Zero Trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust and continuously validating every stage of a digital interaction.
With the shift to increasingly user-centric networks, in which those who need to access the network and its resources are no longer defined by a single hard-wired location, the need to identify and authorize access and usage is increasingly necessary to support work from anywhere and digital transformation initiatives.
In The Spotlight
Rising to SASE and Zero Trust Challenges
HardenStance founder and principal analyst, Patrick Donegan, speaks with MEF founding member and board member, Ralph Santitoro, about MEF's standardization work on SASE and Zero Trust.
MEF’s industry-first Zero Trust framework defines a framework and requirements of identity, authentication, policy management, and access control processes that are continuously and properly constituted, protected, and free from vulnerabilities when implemented and deployed.
The framework also defines service attributes agreed upon between a subscriber and service provider to enable service providers to implement and deliver a broad range of services that comply with Zero Trust principles.
The MEF Zero Trust Framework
With a combination of MEF’s SD-WAN and SASE service standards and a Zero Trust framework, MEF is defining the necessary standards to help the industry successfully secure their digital services.
A Zero Trust Framework (ZTF), defined in MEF 118, is a cybersecurity architecture where users or clients (end users, applications, and other nonhuman Users, Devices, and Applications that request information from resources) are authenticated, authorized, and continuously validated before being granted access to, maintaining access to, or performing operations on applications.
This document defines a Secure Access Service Edge (SASE) Service Framework and specifies Service Attributes that need to be agreed between a Service Provider and a Subscriber for SASE Services, including Security Functions, Policies and Connectivity Services.
What Can I Achieve with MEF’s Zero Trust Framework?
The framework accelerates service and technology providers’ ability to offer robust, unified network and security services with Zero Trust to enterprises. And, in turn, enterprises are empowered to make better-informed choices based on industry-standard service attributes, frameworks, and definitions
Industry value of MEF’s Zero Trust work:
Deliver a broad range of services that comply with Zero Trust principles.
Enable enterprises to secure user-centric network services in work-from-anywhere environments.
Remove market confusion to accelerate SASE with Zero Trust adoption.
Be In the Know
Engage in Evolving the Industry-First Zero Trust Standard
Collaborating with MEF members on the multi-faceted security work across MEF’s relevant standards ensures you are at the forefront of securing the enterprise’s digital transformation. Helping to evolve the Zero Trust framework will provide you a truly influential opportunity within the ICT industry. Our current SASE and Zero Trust initiatives are available in the MEF 3.0 SASE Hub on the MEF Members’ Wiki.
All employees of active MEF-member companies are authorized to access MEF Members’ Wiki. Don’t have a login? Register. Not a member? Join MEF. Not sure? Contact Us.