Remote Employee Access to Cloud

Enabling SASE services using Lean NFV and SD-WAN for access to multi-cloud.

MEF 3.0 PoC (106)

Presents a MEF-defined SASE service for remote employee access to multiple public clouds (e.g., AWS, Azure). Access service is fully orchestrated and enables end-to-end assurance and policy through Lean NFV-based networking and security functions located in multiple SASE domains (customer premises, Connectivity Service Provider, Security Provider, Public Cloud). Lean NFV fosters an open market of best-of-breed components for connectivity, security, analytical, management, and other functions, which may be added and deployed dynamically without disruption to the existing infrastructure.

106 - Remote Access

Significance

This PoC demonstrates end-to-end SASE service layered on multiple SD-WANS with distributed security, orchestrated using principles of Lean NFV for greater openness, agility, disaggregation, and service innovation at the edge. SASE Service is established, secured, and driven by common policies over customer, service provider, security cloud, and public cloud domains. As a result, the end customer receives policy-driven, zero-trust access to multiple public cloud providers.

Inspiration

Currently available SASE offerings vary in architecture and functionalities, creating a lot of confusion and leaving out the importance of customer and cloud domains in end-to-end service assurance and security. Inspired by recent MEF initiatives, this POC validates E2E SASE using Lean NFV management concepts, which makes dynamic SASE options feasible.

Near Future

Due to COVID-19, many employees will remain home, even after the pandemic. This change shifts previous connectivity patterns to more decentralized. To ensure security, more enterprises will start using offerings from SASE providers. Full assurance and security can be achieved only through collaboration between Security and Communication Service Providers.

Action Needed

Standardization of the SASE service model is required to introduce interoperability between SASE vendors and Service/Cloud Providers. Standards governing architecture and behavior will simplify SASE offering selection. More significantly, the definition of common control APIs, from a Key-Value Store to VNFs, CNFs, microcontrollers, and other Lean NFV components, is necessary to achieve facilitated NF onboarding.

Without This PoC

Slower adoption of SASE due to limited functionality, fragmentation, and only partial coverage of end-to-end service. Continuous limited use of NFV by Service Providers, due to operational complexity and inability to rapidly onboard new virtual and containerized network functions and mix different components of a MANO stack. Perpetuation of brittle, single-vendor, monolithic solutions.

PoC Participants

Amartus
Nefeli
Sparkle
Versa Networks
PoC 106 Diagram

What Are the Takeaways for MEF and its Members?

Service providers offering managed SASE services will benefit from rapid onboarding of security and other VNFs using Lean NFV, as well as the greater choice of vendors and offerings resulting from a standardized Lean NFV approach.

Be In The Market — Position your organization as a leader in innovation.

Learn More