FireEye (MNDT) posted better-than-expected fiscal 2021 first-quarter earnings this week. Given the strong performance of its cloud and consultancy businesses, management raised its full-year outlook. Yet investors shouldn't get too excited.

The cybersecurity specialist still needs to deal with two significant challenges -- legacy hardware and high operating costs -- that will drag on its results over the next several years. Let's take a closer look at what was reported and why there are still issues for this tech company.

Solid cloud and consultancy businesses

During the first quarter, FireEye's revenue grew 10% year over year to $246 million, well above the anticipated revenue range of $236 million to $239 million. More importantly, the company's cloud and consultancy businesses drove that growth, which shows that the transition away from legacy hardware-based revenue is materializing.

Revenue from the platform, cloud subscription, and managed services segment -- which includes threat intelligence, cloud-based network, email, endpoint security, and other security services -- grew 26% year over year to $86 million and accounted for 35% of overall revenue for the quarter.

Similarly, partly due to increasing cybersecurity threats evidenced by recent sophisticated attacks, professional services (which leverage consultancy to help customers dealing with security breaches) grew by about $13 million year over year to $64 million.

Computer hacker stealing data from a laptop.

Image source: Getty Images.

In contrast, legacy offerings, which mostly consist of on-premises appliances that detect advanced threats, dropped 8% year over year to $96 million. As a result of these opposing revenue trends, the company's hardware-based business declined to 39% of overall revenue, down from 47% in the prior-year quarter. 

That shift won't slow down anytime soon, as evidenced by billings (total sales billed but not necessarily immediately recognized as revenue). During the first quarter, billings from platform, cloud subscription, managed services, and professional services grew 46% year over year and represented 69% of total billings.

With the strong performance of the company's cloud and consultancy businesses, management raised its full-year outlook -- an encouraging sign for shareholders looking for the transition away from hardware activities to take place as fast as possible.

A steep hardware decline 

Given the worldwide shift to cloud computing, FireEye's transition away from its legacy on-premises activities makes sense. But its hardware business represents a heavy burden that isn't being experienced by other cybersecurity players that are also shifting to cloud solutions.

Indeed, management anticipates the strong decline in revenue from appliances to continue. In contrast, the cybersecurity specialist Check Point Software Technologies managed to stabilize its hardware business over the last several quarters. Even more surprising, the networking and security outfit F5 Networks grew its legacy hardware business by 17% year over year during the last quarter because of the immediate need for extra on-premises infrastructure to support the surge in applications usage. And despite a tough comparison and the significant shift to its cloud services and applications, the tech giant Microsoft also saw its on-premises server business grow 3% year over year during the equivalent quarter to FireEye's latest results.

The relative underperformance of FireEye's hardware business compared to these peers indicates the company's on-premises products remain less relevant no matter how enterprise data centers evolve. Indeed, FireEye's legacy appliances provide advanced threat capabilities that now compete with some of the innovative cloud cybersecurity services many tech players offer. In contrast, Check Point's and F5's physical appliances can't be replaced by cloud services to physically connect and protect servers in on-premises environments.

Of course, given its strong secular decline, FireEye's legacy business will become much less material. But before that happens, it will still drag on FireEye's results for several years.

High operating costs

In addition to its challenging hardware business, FireEye is still far from reaching profitability under generally accepted accounting principles (GAAP).

During the last quarter, net losses reached $50.6 million, compared to a net loss of $70.6 million in the prior-year quarter. Granted, with scale, the company managed to reduce its losses. But it still spent a significant portion of its revenue on research and development (29.4%), and sales and marketing (40.4%) to fuel its growth.

Yet those significant costs will be leading to full-year revenue growth of only 8%, according to management's raised guidance. And because of its declining hardware business and its core consultancy activities that are more difficult to scale than software, FireEye isn't likely to generate GAAP profits anytime soon. 

Looking forward

So with a market cap that corresponds to 4.6 times the midpoint of management's full-year revenue guidance range, the company's valuation seems reasonable given the forecast for 8% full-year revenue growth, considering the vast opportunity cybersecurity represents in the longer term.

However, investors should keep in mind that the company won't deliver overwhelming results over the next several years because of its legacy business and its high operating costs.

Thus, despite encouraging first-quarter results in the attractive cybersecurity market, I prefer to stay on the sidelines when it comes to this stock. Investors shouldn't put too much hope on FireEye to be one of the stocks that can double in 2021.