SolarWinds Acquires LOGICnow

June 01, 2016 16:15 ET

SolarWinds Acquires LOGICnow to Create Global MSP Solutions Leader

SolarWinds N-able and LOGICnow Combine to Establish SolarWinds MSP

AUSTIN, TX--(Marketwired - June 01, 2016) - SolarWinds, a leading provider of powerful and affordable IT management software, today announced it has completed the acquisition of LOGICnow -- backed by a consortium of investors led by Insight Venture Partners. LOGICnow is a global provider of integrated cloud-based IT Service Management (ITSM) solutions focused primarily on the MSP community. With this acquisition, SolarWinds is bringing together LOGICnow and SolarWinds N-able to create SolarWinds MSP, uniting two complementary leading players in the managed services solutions market to deliver a strong and complete portfolio of capabilities to MSPs of every size and scale worldwide. SolarWinds is backed by Silver Lake Partners and Thoma Bravo, two leading global technology investment firms with established track records of growing technology companies.

This acquisition of LOGICnow is a major advance in SolarWinds' mission to provide products that are purposefully designed to make the jobs of IT professionals easier. SolarWinds MSP will have unrivalled capability to deliver comprehensive, scalable IT services management solutions to MSPs of every size across the world. These solutions encompass data-driven automation, security, network management and service management. As a combined entity, SolarWinds MSP will serve more than 20,000 managed service providers worldwide, managing more than five million end-points and one million mailboxes. SolarWinds MSP will be at the heart of the largest community of MSPs in the world, with around 200,000 engineers using its products every day.

"SolarWinds is committed to the growing MSP market and has realized great success through the acquisition of N-able, making the acquisition of LOGICnow a natural next step for us," said Kevin B. Thompson, president and chief executive officer of SolarWinds. "SolarWinds MSP, combining the capabilities of LOGICnow and SolarWinds N-able, will offer MSPs a complete set of IT service management solutions via the cloud and on premises delivery models. SolarWinds MSP gives them everything they need to acquire and retain profitable clients, deliver outstanding levels of service and maximize their internal efficiency through standardization of their toolsets and the use of automation."

"As SolarWinds MSP, our combined teams will utilize our deep domain expertise and industry-leading data analytics capabilities to deliver breakthrough innovations to our customer base of the world's leading MSPs," said Walter Scott, former LOGICnow chief executive officer and the new executive vice president for SolarWinds MSP. "Our strategic vision and ability to execute will provide ever-greater support to our customers as they differentiate their services and look to achieve faster, more profitable business growth. We're excited to be able to join forces with SolarWinds N-able as part of the SolarWinds family to empower our MSP customers to build the most successful businesses in their markets."

Building on the track records of SolarWinds N-able and LOGICnow, the combined expertise of SolarWinds MSP will deliver a robust set of solutions in a tightly-integrated automation platform, including:

  • Remote monitoring and management
  • Remote control, access and support
  • Security including anti-malware, multi-vendor patch management and web access control
  • Backup and disaster recovery
  • Risk and vulnerability assessment
  • Email security and compliance-focused archiving
  • Multi-platform support for Windows®, Mac®, Linux®, VMware®, Hyper-V™, iOS®, Android®
  • Help desk and service management functionality
  • Advanced data analytics

"The acquisition of LOGICnow reflects our continued journey to becoming the IT management vendor of choice for all IT professionals regardless of organization size, complexity or where their infrastructure resides," said Christoph Pfister, executive vice president of products, SolarWinds. "SolarWinds is focused on delivering IT management solutions to manage today's hybrid IT infrastructure, including elements deployed on premises, in public and private clouds and at SaaS providers."

More information about the acquisition is available at

About SolarWinds
SolarWinds provides powerful and affordable IT management software to customers worldwide from Fortune 500® enterprises to small businesses, government agencies and educational institutions. We are committed to focusing exclusively on IT Pros, and strive to eliminate the complexity that they have been forced to accept from traditional enterprise software vendors. Regardless of where the IT asset or user sits, SolarWinds delivers products that are easy to find, buy, use, maintain, and scale while providing the power to address all key areas of the infrastructure from on premises to the cloud. Our solutions are rooted in our deep connection to our user base, which interacts in our THWACK® online community to solve problems, share technology and best practices, and directly participate in our product development process. Learn more today at

SolarWinds, SolarWinds & Design and THWACK are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other company and product names mentioned are used only for identification purposes and may be or are intellectual property of their respective companies.

© 2016 SolarWinds Worldwide, LLC. All rights reserved. 

About LOGICnow
LOGICnow delivers the world's leading 100% SaaS, fully cloud-based IT service management (ITSM) platform, backed by collective intelligence and the highest levels of layered security. LOGICnow's MAX products -- including Risk Intelligence, Remote Management, Backup & Disaster Recovery, Mail and Service Desk -- comprise the market's most widely-trusted integrated solution. Deployed on over two million end-points across 240,000 networks, LOGICnow has the industry vision to define and deliver the future of the market. LOGICnow provides the most comprehensive IT security available as well as LOGICcards, the first ever IT notification feature powered by prescriptive analytics and machine learning. LOGICnow's passion is helping IT professionals secure and manage their systems and data through actionable insights, rewriting the rules of IT. For more information, visit

Image Available:


Contact Information


Media Contacts: 
Courtney Cantwell
[email protected]

Karla Walls
+44 (0) 1382 309040
[email protected]

Jo Ashford (for LOGICnow)
CC Group PR
+44 (0) 7469 851 643
[email protected]

Meraki New Hosted VoIP Phone Service Offering 06/2016

Curated Source:

Meraki goes Fuller Stack with VOIP

The information was leaked about a month ago,  in a letter to the Federal Communications Commission,   Cisco was providing letters of Attestation regarding a product called the “Meraki MC74”.  Why is this important on launch day?  Well keep reading

The only thing we knew then – was that it was some kind of WiFi Device.

Today I am extremely excited to show you something that will in my personal opinion – change the face of small and medium business IT.     It’s no secret, I do work for a Cisco partner, and I guess I do drink the Cisco sauce a little bit.

This is the new Meraki MC74 – a cloud managed VoIP telephone.    Meraki has not told us that it has WiFi inside, but FCC documents reveal this device does have Wireless inside, and the device DOES have bluetooth support – but comments about DFS compatibility, could that mean this has a WiFi chipset in it Meraki has not told us about?

  • Streamlined Deployment
  • Simplified Management
  • Delightful End-user Experience

The easy deployment and management of all Meraki products will still exist, including the one portal to rule them all.

This will be the “Premium” experience phone, and we should expect lower end phones coming at some point.

The intention is that you will be able to ship this DIRECTLY to a user, with no admin intervention from the device.   The unboxing process has been “optimized” to provide a clean user designed unboxing.

Meraki’s launch team tell us that it was “Painstakingly Designed and Built” and will provide a 7″ IPS Display which will give them a blank canvas to create features.   They will continue to iterate features from customer feedback, and will be the first in a series of telephones from Meraki.

They will have IVR and Auto Attendant type services available, and Directory Services are handled using a few options, one of which is CSV.    Google Apps integration will also be offered.

The handset has a magnet to assist with location of the hook switch, which is also IR instead of the mechanical hook switch

Built in stand, and wall bracket which does include the Meraki bubble level if you want to wall mount it.

The key for Meraki in this new product is software integration and they are telling us that features will be announced in the coming months.

My Take…

This is huge.   I don’t even think Meraki realizes how huge this is.    Today this means I can have Switching, Wireless, Security – and now Phones – in a single pane of glass, with a single interface.  The interface is easy – very easy.   This will reveolutionalize how small and some medium businesses see and use IT.  This will drive the sales of additional Meraki services.

With more and more businesses moving to the cloud, Office 365,  SalesForce, and the other cloud type SaaS providers, small businesses can now be agile.     With the growing cost of IT, one of which is the people cost, the SMB market continues to try and do more, with less.  Let us be honest here, many SMB’s operate with a single IT resource, or a single contracted resource.    This means agility.   This means servicing end users from anywhere, anytime and from a single pane of glass.

Ahh, the single pane of glass thing.   We have all heard that one before, where a single pane really means looking through 8 single panes and then pretending to be a single window, which really just results in a foggy image of that single pane.     Not this time.

This will be a big deal – ok now for some more details.

Click here for the full story from








Hello World May 2016

Testing paste

Ransomware has become an increasingly serious threat. Cryptowall, TeslasCrypt and Locky are just some of the ransomware variants that infected large numbers of victims. Petya is the newest strain and the most devious among them.

Petya will not only encrypt files but it will make the system completely useless, leaving the victim no choice but to pay for the ransom, and it will encrypt filesystem’s Master File Table, which leaves the operating system unable to load. MFT is an essential file in NTFS file system. It contains every file record and directory on NTFS logical volume. Each record contains all the particulars that the operating system need to boot properly.

Like any other malware, Petya is widely distributed via a job application spear-phishing email that comes with a Dropbox link luring the victim by claiming the link contains self-extracting CV; in fact, it contains self-extracting executable that would later unleash its malicious behavior.


Petya’s dropper


Petya’s infection behavior

 Petya ransomware has two infection stages. The first stage is MBR infection and encryption key generation, including the decryption code used in ransom messages. The second stage is MFT encryption.

First Stage of Encryption


First infection stage behavior

An MBR infection is made through straightforward \\.\PhysicalDrive0 manipulation with the help of DeviceIOControl API. It first retrieves the physical location of the root drive \\.\c by sending IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS control code to the device driver.  Then it sends the extended disk partition info of \\.\PhysicalDrive0 through IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS control code.


The dropper will encrypt the original MBR using XOR opcode and 0x37 and save it for later use. It will also create 34 disk sectors containing 0x37. Right after the 34 sectors are Petya’s MFT infecting code. Located on Sector 56 is the original encrypted MBR.


Infected disk view


Infected disk view


Original Encrypted MBR

After the MBR infection, it will intentionally crash the system by triggering NTRaiseHardError. This will trigger BSOD and the system will start, which will cause the machine to load using the infected MBR.


Code snippet in triggering BSOD



Once we inspected the dumped image of the disk, we discovered it was showing a fake CHKDSK screen. We will also see the ransom message and ASCII skull art.


Dumped disk image

Second Infection Stage

The stage 2 infection code is written in 16-bit architecture, which uses BIOS interrupt calls.

Upon system boot up, it will load into memory Petya’s malicious code, which is located at sector 34. It will first determine if the system is already infected by checking the first byte at sector is 0x0. If not infected, it will display fake CHKDSK.



When someone sees the Figure 8, it means that the MFT table is already encrypted using salsa20 algorithm.



The victim will see this screen upon boot.


Ransom message and instructions

Petya Ransomware Page

The webpage for the victim to access their personal decryption key is protected against bots and contains information about when the Petya ransomware project was launched, warnings on what not to do when recovering files and an FAQ page. The page is surprisingly very user friendly and shows the days left before the ransom price will be doubled.


Ransom page captcha


Petya’s homepage

It also contains news feeds, including different blogs and news from AV companies warning about Petya.



They also provide a step-by-step process on how to pay the ransom, including instructions on how to purchase bitcoin. Support via web is included too in case the victim encounters problems in the transaction they’ve made. Petya’s ransom is a lot cheaper compared to other ransomware, too.





On Step 4 of the payment procedure, the “next” button is disabled until they’ve confirmed that they already received the payment.


Petya’s support page

Below is a shot of ThreatTrack’s ThreatSecure Network dashboard catching Petya. Tools like ThreatSecure can detect and disrupt attacks in real time.


ThreatSecure Network catching Petya ransomware


Real Time Web Analytics