Palo Alto's CEO: New Channel Program, Competition And A 2011 IPO?
"We just ended the first half of our fiscal year 2010 -- we run on a fiscal year from Aug. 1 to July 31 -- and to put it mildly, we're doing great," said Bess, Palo Alto's CEO, in a recent ChannelWeb.com interview. "We're private so I won't give you numbers, but I presented a very aggressive plan to our board, and we went beyond that and grew 130 percent last year. We're firing on all cylinders, and we've begun the next stage of some very aggressive recruiting."
Palo Alto's firewalls give users control and visibility of applications and content by user, not by more traditional means like IP addresses or ports. The company has attempted to harness the momentum of so-called next-generation firewalls (NGWFs) which, according to an October 2009 Gartner research report, represent less than 1 percent of the security on Internet connections today but will hit 35 percent of the installed base of connections within the next five years. Gartner also projects that 60 percent of new firewall purchases over that time will be NGWFs.
Palo Alto's next stage includes an updated channel program, which Palo Alto dubs Next Wave and has in essence soft-launched this past month with no great fanfare, Bess said. It marks a far cry from one year ago, when Palo Alto eliminated the position of then-channel chief Nancy Reynolds, whom it had recruited only four months earlier, and had many observers questioning whether its channel momentum had stalled.
In November, Bess and recently recruited vice president of worldwide marketing Rene Bonvanie told ChannelWeb that they'd been able to put concerns about channel management to rest and that a new partner program was on the way.
Next Wave has arrived and includes traditional classification tiers designed to reward Palo Alto's most loyal partners.
"The picture is so vastly different than a year ago," Bess said. "Interest is spreading and in North America alone we have well over 100 channel partners at this point. We are recruiting, but we are also choosing to really focus on enabling them and making them effective vs. going for quantity."
Palo Alto began articulating Next Wave to partners in late January. The program includes two levels, Gold and Platinum.
Gold partners are required to have one Palo Alto-accredited configuration expert and one trained sales representative, be registered on Palo Alto's Partner Resource Center and Support Center, have one network fault resiliency (NFR) demo unit, and complete ongoing Palo Alto Networks sales, technical, and application, visibility and risk (AVR) report training. In return, Gold partners get product discounts up to 25 percent, service discounts up to 15 percent, instant take-out rebates, recurring revenue opportunities from support software renewal contracts, advanced product information and more.
Platinum partners get all the benefits of the Gold status, plus product discounts up to 35 percent, service discounts up to 15 percent, quarterly business reviews and planning sessions with Palo Alto brass, the opportunity to qualify for campaign lead distribution, and the opportunity to be invited to Palo Alto's NextWave Partner Advisory Council. To qualify, Platinum partners must have two accredited configuration experts, two Palo Alto-trained sales reps and two NFR demo units.
Both types of partners have access to various levels of deal registration, market development funds, lead generation and rebates.
"The big thing is that we're working with a number of our partners to do very innovative co-branded marketing," Bonvanie said. "We use a third-party company to design full campaigns that focus on what they're good at, and we take on some of the marketing tasks. Overall, we're adamant about maintaining tiers but adamant about maintaining partner relationships. We classified existing partners based on how they met the requirements already."
Partners have in the past year consistently told ChannelWeb that Palo Alto's channel has progressed admirably, and that stumbling blocks -- such as the confusion around Reynolds' abrupt exit -- have proven minor.
"They're positioning themselves as the next hot security manufacturer and, from every facet, they get it," said Sandy Salty, director of business development for Trace 3, an Irvine, Calif.-based solution provider. "The program has been really good already, but I think there was concern they would dilute the channel by signing too many partners. I think they've demonstrated they're not going to do that. They've been very accessible and have given us a lot of dedicated resources."
Salty suggested it would behoove Palo Alto to do more in the way of joint PR and marketing with its top VARs.
"This is tough because a lot of vendors want to stay partner-neutral, but at the same time, Trace 3 would like to position itself as the finder of cutting-edge technology. I see an opportunity to promote that image with Palo Alto," she said. "Compared to all the things that could be going wrong with their channel, that's not exactly a do-or-die, though." Bess admits that as Palo Alto continues to grow, he will have additional channel questions to address. While he effectively remains the channel chief -- with other traditional chief duties spread out between Bonvanie and Michelle Hartley, Palo Alto's director of Americas Channel Marketing -- he acknowledged that he will eventually need a full-time executive in charge of channels.
"I view myself as the channel chief with Rene as my right-hand guy," he said. "We're going to look within the regions to layer in some additional channel resources. As things expand, we'll build up to the point where someone gets designated as full-time channel chief. That could be Rene; I don't know yet. But I'd rather build to that."
There's also the question of Palo Alto's move toward two-tier distribution. Bess said that "most" of the major IT distributors had approached Palo Alto with some level of interest.
"Domestically, there is something about the North American market that I think really requires you to keep a close relationship -- one tier -- with your VARs for a time. For the foreseeable future, and that's a 12- to 18-month horizon, I will maintain that single tier," Bess said. "But I'd be defying all of my experience and learning not to recognize that there are a lot of people excited about having our product. Distribution will help us eventually."
About the possibility of an IPO in 2011, Bess is much more certain.
"I've already consulted with a lot of investment banks," he said. "I honestly look at Fortinet's IPO as a banner day: that's a company that struggled for many years, for a lot of reasons, and then got out as a public company. The market is again ripe and open for security platform technology companies."
Bess also intimated that some partners are concerned that once they've gathered a head of steam, Palo Alto will be sold. Would Bess consider selling Palo Alto Networks instead of going the IPO route?
"The answer for the foreseeable future is a flat no," he said. "We get to talking casually with a number of people and we're asked a lot about return for shareholders. That's exactly what I'm thinking about. My shareholders, and I include channel partners when I say that broadly, are invested. Plus, when an employee signs to work at a startup, they're giving something up. Typically startups pay less and offer less equity. But we believe we can be a public company. I can talk about great companies that ended up selling themselves and the employees got nothing. That's not us."
Bess' message to partners now is even more succinct than in previous years:
"You take a Palto Alto next-generation firewall and put it against a Cisco or a Fortinet, you're going to beat 'em," he stated. "We offer a way to get back into a competitive landscape in a market that has been heavily dominated by a few vendors. There is no reason why a channel partner, on a customer that has deployed a lot of Check Point, or Cisco, or Juniper or even Fortinet, can't go into that account and articulate a value proposition in Palo Alto that makes that customer stop and think and contemplate why they have a good reason to rearchitect their security infrastructure."