F5, Inc. (NASDAQ:FFIV) Q4 2025 Earnings Call Transcript

F5, Inc. (NASDAQ:FFIV) Q4 2025 Earnings Call Transcript October 27, 2025

F5, Inc. misses on earnings expectations. Reported EPS is $3.26 EPS, expectations were $3.96.

Operator: Good afternoon, and welcome to the F5 Fourth Quarter Fiscal 2025 Financial Results Conference Call. [Operator Instructions] Also, today’s conference is being recorded. If anyone has any objections, please disconnect at this time. I’ll now turn the call over to Ms. Suzanne DuLong. Ma’am, you may begin.

Suzanne DuLong: Hello, and welcome. I’m Suzanne DuLong, F5’s Vice President of Investor Relations. We’re here with you today to discuss our fourth quarter and fiscal year 2025 financial results. François Locoh-Donou, F5’s President and CEO; and Cooper Werner, F5’s Executive Vice President and CFO, will be making prepared remarks on today’s call. Other members of the F5 executive team are also here to answer questions during the Q&A session. Today’s press release is available on our website at f5.com where an archived version of today’s audio will be available through January 27, 2026. We will post the slide deck accompanying today’s webcast to our IR site following this call. To access the replay of today’s webcast by phone, dial (877) 660-6853 or (201) 612-7415 and use meeting ID 13756255.

The telephonic replay will be available through midnight Pacific Time, October 28, 2025. For additional information or follow-up questions, please reach out to me directly at s.dulong@f5.com. Our discussion today will contain forward-looking statements which include words such as believe, anticipate, expect and target. These forward-looking statements involve uncertainties and risks that may cause our actual results to differ materially from those expressed or implied by these statements. We have summarized factors that may affect our results in the press release announcing our financial results and in detail in our SEC filings. In addition, we will reference non-GAAP metrics during today’s discussion. Please see our full GAAP to non-GAAP reconciliation in today’s press release and in the appendix of our earnings slide deck.

Please note that F5 has no duty to update any information presented in this call. I’ll now turn the call over to François.

François Locoh-Donou: Thank you, Suzanne, and hello, everyone. We delivered exceptional fiscal year 2025 results exceeding $3 billion in revenue and $1 billion in operating profit for the first time. Revenue grew 10% while earnings per share grew 18%. Our growth was driven by data center reinvestment, hybrid cloud adoption and enterprise AI infrastructure demand. Our product refresh cycle, competitive takeouts and the maturation of our software model and go-to-market motions also contributed to growth. In FY ’25, we maintained our strong profitability, delivering gross margins of 83.6%, up 80 basis points over FY ’24, an operating margin of 35.2%, up 160 basis points over FY ’24. This performance resulted in record free cash flow of $906 million, up 19% compared to FY ’24 underscoring the strength of our financial model and execution.

Our FY ’25 results demonstrate the power of our platform and our strategic role in the marketplace. They also strengthen our confidence in our vision and road map for the future. Our immediate focus, however, has been on our incident response and I will speak to our priorities and offer an update on where we are now. Upon identifying the threat on August 9, our team immediately activated our incident response process. Our priorities were clear. First, contain the threat actor, initiate a thorough investigation and take immediate and urgent action to strengthen F5’s security posture. While the investigation will continue and the work of bolstering our security posture will expand, our initial steps have been successful. Second, we prioritized delivering reliable software releases to address all undisclosed high vulnerabilities in BIG-IP code as quickly as possible.

Through the exceptional efforts of our engineering and support teams, we achieved this, enabling thousands of customers to promptly deploy critical updates upon disclosure. Our customers are moving quickly to update their BIG-IP environment, and a significant number of our largest customers have completed their updates with minimal disruption. As an example, a North American technology provider completed updates to 814 devices in a 6-hour window in the first weekend. Customers have expressed appreciation for our transparency, the thoroughness of the information we provided and the clarity in the steps they need to take to improve the security of their environment. Our third priority is raising the bar on security across all aspects of our business.

We are acutely aware of the increasing sophistication of attackers and the fact that the threat surface is expanding rapidly. Each year, over the last several years, we have aggressively increased our investment in security, and we are making further significant investment this year and beyond. To further this work, Michael Montoya, a recognized cybersecurity expert and former member of our Board, has joined F5 as Chief Technology Operations Officer. Michael brings deep operational expertise and will drive the execution of a robust road map to further enhance security across our internal processes, environments and products. Our goal across all these actions is to better protect our customers and we believe F5 will be a stronger partner to customers because of it.

We know customers will judge us by how we respond to this incident. Throughout this process, we have been committed to transparent customer communication at every step, reflecting lessons learned from how others have navigated similar challenges. We acknowledge that we may see some near-term impact to our business. We are fully focused on mitigating that impact while doubling down on the value we deliver to our customers. Stepping back, it is evident that advanced nation-state threat actors are targeting technology companies and most recently perimeter security companies. We are committed to learning from this incident, sharing our insights with customers and peers, and driving collaborative innovation to collectively strengthen the protection of critical infrastructure across the industry.

Now I will turn the call over to Cooper, who will walk you through our Q4 results and our outlook. Following his remarks, I will return to discuss the broader business trends and some key customer highlights. Cooper?

Cooper Werner: Thank you, François, and hello, everyone. I will review our Q4 results and some selected full fiscal ’25 results before I elaborate on our outlook for FY ’26 and Q1. We delivered a strong Q4 growing revenue 8% to $810 million with a mix of 49% global services revenue and 51% product revenue. Global services revenue of $396 million grew 2% year-over-year while product revenue totaled $414 million, increasing 16% year-over-year. Systems revenue totaled $186 million, up 42% over Q4 of FY ’24, driven by tech refresh and data center modernization, direct and indirect AI use cases as well as competitive takeouts. Our software revenue of $229 million was up slightly against an exceptionally strong Q4 of FY ’24. Perpetual license software totaled $30 million, up 25% year-over-year.

Subscription-based software declined 3% year-over-year to $198 million, reflecting the transition of our legacy SaaS and managed service revenue offerings and to a lesser extent customers’ preference for hardware-based solutions for certain use cases, a trend which emerged over the course of FY ’25. Revenue from recurring sources contributed 72% of our Q4 revenue. Our recurring revenue consists of our subscription-based revenue and the maintenance portion of our global services revenue. Shifting to revenue distribution by region. Our teams drove growth across all theaters. Revenue from the Americas grew 7% year-over-year, representing 57% of total revenue. EMEA delivered 7% growth, representing 26% of revenue and APAC grew 19%, representing 17% of revenue.

Looking at our major verticals. Enterprise customers represented 73% of Q4’s product bookings. Government customers represented 19% of product bookings including 6% from U.S. Federal. Finally, service providers represented 8% of Q4 product bookings. Our continued financial discipline contributed to our strong Q4 operating results. GAAP gross margin was 82.2%. Non-GAAP gross margin was 84.3%, an increase of 138 basis points from Q4 FY ’24. Our GAAP operating expenses were $461 million. Our non-GAAP operating expenses were $384 million. Our GAAP operating margin was 25.4%. Our non-GAAP operating margin was 37.0%, an improvement of 255 basis points year-over-year. Our GAAP effective tax rate for the quarter was 11.4%. Our non-GAAP effective tax rate was 16.9%.

Our GAAP net income for the quarter was $190 million or $3.26 per share. Our non-GAAP net income was $257 million or $4.39 per share, reflecting 20% EPS growth from the year-ago period. I will now turn to cash flow and balance sheet metrics, all of which were very strong. We generated $208 million in cash flow from operations in Q4. CapEx was $16 million. DSO for the quarter was 46 days. Cash and investments totaled approximately $1.36 billion at quarter end. Deferred revenue was $2.0 billion, up 11% from the year-ago period. We generated $906 million in free cash flow for all of FY ’25, up 19% from FY ’24, resulting in a free cash flow margin of 29%, highlighting the strength of our business fundamentals. In Q4, we repurchased $125 million worth of F5 shares at an average price of $297 per share.

For the year, we repurchased shares equivalent to 55% of our annual free cash flow. We ended the quarter with approximately 6,580 employees. François recapped our high-level FY ’25 results at the start of the call. I will elaborate on our annual software and security revenue results. Software grew 9% year-over-year totaling $803 million, with software subscriptions representing 85% of FY ’25 software revenue. Our software revenue is comprised of perpetual software licenses, term-based subscriptions and SaaS and managed services. Perpetual software licenses contributed $120 million in software revenue, up 7% year-over-year. Term-based subscriptions contributed $508 million to our software revenue, up 18% year-over-year, driven by continued strong renewals and expansions.

SaaS and managed services contributed $176 million in revenue, down 9% year-over-year, reflecting growth from F5 Distributed Cloud Services offset by the transition of our legacy offerings. Total annualized recurring revenue for our SaaS and managed services offerings ended the year at $185 million, up slightly from FY ’24, including 21% growth in ARR for our core SaaS and managed services solutions. ARR from legacy offerings declined to $15 million as we wound down legacy SaaS and managed service offerings and transitioned customers to F5 Distributed Cloud Services. We expect to complete any remaining transitions in the first half of FY ’26. Several years ago, we began breaking out our security-related revenue annually. This year, our total security revenue, which includes standalone security, attached security and maintenance revenue related to security, grew 6% to approximately $1.2 billion, or 39% of total revenue.

Standalone security revenue totaled $463 million, representing 31% of product revenue. Let me now address our outlook beginning with FY ’26. Unless otherwise noted, our guidance references non-GAAP metrics. We delivered an exceptional FY ’25 exceeding expectations with stronger-than-expected systems demand and continued healthy expansion in our software subscription business. As we enter FY ’26, we see several persistent demand drivers, including hybrid multicloud adoption driving expansion across our platform, the continuing strong systems refresh opportunity with more than half of our installed base on legacy systems nearing end of software support, growing systems demand beyond tech refresh for data sovereignty and AI readiness use cases and a return to growth in revenue from our SaaS and managed services with the transition of legacy offerings largely completed in FY ’25.

These drivers in our current pipeline support mid-single-digit revenue growth in FY ’26 against our exceptional 10% growth in FY ’25. However, we also anticipate some near-term disruption to sales cycles as customers focus on assessing and remediating their environments. Taking this into account, we are guiding FY ’26 revenue growth in the range of 0% to 4% with any demand impacts expected to be more pronounced in the first half, before normalizing in the second half. Moving to our operating model. We recognize the revenue guide may lead to a modest impact to our operating margin near term. We are committed to driving continued operating margin leverage and believe any demand impact is likely to be short term and therefore any effect on our operating model would also be temporary.

With that context, we estimate FY ’26 gross margin in a range of 83% to 83.5%. We estimate FY ’26 non-GAAP operating margin to be in the range of 33.5% to 34.5% with operating margins lowest in our fiscal Q2 due to payroll tax resets in January and costs associated with our large customer event in March. We expect our FY ’26 non-GAAP effective tax rate will be in a range of 21% to 22%. And we expect FY ’26 EPS in a range of $14.50 to $15.50. Finally, we intend to continue to use at least 50% of our free cash flow towards share repurchases in FY ’26. Turning to our Q1 outlook. We expect Q1 revenue in a range of $730 million to $780 million. This is the wider range than we would typically guide, reflecting the potential for some near-term disruption to sales cycles.

While we are not guiding revenue mix, we expect Q1 software to be down year-over-year given the strong growth in the year-ago period. We expect non-GAAP gross margin in a range of 82.5% to 83.5%. We estimate Q1 non-GAAP operating expenses of $360 million to $376 million. We expect Q1 share-based compensation expense of approximately $61 million to $63 million. We anticipate Q1 non-GAAP EPS in a range of $3.35 to $3.85 per share. I will now pass the call back to François.

François Locoh-Donou: Thank you, Cooper. Our immediate priority remains supporting customers as they evaluate and safeguard their environments. As we help our customers navigate this period, market dynamics are moving in a direction where F5 solutions are more essential than ever. The accelerated adoption of hybrid multicloud architectures and AI-driven infrastructure is driving demand for advanced application delivery and security solutions, areas where F5 is uniquely positioned to address our customers most complex challenges. The industry has platforms for endpoints, network access and for cloud workloads, but the F5 application delivery and security platform is the first to unify high-performance traffic management with advanced application and API security across hybrid and multicloud environments at scale.

Unlike fragmented point solutions, the ADSP is purpose-built to simplify hybrid multicloud complexity. It integrates security, scalability and operational efficiency while enabling valuable XOps capabilities like policy management, analytics and automation. By the end of Q4, nearly 900 customers were leveraging F5 XOps capabilities, up from just 20 in 2024. Innovations like our AI Assistant and Application Study Tool have been instrumental in driving this growth, which underscores the power and potential of the ADSP. Over the last several years, we also have been evolving our go-to-market strategy focusing on landing, adoption, expansion and renewals within our solutions portfolio. This approach has delivered results. 26% of our top 1,000 customers are now using F5 Distributed Cloud Services, up from 17% in 2024.

By delivering integrated solutions and accelerating customer outcomes, F5 is uniquely positioned to lead in a rapidly growing and dynamic market. I will speak to a few customer highlights from Q4 that demonstrate the power and the benefit of our holistic platform approach. An APAC-based bank is driving secure and scalable digital transformation with F5’s comprehensive application delivery and security solutions. Leveraging F5 BIG-IP, NGINX and Distributed Cloud Services, the bank is modernizing its critical infrastructure to enable 24/7 internet banking and mobile application access while meeting strict regulatory requirements for service resilience and disaster recovery. F5 ensures business continuity and robust security, protecting against DDoS attacks and API vulnerabilities.

By enabling seamless migration to containerized applications, F5 is positioning the bank for hybrid multicloud success. The leading North American investment manager partnered with F5 to modernize its infrastructure, enhance resilience and ensure uninterrupted operations. By migrating from legacy iSeries platforms to BIG-IP rSeries ahead of end of software support dates, the customer avoided compliance risks and ensured seamless operational continuity. The customer also deployed F5 for secondary DNS services to reduce reliance on a single provider and deliver critical redundancy to prevent outages. F5’s lightweight platforms and cloud solutions help the customer optimize performance within existing budgets. Finally, a major energy and gas company partnered with F5 to modernize its critical infrastructure and drive its cloud migration while ensuring seamless security across hybrid and multicloud environments.

F5’s BIG-IP and Distributed Cloud Services extend application delivery, security and identity management into hybrid multicloud environments, ensuring seamless operations and operational continuity. The customer is also leveraging F5’s Advanced WAF to strengthen the protection of revenue-generating B2B applications and business critical platforms. With F5, the customer simplified operations, achieved cost savings and accelerated the modernization efforts. These examples highlight the strong impact F5’s ADSP approach is having for our customers. While we continue to work toward realizing the platform’s full potential, we are confident that our commitment to innovation will drive even more value and outcomes for our customers. Before closing, I will highlight the traction we are building in AI use cases.

We are seeing clear evidence that AI-related demand is contributing to our growth. AI is prompting a wave of data center refreshes as enterprises prepare for increased network capacity and services to support AI workloads, agentic AI and inferencing demands. Beyond benefiting from broader AI-driven trends, F5 is directly powering key AI use cases. In FY ’25, we secured AI use case wins with more than 30 customers who are leveraging F5 to enable seamless, scalable and secure AI workflows. These wins represent net new insertion points and growth opportunities built on decades of expertise. Today, we are actively supporting 3 critical AI use cases. Number one, AI data delivery. F5 secures and accelerates high-throughput data ingestion for AI training and inferencing, enforcing policies and protecting sensitive data while eliminating bottlenecks.

Number two, AI runtime security. F5 safeguards AI applications, APIs and models from abuse, data leakage and attacks like prompt injection, ensuring visibility and control. And number three, AI factory load balancing. F5 optimizes traffic and GPU utilization in AI factories to increase token throughput, reduce time to first token and lower cost per token. In Q4, we secured several new AI wins across these use cases. In an AI data delivery use case, an asset manager in EMEA partnered with F5 to overcome challenges in managing their AI workloads and ensuring reliable data performance. Their existing server could not handle high levels of demand causing outages that disrupted operations. F5 provided a customized solution with advanced technology to improve systems reliability, efficiently manage data traffic and seamlessly work with their existing infrastructure.

The Government Ministry in EMEA chose F5 to secure and scale AI security runtime operations for its AI-driven weather prediction platform. Expanding on a prior AI data delivery project, the Ministry required a comprehensive solution to ensure real-time access to AI-driven data with robust security for sensitive operations. F5 delivered a comprehensive solution suite, including AWAF for application security, SSLO for traffic inspection, APM for access control and LTM for reliable data delivery. With F5, the Ministry transitioned from manual inefficient forecasting to a secure real-time AI-powered platform improving performance, accuracy and operational efficiency. In an AI factory load balancing use case, a North American service provider specializing in providing high-performance computing solutions for AI and machine learning workloads, needed a high-performance solution to manage and scale AI workloads.

They required enhanced scalability, reliability and accessibility for GPU-driven workloads as well as a proxy for container functions to optimize AI data pipeline performance. F5 provided an integrated solution featuring container ingress services with BIG-IP virtual editions delivering a critical control layer for performance, scalability and reliability across AI data pipelines. F5’s ease of installation and ability to address the customer’s specific needs set it apart from competing open-source alternatives. In Q4, we’ve strengthened our AI runtime security capabilities with the acquisition of CalypsoAI. Their cutting-edge technology enhances our offerings with real-time threat defense and red teaming at scale, addressing critical needs for enterprises deploying generative and agentic AI.

We are integrating these capabilities into our ADSP, creating the most comprehensive solution for securing AI inference. In fact, we launched 2 new offerings in Q4 leveraging Calypso’s technology. F5 AI Guardrails establishes and monitors how AI models and agents interact with users and data while defending against attackers. And F5 AI Red Team identifies threats and informs exactly where and how urgently guardrails should be implemented. Wasting no time, our team secured wins for these offerings with a top-tier investment bank and a global AI compute platform leader. Collectively, our Q4 successes underscore F5’s growing leadership in the hybrid multicloud landscape and the real value our platform approach delivers to customers, empowering them to simplify operations, enhance security and accelerate innovation across their environments.

I want to express my deepest gratitude to our customers and partners. Your urgency, collaboration and trust through every step of our incident response have been invaluable. We are truly honored to work alongside you and remain steadfast in our commitment to earn your confidence every single day. I also want to extend my heartfelt thanks to all F5ers who came together with incredible focus and dedication to drive a strong and effective response. Looking ahead, we are resolute in our commitment to emerge stronger from this experience and to working across the security community to build a better and safer digital world. In closing, I am deeply honored by the Board’s appointment as Chair effective with Al Higginson’s retirement in March 2026.

As a Director for nearly 30 years and Chair for 20, Al’s leadership has been essential to F5’s growth and transformation. He has provided outstanding stewardship and tone at the top that has shaped the F5 we are today. I am humbled by the Board’s trust and confidence in me to help lead F5 through its next chapter. I look forward to working alongside this talented management team and the Board to continue F5’s trajectory of creating long-term value for shareholders. Operator, please open the call to questions.

Q&A Session

Operator: [Operator Instructions] Our first question comes from the line of Meta Marshall with Morgan Stanley.

Meta Marshall: Can you hear me?

Suzanne DuLong: We can.

Meta Marshall: Sorry, there was music for a second. Just a question in terms of what form of kind of conservatism have you put into the estimates? I guess I’m just trying to get a sense of are you accommodating customers through discounting? Is this you’re pushing off — maybe people are pushing off purchasing decisions while they’re handling kind of servicing or upgrading incidents? Or are you having to give other incentives to kind of upgrade boxes? Just trying to get a sense of kind of what form that kind of customer conservatism is taking? And then maybe just a second question. Just as you think about kind of the underlying growth of the systems business, like any way to contextualize how much of fiscal ’25 growth was kind of due to the product upgrade cycle that was happening?

François Locoh-Donou: It’s François. Let me start with the first part of your question. I think Cooper will take the second question. Let me just start from — you saw that we delivered a very strong quarter and, in fact, a very strong fiscal 2025. And the momentum in the business has been very, very strong. And that is driven increasingly by the secular trends that we’ve talked about, specifically hybrid multicloud and AI, and I can come back to that a little bit later. Based on these trends, we felt the trajectory of the business going into 2026 was more in the mid-single-digit growth. But we said we are guiding to 0% to 4% growth for 2026 based on what we see as potential near-term impact related to the security incident.

And when I say near-term impact, we think we would see probably the majority of the impact in the first half of the year with trends kind of normalizing in the second half of the year. So let’s double click on this near-term impact for your question. What we have in there, Meta, is really 3 categories of things that could create near-term disruption. The first is that we have our own resources, our field resources and sales resources over the last few couple of weeks, and I think that will go on for a few more weeks, have really been focused on attending customers, helping them upgrade their environments, remediate issues, answer any questions, et cetera. And inevitably that takes time away from normal sales cycles. And the same is true for customers who are putting a lot of resources on upgrading their BIG-IPs, ensuring their environment is in the right place and that takes time away from considering the next project.

So that is a short-term disruption around allocation of resources both at F5 and with our customers. There’s a second potential disruption that we have considered in our guidance which is that given the visibility that this security incident has had, it would be natural that in some of our customers at an executive level, we may see some delays of approvals or delays of deals or additional approval as customers across a complex organization make sure that they want to be reassured that their project should move forward and they have no further interrogation around that. That’s the second consideration. And then the third one is that potentially for some of our customers there may be some projects that they were going to move forward with, and they end up deciding not to do that.

And we have considered that as a third potential impact. Now, I want to be clear, the — everything I’ve just talked about, as you know, Meta, more than 70% of our revenues are recurring. Everything I’ve just talked about with the impact that would be mostly with new projects or new footprint acquisition. And so far, it is very early days because this was disclosed only 2 weeks ago. We haven’t seen any of the impacts that I’m talking about, but we are very prudent about this because we are very, very early after the disclosure and the interaction with customers. Cooper?

Cooper Werner: Thanks. Yes. And then in terms of the systems business, we’re seeing strength in both the product or tech refresh and capacity expansion. The growth has been pretty balanced actually across both. Roughly 2/3 of our systems business in FY ’25 was tech refresh, with about 1/3 coming from what we call data center, increasing capacity, data sovereignty, use cases. A lot of it is really driven by AI that can be both direct and indirect. So it’s just been a trend that we continue to see over the course of the year where we’re seeing growth for both the refresh motion as well as some of these newer use cases. And then on the refresh motion, I would also note that I think we’re still relatively early days on that refresh cycle with more than half of our installed base currently still on the legacy product families that would be going into software support.

Operator: Our next question comes from the line of George Notter with Wolfe Research.

George Notter: Just continuing on that line of discussion, I guess I’m curious about how you actually size the potential impact from the security breach. I would imagine it’s probably a complex exercise, but I’m curious if you could just kind of walk us through like the logic here. And then maybe related to that, can you give us a sense for how many customers were affected where there was configuration information taken or are there specific customer issues that you can point to?

Cooper Werner: Yes. Sure, George. This is Cooper. I’ll take the first part, and then François can address the second question. So François kind of touched at it a little bit at a high level when he kind of referenced the percentage of our business that is recurring in nature. But as we went through this process, we really took a fairly granular approach at kind of profiling our revenue base across all the different revenue streams and kind of taking a look at which of these revenue streams could be more impacted and which ones would be more resilient in the near term. So if you think about our revenue base, a lot of the revenue that we recognize comes straight off the balance sheet. So our service revenue — that maintenance revenue is mostly coming off of deferred revenue.

We’ve got our — this is, for example, our SaaS revenue is coming out of beginning ARR and then we’ve got a lot of our software businesses coming through in the form of subscription renewals. So those are revenue streams that are highly resilient, and we wouldn’t expect to have much of a near-term impact. And then if you look at kind of newer use cases, whether that’s competitive takeout or new software projects, that’s where there potentially could be more of a near-term impact. And so we kind of looked at these different cohorts of our revenue base and just kind of made a judgment as to what the potential impact could be in the near term as customers are kind of going through some of their operational activities around the incident. And then we also kind of balance that just looking at other peers historically that have gone through similar incidents and what revenue impacts they saw.

And then, of course, we’ve spent a lot of time with our sales teams, just kind of assessing at the outset what their view was as to what impact, if any, they might see and then continuing those conversations as they’ve engaged with their customers in the field. And I think we’re very encouraged by some of the early feedback we’ve gotten from those conversations. They’ve been very healthy discussions with customers in helping them kind of address some of these early concerns. And I think we’re feeling pretty good about our relationship and how those interactions are going with our customers.

François Locoh-Donou: And I’ll take the second part of your question, George, on customer impact. First of all, I do want to take this opportunity to say that, of course, we are disappointed that this happened and very aware as a team and as a company of the burden that this has placed in our customers who have had to work long hours to upgrade their BIG-IPs and secure their environment. And we’re continuing to work with all of our customers in ensuring that they are in the place they want to be. With that said, the customers who were impacted, so we shared that there was no evidence of access to F5 Distributed Cloud Services environment or NGINX environmental. So it was essentially BIG-IP customers that were impacted. There were really 2 categories of impact.

All of our BIG-IP customers, we recommended strongly to all of them that they upgrade their BIG-IP to the latest releases that we worked very hard to make available on the day of disclosure. And we were very impressed frankly, with the speed with which our customers have mobilized resources to be able to make these upgrades and put them in production fairly rapidly. So the impact really on them was having to mobilize resources to do that work shortly after our disclosure. And we are actually pleased that a lot of customers are through that work. It will continue, but we’re very pleased to see the speed with which customers have upgraded their BIG-IP. The second category of impact was related to data exfiltration. That impacted a small percentage of our customers for — and we will continue to go through the sort of e-discovery process around what specific data with the customer — but from the first body of work that we have done on that, we have already identified the customers that were impacted and we have sent them their information, their data package for the data that might have been exfiltrated.

And the most common feedback from customers so far has been that, that data is not sensitive, and they’re not concerned about it. There was no impact to our CRM or our support system.

Operator: Our next question comes from the line of Michael Ng with Goldman Sachs.

Michael Ng: I just have two. First, just on OpEx, it seems like the implied OpEx growth for fiscal ’26 is about 4% at the midpoint. Just wondering if you’re seeing any additional costs as a result of the data breach, other investments in systems internally or costs related to offering free Falcon EDR subscription to affected customers. And then second, certainly encouraging to hear that it was just BIG-IP that was impacted, not NGINX or DCS. Could you just tell us what percentage of the revenue comes from BIG-IP?

Cooper Werner: Yes. So I’ll start with the latter. We don’t break out our product by revenue line. We’re a single-segment company, but it’s — BIG-IP is the highest revenue product, of course, but we don’t actually break out what the contribution is. And then in terms of investment security and the OpEx, so yes, we actually have been investing aggressively in secured — cybersecurity over the last several years. We’ve more than doubled our investment in cybersecurity just in the last 3 years alone. And we had already accounted for continued investment in our planning for this year even before we learned of this incident. And of course, we’ve learned a lot in the last several weeks, and so there’s some additional investments incorporated into our planning, but that was among the highest priority areas of investment in our plan going into the…

Michael Ng: And any costs related to the Falcon EDR subscription?

Cooper Werner: Yes. So there are a number of costs related to the incident remediation and in the offering that you’re referencing as part of that, those are either going to be accounted for in our — with our cyber insurance or they would be remediation costs that are accounted for separately as a onetime expense.

Operator: Our next question comes from the line of Tal Liani with Bank of America.

Tal Liani: By the way, the sound quality is bad on your end, hard to understand you. I have two sets of questions on software revenues and system revenues. On systems, if I look at the dollar revenue for this year and you started the year with $160 million, but then it accelerated to $180 million a quarter, give or take, $181 million, $186 million, but $180 million a quarter, do you think you can further grow from this level? Or is the growth rate going to decline substantially because this level reflects kind of the level of the refresh going forward, kind of steady-state refresh going forward? Or what are maybe different drivers? I’m just trying to understand if the increase from $130 million to $140 million last year to about $180 million this year, if there is further growth from this level or we stabilize at this level?

And on software, I have the same question almost that if I look at the quarterly level of revenues this year and I average it out, there was a step-up in this year versus last year, but we stayed at the level of about $210 million. I mean, some quarters are below, some quarters are above, but there is kind of a straight line, and this is on the heels of refresh, of renewals. So the question is what drives software to growth from here if that’s the growth we’re seeing with renewals and all the — we spoke about it previous quarters and all the accounting treatment of renewals. So bottom line is what drives software and system growth from here versus the temporary items that are impacting it right now.

Cooper Werner: Okay. I will start with hardware. So I think you’re right, we saw a significant growth here, of course, this year. I think that that — you referenced the — where hardware revenues were at in FY ’24 and then that really is the kind of the starting point. That was a low watermark, we had talked about customers were in a period of sweating assets where they had not been investing in the data center and a lot of that was tied to the macro at the time in customer budgets. And what we’ve been seeing is a bit of a catch-up period over the last year with some of that deferred investment, and that’s what’s driving — has driven a lot of the growth just in FY ’25. But we are still early in the refresh cycle, so we think there is still ability to grow that business.

And then as I said on an earlier question, we’re also seeing kind of a new vector of growth, and this is kind of more of an emerging growth category which is in some of the data center capacity expansion that we’ve been seeing. And we think a lot of that is tied to AI readiness. And so that one, it’s still relatively early, but that’s kind of a newer growth trend that we don’t think is cyclical that it could potentially have growth for years to come. And so from the refresh perspective, we believe that this year should be a strong year of refresh because of how early we are in the cycle. And then on the new — the performance and data center capacity expansion that could continue to have growth as well. Now having said all of that, this is all kind of looking back at our view that the business was pointing to mid-single-digit growth for this year.

So there’s still the near-term impact that you could see related to the security incident. So we’ll see how that plays out.

François Locoh-Donou: And Tal, I’ll take the second part of your question. So let me just be clear. We strongly believe that our software is going to continue to grow at a healthy clip and that’s driven in the trends. I make that statement on the trends that we’re seeing in the business. So if you look at this year, the multiyear software agreements that we have that are active, just this year, grew 20% year-on-year and we expect that to continue to grow. Our motion of the flexible consumption agreement that allow customers to consume over multiple years and consume over multiple parts of our portfolios are growing because customers are embracing these hybrid multicloud architectures more and more and need multiple form factors, including software and Software-as-a-Service.

A manifestation of that is, I’ll give you kind of 2 manifestations of that. One is in our SaaS adoption. We — the number of SaaS customers this year grew almost 60%. I think they grew 57%. We have over 1,300 distributed cloud customers today, and we have a little more than 800 a year ago. So that adoption — and that adoption is growing, including in our largest customers. So our top 1,000 customers, we’re seeing that now over 26% of them are consuming F5 distributed cloud. As you know, in the SaaS part of the business we have been going through some transitions, we are largely through these transitions, and we expect the SaaS and managed services line to contribute to growth in software going forward. The second dynamic is that customers are seeing the benefits of our entire portfolio and we’re seeing that in the number of customers that are consuming multiple product families on F5.

If you go back 4 years ago, we had about 30% of F5 customers that were consuming multiple product families from F5 amongst our top 1000 customers. That’s now up to 70%. And we’re seeing the ADSP, our application delivery and security platform, the capabilities in that platform, including software capabilities, especially in our XOps capabilities, we’re seeing rapidly and growing adoption around that. And so when you combine all of this, you combine what we expect to see with the growth of our flexible consumption agreements that has continued to happen. What we expect to see in SaaS adoption, which we have already seen this year and the approach we’ve taken with application delivery and security platform and the adoption we’re seeing of that, all of these are catalysts for continued growth of the software business going forward.

Tal Liani: But François, if that’s the case, and I know you reduced the guidance a little bit because of the breach — because of the cybersecurity issue, but even before that you only guided growth to 5%. So if that’s the case, why don’t we see a faster growth rate?

Cooper Werner: Correct. So Tal, I mean we’ve talked about this, and François talked about this on several calls. There is a timing nature because of these 3-year cycles on the renewals. And so the subscription business that we sold in FY ’23 had a lower growth rate because new projects were under pressure. This was 3 years ago. And so that’s what’s coming up for renewal in FY ’26. And so the base with which we’re starting doesn’t have as much growth in FY ’26 and that’s what was behind what we said was a mid-single-digit growth opportunity when we talked in July. That same base has much more growth in FY ’27 and we don’t have the headwind related to our SaaS and managed service business because we’re through the transition.

So we tried to lay out that there are going to be some ups and downs in the annual growth rates tied to the timing of those renewal motions. But we’ve given that look ahead beyond the current year into ’27 to give that visibility that we expect a reacceleration in software growth rate. The underlying trends are very healthy. François laid out several metrics to point to the underlying health of the software business and we saw that last year. If you look at our term license business, that was up 18%. We have the headwind related to SaaS where our SaaS and managed service was down 9%. But again, that’s going to be behind us and so it points to a very healthy software view beyond FY ’26.

Operator: Our next question comes from the line of Tim Long with Barclays.

Timothy Long: Two quicker ones, if I could. I just wanted to follow up, François, on Distributed Cloud Services. Part of my question was about multiproducts. I think you just answered that there. But could you talk about some of the other economics that you see as you transition to DCS, things like deal sizes, win rates, maybe when we get to it, dollar retention or add-ons on top of that, number one? And then number two, if you could just quickly touch on a few of the verticals at least on a bookings basis, we’re a little out of band. Enterprise was really strong year-over-year and service provider was pretty weak, all for pretty weak numbers. So anything that’s driving kind of a little bit of out-of-band performance on those 2 verticals, that’d be great.

Operator: Please hold. We’re experiencing some technical difficulties.

François Locoh-Donou: Tim, let me start again. Can you hear me?

Operator: Yes, we can hear you now.

François Locoh-Donou: Okay, great. I was starting with your question, Tim, on distributed cloud, I would say this is a land-and-expand motion. So typically the deals would start rather small in the multiple kinds of case and expand after that. I’ll give you a data point on that. We have 1/3 of our distributed cloud customers that have expanded their ARR with us and they’ve expanded — their expansion has been 90% for those of whom who have expanded. So it can be pretty significant growth in a customer after we sign them and that will continue to grow as we add more services onto F5 distributed cloud and we’re continuing to add services as part of building this application delivery and security platform. We’re adding more and more of the services that customers have enjoyed on BIG-IP onto F5 distributed cloud.

To the second part of your question on the verticals, the — generally, what we’re seeing is kind of the most important enterprise verticals are all embracing hybrid multicloud postures for different reasons. But in the end, it all points to F5. So financial services, for example, in a lot of cases are keeping their core banking data on-premise, but are also having to build sort of disaster recovery to comply with operational resilience regulations. And so they’re leveraging public cloud for that. And anytime a customer is using both on-prem environment and public cloud environment, it creates a strong case for F5. The same is true in health care. We’re seeing the same in manufacturing, in retail and even in public sector environments. So these verticals embracing hybrid multicloud really allow us to grow our share of wallet into these verticals, and that’s what’s driving this cross-sell of our portfolio.

The service provider space, Tim, that you mentioned, it’s true that generally that segment has been, I would say, rather tepid in part because 5G has not really taken off in the way that we all expected a couple of years ago. And there hasn’t been a real growth driver frankly, for service providers, either in ARPU or 5G services adoption. So we have seen stability there, but not significant growth to date.

Operator: Our next question comes from the line of Simon Leopold with Raymond James.

Simon Leopold: A couple things I wanted to check on. One, hopefully easy is, what are you seeing in terms of U.S. federal in light of the government shutdown? Is that an aspect that’s affecting the outlook for your December quarter? And the other thing I wanted to get a better sense of is you’ve given us some commentary around the mix of software and hardware for the December quarter, but what’s baked in for software versus hardware growth in that full year 0% to 4% guidance?

François Locoh-Donou: Let me start with the — in terms of the U.S. federal government, we have, in our guidance, assumed some level of disruption in that segment of our business, especially in the first quarter with the government shutdown that clearly is having an impact on project being delayed or approval being delayed. We — it is our hope that this normalizes over the course of the year. But certainly, in Q1, we have assumed that the numbers that we would see from the federal sector would not be what we have seen historically in that part of the business because of the government shutdown.

Cooper Werner: Yes. Thanks, Simon. We’re not guiding mix at this point, just given that we’re 12 days since the announcement of the incident and we’ve done a lot of work to provide a range on the growth outlook which, as we said, we’ve discounted some risk of short-term disruption to demand. We expect the demand to normalize in the second half of the year and I think as we see demand start to normalize, we’ll look to give an update of what software and hardware growth can look like for the rest of the year.

Simon Leopold: Just maybe you could clarify because you’ve got BIG-IP as the appliance system business, but you have virtual editions of BIG-IP. So when you talked about the breach, you said it affected BIG-IP. Does that mean that the breach affects both software and hardware equally?

François Locoh-Donou: Yes, it does.

Operator: Our next question comes from the line of Samik Chatterjee with JPMorgan Chase.

Samik Chatterjee: François, just curious to hear your thoughts in terms of how the market share dynamics change on account of the potential impact that you’re outlining for the first half. Because I’m just wondering if sort of we should expect to see some of the spend from your customers if it does get delayed from first half to see some catch-up in the second half, particularly when it comes to potentially the systems part of your business. And I have a quick follow-up after that, sorry.

François Locoh-Donou: Yes. So we cannot know if on a 1- or 2-quarter basis that’s hopefully enough of a runway to see substantial change in market share. So if I speak more on an annual basis and what I expect going forward, my expectation is that we continue to gain share in the app delivery and security market. The reason I say that is relative to other players in the space, we are investing more in our road map. We have been very aggressive at investing in security, and I think through the conversations with our customers around what we are doing to secure our environment, build trust centers to allow customers to come and do penetration testing of our code. All of the work that we are doing with partners to continue to look for any vulnerabilities and secure our code, that our customers are going to continue to see that F5 is really the right partner, is 100% committed to maximum security in our products and in their environments.

And that will pay in terms of over time, customers, of course, continuing to partner with F5 and where possible, consolidate spend on our application delivery and security platform in their environment. And we have a world-class road map for our customers to continue to deliver functionality in delivery and security. So I think you have to look at it over a period of time. There may be a short-term blip in the first half of our year because of the factors that I described earlier. But in terms of our market share, our market position, our relationship with customers, I think if anything, over time, it will continue to strengthen.

Samik Chatterjee: Got it. Got it. And for my follow-up, I was just looking at the disclosure that you had on standalone security revenues. I think you said $463 million for this year. Looks like it’s been fairly consistent for the last couple of years without material growth, like I have $458 million for fiscal ’24, $475 million for the year before. Any sort of more details you can provide in terms of what you’re seeing on the standalone security side and why hasn’t there been more significant growth on that front?

Cooper Werner: Yes, I’ll take that. So our overall security business grew about 6% last year. So I think what you’re seeing is this is going back to the trend that we’ve talked about with customers preferring to consume via the platform and consolidate multiple functions onto a single platform. And so you’re seeing less — maybe less growth coming from standalone solutions and more of a preference to consume through our flexible consumption program where they’re adding additional modules and attaching more security onto existing footprint. And so that growth is really coming through more in a platform form factor. And then the other thing to consider also is just there’s a little bit of an impact on the standalone security from the SaaS transition that we’ve done with some of the legacy offerings, which, again, that’ll be kind of behind us as we look ahead.

Operator: Our next question comes from the line of Amit Daryanani with Evercore ISI.

Amit Daryanani: I have two as well. I guess, Cooper, maybe just to start with you, can you just walk through the operating margin for the year? I think you’re implying 34% margins for fiscal ’26, but it’s also the same, I think, for fiscal Q1. So I’d love to just get a sense on why aren’t we seeing leverage in the back half of the year versus the front half. And then if you just quantify what the OpEx uptick in the March quarter will be for some of the events you talked about, that would be helpful.

Cooper Werner: Yes. And we talked — I had in my prepared remarks that the low watermark for operating margins would be Q2. That’s typically the case, just seasonality with payroll tax resets and our large customer event in March. And so you actually would expect to see some leverage in the back half of the year coming off of the lower operating margins in Q2. And we’re not going to guide Q2’s operating expense today, but you could look at kind of seasonal trends to get a feel for what that uptick in the operating expense typically is in Q2.

Amit Daryanani: Got it. And then François, just on the breach side and the challenges you’re having, can you just — maybe just help us understand if the source code is compromised, how do you give customers the confidence that there’s no zero-day threat that’s kind of hiding in there over time? Just maybe walk through that. And then does this also dampen your ability to implement price increases when it comes to the hardware side, really to reflect what Citrix has been doing to some extent in that space. So I’d love to just understand kind of the zero-day risk and the potential for price increases maybe being a bit more muted there as you go forward.

François Locoh-Donou: Thank you. Well, let me start with the code and then let’s come back to price increase as a separate topic. Look, I said earlier that I think customers will continue to choose F5 because we provide best-in-class app delivery and security capabilities for our customer. Now when you look at the code, I shared earlier some of the things that we are doing to ensure that we remain vigilant about potential vulnerabilities in our code. And so we have engaged partners that are scanning our code and will continue to do so to ensure that if there are any vulnerabilities that we remediate them immediately. I shared with you that we are setting up a trust center that will be there to allow our customers to come and do penetration testing with our code.

We are going to leverage AI for hunting for penetration as well in our code. We are enhancing our bug bounty program. So there are a number of things that we are putting in place, all designed to ensure we remain hypervigilant about this, and we give customers maximum comfort around the security of our code going forward. And I think in our industry we really intend to be best-in-class in doing this. And I think as we have these conversations and frankly, as we have shared these plans and these road maps around the things we’re going to do with our customers, they have been very pleased with our response and I think are getting a lot of comfort that we are doing all the right things to ensure that their — the product they get from F5 continue to be safe and free of potential vulnerabilities or zero days.

I would also say that we have taken this further, and you may have seen in our disclosure that we are working with CrowdStrike to implement EDR capabilities on BIG-IP. And that’s an extra layer of protection that we are offering customers to have way more observability, monitoring into their BIG-IPs which is something that hasn’t been done in the industry. You haven’t seen perimeter devices really enabled with EDR. And so it’s just one example of where we are innovating with other industry partners to raise the game on security for our customers. I think the issue of price increases is a separate issue. As you know, you mentioned one of our competitors earlier, we have taken an approach here that is to have durable relationship with our customers and to really show the value of what we’re doing for them over time.

We don’t intend to change our policy and our approach. I think we’re going to be very consistent with that. And frankly, we can be consistent with our approach because customers recognize all the investments that we’re making, the road map that I just talked about in terms of security, but also the world-class road map we have in terms of building delivery and security and having the best delivery and security platform for hybrid multicloud environment. We’re the only company today that can serve them in hardware, software and SaaS and serve their traditional apps, their modern apps and their AI applications. And we’re continuing to make these investments, both organically in our portfolio and inorganically. You probably just saw this quarter we made the acquisition of CalypsoAI.

We did that to add capabilities to our platform specifically tailored for AI applications, securing AI applications in our application delivery and security platform. So customers will continue to see these investments from F5, and I think based on that we can justify the value that we’re getting in the interactions with our customers.

Operator: Our next question comes from the line of Ryan Koontz with Needham & Company.

Ryan Koontz: Most of my questions have been answered, but just a quick clarification. When you talked about the migration of your end-of-life products out there today, kind of where are you now in that migration? How do you think about that going forward? Are you seeing some pushouts? Are you giving customers any kind of time frame breaks because of the breach to migrate those products going end of life?

Cooper Werner: Yes. So we have said that we’re still pretty early days in the refresh motion just in terms of the percentage of the installed base being well over 50%. That’s on those 2 platforms. There’s — no, we haven’t adjusted the end of software support dates. Those have been public for a long time and we’re working with customers to ensure they have an orderly path to make those refreshes across our estate.

Ryan Koontz: Got it. Helpful. And maybe circling back to your comments on the telecom segment. Obviously, yes, 5G has been disappointing there in terms of kind of the deployment of virtualization, but are you seeing any new activities in the telecom domain around the new 5G core, maybe picking up momentum or anything else to call out on the telecom front here?

François Locoh-Donou: Yes, look, I think what we’re seeing is the sort of 4G to 5G transition continue with some geographies ahead of others. Those customers who have implemented 5G were seeing growth inside of these environments, capacity, in some cases, growing fairly rapidly. But generally this transition from 4G to 5G and frankly the revenues that telecom operators expected from that transition have not really materialized and that, in turn, has put pressure on their CapEx spend. So we are continuing to find new use cases inside of our service provider customers, but it hasn’t been significant enough to drive a substantial uptick in the overall segment for F5.

Operator: I would now like to pass the call back over to Ms. Suzanne DuLong for any closing remarks.

Suzanne DuLong: Thank you, everybody, for being with us today. We look forward to seeing many of you during the quarter.

Operator: This concludes today’s teleconference. You may disconnect your lines at this time. Thank you for your participation.