MEF Targets SASE Confusion With Standard Framework

December 22, 2022

New SASE service standard accelerates managed service providers’ ability to offer robust, unified network and security services with Zero Trust to enterprises

MEF has published the industry’s first Secure Access Service Edge (SASE) standard defining SASE service attributes, a framework and common definitions, and a Zero Trust framework that together allow organizations to implement dynamic policy-based actions to secure network resources for faster decision making and implementation for enterprises.

MEF’s SASE standard aligns stakeholders on common terminology and service attributes when buying, selling, and delivering SASE services, and makes it easier to interface policy with security functions for cloud-based cybersecurity from anywhere. MEF’s Zero Trust framework defines service attributes to enable service providers to implement and deliver a broad range of services that comply with Zero Trust principles.

According to the July 2022 SASE & SD-WAN 5-Year Forecast Report from Dell’Oro Group, the SASE-related technologies market will exceed $13 billion by 2026. SASE has quickly gained traction due to its work-from-anywhere cloud approach to security and networking. The MEF SASE service standard and Zero Trust framework have been developed by the industry’s top managed security and service providers to make it easier to bring to market robust, easy-to-understand, easy-to-manage SASE services for the enterprise. The new standards include:

SASE Service Attributes and Service Framework Standard

This standard specifies service attributes to be agreed upon between a service provider and a subscriber for SASE services, including security functions, policies, and connectivity services. The standard defines the behaviors of the SASE service that are externally visible to the subscriber irrespective of the implementation of the service. A SASE service based upon the framework defined in the standard enables secure access and secure connectivity of users, devices, or applications to resources for the subscriber. MEF’s SASE standard (MEF 117) includes SASE service attributes and a SASE service framework.

Zero Trust Framework for MEF Services

The new Zero Trust Framework for MEF Services (MEF 118) defines a framework and requirements of identity, authentication, policy management, and access control processes that are continuously and properly constituted, protected, and free from vulnerabilities when implemented and deployed. This framework also defines service attributes, which are agreed between a subscriber and service provider, to enable service providers to implement and deliver a broad range of services that comply with Zero Trust principles.

“With SASE still at an early stage and generating confusion, I applaud MEF’s standardization efforts. In the near-term, they are contributing vocabulary and aligning conceptual frameworks that are vital to getting the industry to rally behind common, interoperable approaches,” said Mauricio Sanchez, Research Director for Network Security & SASE/SD-WAN research at Dell’Oro Group. “In the long-term, I see the resulting standards help make multi-vendor SASE a reality and accelerate overall adoption.”

“Enterprises are challenged to compare feature sets and solutions when selecting SD-WAN, SSE, and SASE services, including Zero Trust Network Access, which can result in incomplete service offerings that don’t meet needs and expectations. At the same time, service providers want to offer a complete, unified SASE service that includes networking and security under a single pane of glass,” said Pascal Menezes, MEF Chief Technology Officer. “MEF’s new SASE standard and Zero Trust framework, firsts in the industry, provide clarity and simplify the selection of SASE managed services for enterprises. MEF-based SASE services allow organizations to make choices based on industry-standard service attributes, frameworks, and common definitions which allow for easier evaluation and faster decision making and implementation. On behalf of MEF, I would like to thank all the members who worked tirelessly to progress these efforts for the benefit of the entire industry.”

Kelly Ahuja, CEO of Versa Networks added, "Versa has a long history of partnering with and contributing to MEF’s efforts in many areas including SD-WAN. MEF’s new SASE standardization work will enable SPs and Enterprises to have a common and consistent framework and service attributes to help drive adoption and accelerate enterprise digital transformation. This common framework is important for the industry to create consistency in how systems interconnect and interoperate without dictating how they must work internally. This is important as many existing deployments have bespoke products and architectures that have to be stitched-together to achieve the full capabilities of SASE – creating complexity and cost. Standardization will allow these systems to interoperate and make it easier to insert new solutions into the architecture which is crucial for a transition from the current best-of-breed approach to a Unified SASE platform, like Versa’s that combines SD-WAN, SWG, ZTNA, FWaaS, CASB, DLP, UEBA, RBI into a single platform with a single pass scanning architecture, unified policy, unified data lake, and unified console."