MEF wraps its arms around defining frameworks and policies for SASE

There's no doubt that secure access service edge (SASE) has picked up steam this year after Gartner coined the phrase last year, and now MEF has joined the SASE fray.

SASE blends SD-WAN, security functions, such as zero trust, and subscriber policies to, among other things, enable users to access their connectivity services safely from anywhere, which is even more important during the Covid-19 pandemic, according to MEF CTO Pascal Menezes.  SASE converges the functions of network and security point solutions into a unified, global cloud-native service, according to Gartner. 

RELATED: Cisco gets SASE with its latest SD-WAN software update

SASE gained momentum in 2020 with vendors such as Cisco, Juniper Networks, VMware and Cato Networks touting their SASE capabilities.

MEF is coalescing its security, SD-WAN, cloud and edge efforts into a definition for SASE services through its MEF W117 project. Like its work in Carrier Ethernet and SD-WAN, MEF is standardizing the SASE elements for the benefit of its service provider, vendor and enterprise members and to avoid market fragmentation.

Similar to some vendors' claims, such as Cato Networks and Versa Networks, Menezes said MEF was working on the SASE elements of SD-WAN and security for several years, but now the focus includes the edge and cloud.

"Security, SD-WAN, cloud, and edge are really merging together and that's the takeaway," Menezes said. "This is mainly defining security function behavior and SD-WAN polices to invoke them anywhere in the network."

Menezes said SASE included low cost universal customer premise equipment (uCPE) that tapped into cloud-based security and other functions instead of having them hosted on the devices.

MEF W117 is part of the organization's MEF 3.0 framework that also includes standardized services, LSO (Lifecycle Service Orchestration) APIs, services, technology and professional certification, proof of concept demonstrations and other community activities. Menezes said MEF hopes to have MEF 117 in draft form by the middle of next year.

RELATED: CenturyLink's Pugaczewski herds MEF 82 standard to finish line

At last year's MEF19 conference in Los Angeles, MEF introduced its SD-WAN Certification Program for service providers and vendors, as well as the SD-WAN Certified Professional (MEF-SDCP) program for professionals. MEF also completed its SD-WAN Service Attributes and Services standard (MEF 70) last year, and work is currently underway on MEF 70.1. Early last month, MEF wrapped up its MEF 82 Information Model for SD-WAN.

All of which means MEF has a lot of resources—along with the backing of its service provider and vendor members— to throw at SASE. The MEF W117 project is leveraging a laundry list of MEF's SD-WAN and security efforts including:

• SD-WAN Service Attributes & Service Framework (MEF 70 and MEF W70.1)

• Application Security for SD-WAN Services (MEF W88)

• Zero Trust Framework and Service Attributes (MEF W118) - new

• Universal SD-WAN Edge (MEF W119) - new

• Performance Monitoring and Service Readiness Testing for SD-WAN Services (MEF W105)

• MEF Services Model: Information Model for SD-WAN Services (MEF 82) 

• LSO Legato Service Specification - SD-WAN (MEF W100)

• Intent Based Orchestration (MEF W71)

• Policy Driven Orchestration (MEF W95)

Employees from Fortinet, VMware, Juniper, Nuage Networks from Nokia, Versa Networks, Cisco, Ciena, CMC Networks, and Datavision contributed to the MEF SASE Services Framework white paper white paper. While employees from additional companies—including AT&T, Bell Canada, CenturyLink, Fujitsu Network Communications, Silver Peak, and others—have pitched in on the related SD-WAN, security, and SD-WAN service automation work.