climate-
72

Table of Contents
related risks and opportunities. If we fail to implement sufficient oversight or accurately capture and disclose on environmental matters, our reputation, business, operating results and financial condition may be materially adversely affected.

Risks Related to Finance, Accounting and Tax Matters

If our estimates or judgments relating to our critical accounting policies are based on assumptions that change or prove to be incorrect, our operating results could fall below expectations of securities analysts and investors, resulting in a decline in our stock price.
 
The preparation of financial statements in conformity with generally accepted accounting principles requires management to make estimates and assumptions that affect the amounts reported in the condensed consolidated financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, as provided in “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Critical Accounting Policies and Estimates” in this Quarterly Report on Form 10-Q, the results of which form the basis for making judgments about the carrying values of assets and liabilities that are not readily apparent from other sources. Our operating results may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions, which could cause our operating results to fall below the expectations of securities analysts and investors, resulting in a decline in our stock price. Significant assumptions and estimates used in preparing our condensed consolidated financial statements include those related to revenue recognition, deferred contract costs and commission expense, accounting for business combinations, contingent liabilities and accounting for income taxes.

We are exposed to fluctuations in currency exchange rates, which could negatively affect our financial condition and results of operations.

A significant portion of our operating expenses are incurred outside the United States. These expenses are denominated in foreign currencies and are subject to fluctuations due to changes in foreign currency exchange rates, particularly changes in the Euro, Japanese yen, Canadian dollar and British pound. A weakening of the U.S. dollar compared to foreign currencies would negatively affect our expenses and operating results, which are expressed in U.S. dollars. Additionally, fluctuations in the exchange rate of the Canadian dollar may negatively impact our development plans in Burnaby, Canada. While we are not currently engaged in material hedging activities, we have been hedging currency exposures relating to certain balance sheet accounts through the use of forward exchange contracts. If we stop hedging against any of these risks or if our attempts to hedge against these currency exposures are not successful, our financial condition and results of operations could be adversely affected. Our sales contracts are primarily denominated in U.S. dollars and therefore, while substantially all of our revenue is not subject to foreign currency risk, it does not serve as a hedge to our foreign currency-denominated operating expenses. In addition, a strengthening of the U.S. dollar may increase the real cost of our products to our customers outside of the United States, which may also adversely affect our financial condition and results of operations. 

We could be subject to changes in our tax rates, the adoption of new U.S. or international tax legislation, exposure to additional tax liabilities or impacts from the timing of tax payments.

We are subject to taxes in the United States and numerous foreign jurisdictions, where a number of our subsidiaries are organized. Our provision for income taxes is subject to volatility and could be adversely affected by several factors, many of which are outside of our control. These include:

the mix of earnings in countries with differing statutory tax rates or withholding taxes;

changes in the valuation of our deferred tax assets and liabilities;

transfer pricing adjustments;

increases to corporate tax rates;

an increase in non-deductible expenses for tax purposes, including certain stock-based compensation expense;

changes in availability of tax credits and/or tax deductions;

the timing of tax payments;

tax costs related to intercompany realignments;

73

Table of Contents
tax assessments resulting from income tax audits or any related tax interest or penalties that could significantly affect our provision for income taxes for the period in which the settlement takes place; and

changes in accounting principles, court decisions, tax rulings, and interpretations of or changes to tax laws, and regulations by international, federal or local governmental authorities.

We have open tax years that could be subject to the examination by the Internal Revenue Service (the “IRS”) and other tax authorities. We currently have ongoing tax audits in the United Kingdom, Canada, Germany and several other foreign jurisdictions. The focus of all of these audits is the allocation of profits among our legal entities. We regularly assess the likelihood of adverse outcomes resulting from such examinations to determine the adequacy of our provision for income taxes. Although we believe that our estimates are reasonable, the ultimate tax outcome may differ from the amounts recorded in our condensed consolidated financial statements and may materially affect our financial results.

We may undertake corporate operating restructurings or transfers of assets that involve our group of foreign country subsidiaries through which we do business abroad, in order to maximize the operational and tax efficiency of our group structure. If ineffectual, such restructurings or transfers could increase our income tax liabilities, and in turn, increase our global effective tax rate. Moreover, our existing corporate structure and intercompany arrangements have been implemented in a manner we believe reasonably ensures that we are in compliance with current prevailing tax laws. However, the tax authorities of the jurisdictions in which we operate may challenge our methodologies for valuing developed technology or intercompany arrangements, which could impact our worldwide effective tax rate and harm our financial position and operating results.

Significant judgment is required in determining any valuation allowance recorded against deferred tax assets. In assessing the need for a valuation allowance, we consider all available evidence, including past operating results, estimates of future taxable income and the feasibility of tax planning strategies. In the event that we change our determination as to the amount of deferred tax assets that can be realized, we will adjust our valuation allowance with a corresponding impact to the provision for income taxes in the period in which such determination is made.

Forecasting our estimated annual effective tax rate is complex and subject to uncertainty, and there may be material differences between our forecasted and actual tax rates.

Forecasts of our income tax position and effective tax rate are complex, subject to uncertainty and periodic updates because our income tax position for each year combines the effects of a mix of profits earned and losses incurred by us in various tax jurisdictions with a broad range of income tax rates, as well as changes in the valuation of deferred tax assets and liabilities, the impact of various accounting rules and changes to these rules and tax laws, the results of examinations by various tax authorities, and the impact of any acquisition, business combination or other reorganization or financing transaction. To forecast our global tax rate, we estimate our pre-tax profits and losses by jurisdiction and forecast our tax expense by jurisdiction. If the mix of profits and losses, our ability to use tax credits or our effective tax rate in a given jurisdiction differs from our estimate, our actual tax rate could be materially different than forecasted, which could have a material impact on our results of business, financial condition and results of operations. Additionally, our actual tax rate may be subject to further uncertainty due to potential changes in U.S. and foreign tax rules.

As a multinational corporation, we conduct our business in many countries and are subject to taxation in many jurisdictions. The taxation of our business is subject to the application of multiple and sometimes conflicting tax laws and regulations, as well as multinational tax conventions. Our effective tax rate is highly dependent upon the geographic distribution of our worldwide earnings or losses, the tax regulations in each geographic region, the availability of tax credits and carryforwards and the effectiveness of our tax planning strategies. The application of tax laws and regulations is subject to legal and factual interpretation, judgment and uncertainty. Tax laws themselves are subject to change as a result of changes in fiscal policy, changes in legislation and the evolution of regulations and court rulings. Consequently, tax authorities may impose tax assessments or judgments against us that could materially impact our tax liability and/or our effective income tax rate.

The Organisation for Economic Co-operation and Development (the “OECD”), an international association comprised of 38 countries, including the United States, has issued and continues to issue guidelines and proposals that change various aspects of the existing framework under which our tax obligations are determined in many of the countries in which we do business. Due to our extensive international business activities, any changes in the taxation of such activities could increase our tax obligations in many countries and may increase our worldwide effective tax rate.

74

Table of Contents
Risks Related to Ownership of Our Common Stock

As a public company, we are subject to compliance initiatives that will require substantial time from our management and result in significantly increased costs that may adversely affect our operating results and financial condition.

The Sarbanes-Oxley Act of 2002 (“Sarbanes-Oxley”), Dodd-Frank and other rules implemented by the SEC and The Nasdaq Stock Market impose various requirements on public companies, including requiring changes in corporate governance practices. These requirements, as well as proposed corporate governance laws and regulations under consideration, may further increase our compliance costs. If compliance with these various legal and regulatory requirements diverts our management’s attention from other business concerns, it could have a material adverse effect on our business, financial condition and results of operations. Sarbanes-Oxley requires, among other things, that we assess the effectiveness of our internal control over financial reporting annually, and of our disclosure controls and procedures quarterly. Although our most recent assessment, testing and evaluation resulted in our conclusion that, as of December 31, 2022, our internal controls over financial reporting were effective, we cannot predict the outcome of our testing in 2023 or future periods and there can be no assurance that, in the future, our internal controls over financial reporting will be effective or deemed effective. We may incur additional expenses and commitment of management’s time in connection with further evaluations, both of which could materially increase our operating expenses and accordingly reduce our operating results.

If securities or industry analysts stop publishing research or publish inaccurate or unfavorable research about our business, our stock price and trading volume could decline.

The trading market for our common stock will depend in part on the research and reports that securities or industry analysts publish about us or our business. If we do not maintain adequate research coverage, if one or more of the analysts who cover us downgrades our stock or publishes inaccurate or unfavorable research about our business or if our results or forecasts fail to meet the expectations of research analysts and investors, our stock price could decline. If one or more of these analysts ceases coverage of our company or fails to publish reports on us regularly, demand for our stock could decrease, which could cause our stock price and trading volume to decline. If securities analysts publish inaccurate positive information, stockholders could buy our stock and the stock price may later decline.
 
The trading price of our common stock may be volatile, which may be exacerbated by share repurchases under our Share Repurchase Program.

The market price of our common stock may be subject to wide fluctuations in response to, among other things, the risk factors described in this periodic report, news about us and our financial results, news about our competitors and their results, and other factors such as rumors or fluctuations in the valuation of companies perceived by investors to be comparable to us. For example, during the six months ended June 30, 2023, the closing price of our common stock ranged from $47.45 to $75.59 per share.

 Furthermore, stock markets have experienced price and volume fluctuations that have affected and continue to affect the market prices of equity securities of many companies. These fluctuations often have been unrelated or disproportionate to the operating performance of those companies. These broad market and industry fluctuations, as well as general economic, political and market conditions, such as recessions, interest rate changes or international currency fluctuations, may negatively affect the market price of our common stock.
 
In the past, many companies that have experienced volatility in the market price of their stock have been subject to securities class action litigation. We may be the target of this type of litigation in the future. Securities litigation against us could result in substantial costs and divert our management’s attention from other business concerns, which could seriously harm our business.

Share repurchases under the Repurchase Program could increase the volatility of the trading price of our common stock, could diminish our cash reserves, could occur at non-optimal prices and may not result in the most effective use of our capital.

In February 2023, our board of directors approved an extension of the Repurchase Program to February 29, 2024. In April 2023, our board of directors approved a $1.0 billion increase in the authorized stock repurchase amount under the Repurchase Program, and in July 2023, our board of directors approved an additional $500 million increase in the authorized stock repurchase amount under the Repurchase Program, bringing the remaining aggregate amount authorized to be repurchased to $1.87 billion as of August 7, 2023. Share repurchases under the Repurchase Program could affect the price of our common stock, increase stock price volatility and diminish our cash reserves. In addition, an announcement of the reduction, suspension or termination of the Repurchase Program could result in a decrease in the trading price of our common
75

Table of Contents
stock. Moreover, our stock price could decline, resulting in repurchases made at non-optimal prices. Our failure to repurchase our stock at optimal prices may be perceived by investors as an inefficient use of our cash and cash equivalents, which could result in litigation that may have an adverse effect on our business, operating results and financial condition. In addition, while our board of directors carefully considers various alternative uses of our cash and cash equivalents in determining whether to authorize stock repurchases, there can be no assurance that the decision by our board of directors to repurchase stock would result in the most effective uses of our cash and cash equivalents, and there may be alternative uses of our cash and cash equivalents that would be more effective, such as investing in growing our business organically or through acquisitions.

Anti-takeover provisions contained in our certificate of incorporation and bylaws, as well as provisions of Delaware law, could impair a takeover attempt.
 
Our certificate of incorporation, bylaws and Delaware law contain provisions that could have the effect of rendering more difficult, delaying or preventing an acquisition deemed undesirable by our board of directors. Our corporate governance documents include provisions:

authorizing “blank check” preferred stock, which could be issued by the board without stockholder approval and may contain voting, liquidation, dividend and other rights superior to our common stock;
 
limiting the liability of, and providing indemnification to, our directors and officers;
 
requiring advance notice of stockholder proposals for business to be conducted at meetings of our stockholders and for nominations of candidates for election to our board of directors;

providing that certain litigation matters may only be brought against us in state or federal courts in the State of Delaware;
 
controlling the procedures for the conduct and scheduling of board and stockholder meetings; and
 
providing the board of directors with the express power to postpone previously scheduled annual meetings and to cancel previously scheduled special meetings.
 
These provisions, alone or together, could delay or prevent hostile takeovers and changes in control or changes in our management.

In addition, our amended and restated bylaws provide that unless we consent in writing to the selection of an alternative forum, to the fullest extent permitted by law, the federal district courts of the United States shall be the exclusive forum for the resolution of any complaint asserting a cause of action arising under the Securities Act. Any person or entity purchasing or otherwise acquiring any interest in any of our securities shall be deemed to have notice of and consented to this provision. This provision, as well as provisions providing that certain litigation matters may only be brought against us in state or federal courts in the State of Delaware, may limit a stockholder’s ability to bring a claim in a judicial forum that it finds favorable for disputes with us or any of our directors, officers or other employees, which may discourage lawsuits against us and our directors, officers and other employees.

As a Delaware corporation, we are also subject to provisions of Delaware law, including Section 203 of the Delaware General Corporation Law, which prevents stockholders holding more than 15% of our outstanding common stock from engaging in certain business combinations without approval of the holders of a substantial majority of all of our outstanding common stock.
 
Any provision of our certificate of incorporation, bylaws or Delaware law that has the effect of delaying or deterring a change in control could limit the opportunity for our stockholders to receive a premium for their shares of our common stock, and could also affect the price that some investors are willing to pay for our common stock.

However, these anti-takeover provisions will not have the effect of preventing activist stockholders from seeking to increase short-term stockholder value through actions such as nominating board candidates and requesting that we pursue strategic combinations or other transactions. These actions could disrupt our operations, be costly and time-consuming and divert the attention of our management and employees. In addition, perceived uncertainties as to our future direction as a result of activist stockholder actions could result in the loss of potential business opportunities, as well as other negative business consequences. Actions of an activist stockholder may also cause fluctuations in our stock price based on speculative market perceptions or other factors that do not necessarily reflect our business. Further, we may incur significant expenses in retaining
76

Table of Contents
professionals to advise and assist us on activist stockholder matters, including legal, financial, communications advisors and solicitation experts, which may negatively impact our future financial results.

General Risks

Global economic uncertainty, an economic downturn, the possibility of a recession, inflation, rising interest rates, weakening product demand caused by political instability, changes in trade agreements and conflicts such as the war in Ukraine, could adversely affect our business and financial performance.

Economic uncertainty in various global markets caused by political instability and conflict, such as the war in Ukraine, and economic challenges caused by the economic downturn, any resulting recession, inflation or rise in interest rates has resulted, and may continue to result, in weakened demand for our products and services and difficulty in forecasting our financial results and managing inventory levels. Political developments impacting government spending and international trade, including potential government shutdowns and trade disputes and tariffs may negatively impact markets and cause weaker macroeconomic conditions. The effects of these events may continue due to potential U.S. government shutdowns and the transition in administrations, and the United States’ ongoing trade disputes with Russia, China and other countries. The continuing effect of any or all of these events could adversely impact demand for our products, harm our operations and weaken our financial results.

In addition, the U.S. capital markets have experienced and continue to experience extreme volatility and disruption. Inflation rates in the United States significantly increased in 2022 resulting in federal action to increase interest rates, adversely affecting capital markets activity. Further deterioration of the macroeconomic environment and regulatory action may adversely affect our business, operating results and financial condition. Moreover, there has been recent turmoil in the global banking system. For example, in March 2023, Silicon Valley Bank (“SVB”) was put into receivership by the Federal Deposit Insurance Corporation and subsequently sold. Other banks at risk of failure have been subsequently sold, including First Republic Bank in May 2023, and there is concern that more banks could be at risk of the same fate. Although we only had an immaterial amount of our cash directly at SVB, there is no guarantee that the federal government would guarantee all depositors as they did with SVB depositors in the event of further bank closures. Continued instability in the global banking system may negatively impact us or our customers, including our customers’ ability to pay for our platform, and adversely impact our business and financial condition. Moreover, events such as the closure of SVB, in addition to global macroeconomic conditions discussed above, may cause further turbulence and uncertainty in the capital markets and economy.

Our business is subject to the risks of earthquakes, drought, fire, power outages, typhoon, floods, virus outbreaks and other broad health-related challenges, cyber events and other catastrophic events, and to interruption by manmade problems such as civil unrest, war, labor disruption, critical infrastructure attack and terrorism.

A significant natural disaster, such as an earthquake, drought, fire, power outage, flood, viral outbreak or other catastrophic event, could have a material adverse impact on our business, operating results and financial condition. Our corporate headquarters are located in the San Francisco Bay Area, a region known for seismic activity, and our research and development and data center in Burnaby, Canada, from which we deliver to customers our FortiGuard and other security subscription updates, is subject to the risk of flooding and is also in a region known for seismic activity. Any earthquake in the Bay Area or Burnaby, or flooding in Burnaby, could materially negatively impact our ability to provide products and services, such as FortiCare support and FortiGuard subscription services and could otherwise materially negatively impact our business. In addition, natural disasters could affect our manufacturing vendors, suppliers or logistics providers’ ability to perform services, such as obtaining product components and manufacturing products, or performing or assisting with shipments, on a timely basis, as well as our customers’ ability to order from us and our employees’ ability to perform their duties. For example, a typhoon in Taiwan could materially negatively impact our ability to manufacture and ship products and could result in delays and reductions in billings and revenue, or the effects of epidemics and pandemics may negatively impact our ability to manufacture and ship products, possibly in a material way, and could result in delays and reductions in billings and revenue, also possibly in a material way. The impact of climate change could affect economies in ways that negatively impact us and our results of operations. In the event our or our service providers’ information technology systems or manufacturing or logistics abilities are hindered by any of the events discussed above, shipments could be delayed, resulting in our missing financial targets, such as revenue and shipment targets, for a particular quarter. In addition, regional instability, international disputes, wars, such as the war in Ukraine and any expansion thereof, and other acts of aggression, civil and political unrest, labor disruptions, rebellions, acts of terrorism and other geo-political unrest could cause disruptions in our business or the business of our manufacturers, suppliers, logistics providers, partners or end-customers, or of the economy as a whole. Given our typical concentration of sales at the end of each quarter, any disruption in the business of our manufacturers, logistics providers, partners or end-customers that impacts sales at the end of our quarter could have a significant adverse impact on our quarterly results. To the extent that any of the above results in security risks to our customers, delays or cancellations of customer orders,
77

Table of Contents
the delay of the manufacture, deployment or shipment of our products or interruption or downtime of our services, our business, financial condition and results of operations would be adversely affected.

Changes in financial accounting standards may cause adverse unexpected fluctuations and affect our reported results of operations.

A change in accounting standards or practices, and varying interpretations of existing or new accounting pronouncements, as well as significant costs incurred or that may be incurred to adopt and to comply with these new pronouncements, could have a significant effect on our reported financial results or the way we conduct our business. If we do not ensure that our systems and processes are aligned with the new standards, we could encounter difficulties generating quarterly and annual financial statements in a timely manner, which could have an adverse effect on our business, our ability to meet our reporting obligations and compliance with internal control requirements.

Management will continue to make judgments and assumptions based on our interpretation of new standards. If our circumstances change or if actual circumstances differ from our assumptions, our operating results may be adversely affected and could fall below our publicly announced guidance or the expectations of securities analysts and investors, resulting in a decline in the market price of our common stock. Further, marketable equity investments are required to be measured at fair value (with subsequent changes in fair value recognized in net income), which may increase the volatility of our earnings.

ITEM 2.     Unregistered Sales of Equity Securities and Use of Proceeds

Purchases of Equity Securities by the Issuer and Affiliated Purchasers

Share Repurchase Program

There were no shares repurchased under the Repurchase Program during the three months ended June 30, 2023. As of June 30, 2023, $1.53 billion remained available for future share repurchases under the Repurchase Program.

In April 2023 and July 2023, our board of directors approved $1.0 billion and $500.0 million increases in the authorized stock repurchase amount under the Repurchase Program, respectively, bringing the aggregate amount authorized to be repurchased to $6.75 billion of our outstanding common stock through February 29, 2024. As of August 7, 2023, approximately $1.87 billion remained available for future share repurchases.

ITEM 5.     Other Information

Rule 10b5-1 Trading Plans

On June 9, 2023, William Neukom, one of our directors, entered into a pre-arranged written stock purchase plan in accordance with Rule 10b5-1 (the “Rule 10b5-1 Plan”) under the Exchange Act for the purchase of shares of our common stock.

The Rule 10b5-1 Plan was entered into during an open trading window in accordance with our insider trading policy and is intended to satisfy the affirmative defense of Rule 10b5-1(c) under the Exchange Act. Mr. Neukom’s Rule 10b5-1 Plan provides for the potential purchase of up to $35,000 worth of shares per purchase period of our common stock at its market price on six specific dates as specified in the Rule 10b5-1 Plan between September 8, 2023 and December 7, 2024.

The Rule 10b5-1 Plan includes a representation from Mr. Neukom to the broker administering the plan that he was not in possession of any material nonpublic information regarding us or the securities subject to the Rule 10b5-1 Plan at the time the Rule 10b5-1 Plan was entered into. A similar representation was made to us in connection with the adoption of the Rule 10b5-1 Plan under our insider trading policy. Those representations were made as of the date of adoption of the Rule 10b5-1 Plan, and speak only as of that date. In making those representations, there is no assurance with respect to any material nonpublic information of which Mr. Neukom was unaware, or with respect to any material nonpublic information acquired by Mr. Neukom or us after the date of the representation.

Once executed, transactions under the Rule 10b5-1 Plan will be disclosed publicly through Form 4 and/or Form 144 filings with the SEC in accordance with applicable securities laws, rules, and regulations. Except as may be required by law, we do not undertake any obligation to update or report any modification, termination, or other activity under current or future Rule 10b5-1 plans that may be adopted by Mr. Neukom or our other officers or directors.
78

Table of Contents
ITEM 6.     Exhibits

The exhibits listed in the accompanying Exhibit Index are filed or incorporated by reference as part of this Quarterly Report on Form 10-Q.

EXHIBIT INDEX
Incorporated by reference herein
FormDateExhibit Number
Majority Vote Amendment to Amended and Restated Certificate of IncorporationCurrent Report on Form 8-K (File No. 001-34511)June 23, 20233.1
Officer Exculpation Amendment to Amended and Restated Certificate of IncorporationCurrent Report on Form 8-K (File No. 001-34511)June 23, 20233.2
Restated Certificate of Incorporation
Restated BylawsCurrent Report on Form 8-K (File No. 001-34511)June 23, 20233.3
Certification of Chief Executive Officer pursuant to Exchange Act Rules 13a-14(a) and 15d-14(a), as adopted pursuant to Section 302 of the Sarbanes-Oxley Act of 2002
Certification of Chief Financial Officer pursuant to Exchange Act Rules 13a-14(a) and 15d-14(a), as adopted pursuant to Section 302 of the Sarbanes-Oxley Act of 2002
Certifications of Chief Executive Officer and Chief Financial Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002
101.INS*
Inline XBRL Instance Document - the instance document does not appear in the interactive data file because its XBRL tags are embedded within the inline XBRL document.
101.SCH*Inline XBRL Taxonomy Extension Schema Document
101.CAL*Inline XBRL Taxonomy Extension Calculation Linkbase Document
101.DEF*Inline XBRL Taxonomy Extension Definition Linkbase Document
101.LAB*Inline XBRL Taxonomy Extension Label Linkbase Document
101.PRE*Inline XBRL Taxonomy Extension Presentation Linkbase Document
104*
Cover Page Interactive Data File - the cover page from the Company’s Quarterly Report on Form 10-Q for the quarter ended June 30, 2023 is formatted in inline XBRL.

________________________________

* Filed herewith.
# Furnished herewith.


79

Table of Contents
SIGNATURES

Pursuant to the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned, thereunto duly authorized.


Date: August 7, 2023
FORTINET, INC.
By:/s/    Ken Xie
Ken Xie, Chief Executive Officer and Chairman
(Duly Authorized Officer and Principal Executive Officer)
Date: August 7, 2023
FORTINET, INC.
By:/s/    Keith Jensen        
Keith Jensen, Chief Financial Officer
(Duly Authorized Officer and Principal Financial Officer and Principal Accounting Officer)

80
Document

FORTINET, INC.
RESTATED CERTIFICATE OF INCORPORATION
Fortinet, Inc., a corporation organized and existing under the laws of the State of Delaware, hereby certifies as follows:
A. That the name of the corporation is Fortinet, Inc. and that this corporation was originally incorporated pursuant to the General Corporation Law on November 28, 2000, under the name “Appligation, Inc.” changed its name to “ApSecure, Inc.” pursuant to a Certificate of Amendment of Certificate of Incorporation filed on December 12, 2000, changed its name to “Fortinet, Inc.” pursuant to a Certificate of Amendment of Certificate of Incorporation filed on December 6, 2001, changed its name to “FortiNet, Inc.” pursuant to an Amended and Restated Certificate of Incorporation filed on May 30, 2002 and subsequently changed its name to “Fortinet, Inc.” pursuant to an Amended and Restated Certificate of Incorporation filed on August 15, 2003.
B. The corporation filed an Amended and Restated Certificate of Incorporation with the Secretary of State of the State of Delaware on May 29, 2001, May 30, 2002 and August 15, 2003, filed a Certificate of Amendment of Certificate of Incorporation on March 12, 2008, filed an Amended and Restated Certificate of Incorporation on November 23, 2009, filed an Amended and Restated Certificate of Incorporation on June 22, 2018, filed an Amended and Restated Certificate of Incorporation on June 22, 2022 (the “June 2022 Certificate”) and filed two amendments to the June 2022 Certificate on June 21, 2023 (the “June 2023 Amendments”).
C. The following Restated Certificate of Incorporation was duly adopted by the corporation’s Board of Directors in accordance with Section 245 of the General Corporation Law of the State of Delaware (the “DGCL”), and only restates and integrates, and does not further amend, the June 2022 Certificate, as heretofore amended by the June 2023 Amendments, and there is no discrepancy between those provisions and the following.
D. The Certificate of Incorporation of the corporation is hereby restated in its entirety to read as follows:
ARTICLE I
The name of the corporation is Fortinet, Inc.
ARTICLE II
The address of the corporation’s registered office in the State of Delaware is 251 Little Falls Drive, in the City of Wilmington 19808, County of New Castle. The name of its registered agent at such address is Corporation Service Company.
ARTICLE III
The purpose of the corporation is to engage in any lawful act or activity for which corporations may be organized under the DGCL.
ARTICLE IV
The corporation shall have authority to issue shares as follows:
1,500,000,000 shares of Common Stock, par value $0.001 per share. Each share of Common Stock shall entitle the holder thereof to one (1) vote on each matter submitted to a vote at a meeting of stockholders.
10,000,000 shares of Preferred Stock, par value $0.001 per share, which may be issued from time to time in one or more series pursuant to a resolution or resolutions providing for such issue duly adopted by the Board of Directors (authority to do so being hereby expressly vested in the Board of Directors). The Board of Directors is further authorized, subject to limitations prescribed by law, to fix by resolution or resolutions the designations, powers, preferences and rights, and the qualifications, limitations or restrictions thereof, of any wholly unissued series of Preferred Stock, including without limitation authority to fix by resolution or resolutions the dividend rights, dividend rate, conversion rights, voting rights, rights and terms of redemption (including sinking fund provisions), redemption price or prices, and liquidation preferences of any such series, and the number of shares constituting any such series and the designation thereof, or any of the foregoing.
The Board of Directors is further authorized to increase (but not above the total number of authorized shares of the class) or decrease (but not below the number of shares of any such series then outstanding) the number of shares of any series, the number of which was fixed by it, subsequent to the issuance of shares of such series then outstanding, subject to the powers, preferences and rights, and the qualifications, limitations and restrictions thereof stated in this Certificate of Incorporation or the resolution of the Board of Directors originally fixing the number of shares of such series. If the number of shares of any series is so decreased, then the shares constituting such decrease shall resume the status which they had prior to the adoption of the resolution originally fixing the number of shares of such series.
ARTICLE V
The number of directors that constitutes the entire Board of Directors of the corporation shall be fixed by, or in the manner provided in, the Bylaws of the corporation.
Subject to the provisions of this Certificate of Incorporation relating to directors elected by the holders of one or more series of Preferred Stock, voting as a separate series or with one or more other series of Preferred Stock, all directors of the corporation will be elected for a term of one-year. Each director shall serve until such director’s successor has been duly elected and qualified or until such director’s earlier death, resignation, or removal. No decrease in the number of directors constituting the Board of Directors shall shorten the term of any incumbent director.
-1-


Vacancies occurring on the Board of Directors for any reason and newly created directorships resulting from an increase in the authorized number of directors may be filled only by vote of a majority of the remaining members of the Board of Directors, although less than a quorum, or by a sole remaining director, at any meeting of the Board of Directors.
Subject to the provisions of this Certificate of Incorporation relating to directors elected by the holders of one or more series of Preferred Stock, voting as a separate series or with one or more other series of Preferred Stock, except as otherwise provided by law, all directors may be removed with or without cause by the affirmative vote of the holders of a majority of the voting power of all then outstanding shares of capital stock of the corporation entitled to vote generally in the election of directors.
ARTICLE VI
In furtherance and not in limitation of the powers conferred by statute, the Board of Directors of the corporation is expressly authorized to adopt, amend or repeal the Bylaws of the corporation.
ARTICLE VII
Elections of directors need not be by written ballot unless the Bylaws of the corporation shall so provide.
ARTICLE VIII
No action shall be taken by the stockholders of the corporation except at an annual or special meeting of the stockholders called in accordance with the Bylaws, and no action shall be taken by the stockholders by written consent.
ARTICLE IX
To the fullest extent permitted by the DGCL, as it presently exists or may hereafter be amended from time to time, a director or officer of the corporation shall not be personally liable to the corporation or its stockholders for monetary damages for breach of fiduciary duty as a director or officer, as applicable. If the DGCL is amended to authorize corporate action further eliminating or limiting the personal liability of directors or officers, then the liability of a director or officer of the corporation shall be eliminated or limited to the fullest extent permitted by the DGCL, as so amended.
The corporation shall indemnify, to the fullest extent permitted by applicable law, any director or officer of the corporation who was or is a party or is threatened to be made a party to any threatened, pending or completed action, suit or proceeding, whether civil, criminal, administrative or investigative (a “Proceeding”) by reason of the fact that he or she is or was a director, officer, employee or agent of the corporation or is or was serving at the request of the corporation as a director, officer, employee or agent of another corporation, partnership, joint venture, trust or other enterprise, including service with respect to employee benefit plans, against expenses (including attorneys’ fees), judgments, fines and amounts paid in settlement actually and reasonably incurred by such person in connection with any such Proceeding. The corporation shall be required to indemnify a person in connection with a Proceeding initiated by such person only if the Proceeding was authorized by the Board.
The corporation shall have the power to indemnify, to the extent permitted by the DGCL, as it presently exists or may hereafter be amended from time to time, any employee or agent of the corporation who was or is a party or is threatened to be made a party to any Proceeding by reason of the fact that he or she is or was a director, officer, employee or agent of the corporation or is or was serving at the request of the corporation as a director, officer, employee or agent of another corporation, partnership, joint venture, trust or other enterprise, including service with respect to employee benefit plans, against expenses (including attorneys’ fees), judgments, fines and amounts paid in settlement actually and reasonably incurred by such person in connection with any such Proceeding.
Neither any amendment nor repeal of this Article IX, nor the adoption of any provision of this Certificate of Incorporation inconsistent with this Article IX, shall eliminate or reduce the effect of this Article IX in respect of any matter occurring, or any cause of action, suit or proceeding accruing or arising or that, but for this Article IX, would accrue or arise, prior to such amendment, repeal or adoption of an inconsistent provision.
ARTICLE X
The corporation reserves the right to amend, alter, change or repeal any provision contained in this Certificate of Incorporation (including any rights, preferences or other designations of Preferred Stock), in the manner now or hereafter prescribed by this Certificate of Incorporation and the DGCL; and, except as set forth in Article IX, all rights, preferences and privileges herein conferred upon stockholders, directors or any other persons by and pursuant to this Certificate of Incorporation in its present form or as hereafter amended are granted subject to the right reserved in this Article X.
IN WITNESS WHEREOF, the corporation has caused this Restated Certificate of Incorporation to be signed by the Chief Executive Officer of the corporation on this 7th day of August, 2023.

By:/s/ Ken Xie
Ken Xie
Chief Executive Officer

-2-
Document

Exhibit 31.1
CERTIFICATION
I, Ken Xie, certify that:
1.I have reviewed this Quarterly Report on Form 10-Q of Fortinet, Inc.;
2.Based on my knowledge, this report does not contain any untrue statement of a material fact or omit to state a material fact necessary to make the statements made, in light of the circumstances under which such statements were made, not misleading with respect to the period covered by this report;
3.Based on my knowledge, the financial statements, and other financial information included in this report, fairly present in all material respects the financial condition, results of operations and cash flows of the registrant as of, and for, the periods presented in this report;
4.The registrant’s other certifying officer(s) and I are responsible for establishing and maintaining disclosure controls and procedures (as defined in Exchange Act Rules 13a-15(e) and 15d-15(e)) and internal control over financial reporting (as defined in Exchange Act Rules 13a-15(f) and 15d-15(f)) for the registrant and have:
a.Designed such disclosure controls and procedures, or caused such disclosure controls and procedures to be designed under our supervision, to ensure that material information relating to the registrant, including its consolidated subsidiaries, is made known to us by others within those entities, particularly during the period in which this report is being prepared;
b.Designed such internal control over financial reporting, or caused such internal control over financial reporting to be designed under our supervision, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles;
c.Evaluated the effectiveness of the registrant’s disclosure controls and procedures and presented in this report our conclusions about the effectiveness of the disclosure controls and procedures, as of the end of the period covered by this report based on such evaluation; and
d.Disclosed in this report any change in the registrant’s internal control over financial reporting that occurred during the registrant’s most recent fiscal quarter (the registrant’s fourth fiscal quarter in the case of an annual report) that has materially affected, or is reasonably likely to materially affect, the registrant’s internal control over financial reporting; and
5.The registrant’s other certifying officer(s) and I have disclosed, based on our most recent evaluation of internal control over financial reporting, to the registrant’s auditors and the audit committee of the registrant’s board of directors (or persons performing the equivalent functions):
a.All significant deficiencies and material weaknesses in the design or operation of internal control over financial reporting which are reasonably likely to adversely affect the registrant’s ability to record, process, summarize and report financial information; and
b.Any fraud, whether or not material, that involves management or other employees who have a significant role in the registrant’s internal control over financial reporting.
Date: August 7, 2023
 
/s/ Ken Xie
Ken Xie
Chief Executive Officer and Chairman
(Principal Executive Officer)

Document

Exhibit 31.2
CERTIFICATION
I, Keith Jensen, certify that:
1.I have reviewed this Quarterly Report on Form 10-Q of Fortinet, Inc.;
2.Based on my knowledge, this report does not contain any untrue statement of a material fact or omit to state a material fact necessary to make the statements made, in light of the circumstances under which such statements were made, not misleading with respect to the period covered by this report;
3.Based on my knowledge, the financial statements, and other financial information included in this report, fairly present in all material respects the financial condition, results of operations and cash flows of the registrant as of, and for, the periods presented in this report;
4.The registrant’s other certifying officer(s) and I are responsible for establishing and maintaining disclosure controls and procedures (as defined in Exchange Act Rules 13a-15(e) and 15d-15(e)) and internal control over financial reporting (as defined in Exchange Act Rules 13a-15(f) and 15d-15(f)) for the registrant and have:
a.Designed such disclosure controls and procedures, or caused such disclosure controls and procedures to be designed under our supervision, to ensure that material information relating to the registrant, including its consolidated subsidiaries, is made known to us by others within those entities, particularly during the period in which this report is being prepared;
b.Designed such internal control over financial reporting, or caused such internal control over financial reporting to be designed under our supervision, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles;
c.Evaluated the effectiveness of the registrant’s disclosure controls and procedures and presented in this report our conclusions about the effectiveness of the disclosure controls and procedures, as of the end of the period covered by this report based on such evaluation; and
d.Disclosed in this report any change in the registrant’s internal control over financial reporting that occurred during the registrant’s most recent fiscal quarter (the registrant’s fourth fiscal quarter in the case of an annual report) that has materially affected, or is reasonably likely to materially affect, the registrant’s internal control over financial reporting; and
5.The registrant’s other certifying officer(s) and I have disclosed, based on our most recent evaluation of internal control over financial reporting, to the registrant’s auditors and the audit committee of the registrant’s board of directors (or persons performing the equivalent functions):
a.All significant deficiencies and material weaknesses in the design or operation of internal control over financial reporting which are reasonably likely to adversely affect the registrant’s ability to record, process, summarize and report financial information; and
b.Any fraud, whether or not material, that involves management or other employees who have a significant role in the registrant’s internal control over financial reporting.
Date: August 7, 2023
 
/s/ Keith Jensen
Keith Jensen
Chief Financial Officer
(Principal Financial Officer and Principal Accounting Officer)

Document

Exhibit 32.1
CERTIFICATIONS OF CHIEF EXECUTIVE OFFICER AND CHIEF FINANCIAL OFFICER
PURSUANT TO
18 U.S.C. SECTION 1350,
AS ADOPTED PURSUANT TO
SECTION 906 OF THE SARBANES-OXLEY ACT OF 2002
I, Ken Xie, certify, pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002, that the Quarterly Report on Form 10-Q of Fortinet, Inc. for the quarter ended June 30, 2023 fully complies with the requirements of Section 13(a) or 15(d) of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), and that information contained in this Quarterly Report on Form 10-Q fairly presents, in all material respects, the financial condition and results of operations of Fortinet, Inc.
 
By:/s/ Ken Xie
Date:August 7, 2023Name:Ken Xie
Title:Chief Executive Officer and Chairman
(Principal Executive Officer)

I, Keith Jensen, certify, pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002, that the Quarterly Report on Form 10-Q of Fortinet, Inc. for the quarter ended June 30, 2023 fully complies with the requirements of Section 13(a) or 15(d) of the Exchange Act and that information contained in this Quarterly Report on Form 10-Q fairly presents, in all material respects, the financial condition and results of operations of Fortinet, Inc.
 
By:/s/ Keith Jensen
Date:August 7, 2023Name:Keith Jensen
Title:Chief Financial Officer
(Principal Financial Officer and Principal Accounting Officer)

This certification is being furnished pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002 and will not be deemed “filed” for purposes of Section 18 of the Exchange Act, or otherwise subject to the liability of that section. This certification will not be incorporated by reference into any filing under the Securities Act of 1933, as amended, or the Exchange Act, except as shall be expressly set forth by specific reference in such a filing.