(upbeat music) >> Hi, everyone, welcome to this program sponsored by HPE. I'm your host, Lisa Martin. We're here talking about being confident and trusting your server security with HPE. I have two guests here with me to talk about this important topic. Cole Humphreys joins us, global server security product manager at HPE, and Ann Potten, trusted supply chain program lead at HPE. Guys, it's great to have you on the program, welcome. >> Hi, thanks. >> Thank you. It's nice to be here. >> Ann let's talk about really what's going on there. Some of the trends, some of the threats, there's so much change going on. What is HPE seeing? >> Yes, good question, thank you. Yeah, you know, cybersecurity threats are increasing everywhere and it's causing disruption to businesses and governments alike worldwide. You know, the global pandemic has caused limited employee availability originally, this has led to material shortages, and these things opens the door perhaps even wider for more counterfeit parts and products to enter the market, and these are challenges for consumers everywhere. In addition to this, we're seeing the geopolitical environment has changed. We're seeing rogue nation states using cybersecurity warfare tactics to immobilize an entity's ability to operate, and perhaps even use their tactics for revenue generation. The Russian invasion of Ukraine is one example. But businesses are also under attack, you know, for example, we saw SolarWinds' software supply chain was attacked two years ago, which unfortunately went unnoticed for several months. And then, this was followed by the Colonial Pipeline attack and numerous others. You know, it just seems like it's almost a daily occurrence that we hear of a cyberattack on the evening news. And, in fact, it's estimated that the cyber crime cost will reach over $10.5 trillion by 2025, and will be even more profitable than the global transfer of all major illegal drugs combined. This is crazy. You know, the macro environment in which companies operate in has changed over the years. And, you know, all of these things together and coming from multiple directions presents a cybersecurity challenge for an organization and, in particular, its supply chain. And this is why HPE is taking proactive steps to mitigate supply chain risk, so that we can provide our customers with the most secure products and services. >> So, Cole, let's bring you into the conversation. Ann did a great job of summarizing the major threats that are going on, the tumultuous landscape. Talk to us, Cole, about the security gap. What is it, what is HPE seeing, and why are organizations in this situation? >> Hi, thanks, Lisa. You know, what we're seeing is as this threat landscape increases to, you know, disrupt or attempt to disrupt our customers, and our partners, and ourselves, it's a kind of a double edge, if you will, because you're seeing the increase in attacks, but what you're not seeing is an equal to growth of the skills and the experiences required to address the scale. So it really puts the pressure on companies, because you have a skill gap, a talent gap, if you will, you know, for example, there are projected to be 3 1/2 million cyber roles open in the next few years, right? So all this scale is growing, and people are just trying to keep up, but the gap is growing, just literally the people to stop the bad actors from attacking the data. And to complicate matters, you're also seeing a dynamic change of the who and the how the attacks are happening, right? The classic attacks that you've seen, you know, in the espionage in all the, you know, the history books, those are not the standard plays anymore. You'll have, you know, nation states going after commercial entities and, you know, criminal syndicates, as Ann alluded to, that there's more money in it than the international drug trade, so you can imagine the amount of criminal interest in getting this money. So you put all that together and the increasing of attacks it just is really pressing down as literally, I mean, the reports we're reading over half of everyone. Obviously, the most critical infrastructure cares, but even just mainstream computing requirements need to have their data protected, "Help me protect my workloads," and they don't have the people in-house, right? So that's where partnership is needed, right? And that's where we believe, you know, our approach with our partner ecosystem this is not HPE delivering everything ourself, but all of us in this together is really what we believe the only way we're going to be able to get this done. >> So, Cole, let's double-click on that, HPE and its partner ecosystem can provide expertise that companies in every industry are lacking. You're delivering HPE as a 360-degree approach to security. Talk about what that 360-degree approach encompasses. >> Thank you, it is an approach, right? Because I feel that security it is a thread that will go through the entire construct of a technical solution, right? There isn't a, "Oh, if you just buy this one server with this one feature, you don't have to worry about anything else." It's really it's everywhere, at least the way we believe it, it's everywhere. And in a 360-degree approach, the way we like to frame it, is it's this beginning with our supply chain, right? We take a lot of pride in the designs, you know, the really smart engineering teams, the designer, technology, our awesome, world-class global operations team working in concert to deliver some of these technologies into the market, that is, you know, a great capability, but also a huge risk to customers. 'Cause that is the most vulnerable place that if you inject some sort of malware or tampering at that point, you know, the rest of the story really becomes mute, because you've already defeated, right? And then, you move in to you physically deployed that through our global operations, now you're in an operating environment. That's where automation becomes key, right? We have software innovations in, you know, our iLO product of management inside those single servers, and we have really cool new GreenLake for compute operations management services out there that give customers more control back and more information to deal with this scaling problem. And then, lastly, as you begin to wrap up, you know, the natural life cycle, and you need to move to new platforms and new technologies, we think about the exit of that life cycle, and how do we make sure we dispose of the data and move those products into a secondary life cycle, so that we can move back into this kind of circular 360-degree approach. We don't want to leave our customers hanging anywhere in this entire journey. >> That 360-degree approach is so critical, especially given, as we've talked about already in this segment, the changes, the dynamics in the environment. Ann, as Cole said, this 360-degree approach that HPE is delivering is beginning in the manufacturing supply chain, seems like the first line of defense against cyberattackers. Talk to us about why that's important and where did the impetus come from? Was that COVID, was that customer demand? >> Yep, yep. Yeah, the supply chain is critical, thank you. So in 2018, we could see all of these cybersecurity issues starting to emerge and predicted that this would be a significant challenge for our industry. So we formed a strategic initiative called the Trusted Supply Chain Program designed to mitigate cybersecurity risk in the supply chain, and really starting with the product life cycle, starting at the product design phase and moving through sourcing and manufacturing, how we deliver products to our customers and, ultimately, a product's end of life that Cole mentioned. So in doing this, we're able to provide our customers with the most secure products and services, whether they're buying their servers for their data center or using our own GreenLake services. So just to give you some examples, something that is foundational to our Trusted Supply Chain Program we've built a very robust cybersecurity supply chain risk management program that includes assessing our risk at all factories and our suppliers, okay? We're also looking at strengthening our software supply chain by developing mechanisms to identify software vulnerabilities and hardening our own software build environments. To protect against counterfeit parts, that I mentioned in the beginning, from entering our supply chain, we've recently started a blockchain program so that we can identify component provenance and trace parts back to their original manufacturers. So our security efforts, you know, continue even after product manufacturing. We offer three different levels of secured delivery services for our customers, including, you know, a dedicated truck and driver, or perhaps even an exclusive use vehicle. We can tailor our delivery services to whatever the customer needs. And then, when a product is at its end of life, products are either recycled or disposed using our approved vendors. So our servers are also equipped with the One-Button Secure Erase that erases every byte of data, including firmware data. And talking about products, we've taken additional steps to provide additional security features for our products. Number one, we can provide platform certificates that allow the user to cryptographically verify that their server hasn't been tampered with from the time it left the manufacturing facility to the time that it arrives at the customer's facility. In addition to that, we've launched a dedicated line of trusted supply chain servers with additional security features, including Secure Configuration Lock, Chassis Intrusion Detection, and these are assembled at our U.S. factory by U.S. vetted employees. So lots of exciting things happening within the supply chain not just to shore up our own supply chain risk, but also to provide our customers with the most secure product. And so with that, Cole, do you want to make our big announcement? >> All right, thank you. You know, what a great setup though, because I think you got to really appreciate the whole effort that we're putting into, you know, bringing these online. But one of the, just transparently, the gaps we had as we proved this out was, as you heard, this initial proof was delivered with assembly in the U.S. factory employees. You know, fantastic program, really successful in all our target industries and even expanding to places we didn't really expect it to. But it's kind of going to the point of security isn't just for one industry or one set of customers, right? We're seeing it in our partners, we're seeing it in different industries than we have in the past. But the challenge was we couldn't get this global right out the gate, right? This has been a really heavy, transparently, a U.S. federal activated focus, right? If you've been tracking what's going on since May of last year, there's been a call to action to improve the nation's cybersecurity. So we've been all in on that, and we have an opinion and we're working hard on that, but we're a global company, right? How can we get this out to the rest of the world? Well, guess what? This month we figured it out and, well, it's take a lot more than this month, we did a lot of work, but we figured it out. And we have launched a comparable service globally called Server Security Optimization Service, right? HPE Server Security Optimization Service for ProLiant. I like to call it, you know, SSOS Sauce, right? Do you want to be clever? HPE Sauce that we can now deploy globally. We get that product hardened in the supply chain, right? Because if you take the best of your supply chain and you take your technical innovations that you've innovated into the server, you can deliver a better experience for your customers, right? So the supply chain equals server technology and our awesome, you know, services teams deliver supply chain security at that last mile, and we can deliver it in the European markets and now in the Asia Pacific markets, right? We could ship it from the U.S. to other markets, so we could always fulfill this promise, but I think it's just having that local access into your partner ecosystem and stuff just makes more sense. But it is a big deal for us because now we have activated a meaningful supply chain security benefit for our entire global network of partners and customers and we're excited about it, and we hope our customers are too. >> That's huge, Cole and Ann, in terms of the significance of the impact that HPE is delivering through its partner ecosystem globally as the supply chain continues to be one of the terms on everyone's lips here. I'm curious, Cole, we just couple months ago, we're at Discover, can you talk about what HPE is doing here from a security perspective, this global approach that it's taking as it relates to what HPE was talking about at Discover in terms of we want to secure the enterprise to deliver these experiences from edge to cloud. >> You know, I feel like for me, and I think you look at the shared-responsibility models and, you know, other frameworks out there, the way I believe it to be is it's a solution, right? There's not one thing, you know, if you use HPE supply chain, the end, or if you buy an HPE ProLiant, the end, right? It is an integrated connectedness with our as-a-service platform, our service and support commitments, you know, our extensive partner ecosystem, our alliances, all of that comes together to ultimately offer that assurance to a customer, and I think these are specific meaningful proof points in that chain of custody, right? That chain of trust, if you will. Because as the world becomes more zero trust, we are going to have to prove ourselves more, right? And these are those kind of technical credentials, and identities and, you know, capabilities that a modern approach to security need. >> Excellent, great work there. Ann, let's go ahead and take us home. Take the audience through what you think, ultimately, what HPE is doing really infusing security at that 360-degree approach level that we talked about. What are some of the key takeaways that you want the audience that's watching here today to walk away with? >> Right, right, thank you. Yeah, you know, with the increase in cybersecurity threats everywhere affecting all businesses globally, it's going to require everyone in our industry to continue to evolve in our supply chain security and our product security in order to protect our customers and our business continuity. Protecting our supply chain is something that HPE is very committed to and takes very seriously. So, you know, I think regardless of whether our customers are looking for an on-prem solution or a GreenLake service, you know, HPE is proactively looking for and mitigating any security risk in the supply chain so that we can provide our customers with the most secure products and services. >> Awesome, Anne and Cole, thank you so much for joining me today talking about what HPE is doing here and why it's important, as our program is called, to be confident and trust your server security with HPE, and how HPE is doing that. Appreciate your insights and your time. >> Thank you so much for having us. >> Thank you, Lisa. >> For Cole Humphreys and Anne Potten, I'm Lisa Martin, we want to thank you for watching this segment in our series, Be Confident and Trust Your Server Security with HPE. We'll see you soon. (gentle upbeat music)

>> Announcer: From around the globe, it's theCUBE with digital coverage of AWS re:Invent 2020, sponsored by Intel, AWS and our community partners. >> You're watching continued coverage of AWS re:Invent 2020. I'm sure you're joining just a couple of hundred thousand of your closest friends and family on the web as we engage this AWS builder community in a very different way this year. I'm super excited to have one, for the first time Flexera on theCUBE program, I'm Keith Townsend @CTOAdvisor on Twitter and I'm joined by the CEO of Flexera, Jim Ryan. Jim, welcome to the show. >> Thanks for having us Keith. >> And Marie Godfrey, Senior Vice President of Product at Flexera. >> Thanks. It's good to be here. >> Welcome to the show. So, first off, I think most of the industry knows Flexera from the famous survey you guys do every year. Help us understand, what's the purpose of the survey and the intent of it? >> I think the purpose of the survey is to continue to provide the pulse of the market to our customers and the market at large. This is not a revelation to say that cloud, hybrid cloud, multi-cloud is an ever-changing fast, fast moving target in the industry and we find that by pulsing our customers and pulsing the market and then in return, giving people a broader sense as to what's going on, how they view the current top three challenges that they're facing, allows people to just stay relevant and stay current without having to do so much heavy lifting themselves. >> So, talk to me about the other part that's not as famous. Marie, the product, what's the primary goal of Flexera? >> So, to take off from what Jim said, the state of the cloud report that we issue every year is just one of many that we do research on and we published and Flexera hasn't always been known as a cloud management tool or a cloud provider of optimization solutions for the cloud. We have grown up and our legacy is very much on software asset management. So, over the course of both organic and inorganic means, we find ourselves in this great position now to be able to talk to not only our core strengths as an organization and as a company, but also what we do to help our customers optimize their cloud cost. >> So, one of the interesting outputs or data points from the report is this 70/30 split. I've seen it as 80/20, 70/30, more or less the same ideal concept that we spend 30% of our time basically on these innovative projects but 70% of our time basically on traditional IT operations. How does that impact your team's view of the market? >> Well, I think it profoundly impacts our view. You can call it the elephant in the room or you can call it the immovable object. The fact of the matter remains is that although a lot of the focus, attention and an ever increasing share of everybody's budget is being focused and centered on the cloud, if you're a CIO or somebody working in the CIO's organization, what you've got to realize and focus on is that 70% of your applications in your spending in your tech stack, are still on premise and VMs and other things that simply cannot be ignored. So, our overarching value proposition above and beyond remaining relevant in the cloud and publishing the state of the cloud is we focus on giving CIOs and IT teams the insight as to what's going on in your on-prem estate and if we do our jobs properly with our technology stack, it's identifying overuse or cost optimization opportunities, so, you can take dollars from your legacy stack and throw it over to invest in more innovative things that's going to move the needle for your business. >> So, that's a pretty interesting, I think value pop especially where the public cloud show help me understand kind of the overall challenge when we're thinking about public cloud, where typically less than 30% of our resources are probably in the public cloud. For most people watching this interview and the majority are on the private cloud, how does like Flexera help me to extract the value of both environments? >> Well, that's by robbing Peter to pay Paul, right? So, for everybody listening in here, lean in and listen. The biggest problem that we have when we're talking with our customers is that the cloud people aren't talking to the legacy on-prem asset management people and like Americans or everybody else, we got to just get together and talk to one another so, there's money and budget dollars to be extracted on the legacy on-prem last glamorous stuff of the house here and I say with great certainty not knowing all of the situations with everybody that's watching this, that I'm sure that you fight for single Dollar, Euro, Pound, Yen, et cetera, et cetera that you want to spend on your cloud initiatives. By collaborating with your brethren and your sisters over on the other side of the aisle and by looking at what's going on on the on-prem estate here, you can identify opportunities where you can reallocate budget dollars. >> So Marie, you guys have this term that I've not seen before, Technology Value Optimization or TVO, explain that to me. >> So, TVO is just the latest evolution in terms of how we think about our portfolio and our place in this ecosystem. That includes not just your traditional infrastructure management but this bridging and this realization of value when it comes to how we help our customers extract the value from what we do really, really well which is all around discovery of IT assets. It's around knowing my entitlements, it's around understanding my usage and now of course we brought cloud assets into the picture and helping our customers not only understand and see into those cloud assets but really look at how do I right size? How do I reclaim dollars? How do I avoid failed audits and really understand my usage patterns and what it is I need to do to enact and move toward that digital transformation that Jim referred to? So, at the end of the day, how we think about technology value optimization is that critical factor which is all around understanding the return on the investment and how to better understand and monetize the value for our customers in terms of what they have today and where they need to go. >> Ken, I wanted you to shed some light in what we consider or what we should now consider assets in this new era of cloud, and that your traditional products that how could others understand the AS or the asset either is a server or a virtual machine on that server networks switch etcetera but as I look at SaaS and past platforms and infrastructure as a service platform, what is the asset in this new world? >> By my definition, an asset is anything that your company spend money on and you need to get a return on it. So, 10 years ago, if we were having this conversation, an asset would have been a desktop, a router, a server, or maybe it would be a multi-core server and as things started to get a little bit more complicated, we added virtual machines. So, assets weren't just physical devices, they were virtual devices where we really cut our teeth and made a name for ourselves at Flexera was in software license optimization or software asset management, which is you take all of your physical assets and then you throw software applications from IBM, Oracle SAP, Microsoft and you put those two together and what you have are licensable events or financial exposure, because it's not just as simple as buying a database from Oracle, Oracle is going to want to know how many cores you're running on the server, and all of those different combinations in a Rubik's cube of complexity throw off licensable or financial events and while I'd love to tell everybody that the cloud and hybrid cloud and multi-cloud is making it easier, it's actually making it more sophisticated and more complicated to try and get your head around it because now you have containers and just when we thought we had figured out VMs and what assets and things are running in VMs, you've got containers that are going up and down and trying to find out what assets are in containers across a hybrid multicloud environment says the latest instantiation of chasing your tail here in the business. >> And then help me think through, or at least visualize this concept of entitlements when it comes to the cloud era. When I had on premises assets, I could go and look at my Oracle license and maybe figure out what I was entitled to but now when I, especially when I think of multicloud multi-service and even hybrid where Microsoft gives me credits or on premises services versus off-prem services, help me understand how I should be looking at that and how Flexera helps. >> I think you've got to be looking at it at closely and you can't look at it in isolation. So what you can't do is look at what you've got spun up in an Azure environment and AWS or Google cloud environment, because you're only going to negotiate one agreement with Microsoft most likely. You're only going to negotiate one ELA with IBM or Oracle, or fill in the blank and you know what, Oracle's not going to care what you're running in just cloud if they come and audit you. They are going to perform an audit, and they're going to want to know what you're running in in an on-prem world in VMs, on your data center and your desktop, and then they're going to want you to bring to full account what you're running in your cloud environments as well. So the way Flexera helps you is that we can discover, and we can give you an unprecedented visibility into what's running throughout your IT assets estate, whether it's on-prem, on a desktop, in a data center, on a SaaS application and an infrastructure platform as a service, pull it back and normalize it and compare that to what you've actually signed with all of your suppliers and when we do our job right, our customers run our algorithms across what you're entitled to use and what you're actually using, and what we find is that there's anywhere from 30 zero to 30% of overused in spend in ways. >> Keith, I just want to add example of where I saw this in real time with one of our solution engineers this about two weeks ago, where he was demonstrating the power of what we deliver across entitlements and usage and understanding where a potential wasted spend is and the customer was really focused on Oracle, and making sure that the Oracle negotiation coming up was going to be one where the customer felt like they were in a position of strengths and really understood what entitlements and usage were but when we showed them that Oracle was one piece of a bigger puzzle and that their cloud spend and AWS spend, and even their spend with some of their largest SaaS applications was actually much smaller than the whole, it really showed the customer the power of looking at these assets back to your question around assets and how do we think about them in a way that compares them to one another so the customer gets a full point of view. >> It's very difficult to get an Apple's and Apple's comparison with hybrid versus public and it's no longer just, I don't know if it was ever simple, but it's just more complex these days. Last question, as you look at the past few years, and I go to the Flexera website and look at your product portfolio, talk to me about the relationship between your customer in the industry and how that's changed and how customers consume Flexera as a product. >> I think over the years, our customers like the market has shifted to our SaaS and cloud offering we back in the day we used to have perpetual licenses and we were focusing on an on-prem scenario only, and our customers rightfully so have become far more demanding much like the market has and they now expect things to be delivered in real time with an agile mindset on a SaaS or cloud native basis and with that becomes a much, much higher expectation in terms of customer success and service that they get, because they're on a subscription basis, they can cancel at any time, just like we can do with our cable service provider. So we've really had to invest a lot, not just in R&D and making sure that our technology delivers outcomes, but in the way that we work with and service our customers. They're far more demanding than that they ever have and I wouldn't want it any other way and we think that our strategic imperatives is just keeping up with that in their high demands and expectations in the future. >> Well, I really appreciate you two taking out the time out of your busy schedules, both of you on the East coast, I'm in a Midwest, couple of hundred thousand people tuning into AWS re:Invent 2020 virtual learning to tackle a lot of these complex problems. The pandemic, the new reality of the market has forced us to address implementing and managing enterprise IT in a completely different way. This conference is a great example of that. We thank our friends at Flexera for sponsoring this interview. You want to learn more about theCUBE's coverage? Subscribe to the YouTube channel. Plenty of content with me and my fellow co-host this year coming out of AWS re:Invent 2020 talk to you next installment of theCUBE. (upbeat music)

>> Hello everybody. My title is Physics Implements Lagrange Multiplier Optimization. And let me be very specific about what I mean by this, is that in physics, there are a series of principles that are optimization principles. And we are just beginning to take advantage of them. For example, most famous in physics is the principle of least action. Of equal importance is the principle of least entropy generation. That's to say a dissipated circuit will try to adjust itself to dissipated as little as possible. There's other concepts first-to-gain-threshold, the variational principle, the adiabatic method, simulated annealing but actual physical annealing. So let's look at some of these that I'm sure you probably know about is the principle of least time. And this is sort of illustrated by a lifeguard who is trying to save a swimmer and runs as fast as possible along the sand and finally jumps in the water. So it's like the refraction of light. The lifeguard is trying to get to the swimmer as quickly as possible and is trying to follow the path that takes the least amount of time. This of course occurs in optics and classical mechanics and so forth. It's the principle of least action. Let me show you another one. The principle of minimum power dissipation. Imagine you had a circuit like this, where the current was dividing unequally. Well, that would make you feel very uncomfortable. The circuit will automatically try to adjust itself, so that the two branches which are equal actually are drawing equal amount of current. If they are unequal, it will dissipate excess energy. So we talk about least power dissipation, more sophisticated way of saying the same thing is the least entropy production. This is actually the most common one of all. Here's one that's kind of interesting. People have made a lot of hay about this, is you have lasers and you try to reach the threshold. And so you have different modes on the horizontal axis. And then one mode happens to have the lowest loss and then all the energy goes into that mode. This is the first-to-gain-threshold. This is also a type of minimization principle because physics finds the mode with the lowest gain threshold. Now, what I'll show about this, is it's not as good as it seems because there continues to be, even after you reach the gain threshold, there continues to be evolution among the modes. And so it's not quite as clear cut as it might seem. Here's the one it's famous, the variational principle. It says you have a trial wave function, the red one, it's no good because it has too much energy. The true wave function is illustrated in green. And that one has fines automatically. The fines, the situation with the wave function has the lowest energy. Here's one, of course it's just physical annealing in which you could do as physical annealing, which you could also think of it as simulated annealing. And in simulated annealing, you add noise or you raise the temperature, or do something else to jump out of local minima. So you do tend to get stuck in all of these methods. You tend to get stuck in local minima and you have to find a strategy to jump out of those local minima, but certainly physical annealing actually promises to give you a global optimum. So that's, we've got to keep that one in mind. And then there's the adiabatic method. And in the adiabatic method, you have modes. Now I am one who believes that we could do this even classically, just with LC circuits? We have avoided crossings. And the avoided crossings are such that you start from a solvable problem, and then you go to a very difficult to solve problem. And yet you stay in the ground state and I'm sure you all know this. This is the adiabatic method. Some people think of it as quantum mechanical, it could be, but it's also a classical. And what you're adjusting is one of the inductances in a complicated LC circuit. And this is sort of another illustration of the same thing, a little bit more complicated graph. You go from a simple Hamiltonian to a hard Hamiltonian, and you find a solution that way. So these are all minimization principles. Now, one of the preferred attributes is to have a digital answer, which we can get with bistable elements, physics is loaded with bistable elements, starting with the flip-flop. And you can imagine somehow coupling them together. I show you here just resistors, but it's very important that the, you don't have a pure analog machine. You want to have a machine that provides digital answers and the flip-flop is actually an analog machine, but it locks into a digital state. And so we want bistable elements that will give us binary answers. Okay, so having quickly gone through it, which of these is the best? So let's try to answer, which of these is the best for doing optimization? Which physics principle might be the best? And so one of our nice problems that we like to solve is the Ising problem. And there's a way to set that up with circuits and you can have LC circuits and try to mimic the ferromagnetic case as the two circuits are in phase and so you have, you try to lock them into, either positive or negative phase. You can do that with parametric gains. You have classical parametric gain with a two omega modulation on a capacitor and it's bistable. And if you have crossing couplings, then it's a, the phases tend to be opposite. And so you tend to have anti-ferromagnetic coupling. So you can mimic with these circuits, but there's so many ways to mimic it. So we'll see some more examples. Now, one of the main points I'm going to make today is that it's very easy to set up a physical system that not only does optimization, but also includes constraints and the constraints we normally take into account with Lagrange multipliers and this sort of an explanation of Lagrange multipliers. You're trying to go toward the absolute optimum here, but you run into the red constraint. So you get stopped right there. And the gradient of the constraint is opposite to the a, they cancel each other, the gradient of the merit function. So this is standard stuff in college, Lagrange multiplier calculus. So if physics does this, how does it do it? Well, it does it by steepest descent. We just follow it. Physics, for example, will try to go to the state of lowest power dissipation. So it goes, and it minimizes the participation in blue, but also tries to satisfy the constraint. And then we finally, we find the optimum point in some multi-dimensional configuration space. Another way of saying it, is we go from some initial state to some final state and physics does this for you for free, because it is always trying to reduce the entropy production, the power dissipation. And so there have been, I'm going to show you now five different schemes, actually I have about eight different schemes. And they all use the principle of minimum entropy generation but not all of them recognize it. So here's some work from my colleague, Roychowdhury here in my department, and he has these very amplitude, stable oscillators, but they tend to lock into a phase and in this way, it's unnatural for solving the Ising problem. But if you analyze it in detail and I'll show you the link to the archive where we've shown this is that this one is trying to satisfy the principle of minimum entropy generation and it includes constraints. And the most important constraint for us is that we want a digital answer. So we want to have either a plus or minus as the answer and the parametric oscillator permits that. He's not using a parametric oscillator, he's using something a little different, but it's somewhat similar. He's using lock sort of second-harmonic locking. It's similar to the parametric oscillator. And here's another approach from England, Cambridge University. I have the symbol of the university here and they got very excited. They have polaritons, exciton-polaritons they were very excited about that. But to us they're really just coupled electromagnetic modes and created by optical excitation. And they lock into definite phases and no big surprise they're actually, it also follows, it tends to lock in, in such a way that it minimizes the power dissipation, and it is very easy to include the digital constraint in there. And so that's yet another example. Of course, all the examples I'm going to show you from literature are all following the principle of minimum entropy generation. This is not always acknowledged by the authors. This is the Yamamoto Stanford approach. Thank you very much for inviting me. So I've analyzed this one with, we think that what's going on here. I think the quantum mechanical version could be very interesting possibly. But the versions that are out there right now are they're dissipative and there's dissipation in the optical fiber it's overcome by the parametric gain. And the net conclusion of this is that the different optical parametric oscillator pulses are trying to organize themselves in such a way as to minimize the power dissipation. So it's based upon minimum entropy generation, which for our purposes is synonymous with minimizing the power dissipation. And of course, very beautifully done. It is a very beautiful system because it's time multiplexed and it locks in to digital answers. So that's very nice. Here's something different, not the Ising problem from MIT. It is an optimizer. It's an optimizer for artificial intelligence. It uses Silicon Photonics and does unitary operations. We've gone through this very carefully. I'm sure to the people at MIT, they think they have something very unusual. But to us, this is usual. This is an example of minimizing the power dissipation. As you go round over and over again, through the Silicon Photonics, you end up minimizing the power dissipation. It's kind of surprising. And principle of minimum entropy generation again. Okay. And this is from my own group where we try to mimic the coherent ising machine, except it's just electrical. And we get the, this is an anti-ferromagnetic configuration. If the resistors were this way, it would be a ferromagnetic configuration. And we can arrange that. So I've just done five of my, I think I could have done a few more, but we're running out of time. But all of these optimization approaches are similar in that they're based upon minimum entropy generation, which is a, I don't want to say it's a law of physics, but it's accepted by many physicists, and you have different examples, including particularly MIT's optimizer for artificial intelligence. They all seem to take advantage of this type of physics. So they're all versions of minimum entropy generation. The physics hardware implements steepest descent physically. And because of the constraint though, it produces a binary output. Which is digital in the same sense that a flip-flop is digital. What's the promise? The promise is that the physics-based hardware will perform the same function at far greater speed and far less power dissipation. Now. The challenge of global optimization remains unsolved. I don't think anybody has a solution to the problem of global optimization. We can try to do better, we can get a little closer. But if, so even setting that aside, there all these terrific applications in deep learning and in neural network back-propagation, artificial intelligence, control theory. So there many applications, operations research, biology, et cetera. But there are a couple of action items needed to go further. And that is, I believe that the electronic implementation is perhaps a little easier to scale. And so we need to design some chips. So we need a chip with an array of oscillators. If you had a thousand LC oscillators on the chip, I think that would be already be very interesting. But you need to interconnect them. This would require a resistive network with about a million resistors. I think that can also be done on a chip. So minimizing the power dissipation is the whole point, but you'll do have to, there is an accuracy problem. The resistors have to be very precise but there's good news. Resistors can be programmed very accurately and I'll be happy to take questions on that. So later step though, once we have the chips is we need compiler software to convert the unknown problem into the given resistance values that will fit within these oscillator chips. So let me pause then for questions and thank you very much for your attention.

>> Live from Barcelona, Spain it's theCUBE. Covering Cisco Live Europe. Brought to you by Cisco and its ecosystem partners. >> Welcome back to Cisco Live Barcelona, this is day two of theCUBE, the leader in live tech coverage. We go out to the events, we extract the signal from the noise. I'm Dave Vellante, my co-host Stu Miniman. Ben Nye is here, the CEO of Boston-based Turbonomic . Great to see you again, Ben. Thanks for coming on. >> Thanks for having me, Dave, appreciate it. >> So, what a show for you guys. Everything is multi-cloud, I mean that's your sweet spot. You saw the keynotes yesterday, you've got to love the messaging here. It's really a tail wind for you guys. >> The fit and the strategic rationale, it makes you feel good about a partnership we established a year and a half ago when it was still nascent, right? They were just starting the change to becoming a software company, to becoming a multi-cloud vendor, not making a decision at the time not to have a cloud of their own. And boy, does it feel good now. But, boy it's been interesting to watch the changes in organization, people, all the different elements of this monster company, $200 billion public market value company going through this change in the public markets. >> Well, and you guys have really executed well. Obviously, you did some nice raises, you've got that velocity marketing thing down, and you're scrappy. And now you've got some resources behind you, and you've also got some partnerships that are starting to bear some fruit. So, let's get into the Cisco partnership specifically. What's that like, what's it all about? Give us some details there. >> So, Cisco sells our product under their name. It's called Cisco Workload Optimization Manager, the acronym is CWON. But, our thesis, and I think what they buy into enormously is that as we've decomposed the infrastructure and decomposed the applications, right? Think about it, we used to have monolithic applications all the way down now to VMs, and soon microservices, right? Containers and pods. You're going to need to think about how to resource those things at a scale that humans can't possibly manage. So the workload, the little humble workload becomes the centerpiece of everything. And Workload Optimization Manager is that. It's an AI Op's ability to assure the performance, manage the compliance policies, and make it cost effective all the time. And those are trade offs, so you can't do it once. As demand changes, you've got to be able to make those trade offs ongoing, and that's the uniqueness. So, the partnership was really embracing that concept. And what's fun is you can see how it's expanded with multi-cloud manager and the move to containers. Just that many more zeros when you think about the number of workloads, and the number of containers. >> Yep. Ben, I've loved watching this discussion of workloads and applications, 'cause I've worked with Cisco most of my career. But, you know, I spent a decade on the storage side looking at the network people. And it was just, oh well, the applications to the data is just bits that run over the pipe. And therefore, Cisco didn't really necessarily care that much. It was just, I want more traffic, yes. But maybe they do some things to optimize a little bit, but Workload Optimized Management seems a very new thing for Cisco to be able to embrace and understand and fits into that whole software strategy. Maybe give us a little bit about how you've seen the maturation and change, about how Cisco has data in the center of their keynote yesterday. >> Right. >> Where it was, wait, this is the networking company Cisco. And ports and gear and massive million dollar purchases that you roll out and get certified on as opposed to kind of the new software world. >> So, I think if you look at it, data without logic is data. Right? It's when you put the two together, and that's what a workload is, that you build all the way up. If you really say "Where did they get it?" They were always great at moving the data to service the logic in the application. Buying App D I think was a critical and decisive move to really put them at the top of the stack. Anchor the application, and you can then make sure everything else is brought along with it. So, App D gave them both the ability to look at the depology of the application, the response time of the application. It also gave them this thing called Business IQ, which is, the application runs your business, right? How do I take the data in the organization throughout, make sure I'm servicing it right, but also making sure that the application is running at all times well. And applications really, are just an aggregation of workloads. And so it goes back into the application, the workload, and then the infrastructure which shares it all. >> Ben, you talked about kind of what it is, the Workload Optimization Manager. What's the secret sauce behind it? Can you talk a little bit about the engineering and how it works. >> How C1 works? >> Yes. >> Yeah, I call it The three As. There's the Approach, then there's the Abstraction, and then there's the Analytics. The first one is the approach. Everything we're doing is about putting demand in charge of supply. So, we literally own the patent on using the principles of economics to manage IT. In other words, what's the best resource allocator we know? Markets. Let the workloads pick the resources on which they need to run, and do it in that way as opposed to us trying to us trying to service some ephemeral demand when we're actually managing supply. The way it works is you have to have an abstraction. And that means that I can't have every single vendor's product be different. So, to a workload, all the flavors of storage, it just looks like IOPs and DIS, so they can trade them. An abstraction we all use in everyday life? Currency, right? That's how markets work, we have to have a common currency. And then the last one is the Analytics. If you let the workload pick the resources it needs, it knows it because it knows how much demand. Demand goes up, more resources. Demand goes down, you leave resources. But then, we know the right order of the resourcing that it needs. All the way down the stack, from the application to the virtual to the physical. And that allows us to give exact right actions, not recommendations. Recommendations we think, are like opinions. You can't automate them. And alerts. But if you think about being able to be so accurate, and so exact in the analytics you produce, that you can actually automate them. That's the ah-ha. >> Well, it's brilliant. I mean, you've got the marketplace demand, and that decides. But, you've also got to do this is near real time, right? To have this impact. >> Continuously, correct. >> So, that's your analytics, that's some machine intelligence going on under the cover? >> So, people talk about AI ops, this is AI ops. We have a data model, the data model covers the customer's on prem environment as well as their off prem if it's Amazon or Azure. And now, I can see all the workloads I run, and all of the performance issues, all of the compliance exposure, and all of the efficiency opportunities inherent in each one workload. We show it to the customer, and then they can run What if Scenarios in offline, not with a synthetic, but with their actual workloads. Say, how would you like to see that workload in one of these other environments, in any direction? Now we're getting into multi-cloud management, right? >> Yeah, and abstract all that API complexity and all that diversity. And just one more follow up if I may, Stu. I want to understand the business impact. >> Sure. >> We covered kind of what it is and how it works. Why do customers buy? What's the business impact? >> So, the most important thing is you've got to have application performance. If your apps aren't running, your business isn't running. Fair? The second one though is, boy, compliance regulations just keep coming, right? And there's lots of different forms of compliance in policies. It could be a static one like HA, or data afinity, or an anti-afinity, things like that. But then there's also a myriad of raising level orders. People are trying to enforce all of these policies manually, which means they don't really know at any given time, whether they're in conformity with their own policies. Then you could ask, well, then why have them? So, that's a second big driver. The third one, is just cost. If we actually run the environments well, and we know that demand picks it, then actually you don't need to over provision the virtual, or the physical, or both environments, which is what most people have been doing for years. >> Then the area I want to drill into is that multi-cloud management that you mentioned there. Managing environments has always been a challenging situation for IT. You know, you think back ten years ago, you know V Center is the center of the world for anybody in virtualization. System center for Microsoft Shops, in the multi-cloud world, it's still a bit of a jump ball. You know, Cisco of course with their cloud center sweep, want to have a strong position to live in that multi-cloud world. Tell us, what are you seeing in the marketplace today? Where does, you know, your OEM solution with Cisco fit into this overall orchestration, and what are you hearing from customers? >> So, there's a couple of things. If you look in the customer side, when you go multi-cloud, you have to have different skill sets. They're different platforms, different vendors, right? And, by the way, so extreme in some cases, where one is principally a fixed cost environment, verus two that are variable expense based environments. Right? So, I have to think about which is the type of workload I want to run based on the demand parameters for each of those to make the most economic sense and the best performance attainable. If I have something that's going to scale massively, I want to leverage the elasticity of the public cloud, more likely than not. But, to do that, I better be ready to manage it in that fashion, right? And so somebody has to understand the nature of demand, and when to scale that up and when to scale it down. We've had customers literally take monthly change control windows, down to nightly in order to manage that because the savings are so material, right? So, it's really a matter of they need some level of automation, Stu, to be able to know which workloads should run in a given environment, in a given way consistent with what the platform vendor is offering. And that's what we do. >> I love stories like this, right? They harken back to Frank Sluteman, who's kind of a mini business hero of mine. He was the founder of David Domain, well CEO, and obviously helped service Now Gro. And he would say to me, "I love ROI stories." Like, going in, and just being able to show people bottom line impact. You clearly have that here. Application performance is very clear, how you affect that. When you talk to customers about the economic potential, what are you seeing? If you sort of scanned your customer base. You know, what kind of savings are you seeing? It sounds to me, I'm inferring 20% is kind of a no brainer, but I could imagine 30% plus savings. What are you seeing if you took an anecdotal scan of your customer base? >> So, very typically we can find, because the VM is over provisioned, the virtual layer, and the physical is over provisioned to manage the environment, try and assure performance. Typically we will find 40, 50% of a customer's data center available to be made more efficient, okay? When you then go, though, and this is really interesting. If you go to, let's say ECS and Amazon. There's 1.7 million combinations that you can pick from in ECS. So, Amazon refers to us as a customer control plane, because we understand the fundamental demand on the workloads, we'll pick the right instance family; so you don't have to go and try to pick and guess and allocate based on compute instance types, memory, network, storage, then whether or not to put an RI, Reserved Instance, against it, what region to run it in, all of those things, we could take care of, and help find and land that thing in the right order. When you don't have that, people will naturally allocate. They're going to do what's called a lift and shift, take an over provisioned VM on Prem, and bring it into the cloud. And that's the source of these incredible cloud bills. People go, wait a minute, this is too expensive, cloud was supposed to be cheaper. Well, that's because they didn't optimize it before they moved it. So, our strong preference is let's look at your workloads on Prem, let's find you the right home and the right instance family off Prem, to assure performance and then we'll manage it ongoing with that continuous actions that we do. >> And that changes the operating model. And, of course, when you talk to Amazon about this, they actually love that because they understand that there is price elasticity. If they're saving customer's money, that means the customer is going to buy more compute, they're going to buy more storage. >> Yep. >> Have you seen that in your customer base? >> Absolutely. So, Amazon is on record as having cut price in EC2 62 times. They have a retailer's mindset, and Microsoft has to match them and does. Okay? So they're both interested in taking costs down to serve the customer. When they don't, there's a problem. The problem is, the customer gets a cloud bill that was far in excess of what they expected to see. Gardener has some great data on this, about just how big those numbers can be. But what happens is two things. One, they go into a pause. And that pause can reduce the rate of migration for a year or better while they're trying to digest and get the skills and learn how to manage their workloads in that environment. The second thing is there's a loss, a slight erosion of trust. And then they want a dual source, and then they want to bring in other vendors and so forth. And the reason is they're just trying to figure out how to make this migration, which they know they have to, every CIO has a cloud MBO, but they have to have a way to know that they're not going to bleed themselves out in the process. Those are the two things that I see most frequently from customers. >> Yeah. Ben, as an observer, I want to get what you've seen from customers. How do they look at Cisco as a software provider in general, and as a partner in this multi-cloud world, specifically today? >> Well, I think Cisco has done a number of things. Again, I would go back to they really set a new direction with the direction that Chuck Robbins has provided as CEO, with the purchase of App D, with the services. If you go to the Innovation Hall, and you'll see the Solutions Hall. You'll see the Cloud services that they're offering, and then I think finding folks like Turbonomic. Literally, branding it under their name and selling it at CWAM. Those are pretty big de-marketers of their commitment to cloud, to multi-cloud, and to software. >> So, we were talking in our open about this whole multi-cloud, you know, marketplace. The horse is on the track. You know Cisco, clearly coming at it from a networking standpoint. Obviously, you've got VM Ware doing its thing, coming at it from what used to be purely Hypervisor, now expanding. You've got IBM and Red Hat, certainly Microsoft in the mix. It's a really interesting dynamic. You guys are a best of breed player, that's your strategy to keep ahead of the competition or the supposed competition, and partner with some of the big guys. What gives you confidence, Ben, that you guys can keep that technical lead and that market lead relative to both the competition and some of your partners? >> Because smaller companies have to focus, right? So we focus. We focus on workloads, and we're going to let those workloads run. We do not have a bias in our pricing model, in our infrastructure allegiances or anything. We have a bias on making sure the workload is always performant, compliant, and cost effective wherever it runs. So, our thesis is customers will always want to have multi-clouds. Not one provider, but multiple. And therefore, want the best workloads that will stay and grow with them. And so, that's why we have such good alliance with both Microsoft and Amazon. Because again, they're the net receivers of a lot of these workloads. One of the reasons we have such a good alliance with Cisco is because they're not going to be a cloud-vider. They're going to be a technology provider to those that want to provide services and technology to the Cloud providers. So, I think there's a nice match there in terms of our focus and our ability to continue to evolve. And let's just remember how dynamic this is. I mean, we were just talking about VMs in the last 10 years. Now, in the next five, you're going to see a complete shift over to containers, pods, and microservices. Different kinds of schedulers, different kind of IP stack; and that's the bed I think you mentioned that Red Hat and IBM are making as well. >> Well, your timing has been phenomenal. I mean obviously, coming out of the downturn, Cloud had a huge uptick. And now it's very clear, like you said, every CIO has an MBO on getting the Cloud. And you guys are well on your way to hitting escape velocity. Congratulations on that. >> Thank you. >> And thanks so much for coming on theCUBE. >> Thank you, Dave; thank you, Stu, pleasure. >> Okay, you're welcome. Alright, keep it right there everybody. We'll be back with our next guest. Dave Vellante and Stu Miniman, we're live from Cisco Live Barcelona, you're watching theCUBE. Thanks. (electronic music)