With a nearly $60B revenue run rate, growing at 14% and throwing off over $5B in operating cash last quarter, Cisco has an awesome business. But customers are vocal about the complexity of Cisco’s portfolio and if not addressed head on, the company risks encountering friction beyond just economic headwinds. We believe Cisco’s challenges are most decidedly not product breadth and depth, rather the company’s mandate is to integrate the piece parts of its intricate offerings to create more facile and seamless experiences for customers.
In this Breaking Analysis and ahead of Cisco Live US, we dig deeper into Cisco’s business and double click on three key areas of its portfolio including: 1) Security; 2) Networking; and 3) Observability. With spending data from ETR and a guest appearance from SiliconANGLE contributor and market watcher Zeus Kerravala, principal at ZK Research.
Stocks of Pure Play Competitors Outperforming Cisco YTD
Let’s start by doing some stock market comparisons.
The chart above shows year to date comparisons between Cisco, Palo Alto Networks, Arista, Extreme Networks and the Nasdaq composite. As you can see the pure plays, as well as the NAS, are outperforming Cisco by a wide margin. This despite Cisco’s double digit growth last quarter, 65% growth margins and a $200B market cap. The reason is CEO Chuck Robbins’ set modest expectations for 2024, which when modeled out relative to Cisco’s longer term outlook, suggest slowing momentum in the near to mid term. In addition, we believe the breadth of Cisco’s portfolio, while a key strength, also creates adoption challenges for the company’s customers.
What follows is a summary of how Zeus Kerravala interprets this data.
Kerravala sees this as a nuanced comparison between Cisco, a behemoth with an impressive cash generation capability, and smaller companies like Arista and Extreme. Despite acknowledging the fair comparison, he suggests a lack of completeness, emphasizing that while smaller entities may capture the benefits of a market trend more swiftly, Cisco’s broad scope often hampers its ability to do so. But Cisco throws off more operating cash in a quarter than these companies generate in annual revenue.
He used the example of Zoom and RingCentral, noting how Cisco’s performance paled in comparison two years ago, but the tide has turned since then unified communications sector waning, but Cisco thriving in relative terms.
Kerravala believes Cisco’s breadth and stability make it a safe investment bet, but its size prevents it from realizing the rapid growth that smaller, more specialized companies can. The broad spectrum of markets that Cisco operates in implies a reduced likelihood of success across all these fronts simultaneously.
[Watch Zeus Kerravala comment on the comparisons between Cisco and the pure plays].
Cisco’s Complex Business Remains Anchored in Core Networking
The table below represents the contribution of Cisco’s lines of business as reported in its financials. As we said at the top, 14% revenue growth is pretty astounding for a company of Cisco’s size. With tough comps ahead its unlikely Cisco can keep up this pace.
Networking makes up more than half of Cisco’s revenue but the company is growing its software contribution, which is just under 30% today, and its ARR accounts for more than 40% of revenue, which gives the company better visibility on the future. This all helps prop up Cisco’s alluring 65%+ gross margin model, which unlike many of its large incumbent competitors has held up well over decades. Moreover, Cisco’s shift to a recurring revenue and subscription model has been executed quite well compared to many firms (some much smaller – e.g. Splunk), which have struggled with that transition.
To break this down further, examining Cisco’s 10K provides the following added context:
Secure, Agile Networks comprise core networking, switching, routing, wireless, and compute. This includes products like Catalyst, Nexus, Meraki and Cisco’s SD-WA products.
Internet for the Future includes optical networking, 5G, in-house silicon and optics solutions. This includes products like the Cisco 8000, NCS 5500 and ASR 9000 series.
Collaboration includes Webex and call center solutions.
End-to-End Security comprises network security, cloud security, endpoint, threat management and zero trust solutions.
Optimized Application Experiences includes AppD, ThousandEyes and Intersight.
Here are Kerravala’s thoughts on Cisco’s portfolio, the challenges they face and what’s needed going forward.
Kerravala’s analysis suggests that Cisco is challenged to create interoperability and cross-platform optimization despite its wide array of excellent products. He notes that even within Cisco’s own ecosystem, products like Webex, Meraki, and Catalyst do not necessarily provide a significantly better experience on Cisco’s network than competing products. Despite its ownership of Meraki for nine years, only last year did Cisco permit customers to view Catalyst devices on the Meraki dashboard, a development credited to the unification of the two lines under General Manager Todd Nightingale. Kerravala pinpoints political dynamics, internal friction and business unit structures as contributing factors to simpler execution.
In terms of future improvements, the consolidation of mass scale, Internet for the future, and secure agile networks under John Davidson should lead to better interoperability between the telecom and enterprise sides. While Cisco possesses a portfolio of impressive products including Kenna, AnyConnect, Talos, Meraki, and Catalyst, these do not coalesce to form a comprehensive Cisco platform story. However, steps are being taken to address this gap, such as the announcement of the XDR solution at the RSA conference, Cisco’s first cross-security solution. Kerravala posits that Cisco’s focus should be on creating a synergistic portfolio where the collective value exceeds the sum of the parts, as opposed to having to compete fiercely on a product-by-product basis.
[Watch Zeus Kerravala unpack Cisco’s vast portfolio and how they can simplify].
Spending Data Underscores the Macroeconomic Impact on Cisco’s Overall Business
The ETR spending data for Cisco, at a high level, shows what virtually all tech companies are facing – i.e. a decrease in the percent of customers that are spending more relative to last year.
The candlestick chart above shows the granularity of Net Score, ETRs proprietary spending metric which measures customer spending patterns. Of the 1700 IT decision makers in the most recent ETR survey, more than 1,000 are Cisco customers – so we have a nice sample. The lime green is the percent of those customers adding Cisco new, the forest green represents those spending 6% or more relative to last year, the gray is flat spend, the pink is spending down 6% or worse and the bright red is churn. Subtract red from green and you get Net Score which is the blue line.
You can see the steadily declining trajectory due to the gray and the reds increasing. The brown line is the pervasiveness in the overall data set, which has actually held up well. Cisco has a massive installed base and it is stable. Although more customers are leaving than are being added within this survey. Remember, this survey doesn’t measure spending amount, only the percent of customers in each bucket.
We asked Zeus Kerravala if this accurately reflects his view of the market and is the deceleration a function of economic headwinds, complexity or both? What follows is a list of his key takeaways:
- The competitive dynamics in the networking industry have significantly shifted, with Cisco now facing more formidable rivals like Arista, Fortinet, VMware, and Extreme Networks.
- The entry of cloud companies and Aruba into the networking space introduces additional competitive pressures.
- These industry changes necessitate sharper sales execution from Cisco, as they can no longer rely on competitors’ missteps to retain their advantage.
- In light of this more complex competitive landscape, Cisco’s strategy must evolve to effectively distinguish itself and maintain its leading position.
I do think a lot of what you’re looking at there is more credible vendors are in market and that requires much sharper sales execution than it did before. Because Cisco can’t just show up and compete on the fact that the other companies are going to mis-execute, which is what they had the luxury of doing for a long time.
Cisco’s Center of Gravity Starts with Core Networking
Let’s drill into the segment data starting with networks.
The chart above shows Net Score or spending velocity on the vertical axis and pervasiveness in the data set on the horizontal axis. The red dotted line at 40% indicates a highly elevated Net Score. We’ve highlighted Cisco overall and Meraki, a company Cisco bought in 2012 to help better control network devices. As is evident, Cisco stands out as the clear leader here in both presence (X axis) with very respectable customer spending velocity on its products (Y axis). In fact we saw earlier a 29% year on year revenue growth figure from last quarter in networking. That is amazing for such a large business. As Cisco works through its backlog it creates uncertainty in the forecasts but underlying demand for Cisco’s networking products is sound.
As well, you can see a number of other companies here including HPE’s Aruba, Arista, VMware with NSX and a number of others, including Cloudflare, which all are hovering near the elevated 40% line.
Kerravala laid out his thoughts as follows:
He is critical of Cisco’s approach to its Meraki and Catalyst product lines, not on the merit of their features and value but on the lines between them. He asserts that customers should not have to choose between them. He suggests a unified hardware line that offers customers the flexibility to manage it either through Meraki or the command-line interface (CLI). Currently, a switch from Meraki to Catalyst necessitates a complete hardware overhaul, a problem that could be resolved by a common set of hardware compatible with both management methods.
Further, Kerravala notes that Cisco’s potential to integrate data center, campus, and WiFi certifications to improve the user experience has yet to be fully realized. While some integration has occurred at the campus level, the data center side remains separate. He concludes that networks should deliver applications and experiences as a single, unified entity instead of being sold as separate silos, an approach that contributes to unnecessary complexity.
His key analysis points include:
- Cisco should offer a unified hardware line for customers, which could be managed either through Meraki or CLI, mitigating the need for a hardware overhaul when switching between the two.
- By integrating data center, campus, and WiFi certifications, Cisco could enhance the overall user experience.
- The current siloed approach to network products adds unnecessary complexity, which could be addressed by treating the network as a single, unified entity focused on delivering applications and experiences.
[Watch Zeus break down the Cisco’s networking challenges and thoughts on how it can simplify].
Security is Perhaps Cisco’s Best Upside Opportunity
Let’s shift gears and look into the all-important and exceedingly crowded security sector.
Above we show the ETR spending data in the security market – same dimensions – Net Score on Y and Pervasion on the X. Microsoft is in the upper right and skews the data but you can see Cisco has a major presence. As do Palo Alto and Splunk. All credible on the vertical axis. The leaders in presence are below the 40% line but that’s expected for such large companies. The squiggly line represents Cisco’s path over the past 10 quarters. There is no debate that the company is very strong in security but we believe it needs to do a better job consolidating the piece parts and simplifying customer outcomes.
Note that Cisco doesn’t have the spending velocity of the pure plays like CrowdStrike, Okta, Zscaler, CyberArk and SailPoint…or even Cloudflare – but its Net Score is respectable. Cisco also just purchased Armorblox which uses AI to reduce email and other risks.
In many ways we think Cisco could be a leader in the security supercloud, bridging on-prem, multiple clouds and edge security experiences.
The following summarizes Kerravala’s thoughts:
Kerravala acknowledges Cisco’s success in the security sector, citing notable products like Kenna, Talos, Umbrella, Duo, and AnyConnect. However, he identifies a critical missing element – i.e. a coherent Cisco security narrative. The fact that these products are still referred to individually underscores this deficiency. He also points out the lingering independent identity of these products, with customers sometimes being unaware of Cisco’s ownership.
According to Kerravala, the future of security is shifting towards platform-based solutions, moving away from signature-based systems to AI and analytics-based models. Given Cisco’s broad network reach, the company should possess an unequalled advantage in security, having the ability to detect things that others can’t. Nevertheless, Cisco still needs to better integrate its products and offerings, a process that began with the XDR announcement at the RSA conference.
Key takeaways:
- Cisco has a range of high-quality security products but lacks a unified security narrative.
- The future of security is shifting towards platform-based solutions, underpinned by AI and analytics.
- Despite their extensive network reach providing a potential competitive advantage, Cisco needs to improve integration between their various offerings.
- The announcement of the XDR solution at RSA was a positive step towards a more unified platform approach, and further advancements are anticipated at Cisco Live.
In some ways Cisco has been successful in security almost in spite of itself. -Zeus Kerravala
The Emerging Observability Opportunity
Let’s now dig into observability, which is sort of the confluence of log analytics, application performance management, monitoring, and related fields. Cisco has a major stake in this business through its acquisitions of AppDynamics and ThousandEyes.
Before we look at the spending data, here’s what one customer said in an ETR roundtable about this topic.
This is a head of engineering…a customer that says I’m sticking with AppD. This person references the value of the ThousandEyes acquisition along with AppD and security. The application-centricity is an attractive dynamic to this Cisco shop. SecureX is Cisco’s integrated security play, which admittedly needs more/better integration. But basically in the second quote this person calls out the attractiveness and value of a single platform. If you’re a Cisco shop. And if not it’s a “free game” – perhaps implying a free-for-all of complexity.
AppD has been maybe the biggest wasted opportunity for Cisco since they’ve acquired it…I really expected App Dynamics to become the tip of the aero sale for Cisco…and I would like to see AppD become a lead sales tool across Cisco’s portfolio. – Zeus Kerravala
Key takeaways from Kerravala’s commentary on this topic:
- He has high praise for ThousandEyes and AppDynamics (AppD) and their adaptation into Cisco’s product portfolio. He particularly appreciates the internet performance visibility that ThousandEyes provides, which is especially critical in today’s corporate world where the internet is heavily relied upon for operations.
- However, he feels Cisco has missed out on utilizing AppDynamics to its full potential. He had expected AppDynamics to serve as a lead sales tool for Cisco, considering its ability to provide insights into application performance which can inform network upgrade decisions.
- Kerravala sees recent improvements in Cisco’s understanding of how to effectively use AppDynamics, partly due to Liz Centoni’s oversight of emerging tech. He cites the introduction of ‘business risk observability’ at Cisco Live EU as a positive development in this regard. This tool allows the mapping of threat data to application environments, which aids in prioritizing network and security initiatives by potential impact.
- With AppDynamics, initiatives can now be ranked by business value, thus simplifying the sales model. It shifts the discussion from technical specifics to business metrics, helping communicate the business performance improvements that network upgrades can bring about.
[Watch Kerravala’s commentary on Cisco’s observability play with ThousandEyes & AppD].
Comparing Key Observability Players’ Spending Profiles
Let’s get into the ETR data. ETR doesn’t have a full stack observability category but through this next view below we’re able to bring in various companies that are hovering around the space to see their relative positions.
It’s a similar chart above where we show Net Score against pervasiveness in the data. And we’ve plotted Splunk, Datadog, Elastic, Grafana, Dynatrace and New Relic. You can see AppDynamics, which Cisco bought in 2017 for almost $4B. And it introduced Intersight shortly thereafter as a visualization and orchestration tool. But there were still holes in the portfolio as the market moved to full stack observability so Cisco bought ThousandEyes during COVID for around $1B. Then it sort of strung them together with an overlay but the story is not over.
Cisco has an opportunity to really take these pieces and integrate them across the portfolio in a potentially game changing way. At least in the manner that one customer described earlier – especially for Cisco shops.
Kerravala’s primary argument is that Cisco needs to deliver on the vision of full-stack observability and streamline its multitude of single-pane-of-glass solutions into a unified, intuitive dashboard. The diverse range of visibility tools they currently offer could be more effectively utilized if they were integrated into one comprehensive system, with AppD serving as the principal lens. Operational specifics could then be accessed through drill-down features, allowing for a more organized and efficient user experience.
Kerravala’s key takeaways on observability:
- Cisco must make good on its promise of full-stack observability.
- The current multitude of Cisco’s single-pane-of-glass solutions should be streamlined into a unified dashboard.
- AppD should be the main view, with the ability to drill down into the other specific tools.
- He recognizes that Cisco already has all the necessary components; the challenge lies in integrating them into a cohesive system.
[Kerravala comments on Cisco’s many panes of glass].
What to Watch at Cisco Live U.S. 2023
Zeus just published a ‘know before you go’ post on SiliconANGLE, outlining his thoughts on what to expect at Cisco Live. Let’s review that and what we’ll be looking for next week.
Wither AI for Cisco?
A key question is how Cisco will handle AI. These days, brands run the risk AI washing but if you bury the AI lead you look less relevant. In our view, Cisco at the very least has to use AI to make Cisco infrastructure run better and more secure through automation and better management.
Here’s a summary of key points from our conversation with Zeus on what to expect from Cisco Live in terms of AI:
- We don’t expect Cisco to brand itself as an AI company like Nvidia or even IBM’s attempts to do so. Instead, AI will remain an integral part of their overall toolkit used to build their products.
- AI has been part of Cisco’s portfolio for a while. It underpins products like intent-based networking and Encrypted Traffic Analytics, which uses AI to detect malware in encrypted traffic.
- The company’s collaboration portfolio is also AI-rich, but it is considered more of an operational tool rather than a product that’s sold separately.
- AI might be highlighted more during keynotes due to current hype, but it’s not the company’s primary focus.
- The use of AI, such as a ChatGPT-like interface, could be beneficial for Cisco’s operations, like using Webex to find information or for network operations to identify areas in need of upgrades. This would essentially make their portfolio more user-friendly.
- Natural language processing can simplify interfaces, relieving the load from high-level engineers and delegating tasks to tier one or two support.
The Security Opportunity Calls for Cisco
We’ll be watching the security space closely. We believe it’s a mandate that Cisco integrate its vast portfolio across on-prem, all the major clouds and out to the edge. Palo Alto Networks has the leg up on consolidation in our opinion but Cisco has such a major presence that it can do very well in this area, coming at the problem its strength in networking.
Here’s a summary of what we think Cisco needs to do in security and what we’ll hear at Cisco Live:
- Security is important because it offers the most substantial growth potential for Cisco, as it is a single-digit player in a market projected to be worth $75 billion+.
- Even a slight increase in market share, such as reaching 10%, would greatly boost Cisco’s revenue.
- The long-term vision is to have Cisco’s security share match its network share, and to have Cisco network and Cisco security working together for improved risk identification and resolution.
- We hope to see more integration of Cisco’s cloud security products to create a more unified and user-friendly experience.
- The security industry often makes the user the integration point, which can lead to confusion and inefficiency. This needs to be addressed by the industry at large and Cisco has an opportunity to attack this problem.
- Cisco is in a unique position to make security more user-friendly and seamless because it owns the network and can embed a lot of security features into it.
- We anticipate hearing more about Cisco’s progress on its vision for security and expect to see more of the product roadmap at the upcoming event.
Can Cisco be the Supercloud Network?
Core networking is always a the forefront of Cisco Live Zeus…I keep coming back to the supercloud concept – a singular experience across clouds in a cloud native fashion. Can Cisco bridge the legacy world of apps and infrastructure with cloud native?
- Cisco is not going to become a cloud provider like AWS, but it has the potential to be an abstraction layer that enables the concept of a “supercloud.”
- A network super cloud would allow customers to seamlessly use multiple cloud providers, edge locations, and private data centers as one logical cloud.
- Traditional cloud providers will not enable this, as their tools are specific to their platforms. Cisco, however, can provide network transport, security, and optimization that transcend individual cloud platforms.
- Cisco can become the bridge between physical clouds and create a logical supercloud due to its work with cloud providers, telcos, and tools like ThousandEyes and AppDynamics.
- This process begins with networking, hoping to see more progress with the Meraki / Catalyst integration at the upcoming show. We are also looking for advancements in consolidating different versions of WiFi and other disparate parts of Cisco’s networking story.
Collaboration: Hybrid Work is Still a Big Thing
What about collaboration? That business went from rocket ship to rapid deceleration post pandemic but hybrid work isn’t going away and it brings real challenges. Is this a game of integrating with your security portfolio to reduce risk? Or creating better / simplified user experiences? We know that Jeetu Patel wants to make Webex 10X better than any other platform.
To summarize our key takeaways:
- We believe Cisco’s primary challenger in the collaboration market is Microsoft Teams. Despite having a poorer user experience compared to competitors, Teams is widely adopted due to its inclusion in Microsoft licensing plans.
- Teams, however, can prove costly when additional features such as voice and security are added.
- Cisco has accepted the coexistence with Teams, allowing their devices to run Teams natively. This could be beneficial as companies are likely to use more than one collaboration vendor.
- We believe Cisco’s WebEx, loaded with extensive features, can offer a better experience for specific departments and expand its presence within organizations gradually.
- Cisco could manage other collaboration platforms through the Webex console, offering better management for those platforms and then gradually introducing their own solutions.
Application-Centricity is the Opportunity in Full Stack Observability
Cisco we think has an opportunity to make some moves in full stack observability but the linchpin as you wrote on SiliconANGLE is the application-centric view of the world. Explain what you meant by that in the context of observability.
The two main takeaways from our conversation on observability include:
- The application-centric view is crucial. Prioritizing network upgrades and security deployments based on their impact on application performance can provide quantifiable business metrics.
- Cisco’s AppDynamics (AppD) offers a unique perspective into application performance that other infrastructure vendors may lack. This tool could be instrumental in making such decisions.
Every Large Tech Company has to Address ESG
And finally we asked Kerravala if he’s ever been to a Cisco Live where Chuck Robbins hasn’t done his part to address ESG? Here’s a summary of what we discussed:
- Cisco has a corporate goal to positively impact a billion lives by 2025. They are making significant progress towards this goal through a variety of programs. They are part of the Global Citizen group, and they conduct contests and provide financial support to entrepreneurs aiming to make the world a better place.
- Cisco’s products also help with sustainability. They are embedded with features such as EnergyWise, which shuts off the network when it is not in use and turns it back on when it is needed.
- Cisco’s custom Application Specific Integrated Circuits (ASICs) are optimized for specific network functions, leading to lower power consumption.
- The company offers Power over Ethernet (PoE) features to further support sustainability.
- At events like Cisco Live, they have highlighted these sustainability features, and we expect to see more of this in the future.
We didn’t talk much about edge but it’s a significant part of the future and we anticipate hearing more about it in the future.
[Here’s the full conversation about what to expect at Cisco Live U.S. 2023]
Finally, theCUBE will be at Cisco Live in Las Vegas at the Mandalay Bay. We’re on the expo floor across from the Net Vet Lounge, which is Booth 1427. We have a small space so we’re doing the pop-up CUBE and we’d love to see you…by all means please stop by and say hello.
Keep in Touch
Many thanks to Zeus Kerravala for stopping by the Boston studio to share his knowledge. Thanks to Alex Myerson and Ken Shifman on production, podcasts and media workflows for Breaking Analysis. Special thanks to Kristen Martin and Cheryl Knight who help us keep our community informed and get the word out. And to Rob Hof, our EiC at SiliconANGLE.
Remember we publish each week on Wikibon and SiliconANGLE. These episodes are all available as podcasts wherever you listen.
Email david.vellante@siliconangle.com | DM @dvellante on Twitter | Comment on our LinkedIn posts.
Also, check out this ETR Tutorial we created, which explains the spending methodology in more detail.
Watch the full video analysis:
Image: mehaniq41
Note: ETR is a separate company from Wikibon and SiliconANGLE. If you would like to cite or republish any of the company’s data, or inquire about its services, please contact ETR at legal@etr.ai.
All statements made regarding companies or securities are strictly beliefs, points of view and opinions held by SiliconANGLE Media, Enterprise Technology Research, other guests on theCUBE and guest writers. Such statements are not recommendations by these individuals to buy, sell or hold any security. The content presented does not constitute investment advice and should not be used as the basis for any investment decision. You and only you are responsible for your investment decisions.
Disclosure: Many of the companies cited in Breaking Analysis are sponsors of theCUBE and/or clients of Wikibon. None of these firms or other companies have any editorial control over or advanced viewing of what’s published in Breaking Analysis.