Annual Report

10-K 1 d10k.htm ANNUAL REPORT Annual Report

SECURITIES AND EXCHANGE COMMISSION

WASHINGTON, D.C. 20549

FORM 10-K

FOR ANNUAL AND TRANSITION REPORTS

PURSUANT TO SECTION 13 OR 15(d) OF THE

SECURITIES EXCHANGE ACT OF 1934

x	ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the fiscal year ended December 31, 2005

¨	TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the transition period from to

Commission file number 000-26819

WATCHGUARD TECHNOLOGIES, INC.

(Exact name of registrant as specified in its charter)


Delaware		91-1712427
(State or other jurisdiction of incorporation or organization)		(I.R.S. Employer Identification No.)

505 Fifth Avenue South, Suite 500, Seattle, WA 98104

(Address of principal executive offices) (zip code)

(206) 521-8340

(Registrant’s telephone number, including area code)

Securities registered pursuant to Section 12(b) of the Act:

None

Securities registered pursuant to Section 12(g) of the Act:

Common Stock, $.001 par value

Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Yes ¨ No x

Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act. Yes ¨ No x

Indicate by check mark whether the registrant: (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports) and (2) has been subject to such filing requirements for the past 90 days. Yes x No ¨

Indicate by check mark if disclosure of delinquent filers pursuant to Item 405 of Regulation S-K is not contained herein, and will not be contained, to the best of registrant’s knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-K or any amendment to this Form 10-K. ¨

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, or a non-accelerated filer. See definition of “accelerated filer and large accelerated filer” in Rule 12b-2 of the Exchange Act. (Check one):

Large accelerated filer ¨ Accelerated filer x Non-accelerated filer ¨

Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Act). Yes ¨ No x

The aggregate market value of the voting and nonvoting common equity held by nonaffiliates of the registrant, based on the last sales price of the registrant’s common stock on June 30, 2005, as reported on the Nasdaq National Market, was approximately $126,883,822.

As of February 28, 2006, there were 34,389,518 shares of the registrant’s common stock outstanding.

DOCUMENTS INCORPORATED BY REFERENCE

The information required by Part III of this report, to the extent not set forth herein, is incorporated into this report by reference to the registrant’s definitive proxy statement for the annual meeting of stockholders to be held on May 4, 2006. The definitive proxy statement will be filed with the Securities and Exchange Commission within 120 days after December 31, 2005, the end of the fiscal year to which this report relates.

WATCHGUARD TECHNOLOGIES, INC.

ANNUAL REPORT ON FORM 10-K

FOR THE FISCAL YEAR ENDED DECEMBER 31, 2005

TABLE OF CONTENTS


		Page
PART I
ITEM 1.	BUSINESS	1

ITEM 1A.	RISK FACTORS	22

ITEM 2.	PROPERTIES	34

ITEM 3.	LEGAL PROCEEDINGS	34

ITEM 4.	SUBMISSION OF MATTERS TO A VOTE OF SECURITY HOLDERS	34

PART II
ITEM 5.	MARKET FOR REGISTRANT’S COMMON EQUITY AND RELATED STOCKHOLDER MATTERS	35

ITEM 6.	SELECTED FINANCIAL DATA	36

ITEM 7.	MANAGEMENT’S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS	38

ITEM 7A.	QUANTITATIVE AND QUALITATIVE DISCLOSURES ABOUT MARKET RISK	61

ITEM 8.	FINANCIAL STATEMENTS AND SUPPLEMENTARY DATA	62

ITEM 9.	CHANGES IN AND DISAGREEMENTS WITH ACCOUNTANTS ON ACCOUNTING AND FINANCIAL DISCLOSURE	90

ITEM 9A.	CONTROLS AND PROCEDURES	90

ITEM 9B.	OTHER INFORMATION	91

PART III
ITEM 10.	DIRECTORS AND EXECUTIVE OFFICERS OF THE REGISTRANT	92

ITEM 11.	EXECUTIVE COMPENSATION	92

ITEM 12.	SECURITY OWNERSHIP OF CERTAIN BENEFICIAL OWNERS AND MANAGEMENT AND RELATED STOCKHOLDER MATTERS	92

ITEM 13.	CERTAIN RELATIONSHIPS AND RELATED TRANSACTIONS	92

ITEM 14.	PRINCIPAL ACCOUNTANT FEES AND SERVICES	92

PART IV
ITEM 15.	EXHIBITS AND FINANCIAL STATEMENT SCHEDULES	93

SIGNATURES		95

PART I

Forward-Looking Statements

Our disclosure and analysis in this annual report contain forward-looking statements, which provide our current expectations or forecasts of future events. Forward-looking statements in this annual report include, without limitation:

•

information concerning possible or assumed future operating results, trends in financial results and business plans, including those relating to earnings growth and revenue growth;

•

statements about our costs and operating expenses relative to our revenues and about the expected composition of our revenues;

•

statements about our future capital requirements and the sufficiency of our cash, cash equivalents, investments and available bank borrowings to meet these requirements;

•

information about the anticipated timing of new product releases;

•

other statements about our plans, objectives, expectations and intentions; and

•

other statements that are not historical facts.

Words such as “expects,” “believes,” “anticipates,” “intends” and “will” and similar words may identify forward-looking statements, but the absence of these words does not necessarily mean that a statement is not forward-looking. Forward-looking statements are subject to known and unknown risks and uncertainties and are based on potentially inaccurate assumptions that could cause actual results to differ materially from those expected or implied by the forward-looking statements. Our actual results could differ materially from those anticipated in the forward-looking statements for many reasons, including the factors described in the section entitled “Risk Factors” in this annual report. Other factors besides those described in this annual report could also affect actual results. You should carefully consider the factors described in the section entitled “Risk Factors” in evaluating our forward-looking statements.

You should not unduly rely on these forward-looking statements, which speak only as of the date of this annual report. We undertake no obligation to publicly revise any forward-looking statement to reflect circumstances or events after the date of this annual report, or to reflect the occurrence of unanticipated events. You should, however, review the factors and risks we describe in the reports we file from time to time with the Securities and Exchange Commission, or SEC.

ITEM 1.

BUSINESS

Overview

We are a leading provider of network security solutions designed to protect small- to medium-sized enterprises, or SMEs, that use the Internet for e-commerce and secure communications. We provide SMEs worldwide with integrated and expandable unified threat management security solutions employing multi-layered defenses that are designed to protect not only against existing threats, but also against future threats, in an intelligent way. Our security solutions are backed by an intuitive user interface and the expert guidance and support of our LiveSecurity Service. With the risk that threats and attacks will compromise multiple access points in a corporate network, an effective security solution requires more layers of defense than just firewalls for access control and virtual private networks, or VPNs, for secure communications. A security solution that integrates multiple layers of defense, however, must do so efficiently to preserve performance and remain flexible enough to adapt to future threats and attacks in the evolving security landscape.

solutions. We offer firewall protection and intrusion prevention technology for access control, virtual private networking for secure communications, content and spam filtering, gateway and desktop anti-virus protection and vulnerability assessment services. Our current Firebox X security solutions allow users to upgrade to any higher model in a particular product line simply by applying a software license key. We also offer our customers a unified management interface designed to allow even the non-security professional to effectively install, configure and monitor our security products as well as manage multiple security products from a central console and the networking features required for more complex network installations. We also offer our customers a Secure Socket Layer (SSL) VPN gateway appliance for secure, always-on connectivity to applications and corporate resources. In addition, our innovative subscription-based LiveSecurity Service provides our customers with access to expert guidance and support so they can protect their data and communications in a continuously changing environment.

Our market spans the SME market, from smaller-sized companies, for which ease-of-use is a primary requirement, to medium-sized companies, including those with high-speed connections supporting VPNs between the corporate headquarters and geographically dispersed branch offices, for which performance, scalability and networking features are key requirements. Our security solutions also give enterprises a security management choice. An enterprise can manage its own Internet security with our product offerings or outsource its security management to an Internet service provider, or ISP, or other managed service provider implementing our managed security solutions. For the service provider, our technology improves the economics of managed security services through a scalable delivery platform that enables the service provider to remotely configure and manage thousands of customer sites quickly and easily.

We sell our network security solutions indirectly to end-users through a network that includes more than 150 distributors and more than 10,000 resellers that sold our products in 2005, and we have customers located in over 150 countries. We also sell directly and indirectly to a number of service providers that implement our managed security solution and resell to end-users. As of December 31, 2005, we had shipped over 350,000 of our security appliances since our founding.

We initially incorporated in Washington in 1996 and reincorporated in Delaware in 1997. References to “we,” “our,” “us” and “WatchGuard” in this annual report refer to WatchGuard Technologies, Inc., our subsidiaries and our predecessor. Our executive offices are located at 505 Fifth Avenue South, Suite 500, Seattle, Washington 98104, and our telephone number is (206) 521-8340. We make available on our Web site, free of charge, copies of our annual report on Form 10-K, quarterly reports on Form 10-Q, current reports on Form 8-K, and amendments to those reports filed with or furnished to the SEC as soon as reasonably practicable after filing or furnishing the information to the SEC. A link to this information can be found in the investor relations portion of our Web site, which is located at www.watchguard.com. In addition, the SEC maintains a Web site that contains reports, proxy and information statements and other information regarding issuers that file with the SEC, at http://www.sec.gov.

Industry Background

The need for Network security

The increased importance of e-commerce and the proliferation and growth of corporate intranets have dramatically increased the openness of computer networks, with the Internet becoming a widely accepted platform for many business-to-business and business-to-consumer transactions. The accessibility and relative anonymity of users in open computing environments, however, make systems and the integrity of information stored on them increasingly vulnerable to security threats. Open systems present inviting opportunities for computer hackers, terrorists, curious or disgruntled employees or contractors, or competitors to compromise, alter or destroy sensitive information within the system or to disrupt operations and Internet access. Open computing environments are also complex and typically involve a variety of hardware, operating systems and applications supplied by a variety of vendors, making networks difficult to manage, monitor and protect from

unauthorized access. In addition, because even smaller organizations have rapidly adopted public-facing Web and application servers and electronic communications, they now face the types of threats and vulnerabilities that had been previously reserved for much larger organizations that could deploy sufficient personnel to meet that challenge.

New attacks and security vulnerabilities are created or discovered on almost a daily basis. Security vulnerabilities are faults in software and hardware that may permit unauthorized network access or allow an attacker to cause network damage. According to the Computer Emergency Response Team, or CERT, a federally funded research and development center, not only is the number of cyber incidents and attacks increasing at an alarming rate, but the number of vulnerabilities is increasing as well. The number of vulnerabilities has increased almost five-fold in five years, from 1,090 reported vulnerabilities in 2000 to 5,198 reported vulnerabilities in 2005.

The 2005 E-Crime Watch Survey, conducted among security and law enforcement executives by CSO Magazine in cooperation with the U.S. Secret Service and CERT, estimates that e-crime losses were approximately $150 million in 2005. Many organizations experienced an increase in e-crimes and network, system or data intrusions. These attacks show no sign of slowing. In fact, 88% of survey respondents anticipate a continued increase in e-crimes and intrusions. Of those who experienced e-crimes, more than half of respondents report operational losses and nearly a third report financial losses. Organizations therefore must have comprehensive multi-layered defenses to protect their networks and valuable data or risk significant business losses. In addition to an increase in the number of attacks, the speed of propagation of these attacks has increased as well. For example, MyDoom, an automated Internet attack that was a blend of a computer worm and a computer virus, quickly spread around the world. At its peak, it was estimated that 1 in 12 emails carried the worm. Organizations therefore often do not have the luxury of waiting for an alert about a current threat, but must anticipate and prepare in advance for defense against network security attacks.

The Network security challenge

Network security is not a response to a single attack or point of vulnerability, but rather a comprehensive solution comprised of a series of defenses against a wide variety of attacks and points of vulnerabilities. Because enterprises need to control the flow of information between their internal networks and the Internet and among various segments of their network, they need firewalls, which are the foundation of a comprehensive security solution. A firewall, a security component that varies in complexity, is designed to block access from the Internet to an enterprise’s internal networks, as well as control the flow of and access to information shared between the networks and the Internet. A comprehensive security solution, however, needs to do more than control access. It also needs to integrate several other sophisticated security layers, such as VPNs, to enable encrypted communications between points on the Internet, gateway and desktop anti-virus solutions, to scan and detect viruses and worms, and to provide for other security methodologies, such as intrusion prevention, authentication, spam filtering, content filtering and vulnerability assessment. To be truly effective, a comprehensive security solution must defend against new and emerging attacks the instant they are launched, a capability that is also referred to as “zero-day” protection. With the speed of propagation of many recent threats, sole reliance on signature-based intrusion protection can leave networks exposed until a new threat is evaluated and a signature is created and distributed to defend against the threat. While signature-based intrusion protection is an important layer of defense, preemptive intrusion protection through behavior-based detection and protocol anomaly detection provides strong baseline security against many threats regardless of the availability of a signature for that threat.

Even a comprehensive security solution must, however, be easy to install, configure and manage to be truly effective. With businesses increasingly establishing secure Internet access for branch offices, trading partners and traveling employees, an enterprise must often deploy multiple security layers to fully protect the corporate network. This often requires a variety of different security technologies, often from a wide variety of vendors, all with disparate management systems. The complexity of effectively managing all of these security layers is often beyond the scope and skill of some businesses, and without a robust, intuitive and easy-to-use system to manage these security layers, the complexity and difficulty of successfully implementing a corporate information security solution rises dramatically.

Moreover, the dangers against which an effective Internet security solution must protect are dynamic rather than static, with new attack vectors emerging and the constant introduction of new exploits, intrusion schemes, worms and viruses within existing attack vectors. For example, the use of new technologies such as email over cell phones and instant messaging, and the creativity of computer hackers, many of whom are now financially motivated, create new vectors of attack. In addition, unless an enterprise can timely and easily implement security updates across the enterprise’s security layers protecting its network, the enterprise may need dedicated, and expensive, security experts to proactively identify, obtain and manually implement these updates quickly and correctly.

The Internet security opportunity

According to the “Worldwide Threat Management Security Appliances 2005-2009 Forecast and 2004 Vendor Shares: The Rise of the Unified Threat Management Security Appliance” report from International Data Corporation in September 2005, the unified threat management security appliance market is expected to grow at a compounded annual growth rate of 15% between 2005 and 2009, translating into a total market in 2009 of greater than $5 billion.

Enterprises require a robust, comprehensive Internet security solution that secures all vulnerable points in the corporate network, that can be installed, configured and managed easily, and that can be kept up to date quickly and effectively, all for an economical price. International Data Corporation estimates that by 2007, 80% of network security will be delivered through a dedicated appliance. In addition, some enterprises would rather outsource the management of their Internet security to ISPs and other managed service providers. Service providers face challenges, however, in delivering affordable security services that can be rapidly and economically deployed to thousands of customer sites and easily managed from a central location.

The WatchGuard Approach to Network Security

WatchGuard’s approach to network security has the following key elements:

Unified Threat Management Security Appliance

By integrating multiple security capabilities and services, which normally reside on numerous devices, unified threat management security appliances provide multi-layered protection in a single appliance. This allows users that often have limited security budgets and lack the resources to adequately research and acquire multiple security layers to get enterprise-level security at a lower total cost of ownership. In addition, managing a single device requires less time than managing disparate systems and leaves more time to proactively secure networks against ever-present threats.

Upgradeable and Expandable Platform

Upgradeability and expandability enables the customer to adapt its security to meet changing business needs by expanding additional security services or increasing performance. It also provides investment protection for the customer that typically lacks the budget to replace hardware devices every time increased performance or new features or functionality are required.

Intelligent Layered Security

An intelligent layered security architecture is designed to incorporate, integrate and improve security with a layered architecture that provides more efficient performance while remaining flexible enough to insert new layers of security as emerging threats arise. The conceptual layers of defense include external defenses such as vulnerability assessment to protect against attacks before they are

launched, our behavior-based and protocol anomaly-based “zero-day,” preemptive protection not available in many standard packet-filter technologies, virtual private networking for secure communications, standard stateful packet filtering, signature-based intrusion prevention to detect application-layer threats before they are allowed into the network (what some companies refer to as “deep inspection”), gateway anti-virus that examines email attachments and detects viruses before they are allowed into the network, content filtering, which includes Web access control to protect users from harmful content, and spam filtering to efficiently reduce wasted corporate resources. An intelligent layered security architecture also includes behavioral mechanisms that protect against attacks by detecting precursors such as port scans and spoofing attacks, as well as actual attacks such as buffer overflows and protocol anomaly attacks, and by dynamically changing firewall policy to prevent subsequent traffic from the sources of those scans and attacks.

Intuitive Management and Ease of Use

Many of our target customers do not have full-time or fully dedicated network security administrators. Because our products are intuitive and easy to manage, we offer SMEs a number of key benefits: (1) more accessible security with a reduced level of initial training and more advanced features are made available in an intuitive manner, allowing the user to learn as the user goes; (2) the visibility to allow a user to see what is happening in its network instantly with real-time monitoring and unified management for multiple devices and security services; (3) the efficiency to update defenses across a network from one management console even as additional security appliances and integrated security services are added to the network; (4) the ability of the user to monitor the solution with the level of detail the user prefers with a range of sophisticated management tools; (5) “smart” defaults that are designed to reduce configuration time and allow a security product to protect a network from the moment it is installed; and (6) automated wizards that allow for simple and easy set-up of additional capabilities, such as VPNs. An example of such a wizard is our “drag-and-drop” VPN set-up that allows users to create VPN tunnels in seconds instead of hours and without complex knowledge and expertise. Finally, graphically highlighted need-to-know data facilitate network management and allow users efficient and quick analysis of logs.

Expert Guidance and Support

Our subscription-based LiveSecurity Service helps the network administrator become a security expert. Our customers receive timely updates on emerging security threats and guidance on implementation of sound security policies. This information allows the user to provide better security for its network and concentrate its resources on its core business. The LiveSecurity Service offers subscribers the following important services:

•

Early warning vulnerability alerts delivered via email directly to the subscriber’s Inbox, allowing customers to stay ahead of attackers;

•

Convenient, downloadable software updates providing not only hotfixes, but also featuring enhancements that allow subscriber defenses to keep pace with computer hacker innovations;

•

Expert instruction and training to help subscribers remain informed, grow in their security knowledge, and better respond to security issues; and

•

Superior customer care that responds quickly to subscriber problems and offers technical support and convenient online resources.

Products and Services

Our comprehensive security solutions include an integrated security appliance (also known as a unified threat management appliance), a suite of security and management software, the capability to add additional subscription-based services when needed and a dynamic Internet-based service to keep security defenses current. These solutions provide firewall protection and intrusion prevention technology for access control, virtual private networking for secure communications, content and spam filtering, gateway and desktop anti-virus protection and vulnerability assessment services. Enterprises may use our products to internally manage their Internet security or elect to outsource security management to a service provider that implements our managed security solution.

Integrated Security Appliances

We currently offer the Firebox SOHO, Firebox X Edge, Firebox X Core and Firebox X Peak product lines. By using our Firebox products, an enterprise can quickly and affordably deploy comprehensive layered security and VPN capability across its network, but still retain unified control and administration. The Firebox X Core and Peak unified threat management appliances provide true “zero day” protection from new and unknown threats. True zero day protection means being protected against a new and unknown threat before it is launched or before the vulnerability is even discovered, and is described in more detail below. Subscription-based threat management capabilities such as gateway anti-virus, intrusion prevention, anti-spyware, URL filtering and anti-spam may be added to provide additional layers of security. With the Firebox X line, customers can upgrade their existing Firebox X appliances to any higher model in the line simply by applying a license key. In addition, our LiveSecurity Service provides alerts to emerging threats and enables enterprises to augment their information technology staff with our security experts, which we believe can substantially reduce personnel costs. Our Firebox products include an initial 90-day subscription to our LiveSecurity Service.

Key Features and Benefits

Our security solutions offer a broad set of networking and security features, depending on the specific line and model. The following baseline features are available in all of our integrated security appliances:

•

Stateful Packet Firewall—Our firewall controls incoming and outgoing traffic between the Internet and an enterprise’s systems and data. The firewall incorporates access control, intrusion detection and blocking features.

•

Virtual Private Networking—Using multiple encryption technologies, our software enables enterprises to create VPNs, which allow data to flow securely across the Internet between two predetermined points. Our branch office VPN capabilities secure communications with branch offices and trading partners. Our remote-user VPN capabilities secure connections to telecommuters and mobile employees.

•

Network Address Translation—Our software supports network address translation, which enables users to hide their internal IP addresses and allows internal servers with unregistered IP addresses to function as Internet-accessible servers, which increases network security.

Additional Features and Benefits Included in Firebox X Core and Peak Product Lines

Firebox X Core and Peak product lines provide unique protection and capabilities delivered through our Intelligent Layered Security architecture:

•

Intelligent Layered Security (ILS)—ILS integrates the security layers on the appliance: the results from one security layer are utilized to adjust other layers, which provides powerful security against blended threats. Unique security capabilities delivered through ILS include:

•

True Zero Day Attack Protection—The Firebox X Core and Peak product lines provide true zero day protection through our deep application inspection capabilities (described below), thereby blocking many new and unknown attacks without the need for signatures. Protocol anomaly and behavior-based inspection technologies actually examine traffic, identify potential threats and block them. This provides protection from many new and unknown attacks before the threat is even discovered and distinguishes these Firebox X appliances from reactive solutions that rely completely on a signature update to provide protection. Such solutions can only respond with a solution after the vulnerability or the exploit is discovered, leaving networks unprotected and vulnerable for some period of time.

•

Automatically Block, or “Shun” Malicious Sources—When malicious activity is detected by a security layer such as gateway anti-virus or deep application inspection, the offending site is put into a blocked sites list for a time limit set by the user. Subsequent connection requests from an attacking machine are shunned, or ignored, without having to examine the traffic to determine what specific attack is being used. This is especially effective against automated attacks which are prevalent today.

•

Deep Application Inspection—Our behavior and protocol anomaly-based zero day protection allows these Firebox X appliances to examine not only the headers, but the actual payload of all the packets passing between the server and client, thereby providing a more accurate examination of data entering and leaving the network.

•

Traffic is compared to protocol standards to identify malicious traffic before it enters the network. Manipulation of the protocol is one of the most common computer hacker methods. Packets are denied based on irregularities to published standards and/or malformed packets.

•

Data is extracted from the packets and re-written, which conceals server type information from computer hackers.

•

Protocol-based commands are restricted to only those that are deemed necessary, which reduces the types of attacks computer hackers can employ.

•

Attachments can be blocked or locked based on mime type and by pattern (for example .scr or .pif), which means that typical virus file types can be blocked without having to recognize a specific virus.

•

SYN Flood—Defense against SYN Flood attacks.

Firebox X Core

Firebox X Core unified threat management security appliances are designed for corporate and branch offices that need comprehensive security in an affordable and easy-to-use package. Firebox X Core comes with the WatchGuard Firebox System standard operating system, and can be upgradeable to run the Fireware Pro operating system (described below). Firebox X Core appliances can be upgraded to any higher model in the line simply by applying a license key—no hardware upgrades are required. The Firebox X Core line offers the following additional features:

•

Unified Threat Management—Firebox X Core integrates stateful packet firewall, true zero-day attack protection, VPN, gateway antivirus, intrusion prevention, anti-spyware, anti-spam, URL filtering, and user authentication into a single appliance.

•

Authentication—Our authentication features identify network users and define user and user-group security policies for both incoming and outgoing access.

•

High Availability / Active Standby—Two appliances of the same product line can be configured as a high-availability pair, allowing traffic and configuration set-up to automatically switch, or “failover,” from the primary appliance to the backup appliance in the event that the primary appliance fails.

Firebox X Peak

Firebox X Peak is our highest-performance line of unified threat management appliances. Utilizing Fireware Pro, our advanced security and network operating system, Firebox X Peak integrates the powerful security capabilities of enhanced Intelligent Layered Security with advanced networking features and gigabit performance to provide the protection that more complex networks require. The Firebox X Peak line offers the following additional features:

•

Unified Threat Management—Firebox X Peak integrates stateful packet firewall, true zero day attack prevention, VPN, URL filtering, user authentication and enhanced gateway antivirus, intrusion prevention, anti-spyware and anti-spam into a single appliance.

•

Gigabit Performance—With gigabit interfaces and up-to-gigabit throughput available, Firebox X Peak is designated to provide the performance, reliability and port density that high-speed, demanding networks require. Model upgrades within the line are available to increase performance without hardware replacement. Hardware-based VPN encryption provides performance without requiring an optional add-on accelerator card.

•

Advanced Networking—Firebox X Peak is designed to intelligently manage resources, optimize traffic and increase network uptime. Multi-WAN load sharing and interface failover features can increase performance and reliability, while dynamic routing (BGP, OSPF, and RIP), traffic management and prioritization are designed to deliver superior network capabilities for mission-critical servers throughout a network. Customers can configure any of the ten Firebox X Peak ports as “external,” “optional” or “trusted,” providing the flexibility to physically segment a network along users, groups, departments and servers.

•

High Availability/Active Standby—Two appliances of the same product line can be configured as a high-availability pair, allowing traffic and configuration set-up to “failover” from the primary appliance to the backup appliance in the event that the primary appliance fails.

Firebox SOHO and Firebox X Edge

The Firebox SOHO and Firebox X Edge appliances are specifically designed for small businesses, remote offices and telecommuters, and come in both wired and wireless versions. The following additional features are available with these products:

•

Dynamic DNS—Dynamic Domain Name System easily defines VPN tunnels between dynamically addressed endpoints, thereby providing security without the cost of a permanent IP address.

•

Wireless Security—The Firebox SOHO offers wireless 802.11b while the Firebox X Edge offers support for wireless 802.11b and 802.11g.

•

Web Surfing Control—Our Web-blocking option enables enterprises to restrict site access privileges by user, group, time of day, site category or particular site.

•

WAN / WAN and WAN / Modem Failover—The Firebox X Edge also offers WAN / WAN failover and WAN / Modem failover for higher redundancy.

Our quick setup and installation guides with all of our products enable enterprises to install and configure our systems in as quickly as 15 to 30 minutes. Software updates or upgrades are also accessed through easy-to-use installation guides.

Fireware Pro

Fireware Pro is our advanced operating system for more complex networks and is designed to provide protection against sophisticated threats and improve network uptime and efficiency. Fireware Pro is the standard operating system for Firebox X Peak appliances and is available as an upgrade to Firebox X Core appliances.

•

Enhanced Intelligent Layered Security—Includes more robust sharing of information across security layers and an enhanced ability for attacks detected in one layer to trigger an action in another layer. With this inter-layer communication, packets are only subjected to the inspection appropriate to that packet for more efficient processing and optimized performance. Enhanced ILS also offers other enhanced security features, such as inbound HTTP protection, configurable attachment control, AES encryption, and progressive DoS.

•

Cut-through architecture—With our “cut-through” software architecture, data streams that have been validated by a security layer “cut through,” or bypass, unnecessary screening in other layers, thereby improving the performance of the solution.

•

Additional proprietary algorithms—Provide distributed DoS and SYN Flood attack protection with user-defined thresholds per protocol, which provides DoS protection while maintaining network access for legitimate traffic.

•

Enhanced Unified Threat Management Security Services—Supports enhanced security services such as Gateway AntiVirus/Intrusion Prevention Service, or Gateway AV/IPS, with anti-spyware, spamBlocker, and WebBlocker.

•

Advanced Networking—Provides advanced networking capabilities, including port independence, multi-WAN load sharing and interface failover, traffic management and prioritization, and dynamic routing.

•

Multi-WAN Load Sharing and Interface Failover—Up to four ISP connections load share traffic and provide failover to increase network uptime and performance. The appliance can distribute the traffic load across the external interfaces, failover all traffic from one interface to the other in the event the ISP connection fails and revert back to the original interface when a connection is restored.

•

Traffic Management and Prioritization—Control of bandwidth usage, including the ability to prioritize traffic, ensures that business critical applications get the bandwidth they need.

•

High Availability (Active/Passive)—Two appliances of the same product line can be configured as a high-availability pair, allowing traffic and configuration set-up to “failover” from the primary appliance to the backup appliance in the event that the primary appliance fails.

•

Dynamic Routing (BGP, OSPF, RIP)—Dynamic routing table updates maximize network flexibility, redundancy, and efficiency.

•

Port Independence—The physical Ethernet interfaces on Firebox X products running Fireware Pro can be configured as any “type” such as “external,” “trusted” or “optional,” thereby providing the network administrator with greater flexibility in deployment.

•

SNMP Monitoring—Fireware Pro supports raising alerts as SNMP traps that can be received by an SNMP management server. In addition, SNMP servers can monitor the status of the Firebox activity and performance by querying on dozens of different criteria.

•

XML-based Logging and Reporting—The logging server has been enhanced to support native XML logging that can be used with third-party reporting packages for enhanced trend reporting.

Integrated Security Appliance Management and Monitoring

We offer robust and intuitive management and monitoring of our comprehensive Internet security appliances with tools that are designed to reduce the complexity and difficulty of successful implementation and provide for better visibility of the security environment. Our management and monitoring tools include the following functionality, depending on product line and model:

•

WatchGuard System Manager—Our intuitive and easy-to-use WatchGuard System Manager tool for the Firebox X Edge, Core and Peak products is designed to enable the end-user to quickly and easily configure the security appliance, implement security policies and monitor the status of all installed network services. In addition, it offers centralized VPN management for Firebox SOHO, Firebox X Edge, Core and Peak and prior-generation Firebox III appliances. With versions 8.2 and later, WatchGuard System Manager provides centralized configuration of Edge policies and “one-touch” multi-Edge firmware updates. WatchGuard System Manager is bundled with the Firebox X Core and Peak products. Key features of WatchGuard System Manager include:

•

Logging, Notification and Monitoring—For the Firebox X products, the following tools are available:

•

Interactive Real-time Monitoring—Integrated monitoring and reporting tools provide real-time and historical data about network traffic and allow customers to detect and interrupt suspicious activity. Interactive components allow the administrator to take instant preventive, corrective or diagnostic action directly from the monitoring interface.

•

Logging and Notification—Our solutions support multiple user-configurable levels of logging and notification. Logs from multiple sites can be securely distributed to a central location using 3DES encryption, but without relying on a dedicated VPN tunnel. Our proprietary logging protocol also allows for redundant, backup log servers to ensure logging continuity in the event that a log server becomes unavailable.

•

HostWatch—As part of our Interactive real-time monitoring, HostWatch displays graphical displays of active connections to or through the Firebox X appliance, which is mapped to authenticated users and host computers. Color-coded connection types (“Allowed,” “Denied,” “Proxied” or “Masqueraded”) between internal and external hosts are identified by IP address, DNS name or user name. Additionally, the administrator can block a source or destination, thus ending the connection, directly from the HostWatch window.

•

Historical Reporting—Our flexible HTML-based historical reporting tool enables end-users to summarize network activity through custom and standardized reporting options.

•

Drag and Drop VPN creation—WatchGuard System Manager can simplify the creation of VPN tunnels between an enterprise’s offices utilizing Firebox X and Firebox SOHO products, with a revolutionary quick and simple point-and-click user interface. This functionality is available on all Firebox X models.

•

Global Policy Manager—Centrally located at a managed security service provider’s network operations center, our Global Policy Manager provides security intelligence and configuration for Firebox III (a prior-generation product), Firebox X, Firebox SOHO and Firebox X Edge customer sites under management. Global Policy Manager allows the service provider to create and store various security policy configurations for different customer groups or service plans.

•

Web Interface—For Firebox SOHO and Firebox X Edge products, the Web user interface provides a platform-independent management tool for quick set-up, configuration and status.

Security Services for Enhanced Protection

We provide the following subscription-based threat management capabilities as additional layers of security:

Gateway AV/IPS with Anti-spyware

This signature-based, integrated security service identifies and blocks suspicious network traffic, files, and attachments in real time, thereby providing more granular content and traffic inspection. It provides a powerful layer of protection against spyware, viruses, trojans, buffer overflows, SQL injections, instant messaging, or IM, Peer-to-Peer, or P2P, usage, and policy violations. It includes automatic signature updates for up-to-date protection. Gateway Anti-virus, or AV/IPS with Anti-spyware is available for Firebox X Peak appliances and Firebox X Core appliances running Fireware Pro. Gateway AV/IPS with anti-spyware provides the following key features:

•

Intrusion Prevention Service (IPS)—Delivers robust signature-based scanning to stop network attacks. Our IPS offers protection against specific known exploits, augmenting the zero day attack protection provided through our ILS. IPS includes signatures that have been vetted by us to reduce false positives, a typical shortcoming of IPS solutions.

•

Gateway Anti-Virus for E-mail—Delivers robust signature-based scanning of e-mail to stop viruses, worms, trojans, and blended threats for comprehensive e-mail protection. Our Gateway AV provides scanning of email traffic at the gateway of an enterprise’s network, comparing attachments to a signature database and taking a user-defined action against detected threats such as denying or encrypting the virus. Protection at the gateway is important because some viruses can disable desktop anti-virus applications.

•

Spyware Protection—Our signature-based IPS offers protection against Web-based exploits, including many Spyware and Adware exploits, drive-by spyware downloads, and blocks back door, or “phone-home,” communications of previously installed spyware applications.

•

Instant Messaging (IM) and Peer-to-Peer (P2P) Protection—Administrators can block popular IM applications and P2P applications to eliminate security threats over these communication vectors.

Gateway AV for Email

Gateway AV for E-mail delivers robust signature-based scanning of e-mail to stop viruses, worms, trojans and blended threats for comprehensive e-mail protection. It includes automatic signature updates for up-to-date protection. Gateway AV for E-mail is available for Firebox X Core appliances running the WatchGuard Firebox System (WFS).

spamBlocker

We offer a real-time spam filtering and blocking service powered by Commtouch Software Ltd. spamBlocker is available for Firebox X Peak appliances, and Firebox X Core appliances running Fireware Pro. spamBlocker provides the following key features:

•

Real-time Detection—spamBlocker relies on real-time detection, and distinguishes legitimate communication from spam attacks for immediate protection from spam outbreaks. Rather than evaluating keywords and content, this technology analyzes large volumes of Internet traffic in real time to identify outbreaks as soon as they emerge.

•

Accuracy—spamBlocker is designed to distinguish legitimate communication from spam attacks in real time, and blocks up to 97% of unwanted e-mails before they reach the internal mail server.

•

Integrated Management and Configuration—spamBlocker is integrated with the WatchGuard System Manager for simple set-up, centralized configuration, and comprehensive monitoring and alerting

•

Language and Content Agnostic—spamBlocker is designed to provide protection regardless of the language, content or format of the message.

SpamScreen

SpamScreen is an anti-spam solution that utilizes tailored rulesets and Real-time Blackhole List databases to stop spam at the gateway. SpamScreen is available for Firebox X Core appliances running WFS.

WebBlocker

WebBlocker is a URL filtering service designed to increase productivity and lower security risks for customers by providing a tool for managing their network users’ Web surfing. The service controls access to objectionable material, and prevents access to sites that pose network and security risks. WebBlocker is available for all Firebox X and SOHO appliances and includes the following key features:

•

Access Control—Manages users’ Web surfing to control access to objectionable material.

•

P2P Blocking and Spyware Protection—Prevents access to sites that pose network and security risks such as P2P and streaming media sites and those promulgating spyware.

•

Flexible Control with Comprehensive Content Categories—Allows customers to Configure up to 40 Web categories to stop the sites and Web tools they most want to block. URL database is updated daily to provide current protection. Customers can configure Web access by users, groups, domains, time of day, and department requirements to meet specific business and user needs.

AuditScan

AuditScan is a web service powered by Qualys, Inc. that inspects a customer’s network to detect system vulnerabilities. AuditScan alerts customers to problems and trends, makes recommendations on remedies and produces reports to track vulnerability trends over time.

Desktop AntiVirus

McAfee Virus Scan ASaP provides 24/7 protection against known viruses, Web attacks, and e-mail intrusions to desktop environments and infrastructures.

Single Threat Management Appliance

Firebox SSL Core VPN Gateway

Firebox SSL Core VPN Gateway is an easy-to-use VPN solution utilizing the Citrix Systems, Inc. Secure Access Technology that provides universal access to any application or network resource with no connectors or modules and is designed to eliminate the difficulty often associated with managing the VPN clients across an organization. Features and benefits of the product include:

•

Dependable, Universal Access—Two powerful access modes in one solution to extend the network’s reach: Secure Access Mode and Kiosk Mode.

•

Ease of Use—Designed to provide robust, secure access without additional costs, reconfiguration, development work or administrative difficulties.

•

Powerful Security—Firebox SSL Core VPN Gateway provides robust security from the access device to the network, for managed and unmanaged devices, over most protocols.

•

Strong Administrative Control—Easy yet deep access control to quickly set up and manage user and group access from a single centralized location with integrated logging and reporting.

Appliance Specifications

Product specifications for our Firebox SOHO, Firebox X Edge, Core and Peak and Firebox SSL appliances are as follows:

Firebox SOHO

Firebox SOHO Model

Firebox

SOHO 6

Firebox

SOHO 6tc

Firebox

SOHO 6

Wireless

Firebox

SOHO 6tc

Wireless

Firebox S6

and S6-VPN

Firebox S6

Wireless and

S6-VPN

Wireless

Recommended For

Small Business

Home Office

Small Remote Office

Small Business and Home Office that desires wireless connectivity

Small Remote Office that desires wireless connectivity

Small Japanese Business, Home Office, or Small Remote Office

Small Japanese Business, Home Office, or Remote Office that desires wireless connectivity

User License

10 (upgrade to 25 or 50¹)

Firewall Throughput

75 Mbps

VPN Throughput (3DES Encryption + SHA1)

20 Mbps

Hardware Encryption Acceleration

Yes

Branch Office VPN Tunnels

0²

10²

0²

10²

0² – S6

10 – S6-VPN

0² – S6 Wireless

10 – S6-VPN Wireless

Mobile User VPN Tunnels

0³

1⁴

0³

1⁴

Full Japanese Support, User Interface and User Guides

Yes

Interfaces

Six RJ-45 10/100TX Ethernet

Five RJ-45 10/100TX Ethernet

802.11b WAP

Five RJ-45 10/100TX Ethernet

802.11b WAP

Six RJ-45 10/100TX Ethernet

Five RJ-45 10/100TX Ethernet

802.11b WAP

1	Firebox SOHO 6tc—50 User and 50 User Upgrade License is available in North America and select countries.

2	Upgradeable to 10 BOVPN tunnels.

3	Upgradeable to 5 or 10 MUVPN tunnels.

4	Upgradeable to 6 or 11 MUVPN tunnels.

Firebox X Edge

Firebox X Edge

Model

Firebox

X15

Firebox

X50

Firebox X5

Wireless

Firebox X15

Wireless

Firebox X50

Wireless

Recommended For

Telecommuters who require central office VPN connectivity with separate work/home networks

Small businesses or remote offices that require branch office VPN endpoint connectivity to a central office running a Firebox X

Small businesses or remote offices that need fully integrated protection, intuitive local and remote management, and WAN failover for ISP redundancy

Telecommuters that desire wireless connectivity

Small businesses or remote offices that desire wireless connectivity

User License

12 (upgrade to 17)

Unlimited

12 (upgrade to 17)

Unlimited

Firewall Throughput

80 Mbps

95 Mbps

110 Mbps

80 Mbps

95 Mbps

110 Mbps

VPN Throughput (3DES Encryption + SHA1)

35 Mbps

Hardware Encryption Acceleration

Yes

Branch Office VPN Tunnels

Mobile User VPN Tunnels

1 (10 max)

5 (25 max)

5 (55 max)

1 (10 max)

5 (25 max)

5 (55 max)

Full Japanese Support, User Interface and User Guides

Option

Interfaces

10 RJ-45 10/100TX Ethernet

10 RJ-45 10/100TX
Ethernet

10 RJ-45 10/100TX Ethernet

Firebox X Core


Firebox X Core Model	Firebox X500	Firebox X700	Firebox X1000	Firebox X2500
Recommended For	Stand-Alone Firewall for Small Office	Smaller Business or Remote Office	Mid-Size Business or Branch Office	Mid-sized Enterprises, High Volume Web Traffic
Authenticated Users	250	250	1000	5000
User License	Unlimited	Unlimited	Unlimited	Unlimited
Firewall Throughput	100 Mbps	150 Mbps	225 Mbps	275 Mbps
VPN Throughput (3DES Encryption + SHA1)	20 Mbps	40 Mbps	75 Mbps	100 Mbps
Hardware Encryption Acceleration	Yes	Yes	Yes	Yes
Branch Office/Mobile User VPN Tunnels	0¹/50	100/100	400/1000	1000/1000
Model Upgradeability	Yes	Yes	Yes	No
Interfaces	Six² RJ-45 10/100TX Ethernet, DB-9 Serial Port	Six² RJ-45 10/100TX Ethernet, DB-9 Serial Port	Six² RJ-45 10/100TX Ethernet, DB-9 Serial Port	Six² RJ-45 10/100TX Ethernet, DB-9 Serial Port

1	Upgradeable to 50 Branch Office/VPN Tunnels.

2	Three ports active initially with an available option to activate three additional ports.

Firebox X Peak


Firebox X Peak Model	Firebox X5000	Firebox X6000	Firebox X8000
Recommended For	Enterprises that need higher performance, advanced networking features and higher port density to segment their networks	More demanding enterprise networks that need Gigabit-level performance	Advanced networks and data centers that need gigabit-level performance and multiple Gigabit Ethernet interfaces
Authenticated Users	5,000	6,000	8,000
User License	Unlimited	Unlimited	Unlimited
Firewall Throughput	400 Mbps	700 Mbps	1 Gbps +
VPN Throughput (3DES Encryption + SHA1)	190 Mbps	300 Mbps	400 Mbps
Hardware Encryption Acceleration	Yes	Yes	Yes
Branch Office/Mobile User VPN Tunnels	400/4,000	400/5,000	400/10,000
Model Upgradeability	Yes	Yes	No
Interfaces	Ten RJ-45 10/100TX Ethernet DB-9 Serial Port	Nine RJ-45 10/100TX Ethernet, One 10/100/1000TX DB-9 Serial Port	Seven RJ-45 10/100TX Ethernet, Three 10/100/1000TX Ethernet DB-9 Serial Port

Firebox SSL Core VPN Gateway


		Firebox SSL Core VPN Gateway
Recommended For		Stand-Alone Firewall for Small Office. Ideal for businesses with up to 205 remote users, partner access users, or wireless LAN users that need to have secure, always-on connectivity to corporate resources via any device.
Authenticated Concurrent Users (included/maximum)		5/205
Encryption		Session length of 128 bit and 168 bit, RC4, DES, and 3DES ciphers, supporting MD5, SHA1, SSL v3, TLS v1
Advanced Security Features		Integrated Host Check, forced session time-out, forced re-login, 2-factor authentication support, supports authorized third party digital certificates, blocks worm traversal
User Authentication		HTTP, AD, RADIUS, 2 Factor, Realm, Single Sign On
Application and Network Access		Agnostic, user groups, applications in their native interfaces
Protocol Support		TCP, UDP, ICMP, RAS
Advanced Networking Support		Support for load balancers, dynamic routing, static routing, client failover, IP pooling, timeout
Access Modes		Secure client access, Kiosk/Web
Logging and Reporting		Local, sys log, SNMP
Management		Web, Java, CLI, real-time session monitoring
Model Upgradeability		No
Interfaces		2/6 RJ-45 10/100TX Ethernet, DB-9 Serial Port

LiveSecurity Service

Our LiveSecurity Service is valuable for both businesses and managed security providers, and offers subscribers the following important services:

•

Timely early-warning vulnerability alerts emailed directly to the subscriber’s inbox, so customers can stay ahead of new threats to their network security. These alerts are designed to address all substantive security issues, not just firewall-related issues. The skill and knowledge of a network’s administrators are key determinates of the strength of any network’s defenses. LiveSecurity also helps subscribers to increase their network security knowledge rather than merely respond to immediate problems. LiveSecurity issues educational material almost weekly (34 times in 2005) written in every-day language by WatchGuard experts and world-class network security authorities.

•

Convenient, downloadable software updates that provide not only hotfixes but also feature enhancements, which allow LiveSecurity customers’ defenses to keep pace with computer hacker innovations. In 2005, LiveSecurity issued 27 software updates, which subscribers could download at their convenience from LiveSecurity’s Software Center Web site.

•

Expert security instruction and training to help subscribers stay current, grow in their security knowledge and better respond to security issues.

•

Superior customer care that responds quickly to subscriber problems and offers technical support and convenient online resources that include:

•

online training;

•

a moderated user forum where users help other users;

•

a security glossary of easily understandable networking and security terminology;

•

answers to frequently asked questions; and

•

hundreds of articles customized for all levels of understanding, from beginner to networking veteran.

We currently offer standard and enhanced versions of our LiveSecurity Service, each of which provides end-users with differing levels of interactive technical support:

•

Standard Technical Support Service, which includes:

•

Technical support 12 hours a day, five days a week in a customer’s local time zone;

•

Targeted four-hour maximum response time to customers’ reported issues; and

•

Access to technical support team, limited to five incidents per year.

•

Gold Technical Support Service Upgrade, which includes:

•

Technical support 24 hours a day, seven days a week;

•

Targeted one-hour maximum response time to customers’ reported issues; and

•

Unlimited access to technical support team.

Managed Security Solution

Our managed security solution for service providers, or MSS, has three main components: our network operations center, or NOC, security suite software with security policy management and highly scalable logging and reporting features, our Firebox appliances and our LiveSecurity Service. Service providers can deploy and remotely manage Firebox X, Firebox SOHO, Firebox X Edge and our prior-generation Firebox III appliances.

•

Security Features—Our managed security solution includes the same comprehensive set of security features offered in our Firebox products.

•

Management Features—We designed our managed security solution management software for a trained operator using a dedicated management console to configure and manage the security of a large subscriber base. Centrally located at the service provider’s NOC, our Global Policy Manager software provides security intelligence and configuration for all customer sites under management. The MSS product also includes a highly scalable log and report server known as the WatchGuard Event Processor, or WEP. The WEP runs on Sun Solaris SPARC stations for high performance and reliability.

•

Security Appliances—One or more of our security appliances reside on the premises of each managed customer of the service provider or are hosted in the service provider’s data center. The appliances receive and implement the security software and security policies sent by the service provider. All of our security appliances may be centrally managed by the service provider.

•

LiveSecurity Service—Through our LiveSecurity Service, the service provider’s NOC receives information and virus alerts, threat responses, software updates, support flashes and expert editorials, as well as access to training and service provider-specific technical support. The service provider then updates the security policies of its customers and transmits these policy updates over its network to its customers.

By receiving the benefits of our security solution through a service provider, an enterprise gains a number of added advantages. The service provider can:

•

monitor and manage customers’ security 24 hours a day, seven days a week;

•

define and implement professional, customized network security policies;

•

define and implement highly customized historical and real-time reporting based on the Firebox log files;

•

easily install software updates across its installed base;

•

regularly review customers’ security and provide detailed reporting and analysis; and

•

mitigate the up-front cost of a security system purchase and setup.

Upgrades and Options

A summary of upgrades and options we offer includes:

•

Web-Blocker content filtering to restrict Web site access (Firebox X and Firebox SOHO)

•

Gateway AntiVirus and Intrusion Prevention with anti-spyware for scanning and blocking viruses and network attacks at the gateway. Also blocks IM and P2P applications. (Firebox X Peak and Core running Fireware Pro operating system)

•

Gateway AntiVirus for E-mail for scanning and blocking viruses at the gateway (Firebox X Core running WFS operating system)

•

spamBlocker for real-time spam detection and blocking (Firebox X Peak and Core running Fireware Pro operating system)

•

SpamScreen to filter or identify email spam (Firebox X Core running WFS)

•

Model upgrades to increase performance and feature attributes to that of any higher model in the line. Model upgrades are available for Firebox X Edge, Core and Peak product lines

•

User limit upgrades (Firebox SOHO)

•

Port upgrade to activate three additional ports (Firebox X Core)

•

Mobile-user VPN for telecommuting or traveling employees (all models)

•

AuditScan vulnerability assessment powered by Qualys, Inc. to identify and correct vulnerabilities before an attack is launched (all models)

•

McAfee Virus Scan ASaP desktop virus protection for Microsoft Windows 98, NT and 2000 operating systems (all models)

•

High Availability for security appliance failover protection (Firebox X Core running WFS operating system)

•

VPN Force Port to secure wireless users’ connections with IPSec and route the wireless user traffic through secure branch office VPNs to an enterprise’s trusted network (available on Firebox SOHO 6 Wireless)

•

Dual ISP Port Upgrade failover protection (Firebox SOHO)

Customer Service

We consider our commitment to customer service to be a competitive advantage for us. Our staff of technical support representatives serves our end-users and our reseller, distributor and service provider partners by phone and via the Internet. We offer support to our partners that have representatives who have passed our required technical training. For our end-users, we offer the two technical support programs described above, our Standard Technical Support Service and our Gold Technical Support Service Upgrade. In addition to our technical support staff, we offer all of our authorized customers access to our Web-based technical support self-help toolset 24 hours a day, seven days a week. These tools include comprehensive frequently asked questions, a listing of all known issues with our current software version (and any available “work-arounds” or fixes), and an interactive Web forum that allows customers to post WatchGuard-related technical questions to other customers and our technical moderator.

The WatchGuard Team of Experts

Our Rapid Response team identifies, analyzes and generates responses to new Internet security threats. To identify new threats, the team monitors a wide variety of Internet sources related to network security, including newsgroups, vendor Web sites, security-related bulletin boards, and even underground “black hat” sites (sites that promote destructive computer hacking that typically involves the commission of a criminal act). When the Rapid Response team identifies an emerging security threat, it alerts LiveSecurity Service subscribers with concise, prompt emails, written understandably and including step-by-step countermeasures that bolster defenses. In conjunction with our Rapid Response team, world-class outside experts also provide continuing education and editorials on the rapidly changing subject of Internet security. Our Rapid Response service broadcasted 154 LiveSecurity articles during 2005.

Licensing and Pricing

We offer our resellers, distributors and service provider partners discounts from our suggested retail prices. In addition, we offer educational discounts and promotional pricing as appropriate. All customers that purchase our Firebox products receive a perpetual license for our security and management software, which is included in the system price. Each end-user purchaser of our current products also receives a renewable 90-day subscription to our standard LiveSecurity Service. For services such as Gateway AV that have a software component, end-user purchasers receive a perpetual license to the software component, which is included in the initial purchase price of the service. For our managed security solution, the service provider buys a license to use our NOC security suite management and security software. In addition, the service provider must have an active subscription to the LiveSecurity Service for each end-user security appliance that it manages.

Sales, Marketing and Distribution

Because the need for Internet security crosses geographic and economic boundaries, our business opportunity extends worldwide to all business segments. Since our inception, we have invested heavily in worldwide sales and marketing. International sales generated 56% and 61% of our revenues in 2004 and 2005, respectively.

We sell our security solutions through distributors, value-added resellers, or VARs, and service providers, who resell our products and services to end-users spanning a wide variety of industries and more than 150 countries. We also sell our managed security solution products and services directly to service providers. As of December 31, 2005, we had shipped over 350,000 of our security appliances to our distribution network since our founding. Examples of members of our distribution network include:

•

distributors, such as Ingram Micro, Tech Data, Wick Hill Group and Alternative Technologies;

•

VARs, such as Secure Networks Ltd., Century Computing Ltd., Taskarena IT-Solutions GmbH, Softbank, Fujitsu Business Systems, Ltd. and Network Computing Architects, Inc.;

•

direct marketers, such as CDW Computer Centers, Insight Enterprises, Dell and PC Connection; and

•

service providers, such as AT&T Global Network Services Hong Kong Limited (AGNS Ltd.), Deutsche Telekom, Internet Initiative Japan, KPN, Easynet and Star Internet.

As part of our distribution network, thousands of resellers worldwide sell our security solutions. In 2005, we continued to enhance our channel network, focusing our efforts on channel customers capable of assisting us in growing our business and expanding our reach in the SME market. Three of our channel customers, Tech Data, Ingram Micro and Wick Hill, accounted for 16.4%, 13.8% and 10.0%, respectively, of our revenues in the year ended December 31, 2005 on a global basis. One of the key programs we utilize worldwide to increase the productivity of our reseller channel is our authorized reseller program, called the WatchGuard Secure Partner Program, or WSP Program. The WSP Program offers programs and financial benefits to security-focused resellers who meet technical and sales certifications and promote us to end-users. At the end of 2005, we had authorized over 1,000 WatchGuard Secure Partners worldwide. Our agreements with our distribution network are nonexclusive.

We divide our sales organization geographically and by channel customer focus. We have sales teams specifically responsible for the Americas, Europe/Middle East/Africa, or EMEA, and Asia Pacific. Our sales professionals are typically local nationals who live and work in their designated geographic regions. We also assign sales resources to specific channel categories, including distribution, resellers and managed security providers. In the Americas, our national account managers are responsible for our relationships with our distribution and e-tail network, helping them sell and support key reseller accounts and acting as a liaison to our marketing and product development organizations. In addition, our national account managers help to recruit new resellers and generally promote the sale of our products to end-user customers.

We have a dedicated channel marketing team responsible for delivering programs, sales tools and communication specific to the categories of channel customers. The team supporting national accounts works closely with distributors and e-tailers to promote WatchGuard brand awareness. We actively participate in public forums to inform existing and potential end-user customers, distributors, resellers and service providers about the capabilities and benefits of our products. These include industry trade shows in major geographic regions, product technology conferences, regional awareness programs, trade publications and journals. We use the Web extensively to deliver information to both end-users and our channel customers and have a dedicated, secure Web site that provides extensive information to channel customers. We offer resellers access to white papers, competitive information, graphics to assist their advertising efforts, product and sales training modules and the opportunity to post information about their events online. In addition, partners receive communications from us through the LiveSecurity Service.

We offer comprehensive online training on our security solutions through our Web site. Our interactive training system guides both end-user customers and resellers through the installation, setup and management of our Firebox security solutions and provides new product information. Training modules cover firewall basics, VPN and sales training (for resellers only), and include live-action video and audio question-and-answer segments. Online certification testing is offered for both end-user customers and resellers to confirm their product knowledge.

The growth rate of our domestic and international sales has been, and may in the future be, lower in the summer months, when businesses often defer purchasing decisions. Also, as a result of customer-buying patterns and the efforts of our sales force to meet or exceed quarterly and year-end quotas, historically we have received a substantial portion of a quarter’s sales orders and earned a substantial portion of a quarter’s revenues during the quarter’s last month and the latter half of the last month.

Research and Development

We focus our research and development efforts on enhancing our existing products and services, developing new products based on our innovative expandable architecture, and developing services that capitalize on our LiveSecurity Service infrastructure. We use a layered design, which allows us to develop new applications that plug into our existing product line. As a result, our products can be deployed in stages, either directly by an enterprise or by a service provider if the enterprise has outsourced its security management. As we develop new products, our LiveSecurity Service end-users and service provider partners can incorporate the new products and services into their systems with minimal system interruption.

As of December 31, 2005, we employed 113 people on our research and development staff. Research and development expenses were $21.0 million in 2003, $18.2 million in 2004 and $18.7 million in 2005. We have product development facilities in Seattle, Washington, San Jose, California and Tustin, California.

Competition

We compete in a market that is intensely competitive, highly fragmented and rapidly changing. We face competition in sales both of products and services designed for enterprises and those designed for service providers. We have experienced, and will continue to experience, increasing competition from current and emerging competitors, many of which have significantly greater financial, technical, marketing and other resources than we do.

In the market for network security solutions, we compete on the basis of technological expertise and functionality, breadth of service and product technology and features, ease of installation and management, performance, updatability, scalability, brand recognition, price, customer support and distribution capability. Currently, the primary competitors in our industry include Check Point Systems, Inc., Cisco Systems, Inc., Fortinet Inc., Juniper Networks, Inc., Nokia Corporation, SonicWALL, Inc. and Symantec Corporation. Other competitors offering security products include hardware and software vendors such as Network Associates, Inc., operating system vendors such as Microsoft Corporation, Novell, Inc. and Sun Microsystems, Inc., and a number of smaller companies.

Many of our competitors have longer operating histories, greater name recognition, larger customer bases and significantly greater financial, technical, marketing and other resources than we do. In addition, many of our smaller competitors that specialize in providing protection from a single type of Internet security threat are often able to deliver these specialized Internet security products to the market more quickly than us. Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources. In addition, current or potential competitors may be acquired by third parties with greater available resources, as has happened as a result of Juniper’s acquisition of Netscreen Technologies, Inc. As a result of such acquisitions, our current or potential competitors might be able to adapt more quickly to new technologies and customer needs, devote greater resources to the promotion or sale of their products and services, initiate or withstand substantial price competition, take advantage of acquisition or other opportunities more readily or develop and expand their product and service offerings more quickly. In addition, our competitors may bundle products competitive with ours with other products that they may sell to our current or potential customers. These customers may accept these bundled products rather than separately purchasing our products.

While some of our competitors have traditionally targeted either large-enterprise security needs or consumer security needs, these competitors could adapt their existing products to make them more attractive to our markets. If these or other of our competitors were to focus their greater financial, technical and marketing resources on our markets, our business could be harmed. In addition, as our security solutions are adopted by larger enterprises, we expect to see increased competition from our competitors that traditionally target large-enterprise security needs. Increased competition in any of our markets could result in price reductions, fewer customer orders, reduced gross margins and loss of market share.

Proprietary Rights

To protect our proprietary rights, we rely primarily on:

•

license agreements with third parties, including a standard software license included with our products;

•

confidentiality agreements with our employees and third parties;

•

invention assignment agreements with our employees and contractors;

•

protective contractual provisions in our agreements with some of our consultants, resellers and customers; and

•

limited access to our software, documentation and other proprietary information.

The following are trademarks of ours or our affiliates: WatchGuard^® is a registered trademark in the United States, the European Union, Canada, Norway, Australia, New Zealand, Indonesia, Singapore, Japan, China under the Madrid Protocol and Mexico, RapidStream^® is a registered trademark in the United States, Japan, the European Union and South Korea, Designing Peace of Mind^® is a registered trademark in the United States, the WatchGuard logo is a registered trademark in the United States, LiveSecurity^® is a registered trademark in the United States, the European Union, Canada, Japan, China under the Madrid Protocol and Mexico, Firebox^® is a registered trademark in the United States, Canada, China under the Madrid Protocol and Japan, RapidCore^® is a registered trademark in the United States, the European Union and Japan, ServerLock^® is a registered trademark in the United States, Japan, Norway and Singapore, AppLock^® is a registered trademark in the United States, AuditScan^® is a registered trademark in the United States, Australia under the Madrid Protocol and Japan under the Madrid Protocol, and LockSolid^® is a registered trademark in the United States, Australia, Japan, New Zealand, Canada, the European Union, Indonesia, Singapore and Norway. Applications to register the Firebox, AuditScan, Firecore, Fireware and Know What To Do trademarks are pending in other jurisdictions.

We also have other trademarks in use in the United States that do not currently have applications pending in any jurisdiction. We have 13 issued patents and 12 patents pending.

Many of our products are designed to include software or other intellectual property licensed from third parties. While it may be necessary in the future to seek or renew licenses relating to various aspects of our products, we believe, based on past experience and standard industry practice, that such licenses generally could be obtained on commercially reasonable terms. Nonetheless, the necessary licenses may not be available on acceptable terms, if at all. Our inability to obtain certain licenses or other rights or to obtain such licenses or rights on favorable terms, or the need to engage in litigation regarding these matters, could have a material adverse effect on our business, financial condition and operating results. Moreover, inclusion in our products of software or other intellectual property licensed from third parties on a nonexclusive basis can limit our ability to protect our proprietary rights in our products.

U.S. Government Export Regulation Compliance

Our products are subject to U.S. governmental regulations governing the export of encryption commodities and software. In recent years, however, U.S. legislation has relaxed export controls on encryption. U.S. law now allows the export of encryption commodities and software of any strength to nongovernmental end-users located in any country except those designated as embargoed or otherwise restricted by the U.S. government, subject to streamlined reporting requirements. To satisfy these encryption export reporting requirements, we use data gathered from end-users during product registration. WatchGuard’s encryption technology and software have been approved for export by the U.S. Department of Commerce’s Bureau of Industry and Security, or BIS, under an export license exception granted after previous technical reviews by the BIS. The approved technology and software include our branch office and remote user VPN software our legacy Firebox II, Firebox III and Firebox Vclass lines of security appliances and our Firebox X lines of security appliances and Firebox SSL VPN

Gateway. The BIS has granted retail export status to our legacy Firebox III 500 and 700 and Firebox V10 appliances, our Firebox X500 appliances and the appliances in the Firebox X Edge, Firebox X Edge Wireless and Firebox SOHO product lines, which use encryption in branch office VPN software. We are eligible to export products that qualify for retail export status to all nonembargoed and nonrestricted foreign end-users, including government entities.

Manufacturing

We currently outsource all hardware manufacturing and assembly for our Firebox X Core line of products to Lanner Corporation, a Taiwan Republic-of-China-based company, for our Firebox X Peak line of products to Advantech, a Taiwan Republic-of-China-based company and for our Firebox X Edge and Firebox SOHO products to SerComm Corporation, also a Taiwan Republic-of-China-based company. All contract manufacturers are certified as meeting the International Organization for Standardization’s quality assurance standards ISO 9001 and 9002. Each of our off-shore contract manufacturers has contracted back-up manufacturing facilities and production capacity in case of disaster. Worldwide distribution is currently performed at our distribution facility in Seattle, Washington.

Employees

As of December 31, 2005, we had 338 employees. Of these, 110 were employed in sales and marketing, 43 in finance and administration, 72 in customer support and operations and 113 in research and development. We are not a party to any collective bargaining agreements with our employees and we have not experienced any work stoppages. We believe we have good relations with our employees.

ITEM 1A.

RISK FACTORS

In addition to the other information contained in this annual report, you should carefully read and consider the following risk factors. If any of these risks actually occur, our business, financial condition or operating results could be materially adversely affected and the trading price of our common stock could decline.

We have incurred losses in the past and may not achieve or sustain consistent profitability, which could result in a decline in the value of our common stock.

Since inception, we have incurred net losses and experienced negative cash flows from operations in each quarter, except that we had net income and a positive cash flow from operations in the third quarter of 2000 and a positive cash flow from operations in the third quarter of 2001, fourth quarter of 2004 and third quarter of 2005. As of December 31, 2005, we had an accumulated deficit of approximately $146.2 million. We may not be able to maintain or grow our revenues in the future, and even if we do, the historical percentage growth rate of our revenues may not be sustainable as our revenue base increases. In addition, irrespective of our revenues, we may not achieve or sustain profitability in future periods as a result of our operating expenses. We expect that over time we will have to increase our operating expenses in connection with:

•

continuing to develop our technology;

•

expanding into new product markets;

•

expanding into new geographic markets;

•

continuing to drive demand of our products;

•

hiring additional personnel;

•

upgrading our information and internal control systems;

•

pursuing additional strategic acquisitions;

•

meeting enhanced regulatory and corporate governance requirements; and

•

ongoing litigation.

If we are unable to achieve or sustain profitability in future quarters, the trading price of our common stock could decline.

Our operating results fluctuate and could fall below expectations of securities analysts and investors, resulting in a decline in our stock price.

Our quarterly and yearly operating results have varied widely in the past and will probably continue to fluctuate. For this reason, we believe that period-to-period comparisons of our operating results may not be meaningful. In addition, our limited operating history makes predicting our future performance difficult. If our operating results for a future quarter or year fail to meet market expectations, this shortfall could result in a decline in our stock price.

We base our spending levels for product development, sales and marketing and other operating expenses largely on our expected future revenues. Because our expenses are largely fixed for a particular quarter or year, we may be unable to reduce our spending in time to compensate for any unexpected quarterly or annual shortfall in revenues. If this occurs our operating results could fall below the expectations of securities analysts and investors, which could result in a decline in our stock price.

If our estimates or judgments relating to our critical accounting policies are based on assumptions that change or prove to be incorrect, our operating results could fall below expectations of securities analysts and investors, resulting in a decline in our stock price.

The preparation of financial statements in conformity with generally accepted accounting principles requires management to make estimates and assumptions that affect the amounts reported in the consolidated financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, as provided in our management’s discussion and analysis of financial condition and results of operations in this annual report, the results of which form the basis for making judgments about the carrying values of assets and liabilities that are not readily apparent from other sources. Our operating results may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions, which could cause our operating results to fall below the expectations of securities analysts and investors, resulting in a decline in our stock price.

Significant assumptions and estimates used in preparing our consolidated financial statements include those related to:

•

revenue recognition, including sales returns and allowances and promotional rebates;

•

provision for doubtful accounts;

•

inventory reserves;

•

restructuring reserves; and

•

analysis of impairment of goodwill and other long-lived intangible assets.

Examples of estimates we have made include, but are not limited to, those associated with the costs of excess and obsolete inventory, costs of our 2001 and 2002 restructuring, impairment analysis of the intangible assets obtained in our 2002 acquisition of RapidStream Inc., as well as goodwill relating to the acquisitions of BeadleNet LLC, Qiave Technologies Corporation and RapidStream. The estimates may prove to be inaccurate. For example, the costs of excess and obsolete inventory may increase above current estimates if our revenues fall below our sales forecasts. Although we do not anticipate further significant adjustments to our 2001 and 2002 restructuring in addition to the $1 million charge we recorded in the fourth quarter of 2003, the $400,000 charge we recorded in the third quarter of 2004 and the $165,000 charge we recorded in the fourth quarter of 2005, the actual costs related to the restructuring may differ from our estimate if it takes us longer than expected to find suitable tenants for our excess facilities or if there are further changes in the real estate market where excess facilities are located.

If potential customers do not accept our Firebox products and related optional products and services, including the LiveSecurity Service, our business will not succeed.

We currently expect that future revenues will be primarily generated through sales of our Firebox products and related optional products and services, including the LiveSecurity Service, and we cannot succeed if the market does not accept these products and services. Some of our Firebox products, particularly our key Firebox X family of products and our relatively new Fireware operating system, however, are relatively new and unproven. The Firebox X Peak line of products and the Fireware operating system has only been available since April 2005, the Firebox X Core line of products has only been available since February 2004 and the Firebox X Edge line of products has only been available since August 2004. In addition, we have only recently begun to focus on marketing and selling the related optional products and services, and we may be unsuccessful in marketing, selling and delivering these types of options. The Firebox X family of products, which replaces a product line that represented a majority of our revenues and augments our existing Firebox SOHO security products, also represents a new approach to providing security to the SME market in that the products are designed to be expandable both to incorporate additional features and to provide increased performance, and we may be unsuccessful in marketing and selling this type of product or the upgrades necessary for customers to take advantage of the expandability. If customers purchase less expensive models than they otherwise would because of the ability to later upgrade the product, but then fail to purchase upgrades, our revenues from those products would be negatively affected. In addition, we may have to continue to increase discounts on the old Firebox SOHO product line to maintain an acceptable level of sales, which could also have a material adverse affect on our revenues and results of operations. If sales of our Firebox products do not meet expectations, we may have excess inventory of products or components, and such excess inventory would have a negative effect on our operating results.

To receive our LiveSecurity Service and other optional services, enterprises are required to pay an annual subscription fee, either to us or, if they obtain the service through one of our channel customers, to the channel customer. SMEs may be unwilling to pay a subscription fee to keep their Internet security up to date and to receive Internet security-related information or to obtain additional security-related features and services. Because our LiveSecurity Service is an innovative service, and our other subscription services are new and unproven, we may not be able to accurately predict the rate at which our customers will renew their annual subscriptions. In addition, most businesses implementing security services have traditionally managed their own Internet security rather than using the services of third-party service providers. As a result, our products and services and the outsourcing of Internet security to third parties may not achieve significant market acceptance.

If we are unable to compete successfully in the highly competitive market for Internet security products and services for any reason, including because current or potential competitors gain competitive advantage through partnering or acquisition, our business will fail.

The market for Internet security products is intensely competitive and we expect competition to intensify in the future. An increase in competitive pressures in our market or our failure to compete effectively may result in pricing reductions, reduced gross margins and loss of market share. Currently, the primary competitors in our industry include Check Point Systems, Inc., Cisco Systems, Inc., Fortinet Inc., Juniper Networks, Inc., Nokia Corporation, SonicWALL, Inc. and Symantec Corporation. Other competitors offering security products include hardware and software vendors such as Network Associates, Inc., operating system vendors such as Microsoft Corporation, Novell, Inc. and Sun Microsystems, Inc., and a number of smaller companies. Many of our competitors have longer operating histories, greater name recognition, larger customer bases and significantly greater financial, technical, marketing and other resources than we do. In addition, many of our smaller competitors that specialize in providing protection from a single type of Internet security threat are often able to deliver these specialized Internet security products to the market more quickly than us. Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources. In addition, current or potential competitors may be acquired by third parties with greater available resources, as has happened as a result of Juniper’s acquisition of Netscreen Technologies, Inc. As a result of such acquisitions, our current or potential competitors might be able to adapt more quickly to new

technologies and customer needs, devote greater resources to the promotion or sale of their products and services, initiate or withstand substantial price competition, take advantage of acquisition or other opportunities more readily or develop and expand their product and service offerings more quickly. In addition, our competitors may bundle products competitive with ours with other products that they may sell to our current or potential customers. These customers may accept these bundled products rather than separately purchasing our products.

While some of our competitors have traditionally targeted either large-enterprise security needs or consumer security needs, these vendors could adapt their existing products to make them more attractive to our markets. If these or other of our competitors were to focus their greater financial, technical and marketing resources on our markets, our business could be harmed. In addition, as our security solutions are adopted by larger enterprises, we expect to see increased competition from our competitors that traditionally target large-enterprise security needs. Increased competition in any of our markets could result in price reductions, fewer customer orders, reduced gross margins and loss of market share.

We rely on third-party channel customers to generate most of our revenues, and if they fail to perform, our ability to sell our products and services will be limited.

We sell most of our products and services through our distribution network, and we expect our success to continue to depend in large part on the performance of this network. To the extent our channel customers are unsuccessful selling our products, or we are unable to partner with and retain a sufficient number of channel customers in each of the regions in which we sell products, our ability to sell our products and services will be limited. Our channel customers also have the ability to sell products and services that are competitive with ours, to devote more resources to those competitive products or to cease selling our products and services altogether. The loss of one or more of these channel customers, a reduction in their sales or a reduction in our share of their sales of Internet security products, particularly if any such changes result in increased sales of competitive products, could harm our business. In addition, we are still in the process of reorganizing our channel in the Asia Pacific region and, particularly, Japan. If this reorganization causes disruption, we could experience a loss or reduction in sales involving one or more of our channel customers.

Channel customers often specialize in selling certain types of products or in selling to specific segments of the market. To be successful, we must therefore have the right channel customers selling our products in the appropriate market segments as well as have a sufficient number of channel partners selling our products. To the extent that we are unable to partner with and retain the right channel customers to sell our products, or we introduce new products that our channel customers are unable to sell effectively, our ability to sell our products and services will be limited. For example, our Firebox X Peak product line recently introduced in April 2005 is targeted at SME customers that are typically larger or more sophisticated in their use of the Internet than those buying our other Firebox X products. If our current channel customers are unable to sell this product line effectively, of if we are unable to join with and retain channel customers that can sell this product line effectively, our ability to sell this product line and related services may be limited.

The requirement to recognize revenue on a sell through basis for certain third-party channel customers due to contractual changes could negatively affect our future revenues.

customer’s inventory was already recognized in prior periods. Therefore, revenue on individual inventory items sold subsequent to the conversion can only be recognized after the converted channel customer has disposed of its inventories predating the conversion. As of December 31, 2004, the converted customers held inventories for which we had already recognized revenues in the amount of $2.3 million. Substantially all of these inventories were sold through by the converted customers during the first quarter of 2005. While the contractual changes and the resulting conversion of these customers from a sell in method to a sell through method of revenue recognition resulted in a reduction of revenues during the first quarter of 2005, the total effect of this reduction cannot be measured reliably due to a change in customer-buying patterns upon conversion to the sell through method.

We plan on taking similar measures with customers in EMEA in the second and third quarters of 2006, with the majority of the EMEA conversions planned for the second quarter of 2006, and are evaluating taking similar measures with our customers in our remaining geographic locations. To the extent additional channel customers are converted, there will be a material adverse effect on revenues and results of operations for the quarter in which those conversions take place, with the magnitude depending on the inventory levels with those channel customers at the time of conversion. To recognize revenue on a sell through method from a channel customer, we will need to continue to obtain adequate reporting on inventory levels from that channel customer to determine how much of our product has been sold to the end customers. If we are unable to obtain such reporting, our ability to recognize revenue from such channel customers could be materially adversely affected and our financial results would be harmed.

Product returns, retroactive price adjustments and rebates could exceed our allowances, which could adversely affect our operating results.

We provide most of our channel customers with product return rights for stock rotation and price protection rights for their inventories, which they may exercise if we lower our prices for those products. We also provide promotional rebates to some of our channel customers. We may experience significant returns, price adjustments and rebate costs for which we may not have adequate allowances, particularly with the introduction of our Firebox X product line, which replaced our Firebox III product line. The short life cycles of our products and the difficulty of predicting future sales increase the risk that new product introductions or price reductions by us or our competitors could result in significant product returns or price adjustments, and we expect to introduce new products in 2006. When we introduced the Firebox II, the Firebox III and then later the Firebox X Core and Firebox X Edge security appliances, we experienced an increase in returns of previous products and product versions. While we review and adjust our provision for returns and allowances in order to properly reflect the potential for promotional rebate costs, increased returns and pricing adjustments associated with the introduction of new products, such as the Firebox X product line, including the recent release of the Firebox X Peak product line and Fireware operating system in the second quarter of 2005, the provision may still be inadequate. An increase in the provision for returns and allowances will result in the reduction of revenues.

Customer demand, competitive pressure and rapid changes in technology and industry standards could render our products and services unmarketable or obsolete, and we may be unable to introduce new or improved products and services, or update existing products or services, timely and successfully.

To succeed, we must continually change and improve our products, add new products and services, provide updates to products and services and replace existing products and services in response to changes in customer demand, competitive pressure, rapid technological developments and changes in operating systems, Internet access and communications, application and networking software, computer and communications hardware, programming tools, computer language technology and computer hacker techniques. We may be unable to successfully and timely develop and introduce these new, improved or updated products and services or achieve and maintain market acceptance for new, improved or updated products and services we develop and introduce.

The development and introduction of new, technologically advanced Internet security products and services, or providing updates to existing products or services, is a complex and uncertain process that requires great

innovation, the ability to anticipate technological and market trends, the ability to deliver updates to a large customer base efficiently and in a timely fashion and the ability to obtain required domestic and foreign governmental and regulatory certifications. Because Internet security technology is complex and often contains encryption technology, it can require long development, testing and certification periods.

Releasing new or improved products and services, or updates to products or services, prematurely may result in quality problems, and releasing them late may result in loss of customer confidence and market share. In the past, we have experienced delays in the scheduled or expected introduction of new, improved and updated products and services, and in the future we may experience delays, or be unable to introduce an expected new, improved or updated product or service at all. When we do introduce new or enhanced products and services, we may be unable to successfully manage the transition from the older products and services to minimize disruption in customer-ordering patterns, avoid excessive inventories of older products and deliver enough new products and services to meet customer demand. In the past, when we have introduced new or improved products or services, we have experienced issues with the transition, which had an adverse effect on our operating results, and we expect to introduce new products and services in 2006. These have included, but were not limited to, issues such as excess inventories of products that were replaced that we had difficulty selling as customer demand for those product decreased, shortages of new product due to manufacturing and delivery issues that prevented us from delivering enough new product to meet demand and lower-than-expected initial sales of new or improved products as our sales personnel and channels adapted to selling the new or improved products or services.

Seasonality and concentration of revenues at the end of the quarter could cause our revenues to fall below the expectations of securities analysts and investors, resulting in a decline in our stock price.

The growth rate of our domestic and international sales has been and may in the future be lower in the summer months, when businesses often defer purchasing decisions. Also, as a result of customer-buying patterns and the efforts of our sales force to meet or exceed quarterly and year-end quotas, historically we have received a substantial portion of a quarter’s sales orders and earned a substantial portion of a quarter’s revenues during the quarter’s last month and the latter half of the last month. If expected revenues at the end of any quarter are delayed, our revenues for that quarter could fall below the expectations of securities analysts and investors, resulting in a decline in our stock price.

We may be unable to deliver our products and services if component manufacturers fail to supply component parts with acceptable quantity, quality and cost.

We obtain the component parts for our hardware from a variety of manufacturers. Companies in the electronics industry regularly experience lower-than-required component allocations, and the industry is subject to frequent component shortfalls. We have experienced such component shortfalls recently, with memory and flash component manufacturers providing these components on a limited allocation basis only. Although we have found additional or replacement sources for hardware components in the past, it is possible that we might not be able to find additional or replacement sources for our hardware components to address future shortfalls. Even if we find replacement sources, our operations could be disrupted or negatively affected if we have to add or switch to a replacement vendor, if our component supply is interrupted for an extended period or if the costs of the components increase due to shortages, which could result in loss of customer orders and revenue.

We may be unable to deliver our products and services if manufacturers fail to supply finished product with acceptable quantity, quality and cost.

We rely on third-party contract manufacturers for the assembly of all of our security appliance hardware platforms and for the design of certain of our security appliance hardware platforms. If a third-party manufacturer fails to or inadequately performs its obligations, we may be required to find a replacement, possibly on relatively short notice. Moreover, our contract manufacturers may not be able to react quickly if our forecasts exceed or fall short of our predictions. Even if we are able to find a replacement source for these finished

products on a timely basis, our operations could be disrupted if we have to add or switch to a replacement manufacturer, particularly if we were required to replace or redesign a hardware platform, or if our finished goods supply is interrupted for an extended period, which could result in loss of customer orders and revenue.

We may be unable to deliver our products and services if we cannot continue to license third-party technology that is important for the functionality of our products or for delivering new products.

Our success will depend in part on our continued ability to license technology that is important for the functionality of our products and for the delivery of new products based on third-party technology. A significant interruption in the supply of a third-party technology, including open source software, could delay our development and sales of existing, updated or new products until we can find, license and integrate equivalent technology. This could damage our brand and result in loss of current and potential customers. Although we believe that we could find other sources for the technology we license, alternative technologies may be unavailable on acceptable terms, if at all. We depend on our third-party licensors to deliver reliable, high-quality products, develop new products on a timely and cost-effective basis and respond to evolving technology and changes in industry standards. We also depend on the continued compatibility of our third-party software with future versions of our products.

If we do not retain our key employees, if changes to the management team cause disruption or if new management team members fail to perform, our ability to formulate and execute our business strategy will be impaired.

Our future success will depend largely on the efforts and abilities of our senior management and our key development, technical, finance and accounting, operations, information systems, customer support and sales and marketing personnel, and on our ability to retain them. These employees are not obligated to continue their employment with us and may leave us at any time. In addition, there have been changes to our management and development teams recently, including the addition of a new chief executive officer and interim chief financial officer in 2004, and a new vice president of North American sales, a new vice president of channel marketing and a new chief financial officer in 2005. If these changes have a negative effect on our operations, our business and operating results could be adversely affected.

Because many potential customers do not fully understand or remain unaware of the need for comprehensive and up-to-date Internet security, may perceive it as costly and difficult to implement, or may not understand the components of comprehensive Internet security well enough to effectively compare competitive offerings, our products and services may not achieve market acceptance.

We believe that many potential customers, particularly SMEs, do not fully understand or are not aware of the need for comprehensive and up-to-date Internet security products and services, and also may not fully understand the components of comprehensive Internet security well enough to effectively compare competitive offerings. Any inability to effectively compare competitive offerings may give companies with greater resources or more recognizable brands a competitive advantage over us. We will therefore not succeed unless the market understands the need for comprehensive and up-to-date Internet security and we can convince our potential customers of our ability to provide this security in an integrated, cost-effective and administratively feasible manner. Although we have spent, and will continue to spend, considerable resources educating potential customers about the need for comprehensive and up-to-date Internet security and the benefits of our products and services, our efforts may be unsuccessful.

We may be unable to adequately expand and adapt our operational systems to accommodate growth or recent changes in how we deliver our products and services to customers, which could harm our ability to deliver our products and services.

Our operational systems have not been tested at the customer volumes that may be required in the future. In addition, our operational systems required for the delivery of products and services through license-key

activation were not originally designed for the combination of the number of product and service offerings and customer volumes that may be required in the future, and we will have to update and expand our operational systems to accommodate this activity. We may be unable to update and expand our operational systems in a timely fashion or without disruption to our business, and we may encounter performance difficulties when operating with a substantially greater number of customers or a substantially greater number of products and services offered through license-key activation or a combination of the two. These difficulties could harm our ability to deliver our products and services. An inability to add software and hardware or to develop and upgrade existing technology or operational systems to handle increased traffic or increased number of products and services offered through license-key activation may cause unanticipated system disruptions, slower response times and poor customer service, including problems filling customer orders.

Undetected product errors or defects could result in loss of revenues, delayed market acceptance and claims against us.

Our products and services may contain undetected errors or defects, especially when first released. Despite extensive testing, some errors are discovered only after a product has been installed and used by customers. Any errors discovered after commercial release could result in loss of revenues or claims against us or our channel customers.

We may be required to defend lawsuits or pay damages in connection with the alleged or actual failure of our products and services.

Because our products and services provide and monitor Internet security and may protect valuable information, we may face claims for product liability, tort or breach of warranty relating to our products and services. Anyone who circumvents our security measures could misappropriate the confidential information or other property of end-users using our products and services or interrupt their operations. If that happens, affected end-users or channel customers may sue us. In addition, we may face liability for breaches caused by faulty installation and implementation of our products by end-users or channel customers. Although we attempt to reduce the risk of losses from claims through contractual warranty disclaimers and liability limitations, these provisions may be unenforceable. Some courts, for example, have found contractual limitations of liability in standard software licenses to be unenforceable because the licensee does not sign the license. Defending a suit, regardless of its merit, could be costly and could divert management attention. Although we currently maintain business liability insurance, this coverage may be inadequate or may be unavailable in the future on acceptable terms, if at all.

A breach of security could harm public perception of our products and services.

We will not succeed unless the marketplace is confident that we provide effective Internet security protection. Even networks protected by our software products may be vulnerable to electronic break-ins and computer viruses. If an actual or perceived breach of Internet security occurs in an end-user’s systems, regardless of whether the breach is attributable to us, the market perception of the efficacy of our products and services could be harmed. This could cause us or our channel customers to lose current and potential customers or cause us to lose potential channel customers. Because the techniques used by computer hackers to access or sabotage networks change frequently and generally are not recognized until launched against a target, we may be unable to anticipate these techniques.

If we are unable to prevent attacks on our internal network system by computer hackers, public perception of our products and services will be harmed.

Because we provide Internet security, we are a significant target of computer hackers. We have experienced attacks by computer hackers in the past and expect attacks to continue. If attacks on our internal network system are successful, public perception of our products and services will be harmed.

We may be unable to adequately protect our operational systems from damage, failure or interruption, which could harm our reputation and our ability to attract and retain customers.

Our operations, customer service, reputation and ability to attract and retain customers depend on the uninterrupted operation of our operational systems. Although we utilize limited off-site backup facilities and take other precautions to prevent damage, failure or interruption of our systems, our precautions may be inadequate. Any damage, failure or interruption of our computer or communications systems could lead to service interruptions, delays, loss of data and inability to accept and fill customer orders and provide customers with our LiveSecurity Service and other optional services.

Governmental controls over the export or import of encryption technology could cause us to lose sales.

Any additional governmental regulation of imports or exports or failure to obtain required export approval of our encryption technologies in a timely fashion, if at all, could adversely affect our international and domestic sales and operating results. The United States and various other countries have imposed controls, export license requirements and restrictions on the import or export of some technologies, especially encryption technology. In addition, from time to time governmental agencies have proposed additional regulation of encryption technology, such as requiring the escrow and governmental recovery of private encryption keys. Additional regulation of encryption technology could delay or prevent the acceptance and use of encryption products and public networks for secure communications. This, in turn, could result in decreased demand for our products and services. In addition, some foreign competitors are subject to less stringent controls on exporting their encryption technologies. As a result, they may be able to compete more effectively than we can in the U.S. and international Internet security markets.

We may be unable to adequately protect our proprietary rights, which may limit our ability to compete effectively.

Despite our efforts to protect our proprietary rights, unauthorized parties may misappropriate or infringe on our patents, trade secrets, copyrights, trademarks, service marks and similar proprietary rights. For example, our former Vice President of America Sales joined our competitor SonicWALL in 2005 as its Vice President of Channel Sales. We filed a complaint in federal court against this former employee and SonicWALL to prevent the misappropriation of our trade secrets and to enjoin acts of unfair competition by this former employee and SonicWALL. We may, however, be unsuccessful in protecting our trade secrets or, even if successful, any required litigation may be costly and time consuming, which could harm our business. Moreover, we face additional risk when conducting business in countries that have poorly developed or inadequately enforced intellectual property laws. While we are unable to determine the extent to which piracy of our software products exists, we expect piracy to be a continuing concern, particularly in international markets and as a result of the growing use of the Internet.

If we fail to obtain and maintain patent protection for our technology, we may be unable to compete effectively. We have 13 issued patents and 12 patents pending, but our patent applications may not result in issued patents. Even if we secure a patent, the patent may not provide meaningful protection. In addition, we rely on unpatented proprietary technology. Because this proprietary technology does not have patent protection, we may be unable to meaningfully protect this technology from unauthorized use or misappropriation by a third party. In addition, our competitors may independently develop similar or superior technologies or duplicate any unpatented technologies that we have developed, which could significantly reduce the value of our proprietary technology or threaten our market position.

Intellectual property claims and litigation could subject us to significant liability for damages and invalidation of our proprietary rights.

In the future, we may have to resort to litigation to protect our intellectual property rights, to protect our trade secrets or to determine the validity and scope of the proprietary rights of others. Any litigation, regardless of its success, would probably be costly and require significant time and attention of our key management and technical personnel. Litigation could also force us to:

•

stop or delay selling, incorporating or using products that incorporate the challenged intellectual property;

•

pay damages;

•

enter into licensing or royalty agreements, which may be unavailable on acceptable terms; or

•

redesign products or services that incorporate infringing technology, which may not be technologically or economically feasible.

Although we have not been sued for intellectual property infringement, we may face infringement claims from third parties in the future. The software industry has seen frequent litigation over intellectual property rights, and we expect that participants in the Internet security industry will be increasingly subject to infringement claims as the number of products, services and competitors grows and functionality of products and services overlaps.

If we do not expand our international operations and successfully overcome the risks inherent in international business activities, the growth of our business will be limited.

Our ability to grow will depend in part on the expansion of our international sales and operations, which are expected to continue to account for a significant portion of our revenues. Sales to customers outside of the United States accounted for approximately 56% of our revenues in 2004 and 61% of our revenues in 2005. The failure of our channel customers to sell our products internationally would limit our ability to increase our revenues. In addition, our international sales are subject to the risks inherent in international business activities, including:

•

cost of customizing products for foreign countries;

•

export and import restrictions, such as those affecting encryption commodities and software, those requiring local content or those regulating the materials or chemicals used in manufacturing our products as well as their disposal, such as the European Union Waste Electrical and Electronic Equipment, or WEEE, and Restriction of Use of Certain Hazardous Substances, or RoHS, directives;

•

difficulties in acquiring and authenticating customer information;

•

reduced protection of intellectual property rights and increased liability exposure; and

•

regional economic and political conditions.

Our international sales currently are U.S. dollar-denominated. As a result, any increase in the value of the U.S. dollar relative to foreign currencies makes our products less competitive in international markets. Because of this, we may be required to denominate our sales in foreign currencies at some point in the future to remain competitive.

In attempting to integrate the business and technology of any future acquisition, we could incur significant costs that may not be outweighed by any benefits of the acquisition.

As part of our business strategy, we may acquire other companies, products or technologies, and these acquisitions may result in substantial costs. The costs of any future acquisitions may include costs for:

•

integration of operations, including combining teams and processes in various functional areas;

•

reorganization or closure of operations and facilities;

•

integration of new technology into our products;

•

fees and expenses of professionals involved in completing the integration process; and

•

potential existing liabilities of any future acquisition target.

Successful integration of the operations, technology, products, customers, suppliers and personnel of any future acquisition could place a significant burden on our management and internal resources. The diversion of the attention of our management and any difficulties encountered in the transition and integration process could disrupt our business and have an adverse effect on our business and operating results.

We may need additional capital and our ability to secure additional funding is uncertain.

We believe that our existing available cash, cash equivalents and investments will be sufficient to meet our operating expenses, working capital needs and capital expenditure requirements for at least the next 12 months. Our capital requirements will depend on several factors, however, including:

•

the rate of market acceptance of our products and services;

•

our ability to expand our customer base;

•

the growth of our sales and marketing capabilities; and

•

the cost of any acquisitions we may complete.

Our existing capital and future revenues may therefore be insufficient to support the expenses of our operations and the expansion of our business. We may therefore need additional equity or debt capital. We may seek additional funding through:

•

public or private equity financings, which could result in significant dilution to stockholders;

•

public or private debt financings; and

•

capital lease transactions.

Financing, however, may be unavailable to us when needed or on acceptable terms.

Our stock price is volatile.

The trading price of our common stock could be subject to fluctuations for a number of reasons, including:

•

actual or anticipated variations in quarterly or annual operating results;

•

changes in analysts’ earnings projections or recommendations;

•

failure to meet analysts’ revenue or earnings projections;

•

inability to successfully implement our business strategy;

•

changes in business conditions affecting our customers, our competitors and us; and

•

changes in accounting standards that adversely affect our revenues and results of operations.

In recent years, moreover, the stock market in general and the market for Internet-related technology companies in particular have experienced extreme price and volume fluctuations, often unrelated to the operating performance of the affected companies. Our common stock has experienced, and is likely to continue to experience, these fluctuations in price, regardless of our performance.

We are the subject of litigation, which may be expensive and may be time consuming for our management team.

On April 8, 2005, a holder of our common stock, on behalf of himself and purportedly on behalf of a class of our stockholders, filed an action in the United States District Court for the Western District of Washington, or the Court, against us and some of our current and former officers, alleging violations of the federal securities laws arising out of, among other things, our announcement on March 15, 2005 that we were restating some of our financial results for interim periods of 2004. Subsequently, a number of other related purported class action suits also alleging violations of the federal securities laws were filed by holders of our common stock. The various actions have been consolidated by the Court, and are referred to herein as the Action. On October 3, 2005, a consolidated amended complaint was filed in the Action. We filed a motion to dismiss the amended complaint. The motion is currently pending before the Washington Court. In addition, two related stockholder derivative suits were subsequently filed against some of our current and former directors and officers have subsequently been filed in the Superior Court of the State of Washington, King County and in the United States District Court for the Western District of Washington, respectively, which are referred to as the Derivative Actions. Plaintiffs in the Action and the Derivative Actions seek unspecified compensatory damages. We have filed a motion to dismiss the Derivative Action in the Superior Court and obtained a stay of both of the Derivative Actions until after the resolution of our motion to dismiss the Action. We are obligated to indemnify our officers and directors to the extent permitted by applicable law in connection with the Action, and have insurance for such individuals, to the extent of the limits of the applicable insurance policies and subject to potential reservations of rights. We intend to vigorously defend against the Action and Derivative Actions. We are unable, however, to predict the ultimate outcome of the Action and Derivative Actions. We cannot assure you that we will be successful in defending against the Action and Derivative Actions and, if we are unsuccessful, we may be subject to significant damages that could have a material adverse effect on our business, financial condition and operating results. Even if we are successful, defending against the Action and Derivative Actions is likely to be expensive, time consuming and may divert management’s attention from other business concerns and harm our business.

In September, 2005, Michael N. Valentine, one of the defendants in a legal action we had commenced to prevent the misappropriation of our trade secrets and to enjoin the acts of unfair competition by this former employee and his new employer, SonicWALL Inc., a direct competitor, moved the Court for leave to amend his answer to our complaint to add counterclaims for libel, slander and defamation per se against us (the Counterclaims). In November 2005, over our objection, the United States District Court for the Northern District of Texas granted Valentine’s motion and Valentine amended his answer to formally include the Counterclaims. We believe the Counterclaims are baseless and intend to vigorously defend against the Counterclaims. We are unable, however, to predict the ultimate outcome of the Counterclaims. At this time, we have not recorded any liability associated with the Counterclaims as the associated cost and outcome are currently not determinable. We cannot assure you that we will be successful in defending against the Counterclaims and, if we are unsuccessful, we may be subject to significant damages, which could have a material adverse effect on our business, financial condition and operating results. Even if we are successful, defending against the Counterclaims may be expensive, time consuming and may divert management’s attention from other business concerns and harm our business, which could have a material adverse effect on our business, financial condition and operating results.

ITEM 2.

PROPERTIES

Our principal administrative, marketing, sales, development and operations facility is located in Seattle, Washington. We lease approximately 100,000 square feet in this facility (including space that is subleased) under a lease that expires in September 2010. We have the option to extend the lease for an additional five-year term. We also maintain a product fulfillment and distribution warehouse in Seattle under a lease that expires in July 2006, a satellite office in San Jose, California under a lease that expires in February 2011 and an office for development personnel in Tustin, California under a lease that expires in October 2006. In addition, we lease a facility in Waltham, Massachusetts under an operating lease that expires in 2007 and we lease offices for sales activities in various regions throughout the world. Our excess facilities at our corporate headquarters in Seattle, and in Waltham, are partially subleased to tenants, with sublease terms that expire between 2007 and 2010.

ITEM 3.

LEGAL PROCEEDINGS

On March 23, 2005, we filed a complaint in United States District Court for the Northern District of Texas, or the Texas Court, against a terminated former employee, Michael N. Valentine, and his new employer, SonicWALL, Inc., a direct competitor of ours. The complaint was filed to prevent the misappropriation of WatchGuard’s trade secrets and to enjoin the acts of unfair competition by Valentine and SonicWALL. Valentine currently works for SonicWALL as its Vice President of Channel Sales. Valentine previously worked for WatchGuard in a similar position, as WatchGuard’s Vice President of America Sales. We have asserted causes of action against both Valentine and SonicWALL for misappropriation of trade secrets and unfair competition. Additionally, we have brought causes of action for breach of contract and breach of fiduciary duty against Valentine and a cause of action for tortious interference with existing contracts against SonicWALL. In this complaint, we seek injunctive relief, compensatory and punitive damages, and costs of suit. In September 2005, Valentine moved the Texas Court for leave to amend his answer to our complaint to add counterclaims against us for libel, slander and defamation per se. In November 2005, over our objection, the Texas Court granted Valentine’s motion and Valentine amended his answer to formally include the counterclaims against us.

ITEM 4.

SUBMISSION OF MATTERS TO A VOTE OF SECURITY HOLDERS

No matters were submitted to a vote of our security holders during the fourth quarter of 2005.

PART II

ITEM 5.

MARKET FOR REGISTRANT’S COMMON EQUITY AND RELATED STOCKHOLDER MATTERS

Market Information

Our common stock began trading on the Nasdaq National Market on July 30, 1999 under the symbol WGRD. The following table lists, for the periods indicated, the high and low sales prices per share of our common stock as reported on the Nasdaq National Market.


	Price Range of Common Stock
	High		Low
Year Ended December 31, 2004
First quarter	$	8.58	$	5.70
Second quarter		8.80		5.78
Third quarter		7.48		4.15
Fourth quarter		5.19		3.59

Year Ended December 31, 2005
First quarter		4.55		2.93
Second quarter		4.07		3.01
Third quarter		4.73		3.91
Fourth quarter		4.33		2.94

The last reported sale price of our common stock on the Nasdaq National Market on February 28, 2006 was $4.06 per share.

Holders

As of February 28, 2006, there were approximately 132 holders of record of our common stock. This does not include the number of persons whose stock is held in nominee or “street name” through brokers or other fiduciaries.

Dividends

We have never paid cash dividends on our common stock. We currently intend to retain any future earnings to fund the development and growth of our business and therefore do not anticipate paying any cash dividends in the foreseeable future.

Recent Sales of Unregistered Securities

None.

ITEM 6.

SELECTED FINANCIAL DATA

When you read this selected financial data, it is important that you also read the historical consolidated financial statements and related notes included in this annual report, as well as the section entitled “Management’s Discussion and Analysis of Financial Condition and Results of Operations.” The historical results are not necessarily indicative of future results.


	Year Ended December 31,
	2001			2002			2003			2004			2005
	(In thousands, except per share data)
Consolidated Statement of Operations Data:
Revenues:
Product	$	46,748		$	52,912		$	52,470		$	54,398		$	45,237
Service		17,390			22,300			27,095			28,369			29,954

Total revenues		64,138			75,212			79,565			82,767			75,191
Cost of revenues:
Product		20,658			19,888			23,580			24,889			18,556
Service		5,824			5,969			6,082			5,554			5,677

Total cost of revenues		26,482			25,857			29,662			30,443			24,233

Gross margin		37,656			49,355			49,903			52,324			50,958
Operating expenses:
Sales and marketing (1)		29,937			33,755			31,689			32,905			27,978
Research and development (1)		28,032			22,146			20,960			18,154			18,704
General and administrative (1)		7,761			7,904			8,098			8,833			13,410
Amortization of goodwill		7,347			—			—			—			—
Amortization of other intangible assets		3,595			4,378			1,963			974			974
Impairment of other intangible assets		—			6,677			3,530			—			—
Acquired in-process technology		—			1,179			—			—			—
Restructuring charges		3,720			8,091			1,000			400			165

Total operating expenses		80,392			84,130			67,240			61,266			61,231

Operating loss		(42,736	)		(34,775	)		(17,337	)		(8,942	)		(10,273	)
Interest and other income, net		5,916			3,208			1,269			1,216			2,191

Loss before income taxes		(36,820	)		(31,567	)		(16,068	)		(7,726	)		(8,082	)
Income tax provision (benefit)		157			29			34			(45	)		115

Net loss	$	(36,977	)	$	(31,596	)	$	(16,102	)	$	(7,681	)	$	(8,197	)

Basic and diluted net loss per share	$	(1.38	)	$	(1.02	)	$	(0.49	)	$	(0.23	)	$	(0.24	)

Shares used in calculation of basic and diluted net loss per share		26,723			31,029			32,889			33,489			33,922

(1)	Operating results for the years ended December 31, 2001, 2002, 2003 and 2004 reflect the reclassification of stock-based compensation to conform to the current year presentation of stock-based compensation within the same operating expense line items as cash compensation.


	December 31,
	2001		2002		2003		2004		2005
	(In thousands)
Consolidated Balance Sheet Data:
Cash, cash equivalents and short-term available-for-sale investments	$	110,743	$	86,302	$	78,789	$	76,849	$	74,769
Short-term deferred revenues		14,174		17,019		15,675		17,402		18,278
Working capital		103,249		73,786		64,524		60,593		56,351
Long-term deferred revenues		1,535		1,432		1,072		1,818		2,163
Long-term accrued restructuring and acquisition costs		652		5,539		4,268		3,599		2,756
Long-term deferred rent		2,360		1,553		1,525		1,447		1,302
Long-term debt		—		—		—		—		—
Total assets		175,121		190,494		172,160		168,481		163,724
Total stockholders’ equity		148,304		151,764		137,338		132,131		126,467
Dividends payable		—		—		—		—		—

ITEM 7.

MANAGEMENT’S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS

The following discussion and analysis provides information that we believe is relevant to an assessment and understanding of our financial condition and operating results. The discussion should be read in conjunction with the consolidated financial statements and the notes thereto. References to “we,” “our” and “us” in this annual report refer to WatchGuard Technologies, Inc. and our wholly owned subsidiaries.

Overview

We are a leading provider of network security solutions designed to protect small- to medium-sized enterprises, or SMEs, that use the Internet for e-commerce and secure communications. We provide SMEs worldwide with integrated and expandable unified threat management security solutions employing multi-layered defenses that are designed to protect not only against existing threats, but also against future threats, in an intelligent way. Our security solutions are backed by an intuitive user interface and the expert guidance and support of our LiveSecurity Service. With the risk that threats and attacks will compromise multiple access points in a corporate network, an effective security solution requires more layers of defense than just firewalls for access control and VPNs for secure communications. A security solution that integrates multiple layers of defense, however, must do so efficiently to preserve performance and remain flexible enough to adapt to future threats and attacks in the evolving security landscape.

Thousands of enterprises worldwide use our award-winning products and services to meet these requirements. The core of our products and services is our family of integrated, expandable Firebox X security solutions. We offer firewall protection and intrusion prevention technology for access control, virtual private networking for secure communications, content and spam filtering, gateway and desktop anti-virus protection and vulnerability assessment services. Our current Firebox X security solutions allow users to upgrade to any higher model in the particular line simply by applying a software license key. We also offer our customers a unified management interface designed to allow even the non-security professional to effectively install, configure and monitor our security products as well as manage multiple security products from a central console as well as the networking features required for more complex network installations. We also offer our customers an SSL VPN gateway appliance for secure, always-on connectivity to applications and corporate resources. In addition, our innovative subscription-based LiveSecurity Service provides our customers with access to expert guidance and support so they can protect their data and communications in a continuously changing environment.

Our market spans the SME market, from smaller-sized companies, for which ease-of-use is a primary requirement, to medium-sized companies, including those with high-speed connections supporting VPNs between the corporate headquarters and geographically dispersed branch offices, for which performance, scalability and networking features are key requirements. Our security solutions also give enterprises a security management choice. An enterprise can manage its own Internet security with our product offerings or outsource its security management to an ISP or other managed service provider implementing our managed security solutions. For the service provider, our technology improves the economics of managed security services through a scalable delivery platform that enables the service provider to remotely configure and manage thousands of customer sites quickly and easily.

Since January 2004, we have continued to substantially invest in the development of our products as follows:

•

In February 2004, we introduced our Firebox X line of integrated, expandable security appliances for SMEs, combining firewall, VPN, application layer security, intrusion prevention functionality, spam blocking, Web filtering and authentication in a single appliance designed to enable customers to upgrade the appliance to any higher model in the same line or to add ports just by applying a software license key.

•

In August 2004, we extended the Firebox X family of integrated, upgradeable security appliances to address the needs of remote offices, telecommuters and small businesses with the launch of the Firebox X Edge line, designed to provide commercial-class security at the furthest points of the network at an affordable price point.

•

In December 2004, we made available the WatchGuard Gateway AntiVirus for email for our Firebox X line of integrated, upgradeable security appliances. This robust signature-based solution, combined with our existing deep application inspection capability, is designed to provide comprehensive security against email-borne threats at an affordable cost.

•

In December 2004, we extended the Firebox X Edge line with a wireless version offering secure 802.11g wireless connection, and enhanced the Edge software for wired and wireless to include WAN / WAN failover and WAN / Modem failover for greater reliability.

•

In April 2005, we introduced the Firebox X Peak line, our highest-performance line of integrated security appliances, with up to 1 gigabyte per second firewall throughput, high port density and advanced networking features. In connection with this product introduction, we also launched Fireware Pro, our advanced security and network operating system designed for more complex network environments. Fireware Pro comes bundled with all Firebox X Peak appliances and is available as an upgrade to Firebox X Core appliances (formerly referred to as the Firebox X line).

•

In August 2005, we introduced the Firebox SSL Core VPN Gateway with Citrix Secure Access. The Firebox SSL Core VPN Gateway combines Citrix SSL VPN secure access technology, the Citrix Access Gateway, with WatchGuard’s Firebox hardware platform to provide a professional-grade access solution for increasingly mobile SME workforces.

Critical Accounting Policies and Estimates

Our discussion and analysis of financial condition and results of operations is based on our consolidated financial statements, which have been prepared in accordance with accounting principles generally accepted in the United States. The preparation of financial statements in conformity with generally accepted accounting principles requires management to make estimates and assumptions that affect the amounts reported in the consolidated financial statements and accompanying notes. On an ongoing basis, we evaluate significant estimates used in preparing our financial statements, including those related to:

•

revenue recognition, including sales returns and allowances and promotional rebates;

•

provision for doubtful accounts;

•

inventory reserves;

•

restructuring reserves; and

•

analysis for impairment of goodwill and other long-lived intangible assets.

We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, the results of which form the basis for making judgments about the carrying values of assets and liabilities that are not readily apparent from other sources. Actual results may differ from these estimates if our assumptions change or if actual circumstances differ from those in our assumptions.

We believe the following critical accounting policies affect the more significant judgments and estimates used in preparing our consolidated financial statements.

Revenue Recognition

Revenue recognition rules for software companies are complex. Although we follow specific and detailed guidelines in measuring revenue, certain judgments affect the application of our revenue policy. The complexity of the revenue recognition rules and estimates inherent in the revenue recognition process makes revenue results difficult to predict, and any shortfall in revenues or delay in recognizing revenues could cause our operating results to vary significantly from quarter to quarter and could result in future operating losses.

We generate revenues through:

•

sales of products and service subscriptions indirectly through our distribution network at a discount from list price;

•

sales of products and service subscriptions to our service provider customers at volume pricing rates; and

•

sales of service subscription renewals directly to end-users, generally at the manufacturer’s suggested retail price.

Product revenues, net of sales returns, allowances and promotions, include:

•

sales of our Firebox products, bundling our security appliances and perpetual software licenses as part of our security solution;

•

revenues from license sales of software options, such as user expansion, software management modules and the license portion of subscriptions; and

•

revenues from sales of our network operations center security suite software license as part of our managed security solution.

Most of our Firebox products and certain software products include an initial period of service subscription bundled in the product price. Because the timing of revenue recognition differs between the product and the service subscription, the related revenues must be allocated to the product and the subscription service. The allocation of revenues is determined by using the residual method, as defined in Statement of Position, or SOP 98-9, an amendment to SOP 97-2, “Software Revenue Recognition,” if vendor-specific objective evidence of fair value for undelivered elements of the arrangement (typically services) has been established. Under the residual method, the amounts allocated to the undelivered elements (typically services) are equal to their fair value as established by vendor-specific objective evidence. The residual revenues in the arrangement are then allocated to the delivered elements (typically products). Vendor-specific objective evidence of fair value is based on the price charged when an element is sold separately or, if an element is not yet sold separately, on the price established by authorized management if it is probable that the price, once established, will not change before the element is separately introduced into the marketplace. Prior to recognizing any revenues, we ensure that there is persuasive evidence of the arrangement, delivery has occurred, collection is probable, and the fee is fixed or determinable. We are required to exercise judgment in deciding how to interpret the evidence of vendor-specific objective evidence of fair value to determine the allocation of arrangement consideration with respect to a given element, and in determining whether an established price is likely to change prior to separate market introduction. These judgments may materially affect the timing of our revenue recognition and operating results.

We recognize revenues allocated to products, including software license fees, using either the sell through or sell in method of revenue recognition as determined by the contractual arrangement with each channel customer. When the channel customer is a distributor with unlimited stock returns and rotation rights, product revenues are not recognized until the distributors sell the products to their channel customers (the “sell through”

method). Otherwise, revenue is recognized upon delivery of the products to the channel customer (the “sell in” method). Revenues from LiveSecurity Service subscriptions and other services are recognized ratably over the term of the subscription, ranging from 3 to 30 months. Our standard payment terms range from 30 to 60 days. We offer term discounts to certain of our larger customers.

Service revenues primarily include the allocated fees for the initial LiveSecurity Service and other services subscriptions and for LiveSecurity Service and other services subscription renewals. These service fees provide our customers access to our LiveSecurity Service and other services for product updates, security threat responses, general security information and technical support. These service fees also give our service provider customers access to the LiveSecurity Service along with the ability to manage and update a specific number of their customers’ security appliances. Service subscription revenues are recognized ratably on a monthly basis over the subscription period.

We have established allowances for estimated returns and pricing protection rights. We have also established an allowance for promotional rebates that may be earned by our customers. We estimate these allowances and adjust them periodically based on historical rates of returns and allowances, as well as the expected effect of current promotional programs and new product introductions. We estimate the allowance for promotional rebates based on the maximum amounts potentially available to the customers, unless we have accumulated sufficient historic evidence for individual customers with respect to their realization of rebates. If new or expanded promotional programs are introduced, or new products are announced, additional allowances will be required. Alternatively, if actual promotional rebates fall below maximum exposure levels, we will reduce the allowances and recognize additional revenue.

Provision for Doubtful Accounts

We maintain allowances for doubtful accounts for estimated losses resulting from the inability of our customers to make required payments. Judgment is required when we assess the ultimate realization of receivables, including the probability of collection and the creditworthiness of each customer. If the financial condition of our customers were to deteriorate, resulting in an impairment of their ability to make payments, additional allowances might be required, which could have an adverse effect on our financial condition and operating results.

Inventory Valuation

Our inventories are stated at the lower of cost or market, with cost being determined on a first-in, first-out basis. When the inventories cost is in excess of its market value, we write our inventories down to estimated market value based on assumptions about future demand and market conditions. The introduction of new products that replace existing products, technological advances, and variation in market trends or customer preferences could, however, significantly affect these estimates and result in additional inventory write-downs, which could have an adverse effect on our financial condition and operating results.

Restructuring

During 2001 and 2002 we implemented two restructuring plans and recorded significant accruals related to those restructuring plans. These accruals included estimates related to the abandonment of excess facilities. We later adjusted, as required, the restructuring accruals due to continued poor real estate market conditions in the areas where these excess facilities are located. The actual costs related to the restructuring may differ from our estimate if it takes us longer than expected to find suitable tenants for excess facilities or if there are further changes in the real estate market in those areas where excess facilities are located. Any additional adjustments resulting from these factors could have a material effect on our financial condition and operating results.

Accounting for Goodwill and Other Long-Lived Intangible Assets

Our business acquisitions have resulted in, and future acquisitions typically will result in, the recording of goodwill, which represents the excess of the purchase price over the fair value of identifiable assets acquired and liabilities assumed, including capitalized technology and other definite-lived intangible assets.

Pursuant to Statement of Financial Accounting Standards, or SFAS 142, “Goodwill and Other Intangible Assets,” we test goodwill for impairment at least annually. We have selected October 1 as the date for our annual impairment test. Application of the goodwill impairment test may require judgments, including those inherent in the determination of fair value of the reporting unit in which the goodwill resides and the resulting determination of the implicit value of the goodwill. Significant judgments required to estimate the fair value include estimating future cash flows, determining appropriate discount rates and other assumptions. Changes in these estimates and assumptions could materially affect the determination of fair value.

Separable intangible assets that do not have indefinite lives are amortized over their useful lives typically ranging between three and five years. In accordance with SFAS 144, “Accounting for the Impairment or Disposal of Long-Lived Assets,” these assets are also periodically reviewed for the existence of facts and circumstances, both internal and external, which may suggest potential impairment. The determination of whether these intangible assets are impaired involves significant judgments based on short- and long-term projections of future performance. Certain of these forecasts reflect assumptions regarding our ability to continue to develop and ultimately to commercialize the products based on these intangible assets, as well as our projections of future cash flows from these products. Changes in strategy and/or market conditions may result in an impairment charge to our operating expenses, which could have an adverse effect on our financial condition and operating results.

Recent Accounting Pronouncements

In December 2004, the Financial Accounting Standards Board issued SFAS 123 revised 2004, or SFAS 123(R), “Share-Based Payment,” which is a revision to SFAS 123, “Accounting for Stock-Based Compensation.” SFAS 123(R) supersedes Accounting Principles Board, or APB, Opinion No. 25, “Accounting for Stock Issued to Employees.” Generally, the approach described in SFAS 123(R) is similar to the approach described in SFAS 123. However, SFAS 123(R) requires all share-based payments to employees, including grants of employee stock options and shares issued under an employee stock purchase plan, to be recognized in the income statement based on their fair values. Pro forma disclosure will no longer be an alternative. SFAS 123(R) allows public companies to transition using either of the two methods described below. Under the modified prospective method, stock compensation expense is recognized starting from the date of the adoption for all outstanding unvested stock awards, as well as for all awards granted, modified or settled after the date of the adoption. Under the modified retrospective method, entities would restate prior period financial statements using the amounts previously reflected in pro forma disclosures under SFAS 123 either for all prior periods presented or for prior interim periods of the year of adoption.

In April 2005, the SEC delayed the effective date of SFAS 123(R) such that each company that is not a small business issuer will be required to adopt SFAS 123(R) no later than the first interim reporting period of the company’s first fiscal year beginning on or after June 15, 2005 (January 1, 2006 for WatchGuard). Upon adoption of SFAS 123(R), in accordance with its rules, our stock options will no longer be subject to variable accounting treatment. Rather, the amount of stock compensation expense will be fixed based on initial estimated fair values of the replacement stock options and amortized over the remaining vesting periods of these options. Stock compensation expense recognized until adoption of SFAS 123(R) using variable accounting will not be reversed upon adoption. We will adopt the provisions of SFAS 123(R) as of January 1, 2006, using the modified prospective method.

As permitted by SFAS 123, we currently account for share-based payments to employees using the intrinsic value method under APB Opinion No. 25 and do not recognize compensation expense for options granted to employees with an exercise price equal to or in excess of the fair value of the underlying common shares at the

date of grant unless the options are subject to variable accounting. Accordingly, the adoption of SFAS 123(R)’s fair value method may have a significant effect on our operating results. The effect of adoption of SFAS 123(R) cannot be predicted at this time because it will depend on levels of share-based payments granted in the future.

In June 2005 the FASB issued SFAS 154, “Accounting Changes and Error Corrections,” which replaces APB Opinion No. 20, “Accounting Changes,” and SFAS 3, “Reporting Accounting Changes in Interim Financial Statements.” SFAS 154 applies to all voluntary changes in accounting principle, and changes the requirements for accounting for and reporting of a change in accounting principle. SFAS 154 requires retrospective application to prior periods’ financial statements of a voluntary change in accounting principle unless it is impracticable to do so. APB Opinion No. 20 previously required that most voluntary changes in accounting principle be recognized by including in net income of the period of the change the cumulative effect of changing to the new accounting principle. SFAS 154 is effective for accounting changes made in fiscal years beginning after December 15, 2005. We do not expect our adoption of this new standard to have a material impact on our financial position, results of operations or cash flows.

In November 2005, the FASB issued Staff Position, or FSP, FAS 115-1 and FAS 124-1, “The Meaning of Other-Than-Temporary Impairment and its Application to Certain Investments.” FSP FAS 115-1 and FAS 124-1 provides accounting guidance for determining and measuring other-than-temporary impairments of debt and equity securities, and confirms the disclosure requirements for investments in unrealized loss positions as outlined in Emerging Issues Task Force Issue No. 03-01, “The Meaning of Other-Than-Temporary Impairments and its Application to Certain Investments.” The accounting requirements of FSP FAS 115-1 and FAS 124-1 are effective for reporting periods beginning after December 15, 2005. We do not expect our adoption of this new FSP to have a material impact on our financial position, results of operations or cash flows.

Results of Operations

The following table provides financial data for the periods indicated as a percentage of total revenues:


	Year Ended December 31,
	2003		2004		2005
Revenues:
Product	65.9	%	65.7	%	60.2	%
Service	34.1		34.3		39.8

Total revenues	100.0		100.0		100.0
Cost of revenues:
Product	29.6		30.1		24.7
Service	7.7		6.7		7.5

Total cost of revenues	37.3		36.8		32.2

Gross margin	62.7		63.2		67.8
Operating expenses:
Sales and marketing	39.8		39.8		37.2
Research and development	26.3		21.9		24.9
General and administrative	10.2		10.7		17.8
Amortization of other intangible assets	2.5		1.2		1.3
Impairment of other intangible assets	4.4		—		—
Restructuring charges	1.3		0.5		0.2

Total operating expenses	84.5		74.1		81.4

Operating loss	(21.8	)	(10.9	)	(13.6	)
Interest and other income, net	1.6		1.5		2.9

Loss before income taxes	(20.2	)	(9.4	)	(10.7	)
Income tax expense (benefit)	—		(0.1	)	0.2

Net loss	(20.2	)%	(9.3	)%	(10.9	)%

Years Ended December 31, 2004 and 2005

Revenues


	Year Ended December 31,						Percent Increase (Decrease)
	2004			2005			Percent Increase (Decrease)
Revenues (in thousands):
Product	$	54,398		$	45,237		(16.8	)%
Service		28,369			29,954		5.6	%

Total	$	82,767		$	75,191		(9.2	)%

Revenues (as % of total revenues):
Product		65.7	%		60.2	%
Service		34.3			39.8

Total		100.0	%		100.0	%

We categorize our revenues into three geographic regions: the Americas, Europe/Middle East/Africa, or EMEA, and Asia Pacific, or APAC. Revenue information by geographic region, in dollars and as a percentage of total revenues, was as follows:


	Year Ended December 31,						Percent Increase (Decrease)
	2004			2005			Percent Increase (Decrease)
Revenues (in thousands):
Americas	$	39,922		$	34,555		(13.4	)%
EMEA		31,671			28,818		(9.0	)%
APAC		11,174			11,818		5.8	%

Total	$	82,767		$	75,191		(9.2	)%

Revenues (as % of total revenues):
Americas		48.2	%		46.0	%
EMEA		38.3			38.3
APAC		13.5			15.7

Total		100.0	%		100.0	%

Revenue information for countries representing more than 10% of total revenues, in dollars and as a percentage of total revenues, was as follows:


	Year Ended December 31,						Percent (Decrease)
	2004			2005			Percent (Decrease)
Revenues (in thousands):*
United States	$	36,224		$	29,122		(19.6	)%
United Kingdom		12,775			12,327		(3.5	)%

Revenues (as % of total revenues):
United States		43.8	%		38.7	%
United Kingdom		15.4	%		16.4	%

*	Country’s information is based on destination of original shipments.

Revenue information for customers representing more than 10% of total revenues, in dollars and as a percentage of total revenues, was as follows:


	Year Ended December 31,						Percent (Decrease)
	2004			2005			Percent (Decrease)
Revenues (in thousands):
Tech Data	$	13,435		$	12,312		(8.4	)%
Ingram Micro		13,779			10,410		(24.5	)%
Wick Hill		7,889			7,538		(4.4	)%

Revenues (as % of total revenues):
Tech Data		16.2	%		16.4	%
Ingram Micro		16.7	%		13.8	%
Wick Hill		*			10.0	%

*	Less than 10%.

The dollar and percentage decrease in product revenues in 2005, as compared to 2004, was primarily due to an overall decrease in product shipments. The decrease in product revenues in 2005 also includes the effects of certain customers that converted from a sell in method to a sell through method of revenue recognition in the first quarter of 2005 as discussed below.

Lower product revenues in 2005, compared to 2004, is primarily due to decreased unit shipments of our Firebox SOHO, Firebox X and Firebox Vclass product lines, partially offset by shipments of our Firebox X Edge, Firebox Peak and Firebox SSL Core VPN Gateway product lines introduced in August 2004, April 2005 and August 2005, respectively. Lower unit shipments of our Firebox SOHO product line is primarily attributable to introduction of the Firebox X Edge product line in August 2004, while reduced unit shipments of our Firebox Vclass product line reflects introduction of the new Firebox X Peak product line in April 2005. Decreased unit shipments of our Firebox SOHO and Firebox X product lines also reflect the impact of converting certain of our customers to the sell through method of revenue recognition in the first quarter of 2005.

The overall decrease in unit shipments was partially offset by reduced discounts on our product offerings in 2005, in comparison to 2004. Lower discounts are primarily attributable to certain customers that converted to the sell through method of revenue recognition in 2005.

We recognize revenue from certain of our channel customers when we sell product to them (the “sell in” method). Where the customer is a distributor with unlimited stock returns and rotation rights, product revenues are not recognized until the distributors sell the products to their customers (the “sell through” method). During the first quarter of 2005, we negotiated changes in contractual obligations with certain channel customers in North America, Australia and New Zealand, which provided such customers with unlimited return rights. The changes were triggered by the need to offer promotional programs to give us the flexibility in the respective markets to be more competitive, responsive and effective. As a result of these contract changes, we converted these customers to a sell through method beginning in the first quarter of 2005. When a channel customer is converted from the sell in method to the sell through method of revenue recognition, revenue can no longer be recognized when product is sold to the channel customer, because revenue from products in that channel customer’s inventory was already recognized in prior periods. Therefore, revenue on individual inventory items sold subsequent to the conversion can only be recognized after the converted channel customer has disposed of its inventory predating the conversion. As of December 31, 2004, the converted customers held inventory for which we had already recognized revenues in the amount of $2.3 million. Substantially all of these inventories were sold through by the converted customers during the first quarter of 2005. While the contractual changes and the resulting conversion of these customers from a sell in method to a sell through method of revenue recognition resulted in a reduction of revenues during the first quarter of 2005, the total effect of this reduction cannot be measured reliably due to a change in customer buying patterns upon conversion to the sell through method.

We plan on taking similar measures with customers in EMEA in the second and third quarters of 2006, with the majority of the EMEA conversions planned for the second quarter of 2006, and are evaluating taking similar measures with our customers in our remaining geographic locations. To the extent that contract changes with additional channel customers require conversion to a sell through method, there will be a material adverse effect on revenues and results of operations for the quarter in which those conversions take place, with the magnitude depending on the inventory levels with those channel customers at the time of conversion. To recognize revenue on a sell through method from a channel customer, we will need to continue to obtain adequate reporting on inventory levels from that channel customer to determine how much of our product has been sold to the end customers. If we are unable to obtain such reporting, our ability to recognize revenue from such channel customers could be materially adversely affected and our financial results would be harmed.

From a regional standpoint, revenues decreased in both the Americas market and the international markets in 2005, as compared to 2004. Revenues from the Americas market decreased at a significantly higher rate than revenues from the international markets in the current year, primarily due to the effects of converting the remaining channel customers in North America to a sell through method from a sell in method of revenue recognition during the first quarter of 2005.

Given the continuing economic and geopolitical uncertainty and constrained corporate information-technology spending, it is difficult to predict product revenue levels in future quarters, which may decline or fluctuate more than they have historically.

Service revenues consist of revenues recognized from initial fees for our LiveSecurity Service and other service subscriptions bundled with a hardware or software product sale, and revenues recognized for subscription renewals sold to our existing customer base. The dollar and percentage increase in service revenues in 2005, as compared to 2004, is primarily due to growth of our installed customer base, resulting in a greater number of LiveSecurity Service renewals, as well as initial purchases of existing and new subscription-based services.

Service revenues recognized from initial LiveSecurity Service and other service subscription fees are generally related to product and software shipments in preceding quarters, while revenues recognized from service renewals depend on the existing customer base and the percentage of those customers eligible for renewal that elect to renew their subscriptions. A decline in product shipments will result in lower initial LiveSecurity Service subscriptions bundled with the products, while an increase in our installed customer base, even from declining product shipments, will increase the number of customers with the opportunity to renew their LiveSecurity Service subscriptions. Due to these factors, it is difficult to predict future service revenue levels.

Cost of Revenues and Gross Margin


	Year Ended December 31,						Percent Increase (Decrease)
	2004			2005			Percent Increase (Decrease)
Cost of revenues (in thousands):
Product	$	24,889		$	18,556		(25.4	)%
Service		5,554			5,677		2.2	%

Total	$	30,443		$	24,233		(20.4	)%

Cost of revenues (as % of total revenues):
Product		30.1	%		24.7	%
Service		6.7			7.5

Total		36.8	%		32.2	%

Cost of revenues (as % of related revenue component):
Product		45.8	%		41.0	%
Service		19.6	%		19.0	%

Gross margin (in thousands):
Product	$	29,509		$	26,681		(9.6	)%
Service		22,815			24,277		6.4	%

Total	$	52,324		$	50,958		(2.6	)%

Gross margin (as % of related revenue component):
Product		54.2	%		59.0	%
Service		80.4	%		81.0	%
Total		63.2	%		67.8	%

Gross margins are affected by various factors, including the mix of product and service sales (which include hardware and software products and LiveSecurity Service and other service subscriptions), discount levels offered to our customers, the cost of our hardware appliances (including components and labor), costs of excess and obsolete inventory, lower of cost or market assessment of inventory carrying value, fixed manufacturing overhead, the cost of royalties associated with our products, promotional programs, and the cost of our technical support organization and LiveSecurity Service.

Cost of product revenues includes the cost of manufacturing our security appliances, distribution operations, product packaging, third-party product licensing fees and provisions for inventory reserves and product warranty costs.

Cost of product revenues decreased in terms of absolute dollars and as a percentage of product revenues in 2005, as compared to 2004. The decrease was primarily due to lower product volumes, or unit shipments, in the current year. The decrease also reflects a reduction in the costs of excess and obsolete inventory, caused by product life cycle considerations and new product introductions, and lower product warranty reserves in 2005. The decrease in cost of product revenues also reflects conversion of certain channel customers from the sell in method to the sell through method of revenue recognition in the first quarter of 2005, as discussed above.

Product gross margins decreased in absolute dollars in 2005, as compared to 2004, primarily due to an overall decrease in product volumes as discussed above. Product gross margins increased as a percentage of product revenues in 2005, as compared to 2004, primarily due to reduced discounts on our product offerings and a reduction in our provision for inventory reserves and warranty reserves in 2005.

Cost of service revenues includes the costs of our technical support organization and direct costs associated with our LiveSecurity Service.

Cost of service revenues was comparable in terms of absolute dollars and as a percentage of related revenues in 2005, as compared to 2004.

Service gross margins increased in absolute dollars in 2005, as compared to 2004, primarily due to increased service revenues in 2005 as a result of growth of our installed customer base and, to a lesser extent, initial purchases of new subscription-based services. As a percentage of related revenues, service gross margins were comparable in 2005 compared to 2004.

Forecasting future gross margins is difficult, as our gross margins could be adversely affected in the future by heightened sales price competition, increased material costs, key component shortages and excess and obsolete inventory charges. Our margins could also be negatively affected by continued economic uncertainty, which could result in downward pressure on the prices of technology-based products.

Operating Expenses

Sales and Marketing


	Year Ended December 31,						Percent (Decrease)
	2004			2005			Percent (Decrease)
Sales and marketing expenses (in thousands)	$	32,905		$	27,978		(15.0	)%
Sales and marketing expenses (as % of total revenues)		39.8	%		37.2	%

Sales and marketing expenses include salaries, commissions and employee-related expenses, stock-based compensation and certain discretionary marketing expenses, including distributor promotional costs, public relations costs, marketing collateral, trade shows, advertising expenses, direct marketing and costs of demonstration units.

Sales and marketing expenses decreased in terms of absolute dollars in 2005, as compared to 2004, primarily due to the following:

•

Lower discretionary spending on marketing-related activities, primarily due to a planned reduction in advertising and marketing development fund expenditures in 2005. In addition, sales and marketing expenses in 2004 include significant costs incurred in support of the Firebox X product launch.

•

A decrease in compensation-related expenses, primarily due to a reduction in sales commissions and incentive compensation directly related to the achievement of corporate objectives, partially offset by stock-based compensation expenses resulting from the variable accounting treatment of certain stock options issued to employees under the stock option exchange program in May 2005. See “Supplemental Information About Stock-Based Compensation” below.

Sales and marketing expenses decreased as a percentage of revenues in 2005, as compared to 2004, primarily due to reduced spending on marketing-related activities and employee compensation in the current year, partially offset a reduction in product revenue in 2005, as noted above.

Excluding the effect of stock-based compensation expenses resulting from stock option and restricted stock awards, we expect our sales and marketing expenses for 2006 will remain comparable to levels incurred in 2005. Should our revenues improve, we expect sales and marketing expenses to decrease as a percentage of revenues.

Research and Development


	Year Ended December 31,						Percent Increase
	2004			2005			Percent Increase
Research and development expenses (in thousands)	$	18,154		$	18,704		3.0	%
Research and development expenses (as % of total revenues)		21.9	%		24.9	%

Research and development expenses include costs associated with the development of new products, enhancements of existing products, product integration efforts, product certifications and quality assurance activities. These costs consist primarily of employee salaries and benefits, including stock-based compensation, costs of noncapitalized equipment, software tools, our security appliance prototypes and certification procedures, payments to designers and contractors and depreciation of capital equipment and software.

Research and development expenses increased in terms of absolute dollars and as a percentage of revenues in 2005, as compared to 2004, primarily due to stock-based compensation expenses resulting from the variable accounting treatment of certain stock options issued to employees under the stock option exchange program in May 2005. See “Supplemental Information About Stock-Based Compensation” below. The increase in research and development expenses in 2005 was partially offset by lower depreciation expense in the current year, primarily due to cost containment for research and development capital expenditures and the expiration of depreciation on earlier purchases.

The increase in research and development expenses as a percentage of revenues in 2005, as compared to 2004, also reflects a reduction in product revenue during 2005 for the reasons noted above.

Excluding the effect of stock-based compensation expenses resulting from stock option and restricted stock awards, we anticipate an increase in our research and development expenses in 2006 compared to levels incurred in 2005. We intend to continue to fund our research and development efforts and hire the necessary personnel in order to attempt to meet the changing requirements of our customers, to provide for continued introduction of new products as technology advances and to enhance and expand our current product offerings. Research and development expenses may vary significantly from quarter to quarter due to inherent uncertainties in the timing of certain development costs. We expect to continue to invest in key areas aimed at the development of new generations of our products, the further extension of our existing product lines and the development of future technologies. Our actual research and development expenses could differ materially from those anticipated, which could have an adverse effect on our operating results.

General and Administrative


	Year Ended December 31,						Percent Increase
	2004			2005			Percent Increase
General and administrative expenses (in thousands)	$	8,833		$	13,410		51.8	%
General and administrative expenses (as % of total revenues)		10.7	%		17.8	%

General and administrative expenses include costs of executive, human resource, finance and administrative support functions, related stock-based compensation, provisions for doubtful accounts, costs of legal and accounting professional services, and director and officer insurance.

General and administrative expenses increased in terms of absolute dollars and as a percentage of revenues in 2005, as compared to 2004. The dollar and percentage increase in general and administrative expenses is primarily due to the following:

•

A substantial increase in accounting fees, primarily due to higher annual audit fees in 2005 and costs incurred in connection with corporate governance requirements pursuant to the Sarbanes-Oxley Act of 2002, particularly in light of the restatement of our 2004 interim financial results as reported in March 2005.

•

Higher legal expenses, reflecting costs associated with regulatory compliance, analysis of, and revisions to, our compensation plans, and ongoing litigation.

•

Increased spending on compensation and benefits, primarily costs associated with the addition of senior executives and other management personnel and stock-based compensation expenses resulting from the variable accounting treatment of certain stock options issued to employees under the stock option exchange program in May 2005. See “Supplemental Information About Stock-Based Compensation” below.

•

Increased contract labor and consulting costs, primarily costs related to our sell through revenue automation initiative, human resource projects and stock compensation programs.

The increase in general and administrative expenses as a percentage of revenues in 2005, as compared to 2004, also reflects a reduction in product revenue in the current year for the reasons noted above.

Supplemental Information About Stock-Based Compensation

Stock-based compensation expenses for the year ended December 31, 2005 primarily consist of stock-based charges resulting from the variable accounting treatment of certain stock options issued to employees in connection with a voluntary stock option exchange program offered to employees during the second quarter of 2005. Stock-based compensation expenses in 2005 also reflect, to a lesser extent, costs associated with restricted stock issued to directors and certain key officers. Stock based compensation expenses for the year ended December 31, 2004 primarily reflect amortization of previously deferred stock-based compensation over the vesting periods of common stock subject to repurchase in connection with our 2002 acquisition of RapidStream.

We account for employee stock-based compensation using the intrinsic value method prescribed in APB Opinion No. 25, “Accounting for Stock Issued to Employees,” and related interpretations. Accordingly, compensation cost for stock option and restricted stock awards is measured as the excess, if any, of the quoted market price of our common stock at the measurement date (or the balance sheet date, if the measurement date has not yet occurred) over the amount, if any, required to be paid by the employee. Compensation cost is charged to expense over the vesting period of each respective award using the accelerated method of expense recognition. Measurement date is defined as the grant date for all stock awards other than variable stock options and variable restricted stock awards. Measurement date for variable stock options and variable restricted stock awards is defined as the date the number of shares and purchase (exercise) price, if any, are both known. Changes in the quoted market price of our common stock are reflected as an adjustment to stock-based compensation expense in the periods in which the changes occur until the date both the number of shares and purchase price, if any, are known.

During the second quarter of 2005, we offered a voluntary stock option exchange program to our employees that resulted in variable accounting treatment for, at the time of the exchange, approximately 3.1 million stock options. We are accounting for all replacement stock options, as well as all options that were subject to the exchange program but were retained by employees, using variable accounting until adoption of SFAS 123(R). Under variable accounting, cumulative stock compensation expense at any balance sheet date must equal accumulated amortization of the current intrinsic value of the outstanding variable stock awards over their vesting periods. Upon adoption of SFAS 123(R), in accordance with its rules, the amount of stock compensation expense will be fixed based on initial estimated fair values of the replacement stock options and amortized over

the remaining vesting periods of these options. Stock compensation expense recognized until adoption of SFAS 123(R) using variable accounting will not be reversed upon adoption. Variable accounting treatment may result in unpredictable and potentially significant charges or credits recorded to stock-based compensation, which will be dependent upon fluctuations in the quoted market prices of our common stock.

In March 2005, the SEC published Staff Accounting Bulletin, or SAB, No. 107, which expresses the view of the SEC staff and provides guidance on a variety of matters associated with stock-based compensation. Among other things, SAB 107 states that stock-based compensation should be classified on the same expense lines as cash compensation. Accordingly, we have recorded stock-based compensation costs within the same operating expense line items as cash compensation, as presented below (in thousands):


	Year Ended December 31,
	2004		2005
Cost of revenues:
Product	$	—	$	9
Service		—		38
Sales and marketing		5		218
Research and development		11		307
General and administrative		5		307

Total stock-based compensation	$	21	$	879

For 2006, we expect an increase in stock-based compensation expense compared to levels incurred in 2005. The anticipated increase reflects the impact of adoption of SFAS 123(R) in 2006. The impact of adoption of SFAS 123(R) cannot be predicted at this time because it will depend on levels of share-based payments granted in the future.

Amortization of Other Intangible Assets

Amortization of other intangible assets is comprised of amortization of capitalized technology obtained in our acquisition of RapidStream in 2002. We are amortizing this intangible asset on a straight-line basis over an expected useful life of five years, and the capitalized technology is expected to be fully amortized by March 31, 2007.

Amortization of other intangible assets was $974,000 in both 2005 and 2004.

Restructuring Charges

Restructuring charges of $400,000 in 2004 are associated with our restructuring plans initiated in 2001 and 2002. Costs incurred in 2004 relate to the revision of our estimates for future costs associated with the sublease of excess facilities in our corporate headquarters in Seattle, Washington. As the real estate market in downtown Seattle remained relatively depressed, we revised down our earlier estimates of possible sublease rental income for our space that remains vacant.

In 2005, we incurred an additional $165,000 of restructuring charges associated with our 2001 and 2002 restructuring plans. We incurred additional charges of $298,000 related to our 2001 restructuring, due to a revision of the cost of excess facilities, as the real estate market remains depressed longer than originally expected. These charges were offset by a $133,000 reduction in our 2002 restructuring liability due to the revision of estimated proceeds from the sublease of excess facilities based upon a sublease of vacant space during the period.

Interest and Other Income, Net

Interest and other income, net, is primarily comprised of interest income generated from our short-term available-for-sale investments. Interest income was $2.2 million in 2005, compared to $1.3 million in 2004. The increase in interest and other income, net, is primarily due to higher interest rates on invested balances in 2005.

Income Tax Provision (Benefit)

Income tax expense of $115,000 in 2005 and income tax benefit of $45,000 in 2004 primarily relates to our provision for foreign income taxes associated with our international operations. The benefit of $126,000 recorded during the fourth quarter of 2004, which led to the aggregate net benefit recorded in 2004, was due to the reversal of previously accrued foreign tax reserves determined to be no longer necessary. We have experienced losses since inception, resulting in a net operating loss carryforward position for federal income tax purposes of approximately $195.7 million as of December 31, 2005. These carryforwards, if not utilized, will begin to expire after the 2011 tax year, and may be subject to limitations under Section 382 of the Internal Revenue Code of 1986, as amended. In addition, approximately $104.6 million of the net operating losses generated for federal income tax purposes are not available to reduce income tax expense for financial reporting purposes because the effects of tax deductions for employee stock options in excess of the related financial reporting compensation expense are recognized as a component of stockholders’ equity. A valuation allowance has been established to reflect the uncertainty of generating future taxable income necessary to utilize available tax loss carryforwards.

Years Ended December 31, 2003 and 2004

Revenues


	Year Ended December 31,						Percent Increase
	2003			2004			Percent Increase
Revenues (in thousands):
Product	$	52,470		$	54,398		3.7	%
Service		27,095			28,369		4.7	%

Total	$	79,565		$	82,767		4.0	%

Revenues (as % of total revenues):
Product		65.9	%		65.7	%
Service		34.1			34.3

Total		100.0	%		100.0	%

We categorize our revenues into three geographic regions: the Americas, EMEA, and APAC. Revenue information by geographic region, in dollars and as a percentage of total revenues, was as follows:


	Year Ended December 31,						Percent Increase
	2003			2004			Percent Increase
Revenues (in thousands):
Americas	$	38,269		$	39,922		4.3	%
EMEA		30,288			31,671		4.6	%
APAC		11,008			11,174		1.5	%

Total	$	79,565		$	82,767		4.0	%

Revenues (as % of total revenues):
Americas		48.1	%		48.2	%
EMEA		38.1			38.3
APAC		13.8			13.5

Total		100.0	%		100.0	%

Revenue information for countries representing more than 10% of total revenues, in dollars and as a percentage of total revenues, was as follows:


	Year Ended December 31,						Percent Increase (Decrease)
	2003			2004			Percent Increase (Decrease)
Revenues (in thousands):*
United States	$	34,741		$	36,224		4.3	%
United Kingdom		13,574			12,775		(5.9	)%

Revenues (as % of total revenues):
United States		43.7	%		43.8	%
United Kingdom		17.1	%		15.4	%

*	Country’s information is based on destination of original shipments.

Revenue information for customers representing more than 10% of total revenues, in dollars and as a percentage of total revenues, was as follows:


	Year Ended December 31,						Percent Increase
	2003			2004			Percent Increase
Revenues (in thousands):
Tech Data	$	11,866		$	13,435		13.2	%
Ingram Micro		9,497			13,779		45.1	%

Revenues (as % of total revenues):
Tech Data		14.9	%		16.2	%
Ingram Micro		11.9	%		16.7	%

The dollar and percentage increase in product revenues for 2004, as compared to 2003, primarily reflects unit shipments of our Firebox X and Firebox X Edge product lines, partially offset by a reduction in shipments and increased discounts on our Firebox III and Firebox SOHO product lines and a reduction in shipments of our Firebox Vclass product line during 2004. Our Firebox X and Firebox X Edge product lines were introduced in February 2004 and August 2004, respectively. Revenues from our Firebox III product line decreased in 2004, as these products were replaced by comparable new Firebox X products. Lower revenues from our Firebox SOHO product line is primarily due to introduction of the new Firebox X Edge line in 2004.

From a regional standpoint, revenues increased for both the Americas market and the international markets. Revenues from the Americas and the EMEA markets increased at a higher rate than revenues from the APAC market during 2004, primarily due to our realignment efforts in Japan taking longer than anticipated and delays in obtaining import licenses permitting the sale of certain of our products into China.

Service revenues consist of revenues recognized from initial fees for our LiveSecurity Service subscriptions bundled with a hardware product sale, and revenues recognized for subscription renewals sold to the existing customer base. The dollar increase in service revenues for 2004, as compared to 2003, is primarily due to growth of our installed customer base, resulting in a greater number of LiveSecurity Service renewals, as well as initial purchases of new subscription-based products. This increase is partially offset by $600,000 of service revenues in the first quarter of 2003 generated from LiveSecurity Services provided through certain managed security customers to end-users in prior periods, but that were identified by WatchGuard, through a license compliance initiative, as being previously unreported to WatchGuard by those customers.

Service revenues recognized from initial LiveSecurity Service subscription fees are generally related to product shipments in preceding quarters, while revenues recognized from LiveSecurity Service renewals depend on the existing customer base and the percentage of those customers eligible for renewal that elect to renew their

subscriptions. A decline in product shipments will result in lower initial LiveSecurity Service subscriptions bundled with the products, while an increase in our installed customer base, even from declining product shipments, will increase the number of customers with the opportunity to renew their LiveSecurity Service subscriptions.

Cost of Revenues and Gross Margin


	Year Ended December 31,						Percent Increase (Decrease)
	2003			2004			Percent Increase (Decrease)
Cost of revenues (in thousands):
Product	$	23,580		$	24,889		5.6	%
Service		6,082			5,554		(8.7	)%

Total	$	29,662		$	30,443		2.6	%

Cost of revenues (as % of total revenues):
Product		29.6	%		30.1	%
Service		7.7			6.7

Total		37.3	%		36.8	%

Cost of revenues (as % of related revenue component):
Product		44.9	%		45.8	%
Service		22.4	%		19.6	%

Gross margin (in thousands):
Product	$	28,890		$	29,509		2.1	%
Service		21,013			22,815		8.6	%

Total	$	49,903		$	52,324		4.9	%

Gross margin (as % of related revenue component):
Product		55.1	%		54.2	%
Service		77.6	%		80.4	%
Total		62.7	%		63.2	%

Gross margins are affected by various factors, including the volume discount level offered to our customers, the cost of our hardware appliances (including components and labor), costs of excess and obsolete inventory, lower of cost or market assessment of inventory carrying value, fixed manufacturing overhead, the mix of product and service sales (which include hardware and software products and LiveSecurity Service subscriptions), the cost of royalties associated with our products, promotional programs, and the cost of our technical support organization and LiveSecurity Service.

The dollar increase in cost of product revenues for 2004, as compared to 2003, was primarily due to increased product volumes associated with our Firebox X product lines, reflecting introduction of our Firebox X and Firebox X Edge product lines in February 2004 and August 2004, respectively. The increase also reflects higher manufacturing costs, due to selected stock upgrades and refurbishing, and higher costs associated with freight and other distribution activities, reflecting increased demand for our Firebox X product line.

These increases were partially offset by a reduction in costs of excess and obsolete inventory. The provision for inventory reserves decreased from $2.9 million in 2003 to $1.0 million in 2004. The 2003 provision includes a write-down of our RapidStream “Secured by Check Point” brand products, a subset of the products and

technology obtained as a result of our April 2002 acquisition of RapidStream, Inc. Increased focus on our core market of SMEs, combined with historically poor sales performance, resulted in curtailment of further marketing and development of this brand. The decrease in 2004 represents the disposition of the majority of the related inventory.

Product gross margins increased in absolute dollars for 2004, as compared to 2003, primarily due to unit volume growth and a reduction in our provision for inventory reserves, partially offset by increased manufacturing costs as described above.

The decline in product gross margins as a percentage of product revenues was primarily the result of competitive pricing in the marketplace and the higher manufacturing costs as described above. Competitive pricing factors included increased rebate and promotional activity during 2004 on new product and service introductions, together with increased discounting activity associated with our existing Firebox III and SOHO product lines.

Cost of service revenues includes the costs of our technical support organization and costs associated with our LiveSecurity Service.

Cost of service revenues decreased in both absolute dollars and as a percentage of related revenues for 2004, as compared to 2003, resulting in a corresponding increase in service gross margins as a percentage of related revenues. The dollar decrease in service costs is primarily the result of cost savings achieved after transitioning first-level customer support services to a lower-cost third-party provider in the fourth quarter of 2003.

Service gross margins increased in both absolute dollars and as a percentage of service revenues for 2004, as compared to 2003, reflecting incremental software maintenance subscriptions year-over-year and cost savings achieved through outsourcing certain customer support services in late 2003. This increase was partially offset by $600,000 of service revenue that was recognized in the first quarter of 2003, without significant additional costs, from our license compliance initiative, discussed above in conjunction with service revenues.

Operating Expenses

Sales and Marketing


	Year Ended December 31,						Percent Increase
	2003			2004			Percent Increase
Sales and marketing expenses (in thousands)	$	31,689		$	32,905		3.8	%
Sales and marketing expenses (as % of total revenues)		39.8	%		39.8	%

Sales and marketing expenses include salaries, commissions and employee-related expenses and certain variable marketing expenses, including distributor promotional costs, public relations costs, marketing collateral, trade shows, advertising expenses, direct marketing and costs of demo units.

Sales and marketing expenses increased in absolute dollars for 2004, as compared to 2003, primarily due to the following:

•

Increased spending on information technology support costs for our marketing and sales departments in 2004 due to consolidation of our customer-facing applications and databases and their migration onto more scalable and extensible application platforms.

•

Higher variable spending on marketing-related activities in 2004, largely advertising and market development costs incurred to gain brand awareness of the Firebox X and Firebox X Edge product lines.

Sales and marketing expenses declined as a percentage of revenues in 2004, as compared to 2003, as we focused on improving the productivity of our sales channels and the efficiency of our marketing campaigns.

Research and Development


	Year Ended December 31,						Percent (Decrease)
	2003			2004			Percent (Decrease)
Research and development expenses (in thousands)	$	20,960		$	18,154		(13.4	)%
Research and development expenses (as % of total revenues)		26.3	%		21.9	%

Research and development expenses include costs associated with the development of new products, enhancements of existing products, product integration efforts and quality assurance activities. These costs consist primarily of employee salaries and benefits, costs of noncapitalized equipment, software tools, our security appliance prototypes and certification procedures, payments to designers and contractors and depreciation of capital equipment and software.

Research and development expenses decreased in both absolute dollars and as a percentage of revenues for 2004, as compared to 2003, primarily due to the following:

•

A reduction in outsourced development and certification costs during 2004, reflecting higher costs incurred in those areas in 2003 in connection with the evaluation for certification of the Firebox Vclass product line and in connection with our effort to integrate technology obtained in the 2002 RapidStream acquisition.

•

Lower depreciation expenses and costs of information technology in support of research and development in 2004, primarily due to cost containment for research and development capital expenditures in 2002 and 2003 and the expiration of depreciation on earlier purchases.

General and Administrative


	Year Ended December 31,						Percent Increase
	2003			2004			Percent Increase
General and administrative expenses (in thousands)	$	8,098		$	8,833		9.1	%
General and administrative expenses (as % of total revenues)		10.2	%		10.7	%

General and administrative expenses include costs of executive, human resource, finance and administrative support functions, provisions for uncollectible accounts, costs of legal and accounting professional services, and director and officer insurance.

General and administrative expenses increased in absolute dollars for 2004, as compared to 2003. The dollar increase in general and administrative expenses is primarily due to a substantial increase in accounting fees in 2004, as a result of annual audit fees and compliance with regulatory requirements related to the Sarbanes-Oxley Act of 2002. General and administrative expenses, as a percentage of revenues, remained comparable in 2004 and 2003.

Supplemental Information About Stock-Based Compensation

In accordance with SAB 107, we have reclassified stock-based compensation costs for 2004 and 2003 within the same operating expense line items as cash compensation. Stock-based compensation expenses allocated by functional operating expense category were as follows (dollars in thousands):


	Year Ended December 31,				Percent (Decrease)
	2003		2004		Percent (Decrease)
Sales and marketing	$	24	$	5	(79.2	)%
Research and development		167		11	(93.4	)%
General and administrative		53		5	(90.6	)%

Total stock-based compensation	$	244	$	21	(91.4	)%

Stock-based compensation expenses in both 2004 and 2003 reflect amortization of previously deferred stock-based compensation over the vesting periods of common stock subject to repurchase and stock options.

Deferred stock-based compensation is initially recorded as a component of stockholders’ equity in the amount of the excess of the fair value of our common stock on the date of grant over the exercise price of options and also in the amount of the fair value of temporarily restricted common stock that we issued in connection with our April 2002 acquisition of RapidStream that is subject to repurchase. Deferred stock-based compensation is amortized into expense over the relevant vesting periods using the accelerated method.

Amortization of Other Intangible Assets

Amortization of other intangible assets in 2004 and 2003 consisted primarily of amortization of capitalized technology obtained in our acquisition of RapidStream in 2002. This technology is expected to be fully amortized by March 31, 2007. Amortization expense in 2003 also included amortization of capitalized technology related to our acquisition of Qiave Technologies Corporation in 2000, which was fully amortized by the end of 2003. We amortize our intangible assets acquired on a straight-line basis over an expected useful life of five years.

Amortization of other intangible assets was $1.0 million for 2004 and $2.0 million for 2003. The decrease in amortization of other intangible assets in 2004, as compared to 2003, is due to a reduction of the amortizable basis of technology obtained in the 2002 RapidStream acquisition and 2003 expenses associated with amortization of technology obtained in the Qiave acquisition.

Impairment of Other Intangible Assets

During the third quarter of 2003, it was determined that an impairment existed for the intangible asset associated with the RapidStream “Secured by Check Point” product brand based on the technology obtained in the 2002 acquisition of RapidStream. Our increased focus on the SME market, resulting in a significant reduction in our sales, marketing and development efforts in support of this brand, together with its historically poor performance, led management to reduce the future sales projections for the brand. The revised undiscounted expected future cash flows resulting from the reduced sales projections were determined to be insufficient to recover the carrying value of the related capitalized technology. We therefore recorded an impairment charge of $3.3 million in the third quarter of 2003 based on the revised estimate of the asset’s fair value using a discounted cash flow approach. In the fourth quarter of 2003, we decided to exit the market segment served by this product; we therefore recorded an additional impairment charge of $230,000 for the remaining book value of this intangible asset.

Restructuring Charges

Restructuring charges of $400,000 in 2004 and $1.0 million in 2003 were associated with our restructuring plans initiated in 2001 and 2002.

In the second quarter of 2001, we announced a restructuring plan designed to streamline operations and reduce operating costs, which included a reduction in workforce and a consolidation of excess facilities, in addition to other cost-saving strategies.

In the second quarter of 2002, we implemented a second restructuring plan primarily designed to eliminate redundancies and excess headcount resulting from the acquisition of RapidStream, which included a reduction in workforce, consolidation of excess facilities and elimination of technology-related contracts that were no longer required or part of our strategy.

Costs incurred in 2004 and 2003 relate to the revision of our estimates for future costs associated with the sublease of excess facilities in our corporate headquarters in Seattle, Washington. As the real estate market in downtown Seattle remained depressed, we revised down our earlier estimates of possible sublease rental income for our space that remains vacant.

Interest and Other Income, Net

Interest and other income, net, is primarily comprised of interest income generated from our short-term investments. Interest income was $1.3 million for both 2004 and 2003.

Income Tax Provision (Benefit)

An income tax benefit expense of $45,000 in 2004 and income tax expense of $34,000 in 2003 primarily relates to our provision for foreign income taxes associated with our international operations. A benefit of $126,000 was recorded during the fourth quarter of 2004 due to the reversal of previously accrued foreign tax reserves determined to be no longer necessary. We have experienced losses since inception, resulting in a net operating loss carryforward position for federal income tax purposes of approximately $201.2 million as of December 31, 2004. These carryforwards, if not utilized, will begin to expire after the 2011 tax year, and may be subject to limitations under Section 382 of the Internal Revenue Code of 1986, as amended. In addition, approximately $104.2 million of the net operating losses generated for federal income tax purposes are not available to reduce income tax expense for financial reporting purposes because the effects of tax deductions for employee stock options in excess of the related financial reporting compensation expense are recognized as a component of stockholders’ equity. A valuation allowance has been established to reflect the uncertainty of generating future taxable income necessary to utilize available tax loss carryforwards.

Liquidity and Capital Resources

As of December 31, 2005, we had $74.8 million in cash, cash equivalents and short-term available-for-sale investments which were invested primarily in high-quality money market accounts and marketable securities. We believe that the market risk arising from our holdings of these financial instruments is not material. Our working capital as of December 31, 2005 was $56.4 million.

Operating Activities

Our operating activities resulted in net cash outflows of $1.9 million in 2004 and $1.2 million in 2005. Operating cash outflows during each of these periods reflects net loss adjusted for non-cash expenses and changes in operating assets and liabilities.

The difference between our net loss and our operating cash outflow is attributable to noncash expenses included in net loss, and changes in the operating assets and liabilities, as presented below (in thousands):


	Year Ended December 31,
	2004			2005
Net loss	$	(7,681	)	$	(8,197	)
Noncash expenses		3,719			4,449
Changes in operating assets and liabilities		2,084			2,504

Net cash used in operating activities	$	(1,878	)	$	(1,244	)

Noncash expenses are associated with the amortization of other intangible assets, depreciation and amortization of property and equipment, and stock-based compensation charges resulting from the issuance of stock options and restricted stock to employees, directors and consultants.

Changes in operating assets and liabilities primarily reflect changes in working capital components of the balance sheet, apart from cash and short-term available-for-sale investments, and changes in long-term deferred rent, long-term deferred revenues and long-term restructuring liabilities. Significant fluctuations within each of these categories are described below.

Trade Accounts Receivable, Net decreased from $7.3 million at December 31, 2004 to $4.9 million at December 31, 2005. The decrease reflects improved shipment linearity in the fourth quarter of 2005, compared to the fourth quarter of 2004, primarily due to the effects of converting channel customers in North America to a sell through method of revenue recognition in 2005. Days sales outstanding, or DSOs, calculated on a quarterly basis, was 34 days at December 31, 2004 compared to 23 days at December 31, 2005. DSOs are affected by:

•

the payment terms contained in our customer contracts (which may vary geographically);

•

term discounts taken by our customers;

•

revenues on product sales for some of our major distributors that are recorded when these distributors have sold the product to their customers;

•

risks associated with the uncertain economy; and

•

whether revenues in a particular quarter are linear (that is, whether revenues are evenly distributed throughout the quarter or weighted more toward the end of the quarter).

Prepaid Expenses and Other decreased from $2.8 million at December 31, 2004 to $2.4 million at December 31, 2005, primarily reflecting prepayments in 2004 associated with product royalties and foreign taxes, which were expensed in 2005.

Inventories, Net increased from $3.1 million at December 31, 2004 to $4.1 million at December 31, 2005. The increase primarily reflects higher inventory levels at December 31, 2005, largely due to modifications to our hardware manufacturing sourcing arrangements in the current year, resulting in increased inventory volumes, as well as timing of inventory purchases and future sales projections.

Accounts Payable increased from $3.2 million at December 31, 2004 to $4.7 million at December 31, 2005, primarily due to timing of vendor payments.

Accrued Expenses, Other Liabilities and Deferred Rent decreased from $9.0 million at December 31, 2004 to $8.3 million at December 31, 2005, primarily due to a reduction in accrued sales commissions and incentive compensation related to the achievement of corporate objectives, and a reduction in estimated warranty obligations. The decrease was partially offset by an increase in annual audit fees for 2005 and promotional rebates associated with expanded programs for international markets.

Total Accrued Restructuring Costs decreased from $4.9 million at December 31, 2004 to $3.9 million at December 31, 2005, reflecting the ongoing payment of rents on abandoned facilities, less a net restructuring charge of $165,000 in 2005.

Total Deferred Revenues increased from $19.2 million at December 31, 2004 to $20.4 million at December 31, 2005. The increase in deferred revenues is primarily due to an increase in LiveSecurity Service subscription renewals on a growing installed customer base.

Investing Activities

Cash provided by investing activities was $1,000 in 2004 and $15.3 million in 2005. For both periods, net cash flows provided by investing activities primarily reflect changes in our short-term investment portfolio, offset by capital expenditures for property and equipment.

Financing Activities

Cash provided by financing activities totaled $2.6 million in 2004 and $1.7 million in 2005. Cash provided by financing activities in both periods reflects the exercise of employee stock options and the purchase of common stock through our employee stock purchase plan.

We believe that our existing available cash, cash equivalents and short-term available-for-sale investments will be sufficient to meet our operating expenses, working capital needs and capital expenditure requirements for at least the next 12 months. However, if the underlying assumed levels of spending prove to be inaccurate, or if we choose to pursue acquisitions or investments in complementary business technology, we may seek additional funding before that time through public or private financings or other arrangements.

Contractual Obligations and Contingencies

We lease office space and some computer equipment under operating leases that are noncancelable. Our facilities commitments include a lease for our corporate headquarters in Seattle, Washington, which expires in September 2010, with an option to extend this lease for an additional five-year term. We lease a product fulfillment and distribution warehouse in Seattle with a lease term through April 2006. We also lease facilities in San Jose and Tustin, California and Waltham, Massachusetts under operating leases that expire between 2006 and 2011, in addition to leases for other sales offices under operating leases or other lease obligations that expire over various terms. Our excess facilities at our corporate headquarters in Seattle, and in Waltham, are partially subleased to tenants, with sublease terms that expire between 2007 and 2010. We also have several operating leases for computer equipment and are a party to several noncancelable and nonrefundable agreement to purchase inventory in 2006.

Our contractual commitments at December 31, 2005 associated with lease obligations and purchase obligations, net of future minimum rental income from subleases of $1.8 million, are presented below (in thousands). This future rental income from subleases may be adversely affected if the financial condition of our tenants were to deteriorate, resulting in an impairment of their ability to make lease payments.


	Year Ended December 31,												2011 and Thereafter
	Total		2006		2007		2008		2009		2010		2011 and Thereafter
Operating lease obligations	$	14,409	$	3,155	$	3,012	$	3,003	$	3,081	$	2,138	$	20
Inventory purchase obligations		2,446		2,446		—		—		—		—		—

Total	$	16,855	$	5,601	$	3,012	$	3,003	$	3,081	$	2,138	$	20

In addition, we have contractual agreements with some of our distributors to reimburse them for advertising and other marketing activities that they may incur to promote our products, contingent on performance of those activities in the future. At December 31, 2005, the total amount of those agreements was $117,000.

Off-Balance Sheet Arrangements

In the ordinary course of business, we enter into agreements that contingently require us to indemnify counterparties against third-party claims. These may include: agreements with vendors and suppliers, under which we may indemnify them against claims arising from our use of their products or services; agreements with customers, under which we may indemnify them against claims arising from their use of our products or services; real estate and equipment leases, under which we may indemnify lessors against third-party claims relating to use of their property; agreements with licensees or licensors, under which we may indemnify the licensee or licensor against claims arising from their use of our intellectual property or our use of their intellectual property; and agreements with initial purchasers and underwriters of our securities, under which we may indemnify them against claims relating to their participation in the transactions.

In addition, as permitted or required under Delaware law and to the maximum extent allowable under Delaware law, we have certain obligations to indemnify our current and former officers and directors for certain events or occurrences while the officer or director is, or was, serving at our request in such capacity. These indemnification obligations are valid as long as the director or officer acted in good faith and in a manner the person reasonably believed to be in or not opposed to the best interests of the corporation, and, with respect to any criminal action or proceeding, had no reasonable cause to believe his or her conduct was unlawful.

The nature and terms of these indemnifications vary from contract to contract, and generally a maximum obligation is not stated. Because we are unable to estimate our potential obligation, and because management does not expect these indemnifications to have a material adverse effect on our consolidated financial position, operating results or cash flows, no related liabilities are recorded at December 31, 2005. We hold insurance policies that mitigate potential losses arising from certain indemnifications and, historically, we have not incurred significant costs related to performance under these obligations.

ITEM 7A.

QUANTITATIVE AND QUALITATIVE DISCLOSURES ABOUT MARKET RISK

Interest Rate Risk. We do not hold derivative financial instruments or derivative equity securities in our investment portfolio. Our cash equivalents and short-term investments consist of high-quality securities, as specified in our investment policy guidelines. Our policy limits the amount of credit exposure to any one issue or issuer to a maximum of 20% of the total portfolio or $5 million per issuer at the time of purchase, with the exception of U.S. treasury and agency securities and money market funds, which are exempt from this size limitation. Our policy limits all investments to those that mature in two years or less, with the average maturity of our investments equal to one year or less. The securities are subject to interest-rate risk and will decrease in value if interest rates increase. The fair value of our investment portfolio or related income would not be significantly affected by either a 100 basis point increase or decrease in interest rates, primarily due to the short-term nature of the major portion of our investment portfolio, which is summarized in Note 2 to our consolidated financial statements.

Foreign Currency Risk. All of our sales and the majority of our expenses are currently denominated in U.S. dollars. As a result, we have not experienced significant foreign exchange gains and losses. While we incurred some expenses in foreign currencies during 2004 and 2005 and expect to continue to do so in the future, we do not anticipate that foreign exchange gains or losses will be material to us. Although we have not engaged in foreign currency hedging to date, we may do so in the future. In addition, we may be required to denominate our sales in foreign currencies at some point in the future to remain competitive.

ITEM 8.

FINANCIAL STATEMENTS AND SUPPLEMENTARY DATA

REPORT OF ERNST AND YOUNG LLP,

INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM

The Board of Directors and Stockholders

WatchGuard Technologies, Inc.

We have audited the accompanying consolidated balance sheets of WatchGuard Technologies, Inc. as of December 31, 2005 and 2004, and the related consolidated statements of operations, stockholders’ equity, and cash flows for each of the three years in the period ended December 31, 2005. These financial statements are the responsibility of the Company’s management. Our responsibility is to express an opinion on these financial statements based on our audits.

We conducted our audits in accordance with the standards of the Public Company Accounting Oversight Board (United States). Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. An audit also includes assessing the accounting principles used and significant estimates made by management, as well as evaluating the overall financial statement presentation. We believe that our audits provide a reasonable basis for our opinion.

In our opinion, the financial statements referred to above present fairly, in all material respects, the consolidated financial position of WatchGuard Technologies, Inc. at December 31, 2005 and 2004, and the consolidated results of its operations and its cash flows for each of the three years in the period ended December 31, 2005, in conformity with U.S. generally accepted accounting principles.

We also have audited, in accordance with the standards of the Public Company Accounting Oversight Board (United States), the effectiveness of WatchGuard Technologies, Inc.’s internal control over financial reporting as of December 31, 2005, based on criteria established in Internal Control-Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission and our report dated March 13, 2006 expressed an unqualified opinion thereon.

/s/ Ernst & Young LLP

Seattle, Washington

March 13, 2006

REPORT OF ERNST & YOUNG LLP,

INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM

The Board of Directors and Stockholders

WatchGuard Technologies, Inc.

We have audited management’s assessment, included in the accompanying Management’s Report on Internal Control over Financial Reporting, that WatchGuard Technologies, Inc. (the Company) maintained effective internal control over financial reporting as of December 31, 2005, based on criteria established in Internal Control-Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission (the COSO criteria). WatchGuard Technologies, Inc.’s management is responsible for maintaining effective internal control over financial reporting and for its assessment of the effectiveness of internal control over financial reporting. Our responsibility is to express an opinion on management’s assessment and an opinion on the effectiveness of the Company’s internal control over financial reporting based on our audit.

We conducted our audit in accordance with the standards of the Public Company Accounting Oversight Board (United States). Those standards require that we plan and perform the audit to obtain reasonable assurance about whether effective internal control over financial reporting was maintained in all material respects. Our audit included obtaining an understanding of internal control over financial reporting, evaluating management’s assessment, testing and evaluating the design and operating effectiveness of internal control, and performing such other procedures as we considered necessary in the circumstances. We believe that our audit provides a reasonable basis for our opinion.

A company’s internal control over financial reporting is a process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles. A company’s internal control over financial reporting includes those policies and procedures that (1) pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the company; (2) provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the company are being made only in accordance with authorizations of management and directors of the company; and (3) provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use, or disposition of the company’s assets that could have a material effect on the financial statements.

Because of its inherent limitations, internal control over financial reporting may not prevent or detect misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate.

In our opinion, management’s assessment that WatchGuard Technologies, Inc. maintained effective internal control over financial reporting as of December 31, 2005, is fairly stated, in all material respects, based on the COSO criteria. Also, in our opinion, WatchGuard Technologies, Inc. maintained, in all material respects, effective internal control over financial reporting as of December 31, 2005, based on the COSO criteria.

We also have audited, in accordance with the standards of the Public Company Accounting Oversight Board (United States), the consolidated balance sheets of WatchGuard Technologies, Inc. as of December 31, 2005 and 2004, and the related consolidated statements of operations, stockholders’ equity, and cash flows for each of the three years in the period ended December 31, 2005, and our report dated March 13, 2006 expressed an unqualified opinion thereon.

/s/ Ernst & Young LLP

Seattle, Washington

March 13, 2006

WATCHGUARD TECHNOLOGIES, INC.

CONSOLIDATED BALANCE SHEETS

(In thousands, except share and per share data)


	December 31,
	2004			2005
ASSETS
Current assets:
Cash and cash equivalents	$	4,660		$	20,390
Short-term available-for-sale investments		72,189			54,379
Trade accounts receivable, net		7,305			4,883
Inventories, net		3,145			4,093
Prepaid expenses and other		2,780			2,442
Short-term restricted cash		—			1,200

Total current assets		90,079			87,387
Property and equipment, net		6,303			6,197
Restricted cash		3,000			1,800
Goodwill		66,605			66,605
Other intangibles, net, and other non-current assets		2,494			1,735

Total assets	$	168,481		$	163,724

LIABILITIES AND STOCKHOLDERS’ EQUITY
Current liabilities:
Accounts payable	$	3,214		$	4,654
Accrued expenses and other liabilities		7,581			6,985
Short-term accrued restructuring costs		1,289			1,119
Short-term deferred revenues		17,402			18,278

Total current liabilities		29,486			31,036
Long-term deferred rent		1,447			1,302
Long-term accrued restructuring costs		3,599			2,756
Long-term deferred revenues		1,818			2,163

Total liabilities		36,350			37,257

Commitments and contingencies

Stockholders’ equity:
Preferred stock, $0.001 par value:
Authorized shares: 10,000,000 (800,000 shares designated Series A Cumulative Preferred Stock at December 31, 2005)
No shares issued and outstanding		—			—
Common stock, $0.001 par value:
Authorized shares: 80,000,000
Shares issued and outstanding: 33,677,830 at December 31, 2004 and 34,239,242 at December 31, 2005		34			34
Additional paid-in capital		270,292			273,056
Deferred stock-based compensation		(10	)		(217	)
Accumulated other comprehensive loss		(226	)		(250	)
Accumulated deficit		(137,959	)		(146,156	)

Total stockholders’ equity		132,131			126,467

Total liabilities and stockholders’ equity	$	168,481		$	163,724

See accompanying notes.

WATCHGUARD TECHNOLOGIES, INC.

CONSOLIDATED STATEMENTS OF OPERATIONS

(In thousands, except per share data)


	Year Ended December 31,
	2003			2004			2005
Revenues:
Product	$	52,470		$	54,398		$	45,237
Service		27,095			28,369			29,954

Total revenues		79,565			82,767			75,191
Cost of revenues:
Product (1)		23,580			24,889			18,556
Service (1)		6,082			5,554			5,677

Total cost of revenues		29,662			30,443			24,233

Gross margin		49,903			52,324			50,958
Operating expenses:
Sales and marketing (1)		31,689			32,905			27,978
Research and development (1)		20,960			18,154			18,704
General and administrative (1)		8,098			8,833			13,410
Amortization of other intangible assets		1,963			974			974
Impairment of other intangible assets		3,530			—			—
Restructuring charges		1,000			400			165

Total operating expenses		67,240			61,266			61,231

Operating loss		(17,337	)		(8,942	)		(10,273	)
Interest and other income, net		1,269			1,216			2,191

Loss before income taxes		(16,068	)		(7,726	)		(8,082	)
Income tax provision (benefit)		34			(45	)		115

Net loss	$	(16,102	)	$	(7,681	)	$	(8,197	)

Basic and diluted net loss per share	$	(0.49	)	$	(0.23	)	$	(0.24	)

Shares used in calculation of basic and diluted net loss per share		32,889			33,489			33,922

__________ (1) Includes stock-based compensation as follows:

Cost of revenues:
Product	$	—		$	—		$	9
Service		—			—			38
Sales and marketing		24			5			218
Research and development		167			11			307
General and administrative		53			5			307

Total	$	244		$	21		$	879

See accompanying notes.

WATCHGUARD TECHNOLOGIES, INC.

CONSOLIDATED STATEMENTS OF STOCKHOLDERS’ EQUITY

(In thousands, except share data)


	Common Stock				Additional Paid-In Capital			Deferred Stock-Based Compensation			Accumulated Other Comprehensive Income (Loss)			Accumulated Deficit			Total Stockholders’ Equity
	Shares		Amount		Additional Paid-In Capital			Deferred Stock-Based Compensation			Accumulated Other Comprehensive Income (Loss)			Accumulated Deficit			Total Stockholders’ Equity
Balance, December 31, 2002	32,655,404		$	33	$	265,932		$	(254	)	$	229		$	(114,176	)	$	151,764
Stock option exercise	252,610			—		930			—			—			—			930
Employee stock purchase plan issuances of common stock	184,410			—		772			—			—			—			772
Issuance of stock options to consultants	—			—		(1	)		1			—			—			—
Stock-based compensation expense—options	—			—		—			244			—			—			244
Stock compensation adjustment due to modification of terms	—			—		16			(16	)		—			—			—
Repurchase of common stock subject to vesting restrictions	(637	)		—		—			—			—			—			—
Comprehensive loss:
Net unrealized loss on securities available for sale	—			—		—			—			(270	)		—			(270	)
Net loss	—			—		—			—			—			(16,102	)		(16,102	)

Comprehensive loss																		(16,372	)

Balance, December 31, 2003	33,091,787			33		267,649			(25	)		(41	)		(130,278	)		137,338
Stock option exercise	368,857			1		1,769			—			—			—			1,770
Employee stock purchase plan issuances of common stock	217,186			—		868			—			—			—			868
Issuance of stock options to consultants	—			—		6			(6	)		—			—			—
Stock-based compensation expense—options	—			—		—			21			—			—			21
Comprehensive loss:
Net unrealized loss on securities available for sale	—			—		—			—			(185	)		—			(185	)
Net loss	—			—		—			—			—			(7,681	)		(7,681	)

Comprehensive loss																		(7,866	)

Balance, December 31, 2004	33,677,830			34		270,292			(10	)		(226	)		(137,959	)		132,131
Stock option exercise	308,907			—		1,036			—			—			—			1,036
Employee stock purchase plan issuances of common stock	206,505			—		642			—			—			—			642
Deferred stock-based compensation	—			—		1,096			(1,096	)		—			—			—
Issuance of stock options to consultants	—			—		(10	)		10			—			—			—
Stock-based compensation expense—options	—			—		—			788			—			—			788
Stock-based compensation expense—restricted stock	46,000			—		—			91			—			—			91
Comprehensive loss:
Net unrealized loss on securities available for sale	—			—		—			—			(24	)		—			(24	)
Net loss	—			—		—			—			—			(8,197	)		(8,197	)

Comprehensive loss																		(8,221	)

Balance, December 31, 2005	34,239,242		$	34	$	273,056		$	(217	)	$	(250	)	$	(146,156	)	$	126,467

See accompanying notes.

WATCHGUARD TECHNOLOGIES, INC.

CONSOLIDATED STATEMENTS OF CASH FLOWS

(In thousands)


	Year Ended December 31,
	2003			2004			2005
Operating activities:
Net loss	$	(16,102	)	$	(7,681	)	$	(8,197	)
Adjustments to reconcile net loss to net cash used in operating activities:
Noncash expenses:
Depreciation and amortization of property and equipment		2,996			2,724			2,596
Amortization of other intangible assets		1,963			974			974
Impairment of other intangible assets		3,530			—			—
Stock-based compensation		244			21			879
Changes in operating assets and liabilities:
Trade accounts receivable, net		2,113			(605	)		2,422
Inventories, net		1,374			(77	)		(948	)
Prepaid expenses and other current assets		511			1,144			338
Other assets		170			94			(215	)
Accounts payable		(1,003	)		(462	)		1,440
Accrued expenses, other liabilities and deferred rent		1,295			1,168			(741	)
Accrued restructuring and acquisition costs		(2,496	)		(1,651	)		(1,013	)
Deferred revenues		(1,704	)		2,473			1,221

Net cash used in operating activities		(7,109	)		(1,878	)		(1,244	)

Investing activities:
Purchases of property and equipment		(1,836	)		(2,515	)		(2,490	)
Proceeds from sales and maturities of marketable securities		123,322			51,674			69,752
Purchases of marketable securities		(121,070	)		(49,158	)		(51,966	)

Net cash provided by investing activities		416			1			15,296

Financing activities:
Proceeds from stock option exercises and issuances of common stock under the employee stock purchase plan		1,702			2,638			1,678

Net cash provided by financing activities		1,702			2,638			1,678

Net increase (decrease) in cash and cash equivalents		(4,991	)		761			15,730
Cash and cash equivalents at beginning of period		8,890			3,899			4,660

Cash and cash equivalents at end of period	$	3,899		$	4,660		$	20,390

Supplemental disclosure of cash flow information:
Cash paid for income taxes	$	46		$	133		$	148

See accompanying notes.

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS

1.	Summary of Significant Accounting Policies

Description of Business

WatchGuard Technologies, Inc. (WatchGuard) is a leading provider of Internet security solutions designed to protect small- to medium-sized enterprises that use the Internet for e-commerce and secure communications.

Principles of Consolidation

The consolidated financial statements include the accounts of WatchGuard and its wholly owned subsidiaries. All significant intercompany accounts and transactions have been eliminated in consolidation.

Reclassifications

Certain prior-year items have been reclassified to conform to the current-year presentation.

Use of Estimates

The preparation of financial statements in conformity with accounting principles generally accepted in the United States requires management to make estimates and assumptions that affect the amounts reported in the consolidated financial statements and accompanying notes. Actual results could differ from those estimates. Significant estimates used in preparing the financial statements relate to (i) revenue recognition, including sales returns and allowances and promotional rebates, (ii) provision for doubtful accounts, (iii) inventory reserves, (iv) restructuring reserves relating to abandoned facilities, (v) the allocation of the purchase price in business combinations to intangible assets and (vi) fair values and impairment analysis of goodwill and intangible assets with definite lives.

Cash Equivalents

All highly liquid short-term investments with maturities of three months or less at the date of purchase are considered to be cash equivalents and carried at fair market value. WatchGuard’s cash equivalents consist primarily of money market funds, commercial paper, corporate and municipal bonds and U.S. government securities.

Short-Term Available-for-Sale Investments

WatchGuard’s short-term investments consist primarily of corporate and municipal bonds and U.S. government securities. All of WatchGuard’s investment securities are considered available-for-sale and are stated at fair value, with unrealized gains and losses excluded from results of operations and included as a component of stockholders’ equity. The amortized cost of investments is adjusted for amortization of premiums and accretion of discounts to maturity. Amortization and accretion are included in interest income. Realized gains and losses, declines in value of securities deemed to be other than temporary, interest and all dividends earned on securities are also included in interest income. The cost of securities sold is calculated using the specific identification method. All available-for-sale investment securities are classified as short-term assets based upon WatchGuard’s ability and intent to use any and all of these securities, as necessary, to satisfy short-term liquidity requirements that may arise.

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

Provision for Doubtful Accounts

WatchGuard maintains allowances for doubtful accounts for estimated losses resulting from the inability of its customers to make required payments. Judgment is required when assessing the ultimate realization of receivables, including the probability of collection and the creditworthiness of each customer. WatchGuard regularly reviews its allowance by considering factors such as historical experience, credit quality, age of the accounts receivable balances and current economic conditions that may affect a customer’s ability to pay. In the event an amount is determined to be uncollectible, WatchGuard writes off the amount against its provision for doubtful accounts.

Concentrations of Risk

WatchGuard is subject to concentrations of credit risk primarily from its cash, short-term available-for-sale investments and trade accounts receivable. WatchGuard manages its credit risk by investing its excess cash in a diverse portfolio of high-quality money market instruments and short-term investments.

In addition, substantially all of WatchGuard’s trade accounts receivable are due from WatchGuard’s resellers, distributors and service providers located throughout the world. Revenue information by geographic region is as follows (dollars in thousands):


	Year Ended December 31,
	2003				2004				2005
Americas	$	38,269	48.1	%	$	39,922	48.2	%	$	34,555	46.0	%
Europe/Middle East/ Africa (EMEA)		30,288	38.1			31,671	38.3			28,818	38.3
Asia Pacific (APAC)		11,008	13.8			11,174	13.5			11,818	15.7

Total	$	79,565	100.0	%	$	82,767	100.0	%	$	75,191	100.0	%

Revenue information for countries representing more than 10% of total revenues, in dollars and as a percentage of total revenues, is as follows (dollars in thousands):


	Year Ended December 31,
	2003				2004				2005
United States	$	34,741	43.7	%	$	36,224	43.8	%	$	29,122	38.7	%
United Kingdom		13,574	17.1	%		12,775	15.4	%		12,327	16.4	%

Revenue information for customers representing more than 10% of total revenues, in dollars and as a percentage of total revenues, was as follows (dollars in thousands):


	Year Ended December 31,
	2003				2004				2005
Tech Data	$	11,866	14.9	%	$	13,435	16.2	%	$	12,312	16.4	%
Ingram Micro		9,497	11.9	%		13,779	16.7	%		10,410	13.8	%
Wick Hill		*	*			*	*			7,538	10.0	%

*	Less than 10%

WatchGuard does not require collateral or other security to support credit sales, but does require letters of credit from certain customers. WatchGuard provides a provision for doubtful accounts based on historical experience and specifically identified risks.

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

WatchGuard currently outsources its manufacturing to a limited number of third-party contract manufacturers, and some of the key components and licensed technologies incorporated in WatchGuard’s products come from single or limited sources of supply. The inability of any supplier or manufacturer to fulfill supply requirements could negatively impact future operating results.

Inventories

Inventories are stated at the lower of cost or market, with cost being determined on a first-in, first-out basis. WatchGuard’s inventory costs include freight and handling costs incurred to transport goods from WatchGuard’s suppliers. WatchGuard receives some of its components from single-source suppliers and relies on a limited number of hardware manufacturers. Inventories sold to distributors who have unlimited return rights are included in finished goods until sold through to channel customers. In assessing the ultimate realization of inventories, WatchGuard is required to make judgments as to future demand requirements and compare these with the current or committed inventory levels. WatchGuard writes down its inventory for estimated obsolescence or unmarketable inventory. The allowance requirements fluctuate due to market conditions, customer preferences and technological and product life-cycle changes.

Property and Equipment

Property and equipment is stated at cost, less accumulated depreciation and amortization. Depreciation and amortization are recognized using the straight-line method over the estimated useful lives of the assets. Equipment and furniture is depreciated over estimated useful lives ranging from three to five years. Leasehold improvements are amortized over the shorter of the lease term or the estimated useful life of the related assets.

The capitalized cost of internal-use software is included in property and equipment. WatchGuard recognizes costs of software developed or purchased for internal use in accordance with Statement of Position (SOP) 98-1, “Accounting for Costs of Computer Software Developed or Obtained for Internal Use.” Under SOP 98-1, WatchGuard expenses all costs incurred that relate to planning and post-implementation phases of development. Costs incurred in the development and implementation phases are capitalized and amortized over the estimated useful life of the software. In 2003, 2004 and 2005, WatchGuard capitalized development costs of $567,000, $776,000 and $838,000, respectively, for internal-use software.

Goodwill

Pursuant to Statement of Financial Accounting Standards (SFAS) 142, “Goodwill and Other Intangible Assets,” WatchGuard tests goodwill for impairment at least annually. SFAS 142 requires that goodwill and other intangible assets with indefinite useful lives be tested for impairment at least annually and written down and charged to operating results in periods in which the recorded value of those assets exceeds their fair value. SFAS 142 prescribes the use of the two-phase approach for testing goodwill for impairment. The first phase is a screen for potential impairment, while the second phase (if necessary) measures the amount of impairment, if any. WatchGuard performs its annual impairment test for goodwill using an October 1 measurement date. Application of the goodwill impairment test may require judgments, including those inherent in the determination of fair value of the reporting unit in which the goodwill resides and the resulting determination of the implicit value of the goodwill. Significant judgments required to estimate the fair value include estimating future cash flows, determining appropriate discount rates and other assumptions. Changes in these estimates and assumptions could materially affect the determination of fair value.

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

Intangible Assets with Definite Lives and Other Long-Lived Assets

Intangible assets with definite lives, consisting primarily of technology received in connection with acquisitions, are amortized over their estimated useful lives ranging from three to five years. In accordance with SFAS 144, “Accounting for the Impairment or Disposal of Long-Lived Assets,” the carrying value of intangible assets with definite lives and other long-lived assets is reviewed for impairment whenever events or changes in circumstances, both internally and externally, indicate that the carrying amount of such assets may not be recoverable. Determination of recoverability is based on an estimate of undiscounted future cash flows resulting from the use of the asset and its eventual disposition. An asset is considered impaired when its estimated future cash flows are less than the amount of its carrying value. If the carrying value of the asset is deemed to be unrecoverable, the asset is written-down to its estimated fair value.

Fair Value of Financial Instruments

WatchGuard’s financial instruments consist principally of cash and cash equivalents, short-term available-for-sale investments, trade accounts receivable, restricted cash, accounts payable and accrued expenses. Estimated values of short-term available-for-sale investments are determined based on quoted market prices for the same or similar instruments. Carrying amounts reflected in the consolidated balance sheets for the remaining financial instruments approximate their fair value due to their liquidity or short-term duration.

Income Taxes

WatchGuard recognizes deferred tax assets and liabilities based on differences between the financial reporting and tax bases of assets and liabilities using the enacted tax rates and laws that are expected to be in effect when the differences are expected to be recovered. WatchGuard provides a valuation allowance for deferred tax assets that cannot be currently recognized due to WatchGuard’s cumulative losses and the uncertainty of their future recoverability.

Revenue Recognition

WatchGuard generates revenues through sales of its Firebox products, licenses and subscriptions for related software options and services, and subscriptions for its LiveSecurity Service, which includes access to technical support, software updates (if and when available), early-warning vulnerability alerts and expert instruction and training. Software license revenues are generated from licensing the rights to use WatchGuard’s products directly to end-users, from sublicense fees from resellers and distributors and from sales of WatchGuard’s managed security solution products to Internet service providers and other service providers that utilize WatchGuard’s products to provide managed security services to their customers.

WatchGuard recognizes revenue in accordance with accounting standards for software companies, including SOP 97-2, “Software Revenue Recognition,” as amended by SOP 98-9, and related interpretations, including Technical Practice Aids and Securities and Exchange Commission (SEC) Topic 13, “Revenue Recognition” of the codification of the Staff Accounting Bulletins (SAB). Topic 13 summarizes certain of the SEC’s views in applying generally accepted accounting principles to revenue recognition in financial statements. WatchGuard believes its revenue recognition policies and practices are consistent with the accounting standards.

Most of WatchGuard’s Firebox products and certain software products include an initial period of service subscription bundled in the product price. Because the timing of revenue recognition differs between the product and the service subscription, the related revenues must be allocated to the product and the subscription service. The allocation of revenues is determined by using the residual method, as defined in SOP 98-9, if vendor-specific

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

objective evidence of fair value for undelivered elements of the arrangement (typically services) has been established. Under the residual method, the amounts allocated to the undelivered elements (typically services) are equal to their fair value as established by vendor-specific objective evidence. The residual revenues in the arrangement are then allocated to the delivered elements (typically products). Vendor-specific objective evidence of fair value is based on the price charged when an element is sold separately or, if an element is not yet sold separately, on the price established by authorized management if it is probable that the price, once established, will not change before the element is separately introduced into the marketplace. Prior to recognizing any revenues, WatchGuard ensures that there is persuasive evidence of the arrangement, delivery has occurred, collection is probable, and the fee is fixed or determinable.

WatchGuard recognizes revenues allocated to products, including software license fees, using either the sell through or sell in method of revenue recognition as determined by the contractual arrangement with each channel customer. When the channel customer is a distributor with unlimited stock returns and rotation rights, product revenues are not recognized until the distributors sell the products to their channel customers (the “sell through” method). Otherwise, revenue is recognized upon delivery of the products to the channel customer (the “sell in” method). Revenues from LiveSecurity Service subscriptions and other services are recognized ratably over the term of the subscription, ranging from 3 to 30 months. Our standard payment terms range from 30 to 60 days. WatchGuard offers term discounts to certain of its larger customers.

During the first quarter of 2005, WatchGuard negotiated changes in contractual obligations with certain channel customers in North America, Australia and New Zealand which provided such customers with unlimited return rights for products sold after the change date. The changes were triggered by the need to offer promotional programs to give WatchGuard the flexibility in the respective markets to be more competitive, responsive and effective. As a result of these contract changes, WatchGuard converted these customers to a sell through method beginning in the first quarter of 2005. When a channel customer is converted from the sell in method to the sell through method of revenue recognition, revenue can no longer be recognized when product is sold to the channel customer, because revenue from products in that channel customer’s inventory was already recognized in prior periods. Therefore, revenue on individual inventory items sold subsequent to the conversion can only be recognized after the converted channel customer has disposed of its inventory predating the conversion. As of December 31, 2004, the converted customers held inventory for which WatchGuard had already recognized revenues in the amount of $2.3 million. Substantially all of these inventories were sold through by the converted customers during the first quarter of 2005.

WatchGuard provides allowances for estimated returns and return rights and pricing protection rights which are offered to most customers. WatchGuard also provides allowances for promotional rebates offered to its customers. A customer’s return rights are generally limited to the lesser of its on-hand inventory or a percentage of the customer’s purchases for the previous quarter. Pricing protection rights, offered to many of WatchGuard’s customers, are generally limited to 60 to 90 days after notification of a price change. Revenues are reduced by the provision for estimated returns and allowances at the time the sales are made based on historical experience.

Promotional rebates vary by type and term and are earned by customers in accordance with various conditions. WatchGuard accounts for promotional rebates given to customers in accordance with the Emerging Issues Task Force (EITF) Issue No. 01-09, “Accounting for Consideration Given by a Vendor to a Customer or a Reseller of the Vendor’s Product,” which requires that sales incentives given to customers or resellers be accounted for as a reduction of revenue unless a vendor receives a benefit that is identifiable and can be reasonably estimated. WatchGuard accrues allowances for rebates to the maximum amount possible unless there are sufficient historical trends which would indicate a lower rate of accrual is appropriate.

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

Cost of Revenues

Cost of product revenues primarily include the cost of manufacturing WatchGuard’s security appliances, distribution operations, product packaging, inbound and outbound shipping charges, third-party product licensing fees and provisions for inventory reserves and product warranty costs. Cost of service revenues includes the cost of WatchGuard’s technical support organization and costs associated with its LiveSecurity Service.

Research and Development

Research and development costs consist primarily of software development costs. SFAS 86, “Accounting for the Costs of Computer Software to Be Sold, Leased, or Otherwise Marketed,” requires the capitalization of certain software development costs after technological feasibility of the software is established. In the development of WatchGuard’s new products and enhancements to existing products, the technological feasibility of the software is not established until substantially all product development is complete, including the development of a working model. Costs incurred after technological feasibility is established, before release of the product to the market, are not material, and, accordingly, WatchGuard expenses all research and development costs when incurred.

Advertising Costs

WatchGuard expenses advertising costs as incurred. Total advertising expenses were $1.2 million, $2.4 million and $122,000 in 2003, 2004 and 2005, respectively.

Stock-Based Compensation

Stock-based compensation expenses primarily consist of stock-based charges resulting from the variable accounting treatment of certain stock options issued to employees in connection with a voluntary stock option exchange program offered to employees in 2005. Stock-based compensation also includes, to a lesser extent, costs associated with restricted stock issued to directors and certain key officers, as well as amortization of previously deferred stock-based compensation over the vesting periods of common stock subject to repurchase in connection with WatchGuard’s 2002 acquisition of RapidStream and stock options. Refer to Note 14 to these consolidated financial statements for further discussion of stock compensation programs resulting in variable accounting treatment of stock awards.

WatchGuard accounts for employee stock-based compensation using the intrinsic value method prescribed in Accounting Principle Board (APB) Opinion No. 25, “Accounting for Stock Issued to Employees,” and related interpretations. Accordingly, compensation cost for stock option and restricted stock awards is measured as the excess, if any, of the quoted market price of WatchGuard’s common stock at the measurement date (or the balance sheet date, if the measurement date has not yet occurred) over the amount, if any, required to be paid by the employee. Compensation cost is charged to expense over the vesting period of each respective award using the accelerated method of expense recognition. Measurement date is defined as the grant date for all stock awards other than variable stock options and variable restricted stock awards. Measurement date for variable stock options and variable restricted stock awards is defined as the date the number of shares and purchase (exercise) price, if any, are both known. Changes in the quoted market price of WatchGuard’s common stock are reflected as an adjustment to stock-based compensation expense in the periods in which the changes occur until the date both the number of shares and purchase price, if any, are known.

In March 2005, the SEC published SAB No. 107, which expresses the view of the SEC staff and provides guidance on a variety of matters associated with stock-based compensation. Among other things, SAB No. 107

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

requires that stock-based compensation be classified in the same expense lines as cash compensation. Accordingly, WatchGuard has reclassified its stock-based compensation from prior periods to conform to the current period presentation of stock-based compensation within the same operating expense line item(s) as cash compensation.

Pro Forma Disclosures Under SFAS 123

The following information regarding stock-based compensation has been determined as if WatchGuard had accounted for its employee stock options and its employee stock purchase plan shares under the fair market value method of SFAS 123, “Accounting for Stock-Based Compensation.” The fair value of employee stock options was estimated at the date of grant, using a minimum value option pricing model through the date of WatchGuard’s initial public offering in July 1999 and using the Black-Scholes option pricing model thereafter. The estimated fair value of each option is amortized over its respective vesting period using the accelerated method.

The estimated per share weighted average grant date fair value of stock options awarded during 2003, 2004 and 2005 was $4.07, $5.70 and $1.64, respectively. Amounts were determined using the Black-Scholes option pricing model based on the following assumptions:


	Year Ended December 31,
	2003		2004		2005
Weighted-average risk-free interest rate	2.9	%	3.9	%	3.9	%
Weighted-average expected volatility	111.6	%	104.1	%	74.1	%
Weighted-average dividend rate	0.0	%	0.0	%	0.0	%
Weighted-average expected life (in years)	5.0		5.0		4.0

Pro forma disclosures are not representative of future results. WatchGuard’s pro forma information is as follows (in thousands, except per share data):


	Year Ended December 31,
	2003			2004			2005
Net loss—as reported	$	(16,102	)	$	(7,681	)	$	(8,197	)
Add: stock-based compensation, as reported		244			21			879
Deduct: stock-based compensation determined under fair market value method, including employee stock option and stock purchase plans		(14,712	)		(11,210	)		(8,204	)

Net loss—pro forma	$	(30,570	)	$	(18,870	)	$	(15,522	)

Net loss per share, basic and diluted—as reported	$	(0.49	)	$	(0.23	)	$	(0.24	)
Net loss per share, basis and diluted—pro forma	$	(0.93	)	$	(0.56	)	$	(0.46	)

In December 2004, the Financial Accounting Standards Board (FASB) issued SFAS 123 revised 2004 (SFAS 123(R)), “Share-Based Payment,” which is a revision to SFAS 123. SFAS 123(R) supersedes APB Opinion No. 25. Generally, the approach described in SFAS 123(R) is similar to the approach described in SFAS 123. However, SFAS 123(R) requires all share-based payments to employees, including grants of employee stock options and shares issued under an employee stock purchase plan, to be recognized in the income statement based on their fair values. Pro forma disclosure will no longer be an alternative. SFAS 123(R) allows public companies to transition using either of the two methods described below. Under the modified prospective method, stock compensation expense is recognized starting from the date of the adoption for all outstanding

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

unvested stock awards, as well as for all awards granted, modified or settled after the date of the adoption. Under the modified retrospective method, entities would restate prior period financial statements using the amounts previously reflected in pro forma disclosures under SFAS 123 either for all prior periods presented or for prior interim periods of the year of adoption.

In April 2005, the SEC delayed the effective date of SFAS 123(R) such that each company that is not a small business issuer will be required to adopt SFAS 123(R) no later than the first interim reporting period of the company’s first fiscal year beginning on or after June 15, 2005 (January 1, 2006 for WatchGuard). Upon adoption of SFAS 123(R), in accordance with its rules, WatchGuard’s stock options will no longer be subject to variable accounting treatment. Rather, the amount of stock compensation expense will be fixed based on initial estimated fair values of the replacement stock options and amortized over the remaining vesting periods of these options. Stock compensation expense recognized until adoption of SFAS 123(R) using variable accounting will not be reversed upon adoption. WatchGuard will adopt the provisions of SFAS 123(R) on January 1, 2006, using the modified prospective method. The effect of adoption of SFAS 123(R) cannot be predicted at this time because it will depend on levels of share-based payments granted in the future.

Net Loss Per Share

Basic and diluted net loss per share is calculated using the weighted average number of shares of common stock outstanding during the period. Other common stock equivalents, including stock options and unvested restricted stock, are excluded from the computation of diluted net loss per share because their effect is antidilutive.

Comprehensive Income (Loss)

WatchGuard complies with SFAS 130, “Reporting Comprehensive Income,” which establishes standards for reporting and displaying comprehensive income and its components (revenues, expenses, gains and losses) in a full set of general-purpose financial statements. WatchGuard’s comprehensive loss includes net loss and the effect of unrealized gains or losses on available-for-sale securities. Comprehensive loss is shown on the consolidated statements of stockholders’ equity.

Segment Information

SFAS 131, “Disclosures About Segments of an Enterprise and Related Information,” establishes standards for reporting information about operating segments in annual financial statements. WatchGuard operates in a single business segment related to Internet and computer security and provides hardware, software and services as a complete security solution. While certain expenses for sales and marketing activities are incurred in various geographical regions, the majority of WatchGuard’s operating expenses are incurred, and substantially all of its assets are located, at its corporate headquarters.

Recent Accounting Pronouncements

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

recognized by including in net income of the period of the change the cumulative effect of changing to the new accounting principle. SFAS 154 is effective for accounting changes made in fiscal years beginning after December 15, 2005. WatchGuard does not expect that adoption of this new standard will have a material impact on its financial position, results of operations or cash flows.

In November 2005, the FASB issued Staff Position, or FSP, FAS 115-1 and FAS 124-1, “The Meaning of Other-Than-Temporary Impairment and its Application to Certain Investments.” FSP FAS 115-1 and FAS 124-1 provides accounting guidance for determining and measuring other-than-temporary impairments of debt and equity securities, and confirms the disclosure requirements for investments in unrealized loss positions as outlined in EITF 03-01, “The Meaning of Other-Than-Temporary Impairments and its Application to Certain Investments.” The accounting requirements of FSP FAS 115-1 and FAS 124-1 are effective for reporting periods beginning after December 15, 2005. WatchGuard does not expect that adoption of this new FSP will have a material impact on its financial position, results of operations or cash flows.

2.	Short-Term Available-for-Sale Investments

Short-term available-for-sale investments consisted of the following (in thousands):


	Market Value		Gross Unrealized Gains		Gross Unrealized Losses			Amortized Cost
Balance at December 31, 2004:
Corporate debt securities	$	7,577	$	—	$	(20	)	$	7,597
Government and agency obligations		64,612		1		(207	)		64,818

	$	72,189	$	1	$	(227	)	$	72,415

Balance at December 31, 2005:
Corporate debt securities	$	8,380	$	—	$	(42	)	$	8,422
Government and agency obligations		45,999		—		(204	)		46,203

	$	54,379	$	—	$	(246	)	$	54,625

The following table summarizes the fair value and gross unrealized losses of WatchGuard’s short-term available-for-sale investments with unrealized losses, aggregated by investment type and length of time that individual securities have been in an unrealized loss position, as of December 31, 2005 (in thousands):


	Less Than 12 Months					Greater Than 12 Months					Total
Description of Securities	Market Value		Unrealized Losses			Market Value		Unrealized Losses			Market Value		Unrealized Losses
Corporate debt securities	$	7,903	$	(42	)	$	—	$	—		$	7,903	$	(42	)
Government and agency obligations		24,834		(75	)		21,147		(129	)		45,981		(204	)

Total	$	32,737	$	(117	)	$	21,147	$	(129	)	$	53,884	$	(246	)

Gross unrealized losses resulting from WatchGuard’s corporate debt securities and government and agency obligations are due to market price movements. As WatchGuard has the ability and intent to hold these investment securities until a recovery of fair value, it does not believe that any of these unrealized losses represent an other-than-temporary impairment, based on its evaluation of available evidence, as of December 31, 2005.

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

The contractual maturities of WatchGuard’s available-for-sale securities, all of which are classified as current, as of December 31, 2005, are as follows (in thousands):


	Market Value		Amortized Cost
Due in one year or less	$	50,695	$	50,909
Due in one year through two years		3,684		3,716

	$	54,379	$	54,625

Realized net gains on sales of short-term available-for-sale investments, included in interest income, were $2,000 in 2003. WatchGuard did not have any realized net gains on sales of short-term investments in 2004 or 2005.

3.	Trade Accounts Receivable, Net

Trade accounts receivable, net consisted of the following (in thousands):


	December 31,
	2004			2005
Trade accounts receivable	$	9,874		$	7,628
Reserve for returns, rebates and allowances		(2,299	)		(2,331	)
Allowance for doubtful accounts		(270	)		(414	)

	$	7,305		$	4,883

4.	Inventories, Net

Inventories, net consisted of the following (in thousands):


	December 31,
	2004			2005
Finished goods	$	2,570		$	2,784
Components		1,510			1,834

		4,080			4,618
Inventory allowance		(935	)		(525	)

	$	3,145		$	4,093

Inventories held by sell through customers, included as a component of finished goods, were $511,000 and $470,000 at December 31, 2004 and December 31, 2005, respectively.

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

5.	Property and Equipment, Net

Property and equipment, net consisted of the following (in thousands):


	December 31,
	2004			2005
Computer equipment	$	4,969		$	4,978
Leasehold improvements		3,901			4,153
Furniture and equipment		3,885			3,934
Software		4,875			6,385

		17,630			19,450
Less accumulated depreciation and amortization		(11,327	)		(13,253	)

	$	6,303		$	6,197

During 2004 and 2005, WatchGuard wrote off approximately $1.6 million and $771,000, respectively, of capitalized assets, substantially all of which were fully depreciated and no longer in use.

6.	Accounting for Goodwill and Intangibles with Definite Lives

SFAS 141, “Business Combinations,” and SFAS 142, “Goodwill and Other Intangible Assets,” require business combinations be accounted for using the purchase method of accounting, and broaden the criteria for recording intangible assets separate from goodwill. SFAS 142 requires that goodwill and other intangible assets with indefinite useful lives be tested for impairment at least annually and written down and charged to operating results in periods in which the recorded value of those assets exceeds their fair value. No impairment of goodwill was recognized during 2003, 2004 or 2005.

SFAS 144, “Accounting for the Impairment or Disposal of Long- Lived Assets,” requires that the carrying value of intangible assets with definite lives and other long-lived assets be evaluated for impairment whenever events or changes in circumstances indicate that the carrying amount of an asset may not be recoverable. During the third quarter of 2003, it was determined that an impairment existed for the intangible asset associated with the RapidStream “Secured by Check Point” product brand based on technology obtained in WatchGuard’s 2002 acquisition of RapidStream, Inc. WatchGuard’s increased focus on its core market of small- to medium-sized enterprises, which resulted in a significant reduction in WatchGuard’s sales, marketing and development efforts in support of this brand, together with the historically poor performance of the RapidStream “Secured by Check Point” brand, led management to reduce future sales projections for the brand. The revised undiscounted expected future cash flows resulting from the reduced future sales projections were determined to be insufficient to recover the carrying value of the related capitalized technology. WatchGuard therefore recorded an impairment charge of $3.3 million during the quarter ended September 30, 2003, based on the difference between the carrying value of the intangible assets and its estimated fair value using a discounted cash flow approach. In the fourth quarter of 2003, WatchGuard made a decision to exit the market segment served by this product; therefore, an additional impairment charge of $230,000 was recorded during the quarter ended December 31, 2003 for the remaining net book value of this intangible asset.

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

The following table summarizes other intangibles, net, and other non-current assets as of December 31, 2004 and December 31, 2005 (in thousands):


	December 31,
	2004			2005
Current technology	$	9,966		$	9,966
Accumulated amortization		(7,775	)		(8,749	)

		2,191			1,217
Other assets		303			518

	$	2,494		$	1,735

Current technology will be amortized over its remaining useful life through 2007. The remaining amortization is expected to be $974,000 in 2006 and $243,000 in 2007.

7.	Accrued Expenses and Other Liabilities

Accrued expenses and other liabilities consisted of the following (in thousands):


	December 31,
	2004		2005
Accrued payroll-related liabilities	$	2,811	$	1,765
Deposits from sell through customers		1,039		1,180
Other accrued liabilities		3,731		4,040

	$	7,581	$	6,985

8.	Commitments

WatchGuard leases office space and some computer equipment under noncancelable operating leases. Facilities commitments include a 10-year lease for its corporate headquarters in Seattle, Washington, which expires in September 2010. WatchGuard has the option to extend this lease for an additional five-year term.

WatchGuard’s operating lease arrangement for its corporate headquarters includes a collateral restriction that requires WatchGuard to maintain an irrevocable standby letter of credit issued to WatchGuard’s landlord and secured by restricted cash. At December 31, 2004 and 2005, WatchGuard’s restricted cash balance in conjunction with this facilities lease was $3.0 million.

WatchGuard also leases a product fulfillment and distribution warehouse in Seattle, with the lease term through April 2006 (lease extension was recently signed through July 2006). WatchGuard also leases facilities in San Jose and Tustin, California and Waltham, Massachusetts under operating leases that expire between 2006 and 2011, in addition to leases for other sales offices under operating leases or other lease obligations that expire over various terms. WatchGuard’s excess facilities at its corporate headquarters in Seattle, and in Waltham, are partially subleased to tenants, with sublease terms that expire between 2007 and 2010.

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

Future minimum payments at December 31, 2005 under leases for office space and computer equipment, net of total future minimum rental income from subleases of $1.8 million, are as follows (in thousands):


	Abandoned in Restructuring, net		Facilities and Equipment in Use		Total
2006	$	808	$	2,347	$	3,155
2007		943		2,069		3,012
2008		971		2,032		3,003
2009		997		2,084		3,081
2010		675		1,463		2,138
2011 and Thereafter		—		20		20

	$	4,394	$	10,015	$	14,409

Rent expense for 2003, 2004 and 2005 was $3.5 million, $3.2 million and $3.5 million, respectively.

In addition to the foregoing lease commitments, WatchGuard is a party to several noncancelable and nonrefundable agreements to purchase inventory in 2006. The total of these commitments was $2.4 million at December 31, 2005.

WatchGuard also has contractual agreements with some of its distributors to reimburse them for advertising and other marketing activities that they may incur to promote WatchGuard’s products, contingent on performance of those activities in the future. At December 31, 2005, the total amount of those agreements was $117,000.

9.	Legal Proceedings

On March 23, 2005, WatchGuard filed a complaint in United States District Court for the Northern District of Texas (the Texas Court) against a terminated former employee, Michael N. Valentine, and his new employer, SonicWALL, Inc., a direct competitor of WatchGuard. The complaint was filed to prevent the misappropriation of WatchGuard’s trade secrets and to enjoin the acts of unfair competition by Valentine and SonicWALL. Valentine currently works for SonicWALL as its Vice President of Channel Sales. Valentine previously worked for WatchGuard in a similar position, as WatchGuard’s Vice President of America Sales. WatchGuard has asserted causes of action against both Valentine and SonicWALL for misappropriation of trade secrets and unfair competition. Additionally, WatchGuard has brought causes of action for breach of contract and breach of fiduciary duty against Valentine and a cause of action for tortious interference with existing contracts against SonicWALL. In this complaint, WatchGuard seeks injunctive relief, compensatory and punitive damages, and costs of suit. In September 2005, Valentine moved the Texas Court for leave to amend his answer to WatchGuard’s complaint to add counterclaims against WatchGuard for libel, slander and defamation per se. In November 2005, over WatchGuard’s objection, the Texas Court granted Valentine’s motion and Valentine amended his answer to formally include the counterclaims against WatchGuard. WatchGuard believes that Valentine’s counterclaims are baseless and intends to vigorously defend against them. WatchGuard is unable, however, to predict the ultimate outcome of the Counterclaims. At this time, WatchGuard has not recorded any liability associated with the Counterclaims as the associated cost and outcome are currently not determinable. WatchGuard may be unsuccessful in obtaining the full remedies that it is seeking in this litigation and, even if successful, the litigation may be costly and time consuming, which could have a material adverse effect on WatchGuard’s operating results.

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

On April 8, 2005, a holder of WatchGuard common stock, on behalf of himself and purportedly on behalf of a class of WatchGuard stockholders, filed an action in the United States District Court for the Western District of Washington (the Washington Court) against WatchGuard and some of its current and former officers, alleging violations of the federal securities laws arising out of, among other things, its announcement on March 15, 2005 that it was restating some of its financial results for interim periods of 2004. Subsequently, a number of other related purported class action suits also alleging violations of the federal securities laws were filed by holders of WatchGuard’s common stock. The various actions have been consolidated by the Washington Court, and are referred to herein as the Action. On October 3, 2005, a consolidated amended complaint was filed in the Action and WatchGuard has filed a motion to dismiss this amended complaint. The motion is currently pending before the Washington Court. In addition, two related stockholder derivative suits were subsequently filed against some of WatchGuard’s current and former directors and officers in the Superior Court of the State of Washington, King County and in the United States District Court for the Western District of Washington, respectively, which are referred to as the Derivative Actions. Plaintiffs in the Action and the Derivative Actions seek unspecified compensatory damages. WatchGuard has filed a motion to dismiss the Derivative Action in the Superior Court and has obtained a stay of both of the Derivative Actions until after the resolution of the motion to dismiss the Action. WatchGuard intends to vigorously defend against the Action, but is unable, however, to predict the ultimate outcome of the Action. There can be no assurance that WatchGuard will be successful in defending against the Action and, if WatchGuard is unsuccessful, it may be subject to significant damages, which could have a material adverse effect on its operating results and financial position. Even if WatchGuard is successful, defending against the Action is likely to be expensive, time consuming and may divert management’s attention from other business concerns and harm WatchGuard’s business, which could have a material adverse effect on WatchGuard’s operating results.

10.

Guarantees

In November 2002, the FASB issued FASB Interpretation No. (FIN) 45, “Guarantor’s Accounting and Disclosure Requirements for Guarantees, Including Indirect Guarantees of Indebtedness of Others.” FIN 45 requires a company that is a guarantor to make specific disclosures about its obligations under certain guarantees that it has issued. FIN 45 also requires a company to recognize, at the inception of a guarantee, a liability for the fair value of the obligations it has undertaken in issuing certain other types of guarantees.

As discussed in Note 8 to WatchGuard’s consolidated financial statements, WatchGuard’s operating lease for its corporate headquarters includes a collateral restriction that requires WatchGuard to maintain a standby letter of credit secured by restricted cash.

WatchGuard’s hardware products carry a one-year warranty from the delivery date that includes factory repair services or replacement products as needed. WatchGuard accrues estimated expenses for warranty obligations at the time that products are shipped based on historical product repair and replacement information. WatchGuard’s liability is affected by the warranty terms provided to WatchGuard by the original equipment manufacturers ranging from 16 to 24 months from the manufacture date. Other factors that affect WatchGuard’s warranty liability include the number of installed units, historical rates of warranty claims and cost per claim. WatchGuard periodically assesses the adequacy of its recorded warranty liabilities and adjusts the amounts as necessary. WatchGuard’s estimated product warranty liability was $530,000 and $216,000 at December 31, 2004 and 2005, respectively.

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

WatchGuard’s estimated product warranty liability as of December 31, 2004 and 2005, and activity recorded through 2004 and 2005, are as follows (in thousands):


	December 31,
	2004			2005
Beginning balance	$	197		$	530
Additions charged to cost of revenues during the period		602			256
Settlements made during the period		(269	)		(570	)

Ending balance	$	530		$	216

11.

Business Restructuring

WatchGuard recorded net restructuring charges of approximately $1.0 million, $400,000 and $165,000 in 2003, 2004 and 2005, respectively. These costs are accounted for under EITF Issue No. 94-3, “Liability Recognition for Certain Employee Termination Benefits and Other Costs to Exit an Activity,” as they pertain to the restructuring plans initiated in 2001 and 2002.

2001 Restructuring

In the second quarter of 2001, WatchGuard announced a restructuring plan designed to streamline operations and reduce operating costs. This restructuring included a reduction in workforce and consolidation of excess facilities, in addition to other cost-saving strategies. As part of the restructuring plan, WatchGuard exited the consumer security market and terminated various original equipment manufacturer agreements to develop products and services for that market, and streamlined operations in support of new products and services aimed at business customers. All costs related to this restructuring have been paid or settled, except for accrued amounts related to losses for lease commitments, net of estimated proceeds from subleases of abandoned facilities, which are expected to be paid through 2010.

The accrued liability relating to this restructuring as of December 31, 2003, 2004 and 2005, and activity recorded through 2003, 2004 and 2005, are as follows (in thousands):


	Amounts (Paid) or Charged in 2003, Net			Balance at December 31, 2003
Abandoned facilities and other	$	(621	)	$	1,714


	Amounts (Paid) or Charged in 2004, Net			Balance at December 31, 2004
Abandoned facilities and other	$	(222	)	$	1,492


	Amounts (Paid) or Charged in 2005, Net			Balance at December 31, 2005
Abandoned facilities and other	$	(65	)	$	1,427

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

2002 Restructuring

In the second quarter of 2002, WatchGuard implemented a restructuring plan primarily designed to eliminate redundancies and excess headcount resulting from the acquisition of RapidStream, Inc., which included a reduction in workforce, consolidation of excess facilities and elimination of technology-related contracts that were no longer required or part of WatchGuard’s strategy. All costs related to this restructuring have been paid or settled, except for accrued amounts related to losses for the lease commitments, net of estimated proceeds from subleases of abandoned facilities, which are expected to be paid through 2010.

The accrued liability relating to this restructuring as of December 31, 2003, 2004 and 2005, and activity recorded through 2003, 2004 and 2005, are as follows (in thousands):


	Amounts (Paid) or Charged in 2003, Net			Balance at December 31, 2003
Costs related to cancellation of technology-related contracts	$	(580	)	$	—
Abandoned facilities and other		(771	)		4,021

Total	$	(1,351	)	$	4,021


	Amounts (Paid) or Charged in 2004, Net			Balance at December 31, 2004
Abandoned facilities and other	$	(625	)	$	3,396


	Amounts (Paid) or Charged in 2005, Net			Balance at December 31, 2005
Abandoned facilities and other	$	(948	)	$	2,448

12.

Income Taxes

At December 31, 2005, WatchGuard had a net operating loss carryforward for federal tax purposes of approximately $195.7 million and research and development tax credit carryforwards of $4.2 million. These carryforwards begin to expire after the 2011 tax year. Utilization of net operating loss carryforwards may be subject to certain limitations under Section 382 of the Internal Revenue Code. Approximately $104.6 million of the net operating losses generated for federal income tax purposes are not available to reduce income tax expense for financial reporting purposes because the net operating losses were generated by the effects of tax deductions for employee stock options in excess of the related financial reporting compensation expense and are thus recognized as a component of stockholders’ equity. A valuation allowance has been established to reflect the uncertainty of generating future taxable income necessary to utilize available tax loss carryforwards and other deferred tax assets.

WatchGuard provides for deferred taxes based on the difference between the basis of assets and liabilities for financial reporting purposes and the basis for income tax purposes, calculated using enacted rates that will be in effect when the differences are expected to reverse.

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

Significant components of WatchGuard’s deferred tax assets and liabilities are as follows (in thousands):


	December 31,
	2004			2005
Deferred tax assets:
Net operating loss carryforwards	$	69,864		$	68,338
Acquired intangibles		391			507
Research and development expenditures (capitalized for tax)		—			5,581
Research and development tax credit		4,347			4,227
Sales reserve and allowance for bad debts		2,109			2,174
Accrued expenses and other		2,257			1,864
Restructuring charge		1,772			1,375

Total deferred tax assets		80,740			84,066
Valuation allowance		(80,740	)		(84,066	)

Net deferred taxes	$	—		$	—

WatchGuard’s valuation allowance increased by $6.5 million, $3.4 million and $3.3 million in 2003, 2004 and 2005, respectively. During 2005, WatchGuard made an Internal Revenue Code Section 59(e) election to capitalize certain research and development expenditures incurred in 2004 and 2005, resulting in an aggregate deferred tax asset amount of $5.6 million.

The reconciliation of the income tax expense (benefit) calculated using the federal statutory rates to the recorded income tax expense (benefit) are as follows (dollars in thousands):


	December 31,
	2003 Tax Effected					2004 Tax Effected					2005 Tax Effected
	Amount			Rate		Amount			Rate		Amount			Rate
Net loss before taxes	$	(16,068	)			$	(7,726	)			$	(8,082	)

Expected tax benefit at federal statutory rate	$	(5,463	)	34.0	%	$	(2,627	)	34.0	%	$	(2,748	)	34.0	%
Expected tax benefit at state statutory rate		(126	)	0.8			(139	)	1.8			(111	)	1.4
Research and development credit		(724	)	4.5			(298	)	3.9			—		—
Permanent differences, including non-deductible acquisition costs		(280	)	1.7			(362	)	4.7			(468	)	5.8
Tax benefit not recognized due to valuation allowance		6,593		(41.0	)		3,426		(44.4	)		3,327		(41.2	)
Foreign tax expense (benefit)		34		(0.2	)		(45	)	0.6			115		(1.4	)

Total tax expense (benefit)	$	34		(0.2	)%	$	(45	)	0.6	%	$	115		(1.4	)%

13.

Shareholder Rights Agreement

On May 5, 2005, WatchGuard adopted a rights agreement. The rights will be exercisable only if a person or group acquires 15% or more of WatchGuard’s outstanding common stock, whether through open market or private purchases, or if a person or group commences a tender offer for 15% or more of WatchGuard’s outstanding common stock. In such case, each right would entitle stockholders other than the acquirer to purchase 1/1000 of a share of a newly created series of preferred stock for payment of the exercise price. If an acquirer were to acquire 15% or more of WatchGuard’s outstanding common stock, each stockholder other than the acquirer would have the right to purchase a number of newly issued shares of WatchGuard’s common stock

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

having a market value equal to two times the exercise price of the rights for payment of the exercise price (i.e. the right to purchase WatchGuard’s common stock at a 50% discount). WatchGuard’s board of directors may redeem the rights for a nominal amount ($0.001 per right) prior to the date they become exercisable or before the right to purchase securities of WatchGuard or an acquiring entity at a discount accrues, subject to extension under certain circumstances. Until the rights issued under the rights agreement become exercisable, the rights will trade automatically with WatchGuard’s common stock and separate rights certificates will not be issued.

At or prior to WatchGuard’s 2006 annual meeting of stockholders (and in no event later than May 5, 2006), WatchGuard will submit to its stockholders who are not affiliated with management or any member of the board of directors (Independent Stockholders) the rights agreement for ratification. Unless the majority of the votes cast by the Independent Stockholders are voted in favor of the continued existence of the rights agreement, the rights agreement and the rights issued pursuant to the rights agreement will terminate immediately after such meeting.

14.

Stockholders’ Equity

Stock Option Exchange Program

In April 2005, WatchGuard offered a voluntary stock option exchange program to its employees, including officers (the option exchange offer). In the option exchange offer, holders of eligible options had the opportunity to exchange their options with exercise prices of $6.00 or more for a lesser number of replacement options having an exercise price equal to the fair market value of WatchGuard’s common stock on the grant date of the replacement options. The exchange ratio was 90% for options with an exercise price from $6.00 to $8.00 per share, 75% for options with an exercise price from $8.01 to $10.00 per share, and 33.3% for options with an exercise price of $10.01 or more. Eligible options to purchase 3,983,034 shares of WatchGuard’s common stock were tendered for exchange and cancellation in the option exchange offer, all of which were accepted for cancellation by WatchGuard. On May 17, 2005, WatchGuard cancelled all eligible options tendered under the option exchange offer, and on May 18, 2005, it granted replacement options to purchase 3,064,882 shares of its common stock at an exercise price of $3.435 per share. Upon grant, each replacement option was vested and exercisable to the same degree as the original option. WatchGuard did not return the net options eliminated as a result of the reduction in the number of options outstanding to the pool of options available to be granted. In addition, WatchGuard eliminated all shares available for grant pursuant to non-stockholder-approved stock option plans, further reducing the number of shares available for grant under its option plans by 4,279,328 shares. For financial reporting purposes, WatchGuard is accounting for all replacement stock options, as well as all options that were subject to the exchange program but were retained by employees, using variable accounting until adoption of SFAS 123(R).

Stock Option Plans

WatchGuard’s 1996 Stock Incentive Compensation Plan (the 1996 Plan) provides for the grant of stock awards, incentive stock options and nonqualified stock options to employees, officers, directors, agents, consultants and independent contractors. At December 31, 2005, WatchGuard had 12,142,463 shares of common stock authorized for issuance under the 1996 Plan. The number of shares authorized for issuance of stock options under the 1996 Plan is automatically increased on the first day of each fiscal year by the least of (a) 750,000 shares, (b) 3% of the average number of common shares outstanding used to calculate fully diluted earnings per share as reported in WatchGuard’s annual financial statements for the preceding year and (c) an amount determined by the board of directors.

WatchGuard’s 2000 Stock Option Plan (the 2000 Plan) provides for the grant of nonqualified stock options to non-officer employees, agents, consultants, advisors and independent contractors. As of December 31, 2005, WatchGuard had 3,499,211 shares of common stock authorized for issuance under the 2000 Plan.

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

Stock options under both the 1996 Plan and the 2000 Plan generally are granted at fair market value on the date of grant. The shares of common stock covered by options granted on the date of hire generally vest at the rate of 25% on the first anniversary of the date of grant, and an additional 2.08% every month thereafter, with all shares becoming fully vested on the fourth anniversary of the date of grant. Options granted other than on the date of hire generally vest at the rate of 2.08% every month, commencing one month from the date of grant. Stock options granted under both the 1996 Plan and the 2000 Plan have a term of ten years.

Restricted stock awards under the 1996 Plan generally are granted at fair market value on the date of grant. To date, stock awards under the 1996 Plan consist of restricted stock grants under WatchGuard’s Director and Section 16 Officer Stock Ownership Program and restricted stock grants to non-employee directors in the form of annual board compensation. Refer to the sections below entitled “Director and Officer Stock Ownership Program” and “Board of Director Compensation” for further details regarding stock awards granted under the 1996 Plan, including applicable vesting provisions.

In April 2002, WatchGuard acquired RapidStream, Inc. Under the terms and conditions of the acquisition, the RapidStream, Inc. 1998 Stock Option Plan (the RapidStream Plan) was assumed by WatchGuard and all options to purchase shares of RapidStream common stock at the effective time of the acquisition converted into options to purchase WatchGuard common stock granted under the RapidStream Plan. As of December 31, 2005, WatchGuard had reserved 357,934 shares of common stock for grant under the RapidStream Plan.

The following table summarizes WatchGuard’s stock option activity for all of its stock option plans during 2003, 2004 and 2005:


	2003				2004				2005
	Options		Weighted Average Exercise Price		Options		Weighted Average Exercise Price		Options		Weighted Average Exercise Price
Balance at beginning of period	7,754,251		$	9.08	6,611,756		$	8.19	6,722,236		$	7.89
Granted	1,486,600			5.14	2,863,970			7.48	4,149,969			3.49
Exercised	(252,610	)		3.68	(368,857	)		4.80	(308,907	)		3.35
Canceled	(2,376,485	)		9.66	(2,384,633	)		8.71	(5,135,934	)		8.66

Balance at end of period	6,611,756			8.19	6,722,236			7.89	5,427,364			4.05

Exercisable at end of period	3,689,901			9.64	3,778,450			8.98	3,220,429			4.25

The weighted average remaining contractual life and weighted average exercise price of options outstanding and options exercisable at December 31, 2005 under all of WatchGuard’s stock option plans for selected exercise price ranges is as follows:


		Options Outstanding				Options Exercisable
Exercise Prices		Shares	Weighted Average Remaining Contractual Life (in years)	Weighted Average Exercise Price		Shares	Weighted Average Exercise Price
$	0.13 – 3.42	548,188	8.31	$	3.06	96,541	$	1.43
	3.44 – 3.44	2,600,252	7.22		3.44	1,803,069		3.44
	3.68 – 4.43	1,157,697	8.73		4.00	369,659		4.21
	4.47 – 18.31	1,121,227	7.15		6.00	951,160		6.10

		5,427,364	7.64		4.05	3,220,429		4.25

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

Director and Officer Stock Ownership Program

In April 2005, WatchGuard implemented its Director and Section 16 Officer Stock Ownership Program (the Program) to encourage stock ownership for its directors and executive officers. Under the Program, voluntary purchases of WatchGuard’s capital stock by its directors or officers will be matched by WatchGuard in the form of a restricted stock grant equal to 50% of the number of shares purchased in the open market, up to a maximum of 5,000 matching restricted shares per participant per year. The matching restricted shares granted by WatchGuard will vest annually over three years, and any unvested matching restricted stock shares will be forfeited if the shares that were matched are sold. In 2005, WatchGuard issued a total of 31,000 shares of matching restricted stock to its directors and executive officers under the Program. For financial reporting purposes, WatchGuard is accounting for any matching restricted shares granted under the Program using variable accounting until adoption of SFAS 123(R).

Board of Director Compensation

Compensation for non-employee directors was further modified in 2005 to increase the annual retainer for general board membership, institute annual retainers for committee membership and committee chairs and eliminate per-meeting fees. In addition, non-employee directors continue to receive options to purchase shares of WatchGuard’s capital stock as before and also receive an annual grant of 2,500 shares of restricted stock which vests over a one year period. For financial reporting purposes, WatchGuard is recognizing compensation cost associated with the restricted stock grants over the applicable vesting period.

1999 Employee Stock Purchase Plan

The 1999 Employee Stock Purchase Plan (the ESPP) permits eligible employees of WatchGuard to purchase common stock through payroll deductions of up to 15% of their compensation. The price of the common stock purchased under the ESPP is the lesser of 85% of the fair market value on the first day of an offering period and 85% of the fair market value on the last day of an offering period. WatchGuard authorized issuance under the ESPP of a total of 600,000 shares of common stock, plus an automatic annual increase to be added on the first day of each fiscal year equal to the least of (a) 400,000 shares, (b) 1.5% of the average number of common shares outstanding used to calculate fully diluted earnings per share as reported in WatchGuard’s annual financial statements for the preceding year and (c) an amount determined by the board of directors.

Common Shares Reserved

At December 31, 2005, common stock reserved for future issuance was as follows:


Outstanding stock options		5,427,364
Stock options available for future grant		3,446,388
ESPP		1,712,535

		10,586,287

Deferred Stock-Based Compensation

As of December 31, 2005, WatchGuard recorded $217,000 of deferred stock-based compensation, primarily reflecting unamortized costs for unvested stock options granted in connection with the April 2005 option exchange offer and unvested restricted stock awards granted under the Program. Amounts recorded as deferred stock-based compensation related to stock options and restricted stock are being amortized over the vesting

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

period of each respective award (generally three to four years) using the accelerated method of expense recognition, consistent with FIN 28, “Accounting for Stock Appreciation Rights and Other Variable Stock Option or Award Plans (as amended).”

15.

401(k) Retirement Plan

WatchGuard sponsors a 401(k) plan that is available to all employees who satisfy certain eligibility requirements relating to minimum age, length of service and hours worked. Eligible employees may elect to contribute up to 15% of their pre-tax gross earnings, subject to statutory limitations regarding maximum contributions. WatchGuard may also make a discretionary contribution to the plan. No such contributions have been made by WatchGuard.

16.

Net Loss per Share

WatchGuard’s basic and diluted net loss per common share is calculated by dividing net loss by the weighted average number of common shares outstanding as follows (in thousands, except per share data):


	Year Ended December 31,
	2003			2004			2005
Net loss per share—basic and diluted:
Numerator:
Net loss	$	(16,102	)	$	(7,681	)	$	(8,197	)
Denominator:
Weighted average common shares outstanding		32,889			33,489			33,922

Net loss per share, basic and diluted—as reported	$	(0.49	)	$	(0.23	)	$	(0.24	)

Shares used in the calculation of WatchGuard’s basic and diluted net loss per share for the year ended December 31, 2005, exclude 38,500 shares of unvested restricted stock. Other common stock equivalents excluded from the computation of diluted net loss per share, as their effect is antidilutive, are as follows:


	Year Ended December 31,
	2003	2004	2005
Shares of common stock issuable upon exercise of stock options	6,611,756	6,722,236	5,427,364
Shares of common stock subject to repurchase	277	—	—

WATCHGUARD TECHNOLOGIES, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS—(Continued)

17.

Quarterly Financial Data (Unaudited)

The following tables provide WatchGuard’s unaudited results of operations, both in dollar amounts and as a percentage of total revenues, for each quarter in the eight-quarter period ended December 31, 2005. In WatchGuard’s opinion, this unaudited information has been prepared on the same basis as its audited consolidated financial statements. This information includes all adjustments, consisting only of normal recurring adjustments, necessary for a fair presentation of the information for the quarters presented when read in conjunction with WatchGuard’s consolidated financial statements and the notes to its consolidated financial statements. The results of operations for any quarter are not necessarily indicative of WatchGuard’s future results.


	Three Months Ended
	Mar. 31, 2004			June 30, 2004			Sept. 30, 2004			Dec. 31, 2004			Mar. 31, 2005			June 30, 2005			Sept. 30, 2005			Dec. 31, 2005
	(In thousands, except per share data)
Consolidated Statements of Operations Data:
Revenues:
Product	$	13,644		$	15,457		$	13,393		$	11,904		$	9,131		$	12,878		$	11,622		$	11,606
Service		6,562			7,069			7,381			7,357			7,484			7,445			7,427			7,598

Total revenues		20,206			22,526			20,774			19,261			16,615			20,323			19,049			19,204
Cost of revenues:
Product		6,397			6,566			6,379			5,547			4,083			5,265			4,746			4,462
Service		1,344			1,431			1,390			1,389			1,471			1,457			1,384			1,365

Total cost of revenues		7,741			7,997			7,769			6,936			5,554			6,722			6,130			5,827

Gross margin		12,465			14,529			13,005			12,325			11,061			13,601			12,919			13,377
Operating expenses:
Sales and marketing (1)		8,397			8,302			7,740			8,466			7,946			7,607			6,274			6,151
Research and development (1)		4,545			4,712			4,402			4,495			4,443			4,821			4,626			4,814
General and administrative (1)		2,255			2,080			2,056			2,442			2,756			3,368			3,350			3,936
Amortization of other intangible assets		244			243			243			244			244			243			243			244
Restructuring charges		—			—			400			—			—			—			—			165

Total operating expenses		15,441			15,337			14,841			15,647			15,389			16,039			14,493			15,310

Operating loss		(2,976	)		(808	)		(1,836	)		(3,322	)		(4,328	)		(2,438	)		(1,574	)		(1,933	)
Interest and other income, net		266			287			310			353			452			488			573			678

Loss before income taxes		(2,710	)		(521	)		(1,526	)		(2,969	)		(3,876	)		(1,950	)		(1,001	)		(1,255	)
Income tax provision (benefit)		14			29			23			(111	)		42			29			23			21

Net loss	$	(2,724	)	$	(550	)	$	(1,549	)	$	(2,858	)	$	(3,918	)	$	(1,979	)	$	(1,024	)	$	(1,276	)

Basic and diluted net loss per share	$	(0.08	)	$	(0.02	)	$	(0.05	)	$	(0.08	)	$	(0.12	)	$	(0.06	)	$	(0.03	)	$	(0.04	)

Shares used in calculation of basic and diluted net loss per share		33,250			33,461			33,575			33,667			33,717			33,792			33,986			34,187

(1)

Operating results for the quarters ended March 31, 2004, June 30, 2004, September 30, 2004 and December 31, 2004 reflect the reclassification of stock-based compensation to conform to the current year presentation of stock-based compensation within the same operating expense line items as cash compensation.

ITEM 9.

CHANGES IN AND DISAGREEMENTS WITH ACCOUNTANTS ON ACCOUNTING AND FINANCIAL DISCLOSURE

None.

ITEM 9A.

CONTROLS AND PROCEDURES

Evaluation of disclosure controls and procedures. As of the end of the period covered by this annual report, we carried out an evaluation, under the supervision and with the participation of our management, including our Chief Executive Officer and our Chief Financial Officer, of the effectiveness of the design and operation of our disclosure controls and procedures (as such term is defined in Rules 13a-15(e) and 15d-15(e) of the Securities Exchange Act of 1934, as amended, or the Exchange Act). You should note that the design of any system of controls is based in part upon certain assumptions about the likelihood of future events, and we cannot assure you that any design will succeed in achieving its stated goals under all potential future conditions. Based on our evaluation as of that date, including an evaluation of changes in internal controls over financial reporting described in the paragraph below, our Chief Executive Officer and our Chief Financial Officer concluded that our disclosure controls and procedures are effective to provide reasonable assurance that information required to be disclosed by us in the reports that we file or submit under the Exchange Act is recorded, processed, summarized and reported within the time periods specified in the rules and forms of the SEC and is accumulated and communicated to management, including our Chief Executive Officer and our Chief Financial Officer, as appropriate to allow timely decisions regarding required disclosure.

Management’s report on internal control over financial reporting. Management is responsible for establishing and maintaining adequate internal control over financial reporting, as defined in Rule 13a-15(f) of the 1934 Act. Under the supervision and with the participation of our management, including our Chief Executive Officer and Chief Financial Officer, we assessed the effectiveness of our internal control over financial reporting as of December 31, 2005 based on criteria established in Internal Control—Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission. Based on this assessment, management concluded that, as of December 31, 2005, our internal control over financial reporting was effective in providing reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles. Ernst & Young LLP has issued an attestation report on management’s assessment of internal control over financial reporting, a copy of which is included in this annual report on Form 10-K.

Changes in internal controls over financial reporting. There were no significant changes in our internal controls over financial reporting during the fourth quarter of 2005 that have materially affected, or are reasonably likely to materially affect, our internal controls over financial reporting.

ITEM 9B.

OTHER INFORMATION

SCHEDULE II

VALUATION AND QUALIFYING ACCOUNTS

(In thousands)


Column A	Column B		Column C			Column D		Column E			Column F
Description	Balance at Beginning of Period		Charged to Revenue, Costs or Expenses			Charged to Other Accounts— Describe		Deductions— Describe			Balance at End of Period
Year ended December 31, 2003
Allowance for doubtful accounts	$	486	$	(100	)	$	—	$	138	(A)	$	248
Sales returns, rebates and allowances	$	1,845	$	6,089		$	—	$	5,651	(B)	$	2,283
Inventory reserve	$	625	$	2,851		$	—	$	2,038	(C)	$	1,438

Year ended December 31, 2004
Allowance for doubtful accounts	$	248	$	60		$	—	$	38	(A)	$	270
Sales returns, rebates and allowances	$	2,283	$	7,366		$	—	$	7,350	(B)	$	2,299
Inventory reserve	$	1,438	$	1,044		$	—	$	1,547	(C)	$	935

Year ended December 31, 2005
Allowance for doubtful accounts	$	270	$	209		$	—	$	65	(A)	$	414
Sales returns, rebates and allowances	$	2,299	$	5,207		$	—	$	5,175	(B)	$	2,331
Inventory reserve	$	935	$	393		$	—	$	803	(C)	$	525

(A)	Deductions consist of write-offs of doubtful accounts.

(B)	Deductions consist of product returns, price protection credits issued and credits issued under promotional allowances previously accrued.

(C)	Deductions consist of write-offs of obsolete or excess quantities of inventory.

PART III

ITEM 10.

DIRECTORS AND EXECUTIVE OFFICERS OF THE REGISTRANT

(a) The information regarding our directors required by this item is incorporated into this annual report by reference to the section entitled “Election of Directors” in the proxy statement for our annual meeting of stockholders to be held on May 4, 2006.

(b) The information regarding our executive officers required by this item is incorporated into this annual report by reference to the section entitled “Executive Officers” in the proxy statement for our annual meeting of stockholders to be held on May 4, 2006.

(c) The information regarding our Code of Ethics required by this item is incorporated into this annual report by reference to the section entitled “Election of Directors—Corporate Governance” in the proxy statement for our annual meeting of stockholders to be held on May 4, 2006.

We will file the proxy statement for our 2006 annual meeting of stockholders within 120 days of December 31, 2005, our fiscal year-end.

ITEM 11.

EXECUTIVE COMPENSATION

The information regarding executive compensation required by this item is incorporated into this annual report by reference to the section entitled “Executive Compensation” in the proxy statement for our annual meeting of stockholders to be held on May 4, 2006. We will file the proxy statement for our 2006 annual meeting of stockholders within 120 days of December 31, 2005, our fiscal year-end.

ITEM 12.

SECURITY OWNERSHIP OF CERTAIN BENEFICIAL OWNERS AND MANAGEMENT AND RELATED STOCKHOLDER MATTERS

The information regarding beneficial ownership of our common stock required by this item is incorporated into this annual report by reference to the section entitled “Security Ownership of Certain Beneficial Owners and Management” and “Securities Authorized for Issuance Under Equity Compensation Plans” in the proxy statement for our 2006 annual meeting of stockholders to be held on May 4, 2006. We will file the proxy statement within 120 days of December 31, 2005, our fiscal year-end.

ITEM 13.

CERTAIN RELATIONSHIPS AND RELATED TRANSACTIONS

The information regarding certain relationships and related transactions required by this item is incorporated into this annual report by reference to the section entitled “Certain Relationships and Related Transactions” in the proxy statement for our 2006 annual meeting of stockholders to be held on May 4, 2006. We will file the proxy statement within 120 days of December 31, 2005, our fiscal year-end.

ITEM 14.

PRINCIPAL ACCOUNTANT FEES AND SERVICES

The information regarding principal accountant fees and services required by this item is incorporated into this annual report by reference to the section entitled “Ratification of Independent Registered Public Accounting Firm” in the proxy statement for our 2006 annual meeting of stockholders to be held on May 4, 2006. We will file the proxy statement within 120 days of December 31, 2005, our fiscal year-end.

PART IV

ITEM 15.

EXHIBITS AND FINANCIAL STATEMENT SCHEDULES

(a) Financial Statements and Financial Statement Schedules

(1) Index to Financial Statements


		Page
Reports of Ernst & Young LLP, Independent Registered Public Accounting Firm		62
Consolidated Balance Sheets		64
Consolidated Statements of Operations		65
Consolidated Statements of Stockholders’ Equity		66
Consolidated Statements of Cash Flows		67
Notes to Consolidated Financial Statements		68

(2) Index to Financial Statement Schedules

Schedule II—Valuation and Qualifying Accounts for each of the three years ended December 31, 2003, 2004 and 2005.

Schedules not listed above have been omitted because they are not applicable or are not required or the information required to be set forth in the schedules is included in the consolidated financial statements or related notes.

(3) Exhibits


Number		Description
3.1		Restated Certificate of Incorporation of the registrant (Exhibit 3.1) (A)

3.2		Amended and Restated Bylaws of the registrant (Exhibit 3.2) (H)

3.3		Certificate of Designations of Series A Participatory Cumulative Preferred Stock of the registrant (Exhibit 3.1) (E)

4.1		Rights Agreement, dated May 5, 2005, between the registrant and Mellon Investor Services, LLC, as Rights Agent (Exhibit 4.1) (E)

10.1		Lease Agreement, dated as of March 1, 2000, between 505 Union Station and the registrant (Exhibit 10.1) (B)

10.2		Amended and Restated 1996 Stock Incentive Compensation Plan (Exhibit 10.1) (G)

10.3		2000 Stock Option Plan (Exhibit 10.1) (C)

10.4		1998 RapidStream, Inc. Stock Option Plan (Exhibit 10.1) (D)

10.5		1999 Employee Stock Purchase Plan (Exhibit 10.10) (A)

10.6		Standardized Adoption Agreement Prototype Cash or Deferred Profit-Sharing Plan and Trust (401(k) plan), effective as of September 1, 1998 (Exhibit 10.7) (A)

10.7		Offer letter to Dale Bastian, dated as of July 8, 2003 (Exhibit 10.1) (F)

10.8		Offer letter to Edward J. Borey, dated June 30, 2004 (Exhibit 10.1) (H)

10.9		Offer Letter, dated April 18, 2005, from the registrant to Bradley E. Sparks (Exhibit 10.1) (I)

10.10		Change in Control Severance Agreement, dated as of April 19, 2005, by and between Edward J. Borey and the registrant (Exhibit 10.1) (J)


10.11		Change in Control Severance Agreement, dated April 26, 2005, by and between the registrant and Bradley E. Sparks (Exhibit 10.2) (I)

10.12		Form of Change in Control Severance Agreement between the registrant and certain officers of the registrant (including Dale Bastian) (Exhibit 10.2) (J)

10.13		Form of Indemnification Agreement, effective March 29, 2005, by and between the executive officers and directors of the registrant and the registrant (Exhibit 10.10) (M)

10.14		CEO & Executive Bonus Program—2005 (Exhibit 10.1) (K)

10.15		Director and Section 16 Officer Stock Ownership Program (Exhibit 10.1) (L)

21.1		Subsidiaries of the registrant

23.1		Consent of Ernst & Young LLP, Independent Registered Public Accounting Firm

24.1		Power of attorney (contained on signature page)

31.1		Section 302 Certification of Edward J. Borey

31.2		Section 302 Certification of Bradley E. Sparks

32.1		Certification of Edward J, Borey pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002

32.2		Certification of Bradley E. Sparks pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002

(A)	Incorporated by reference to the specified exhibit to the registrant’s Registration Statement on Form S-1 (File No. 333-76587), filed with the SEC on April 20, 1999, as amended.

(B)	Incorporated by reference to the specified exhibit to the registrant’s Annual Report on Form 10-K/A (File No. 000-26819), filed with the SEC on May 1, 2000.

(C)	Incorporated by reference to the specified exhibit to the registrant’s Quarterly Report on Form 10-Q for the quarter ended March 31, 2001 (File No. 000-26819), filed with the SEC on May 15, 2001.

(D)	Incorporated by reference to the specified exhibit to the registrant’s Registration Statement on Form S-8 (File No. 333-86168), filed with the SEC on April 12, 2002.

(E)	Incorporated by reference to the specified exhibit to the registrant’s Form 8-AI2G (File No. 000-26819), filed with the SEC on May 9, 2005

(F)	Incorporated by reference to the specified exhibit to the registrant’s Quarterly Report on Form 10-Q for the quarter ended September 30, 2003 (File No. 000-26819), filed with the SEC on November 13, 2003.

(G)	Incorporated by reference to the specified exhibit to the registrant’s Quarterly Report on Form 10-Q for the quarter ended June 30, 2003 (File No. 000-26819), filed with the SEC on August 12, 2003.

(H)	Incorporated by reference to the specified exhibit to the registrant’s Quarterly Report on Form 10-Q for the quarter ended June 30, 2004 (File No. 000-26819), filed with the SEC on August 9, 2004.

(I)	Incorporated by reference to the specified exhibit to the registrant’s Current Report on Form 8-K (File No. 000-26819), filed with the SEC on April 28, 2005

(J)	Incorporated by reference to the specified exhibit to the registrant’s Current Report on Form 8-K (File No. 000-26819), filed with the SEC on April 19, 2005

(K)	Incorporated by reference to the specified exhibit to the registrant’s Current Report on Form 8-K (File No. 000-26819), filed with the SEC on April 6, 2005

(L)	Incorporated by reference to the specified exhibit to the registrant’s Quarterly Report on Form 10-Q for the quarter ended March 31, 2005 (File No. 000-26819), filed with the SEC on May 10, 2005

(M)	Incorporated by reference to the specified exhibit to the registrant’s Annual Report on Form 10-K (File No. 000-26819), filed with the SEC on March 31, 2005

SIGNATURES

Pursuant to the requirements of Section 13 or 15(d) of the Securities Exchange Act of 1934, as amended, the registrant has duly caused this report to be signed on its behalf by the undersigned, thereunto duly authorized, in the city of Seattle, state of Washington, on March 16, 2006.


WATCHGUARD TECHNOLOGIES, INC.

By:		/S/ EDWARD J. BOREY
		Edward J. Borey President and Chief Executive Officer

POWER OF ATTORNEY

Each person whose individual signature appears below hereby authorizes and appoints Edward J. Borey and Bradley E. Sparks and each of them, with full power of substitution and resubstitution and full power to act without the other, as his or her true and lawful attorney-in-fact and agent to act in his or her name, place and stead and to execute in the name and on behalf of each person, individually and in each capacity stated below, and to file, any and all amendments to this report, and to file the same, with all exhibits thereto, and other documents in connection therewith, with the Securities and Exchange Commission, granting unto said attorneys-in-fact and agents, and each of them, full power and authority to do and perform each and every act and thing, ratifying and confirming all that said attorneys-in-fact and agents or any of them or their or his substitute or substitutes may lawfully do or cause to be done by virtue thereof.

Pursuant to the requirements of the Securities Exchange Act of 1934, as amended, this report has been signed below by the following persons on behalf of the registrant and in the capacities and on the dates indicated.


Signature	Title	Date

/s/ EDWARD J. BOREY Edward J. Borey	President, Chief Executive Officer and Director (Principal Executive Officer)	March 16, 2006

/s/ BRADLEY E. SPARKS Bradley E. Sparks	Chief Financial Officer (Principal Financial and Accounting Officer)	March 16, 2006

/s/ MICHAEL R. HALLMAN Michael R. Hallman	Director	March 16, 2006

/s/ ELLEN M. HANCOCK Ellen M. Hancock	Director	March 16, 2006

/s/ MICHAEL R. KOUREY Michael R. Kourey	Director	March 16, 2006

/s/ RICHARD A. LEFAIVRE Richard A. LeFaivre	Director	March 16, 2006

/s/ STEVEN N. MOORE Steven N. Moore	Director	March 16, 2006

/s/ WILLIAM J. SCHROEDER William J. Schroeder	Director	March 16, 2006

EXHIBIT INDEX


Number		Description
3.1		Restated Certificate of Incorporation of the registrant (Exhibit 3.1) (A)
3.2		Amended and Restated Bylaws of the registrant (Exhibit 3.2) (H)
3.3		Certificate of Designations of Series A Participatory Cumulative Preferred Stock of the registrant (Exhibit 3.1) (E)
4.1		Rights Agreement, dated May 5, 2005, between the registrant and Mellon Investor Services, LLC, as Rights Agent (Exhibit 4.1) (E)
10.1		Lease Agreement, dated as of March 1, 2000, between 505 Union Station and the registrant (Exhibit 10.1) (B)
10.2		Amended and Restated 1996 Stock Incentive Compensation Plan (Exhibit 10.1) (G)
10.3		2000 Stock Option Plan (Exhibit 10.1) (C)
10.4		1998 RapidStream, Inc. Stock Option Plan (Exhibit 10.1) (D)
10.5		1999 Employee Stock Purchase Plan (Exhibit 10.10) (A)
10.6		Standardized Adoption Agreement Prototype Cash or Deferred Profit-Sharing Plan and Trust (401(k) plan), effective as of September 1, 1998 (Exhibit 10.7) (A)
10.7		Offer letter to Dale Bastian, dated as of July 8, 2003 (Exhibit 10.1) (F)
10.8		Offer letter to Edward J. Borey, dated June 30, 2004 (Exhibit 10.1) (H)
10.9		Offer Letter, dated April 18, 2005, from the registrant to Bradley E. Sparks (Exhibit 10.1) (I)
10.10		Change in Control Severance Agreement, dated as of April 19, 2005, by and between Edward J. Borey and the registrant (Exhibit 10.1) (J)
10.11		Change in Control Severance Agreement, dated April 26, 2005, by and between the registrant and Bradley E. Sparks (Exhibit 10.2) (I)
10.12		Form of Change in Control Severance Agreement between the registrant and certain officers of the registrant (including Dale Bastian) (Exhibit 10.2) (J)
10.13		Form of Indemnification Agreement, effective March 29, 2005, by and between the executive officers and directors of the registrant and the registrant (Exhibit 10.10) (M)
10.14		CEO & Executive Bonus Program—2005 (Exhibit 10.1) (K)
10.15		Director and Section 16 Officer Stock Ownership Program (Exhibit 10.1) (L)
21.1		Subsidiaries of the registrant
23.1		Consent of Ernst & Young LLP, Independent Registered Public Accounting Firm
24.1		Power of attorney (contained on signature page)
31.1		Section 302 Certification of Edward J. Borey
31.2		Section 302 Certification of Bradley E. Sparks
32.1		Certification of Edward J. Borey pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002
32.2		Certification of Bradley E. Sparks pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002

(A)	Incorporated by reference to the specified exhibit to the registrant’s Registration Statement on Form S-1 (File No. 333-76587), filed with the SEC on April 20, 1999, as amended.

(B)	Incorporated by reference to the specified exhibit to the registrant’s Annual Report on Form 10-K/A (File No. 000-26819), filed with the SEC on May 1, 2000.

(C)	Incorporated by reference to the specified exhibit to the registrant’s Quarterly Report on Form 10-Q for the quarter ended March 31, 2001 (File No. 000-26819), filed with the SEC on May 15, 2001.

(D)	Incorporated by reference to the specified exhibit to the registrant’s Registration Statement on Form S-8 (File No. 333-86168), filed with the SEC on April 12, 2002.

(E)	Incorporated by reference to the specified exhibit to the registrant’s Form 8-AI2G (File No. 000-26819), filed with the SEC on May 9, 2005

(F)	Incorporated by reference to the specified exhibit to the registrant’s Quarterly Report on Form 10-Q for the quarter ended September 30, 2003 (File No. 000-26819), filed with the SEC on November 13, 2003.

(G)	Incorporated by reference to the specified exhibit to the registrant’s Quarterly Report on Form 10-Q for the quarter ended June 30, 2003 (File No. 000-26819), filed with the SEC on August 12, 2003.

(H)	Incorporated by reference to the specified exhibit to the registrant’s Quarterly Report on Form 10-Q for the quarter ended June 30, 2004 (File No. 000-26819), filed with the SEC on August 9, 2004.

(I)	Incorporated by reference to the specified exhibit to the registrant’s Current Report on Form 8-K (File No. 000-26819), filed with the SEC on April 28, 2005

(J)	Incorporated by reference to the specified exhibit to the registrant’s Current Report on Form 8-K (File No. 000-26819), filed with the SEC on April 19, 2005

(K)	Incorporated by reference to the specified exhibit to the registrant’s Current Report on Form 8-K (File No. 000-26819), filed with the SEC on April 6, 2005

(L)	Incorporated by reference to the specified exhibit to the registrant’s Quarterly Report on Form 10-Q for the quarter ended March 31, 2005 (File No. 000-26819), filed with the SEC on May 10, 2005

(M)	Incorporated by reference to the specified exhibit to the registrant’s Annual Report on Form 10-K (File No. 000-26819), filed with the SEC on March 31, 2005