The News: MEF recently announced its work to define Secure Access Service Edge (SASE) services. SASE is a developing market that combines network connectivity and security functions with subscriber policies to meet a higher level of performance and assurance required by the modern enterprise. This appears to be the next step in MEF’s strategy, focusing on enabling digital transformation through dynamic, assured, and certified MEF 3.0 network services. MEF’s stated goal is to achieve industry consensus on a standardized, converged software-defined networking, security, and policy framework that can be used by enterprises and service providers to transform consumption of cloud services and applications in the form of SASE services. Read the full MEF press release here.
MEF SASE Services: MEF 3.0 Bedrock Provides Foundations for Powering Standardized SASE Services
Analyst Take: MEF is rapidly developing the industry-wide consensus needed to accelerate broad embracement of standardized SASE services. Since its inception in 2019, SASE has already achieved notable across the digital ecosystem, with vendors expanding and consolidating their SASE portfolios in 2020. This is evidenced by moves such as Versa unveiling its Versa Secure Access, Fortinet’s acquisition of OPAQ, and Cisco debuting 17.2 release of Cisco SD-WAN to name a few.
To review, SASE blends the functions of network, such as SD-WAN and security point solutions into a unified, ubiquitous cloud-native service. SASE is designed to be delivered as a service, reducing or eliminating hardware and appliance costs and management complexity. The SASE approach allows enterprises to connect to a singular secure network to access physical and cloud resources regardless of their location.
As a result, I expect enterprise IT units will be interested in attaining the ability to dynamically connect and secure all their networks and users in a more cost-efficient and streamlined way. Such capabilities are increasingly critical for service providers to offer their customers, especially since enterprises are swiftly expanding their digital workforces, increasing the number of users, devices, and services touching their network. In today’s pandemic-fueled WFH reality, attack surfaces of enterprise networks are enlarged, increasing exposure to malicious attacks across cloud, edge, and on premise environments, making security an even greater concern.
MEF’s Warrant for Developing a Standardized Networking, Security, and Policy Framework
MEF’s success in stabilizing SD-WAN standardization through MEF 70 last year instills the foundational confidence to repeat the same feat in advancing the work of SASE definition in MEF 117, and I believe this answers the question why MEF is the industry association best-suited to drive SASE standardization. By extending the MEF 3.0 framework to SASE services, SASE attains the MEF 3.0 certification essential to fueling ecosystem adoption by enabling service providers and vendors to validate that their solutions comply with the highest industry standard for security assurance and performance orchestrated across a global mesh of automated networks.
The imprimatur of MEF sanctioning the standardization of SASE Services is vital to fulfilling the open source priorities of service providers and enterprises. Without establishing standards-backing near its inception, SASE risks becoming another information and communications (ICT) technology or market that achieves limited traction or takes longer than anticipated to achieve market impact.
I believe network function virtualization (NFV) is an example of a key technology that has achieved limited results for service providers despite the earnest guidelines of industry bodies such as the European Telecommunications Standards Institute (ETSI) and being around since 2013. For example, NFV supporters missed the opportunity to integrate management functions into the NFV standards process, particularly during its early stages. As a result, some service providers have now become captive to full-stack virtualized implementations supplied by a select few vendors.
I believe that the lack of standardization pertaining to management functions resulted in NFV becoming unmanageable at least in a scalable, interoperable way. Likewise, I see the Internet of Things (IoT) producing mixed use case results and slower adoption rates in the service provider realm due in large part to the fragmented nature of IoT standards.
The MEF SASE Services Framework white paper provides the blueprint to standardize SASE services based on existing SD-WAN, security, automation, and other standardization work. The establishment of SASE standards are essential in providing certification testing, vital to ensuring interoperability across the digital ecosystem and enabling service providers to avoid or minimize reliance on expensive proprietary solutions.
MEF SASE Services: Key Takeaways
I believe MEF is further strengthening its SASE cause by enlisting an impressive array of firms engaged in SASE-related support, including Cisco, Fortinet, VMware, Juniper, Nuage Networks from Nokia, Versa Networks, Ciena, CMC Networks, and Datavision as well as AT&T, Bell Canada, CenturyLink, Fujitsu, and HPE/Silver Peak.
In sum, I anticipate the MEF’s prime objective of defining SASE instantly strengthens SASE’s prospects in quickly becoming a widely accepted, game-changing service by avoiding the pitfalls that have stymied other promising technologies and services due in good part to their lack of robust standards backing. Service providers’ ability to deliver secure enterprise connectivity services is essential to boosting the value of their cloud-based offerings. There are numerous SASE attributes that, once standardized on the basis of MEF SASE Services, will create a strong foundation to deliver innovative security services and solutions that enterprises will value in meeting their unified network, security, and policy goals.
Futurum Research provides industry research and analysis. These columns are for educational purposes only and should not be considered in any way investment advice.