Three years ago, N-able (formerly SolarWinds MSP) spun out from SolarWinds and became a public company under the leadership of CEO John Pagliuca. This week at N-able’s Empower conference, the company laid out a roadmap for its platform that includes improving APIs to deepen interoperability and data unification, boosting cyber resilience with immutable backups, bringing Apple and Microsoft Cloud management into the RMM fold, and more. MSP Success sat down with Pagliuca to discuss some of the new offerings, how N-able differentiates from competitors, if the company plans to make any acquisitions (it does), and what it all means for its MSP partners. This is a condensed and edited version of that conversation.
MSP Success: Can you talk about the new integration with HaloPSA, what it offers your MSP partners, and what plans you have for your own PSA, MSP Manager?
John Pagliuca: We recognize that some MSPs want a different experience. It comes down to our mission statement, and that’s to empower our MSPs. [With the HaloPSA integration] for the first time in the industry, there’ll be more of a bilateral or bidirectional data flow between an RMM and a PSA, making both that much more efficient. So the MSP wins, and if the MSP wins and we’re part of that, that’s overall good for our mission and vision.
We have a team that’s actively bringing more and more goodness to the MSPs for MSP Manager every day. But we saw an opportunity with Halo. We saw the traction that they’re getting in the market, and we thought we really could elevate the story and make it more of a powerful play for our MSPs driving on efficiency. We’ll continue to invest in our ServiceNow integration, our ConnectWise integration, our Autotask integration, our MSP Manager product, and Halo, because we know there’s choices out there. We want to give our MSPs the best that fits their business needs.
MSP Success: Is the just-announced Cloud Commander brand new or has it been around in a different iteration?
Pagliuca: We did an acquisition in 2022 of Spinpanel and that was some of the key tenets of the Cloud Commander technology. That’s no-code technology that allows MSPs to better manage the Microsoft environment. We began that journey with Spinpanel to solve the use case around M365 and the onboarding and offboarding of M365 users, making that experience a little bit more efficient. MSPs asked for additional robustness and … hooking into Azure and Intune. We wanted to listen; we know the demand is there, so we went back to the lab and brought to them what they asked for. Now this version of Cloud Commander gives MSPs the ability to manage Microsoft M365, Azure instances, and Intune. We’ve increased the level of automation and we’ve automated a lot of the onboarding. … Now that use case and that value prop is just cleaner.
We’ll sell that as a standalone tool for those that might have a different RMM, but then long-term, the strategy is we’ll be integrating a lot of that key functionality into our core RMM. The vision is we’ll have one platform where an MSP can monitor and manage physical devices like laptops, Apple devices, Windows devices, Linux devices, but also the M365 users, the Azure environments, all in one dashboard. No other platform on the planet will allow that level of breadth, from managing the physical world to the digital assets. That drives a lot of efficiency, and it starts with monitoring and management. [It will] also help them with better security controls and compliance, but also with helping their end customers manage licenses and cost overall in the cloud.
MSP Success: You recently rolled out your MDR offering. What’s the uptick been on that?
Pagliuca: The interest is super high. The way that we’re solving this is different from the industry, and I’ll tell you why. We give MSPs the ability to separate the software from the service. A lot of MDR offerings, it’s like a black box service. I’m going to provide this MDR service for you, and we’re going to tell you how to respond, but we’re not necessarily going to actually do the response for you. But you’re not able to, if you’re an MSP, put eyes on glass. With the N-able MDR offering, an MSP can be looking at the same thing as that SOC 1 analyst. So we’re providing them the software. That’s super helpful to better inform them.
Even for compliance and audit reasons, now they can be better informed when they’re talking to their customers. So by separating out the ability to have software and the service, it’s a compelling differentiator. The other thing is we’re endpoint agnostic. We can ingest from Microsoft Defender and SentinelOne, of course, and a whole host of other endpoint security vendors. That’s attractive.
But we also meet you wherever you are on your journey. Let’s say you’re a small shop MSP and you only want that black box service. We can have that for them. Or other customers …just want the software. In the middle, we have some MSPs that are saying, “Hey, look, we want our team to handle these bits, but nights and weekends, we’d love for you to handle it.” So it’s resonating, that flexibility, that they can grow into it.
MSP Success: A recent MSP Success reader survey identified a supply chain attack as something MSPs view as a threat to their business. Can you speak to that concern?
Pagliuca: Rightfully so. The MSP is squarely in that supply chain. They’re in the direct line of fire. And so MSPs themselves are targets, and then the vendors that they’re doing business with are also targets because you just get that much leverage in the model. And look, unfortunately, these threat actors, they’re not smash-and-grab shops. These are organizations that are sophisticated … so you need to have [an equal] level of sophistication. We’ve grown our InfoSec team with [CSO] Dave McKinnon. We’ve broadened [it to have] a bunch of humans in the loop, but a bunch of technology as well. And we learned quite a bit. So we’re quite happy. But that said, I think Dave himself would say, nobody is impenetrable.
It’s all about putting the systems in place. So if something were to happen, you can contain it, identify it, then mitigate it. So here’s the good news. There’s a lot of innovation in the space. There’s more venture capital and more private equity money coming … into the space. As a result, there’s companies popping up that are built and funded with the idea of building software purpose-built for an MSP. That didn’t happen 10 or 11 years ago when I got into this space. It’s great for the industry. The proliferation of innovation is fantastic.
What I ask MSPs to do is to make sure they understand the level of sophistication from these vendors. Are they themselves investing in security? We’re a publicly traded company, so we talk about ISO compliance, we talk about what our responsibilities are from an SEC point of view. We talk about our SOC certificate process. We’re very transparent. You can see how much we’re spending on R&D. You can see how many folks we have, where our data centers are. Because we’re publicly traded, we need to have that level of transparency.
I look at my InfoSec security budget, and it’s probably the size or bigger than most companies’ entire R&D budget. So I know what we’re spending to protect our MSPs. And my word of caution to the MSPs is to make sure that they’re pressure testing [the] vendors that they’re choosing because they hold the keys to the treasure, which is the MSP’s data, but more importantly, the MSP’s customer’s data.
RELATED: Uncover Lucrative Opportunities With SOC 2 Certification
MSP Success: How do you see the RMM landscape playing out for the industry and where you differentiate?
Pagliuca: Look, there are the three major players that have significant scale. I think the bigger point is the RMM is really the control plane for the MSP. And as you think about the line between IT operations and security operations, that line has gone away. So for enterprises, they have that separation of church and state, the office of the CISO and the office of the CIO. For MSPs and small to medium enterprises, you don’t have that. It’s one organization that’s providing security and services. For the MSPs to shift to get more into security services, to adopt more of that NIST framework, they need the RMM.
One of the things we don’t talk about is that the RMM is a security tool. The RMM is patching. The RMM is the one that’s actually provisioning a lot of the security bits. So that becomes the control plane. And I think what you see is with the big vendors or with the MSPs, more of an acknowledgment that, “Hey, I need an RMM that can scale, that’s safe, that can help be the cornerstone or the fabric for my business. Because if I’m an MSP, security services and security offerings are going to be a cornerstone for what I have to offer, but I need that RMM to be able to provision it.
So we see it that way. The RMM has become more and more strategic. How we differentiate ourselves compared to our competitors, we believe that MSPs should have choice. I don’t really believe in a closed system. I think that takes away from the proliferation of technology that’s out in the industry. And we want to embrace the technology. …We want that interoperability.
“We’ve been generating a good amount of cash, and we intend to put that cash to good use to help the MSPs move their agenda forward.”
The other thing, we’re pushing further along on our cloud strategy, giving MSPs the ability to manage and eventually protect all the digital assets as well. So I think those are the two big areas.
We continue to lean on partnership. We’re aligned with our partners. If they grow, we grow. We help them with their M&A activity. We help them with consolidation. We help them with their pricing and packaging because we believe that ultimately that’s good for the MSP.
People forget in this industry is that there are three legs. This is a triangle of a relationship. There is us, there’s the MSP, and there’s the SME. So my focus is on how do we help the MSP service the SME. … I don’t think the industry’s defined by who’s the biggest RMM. It’s really defined by who’s servicing more SMEs, who’s helping the MSPs service the most small to medium enterprises, which makes it a really delicious market.
MSP Success: Do you anticipate that N-able will make an acquisition in the near future?
Pagliuca: When we spun out [from SolarWinds] three years ago … one of the muscles that we intended to flex a little bit more was inorganic play and M&A. We acquired Spinpanel, that was more of a tech buy. In 2024, what I tell folks is, we’ve been generating a good amount of cash, and we intend to put that cash to good use to help the MSPs move their agenda forward. So yeah, we look to be acquisitive. I’m not going to tell you [what type of company we are looking to buy], but what I would say is, we’re organized by these three business units. We have a monitoring and management business unit. We have a security business unit, which has our security services in there. And then we have our data protection. What I can guarantee you is it’ll be within those three business units.
