MEF 3.0 services are designed to be assured; this assurance comprises performance and security. Enterprises require any digital service to be secure for the purpose of conducting business. In the past, networking and security were often considered disparate; however, their integration is critical.
With the introduction of overlay digital services—in particular, MEF 3.0 SD-WAN services—the integration of security into MEF’s work has become a critical focus for our membership. The Secure Access Service Edge (SASE) initiative sits at the center of this work as a strategic area of member focus resulting from the confluence of security and networking—and, in particular, security, edge computing, and SD-WAN services.
Find out how you can help to bring the collective expertise of commercial, business, and product groups together to work on SASE, SD-WAN, and LSO initiatives by participating in these eight Incubation Groups.
Secure Access Service Edge (SASE) has become one of the hottest topics in the industry; here, SD-WAN meets security, delivered in a cloud-centric offering. While Gartner introduced the SASE term in 2019, the general principles behind SASE have been in place for much longer; over time, enterprises have been observing a fundamental shift in how their users access their applications, their data, and their ICT systems: from network-centric to user-centric.
Combining MEF 3.0 SD-WAN services, security and the MEC network edge into a SASE cloud.
MEF uses the term Multi-access Edge Computing (MEC) network edge, the set of cloud-native functions grouped together in a small, defined computing environment at the edge of a service provider’s network, i.e. their Points of Presence (PoPs) or Central Offices (COs).
As an enterprise’s users become increasingly distributed outside any single, core location, or office, the ability to secure them and deliver a good user experience becomes more challenging. Enterprises must ensure that a user does not introduce a security risk into their domain, while at the same time ensuring an optimum experience.
In response, to achieve the desired user experience, service providers are increasingly pressured to move both security functions, as well as other application functions, to the edge of the network. This movement is often termed edge computing. The MEC network edge delivers this secured user experience. Together, all of a provider’s MEC network edges deliver a SASE service capability.
With an increasingly user-centric network pattern, in which those who need to access the network and its resources are no longer defined by a single, hard-wired location, the need to identify and authorize usage is increasingly necessary to support the enterprise’s digital transformation. Zero Trust is a concept in which users, hosts, and applications that connect to a network, must be blocked from accessing the network until after their identity can be confirmed.
MEF is defining a standardized Zero Trust framework that secures networked resources from the users, applications, and hosts connected to SASE Services.
With a combination of MEF’s SD-WAN services standards, MEC network edges, new security policy functions and zero-trust requirements, MEF is defining the well-needed standards for SASE services to help the industry successfully secure their digital services.
SASE Services Framework — 2020 Jul
Product Portfolio: SASE
This White Paper is aimed at both enterprises that are increasingly depending on digital services serving users in increasing numbers, types and locations, as well as the service providers that want to offer them security for those digital services.
MEF 3.0 Workshop – Application Security for SD-WAN Services — 2019 Nov
Product Portfolio: SASE
SD-WAN benefits end customers by enhancing their applications network traffic. The appetite to combine application protection with network efficiency is high. Hence, MEF is focused on defining the first standard description of a security service. Security done wrong actually could negate SD-WAN benefits in speed and availability.
MEF 88 Draft Release 1 Application Security for SD-WAN Services — 2020 Aug
Product Portfolio: SASE, SD-WAN
This document specifies the Policy Criteria needed to add Application Security to SD-WAN Services. As such, it is based on the framework specified in MEF 70.1.
Specifically, security functions and related actions are defined, each of which can be applied per Application Flow. These security functions include:
I want to investigate further. See all SASE resources:
Security is fundamental to enterprise digital transformation. MEF’s industry-driven collaboration to integrate security across multiple areas of its service standards and modeling—including defining a future SASE service standard—will enable the industry to successfully address the increasingly user-centric ICT environment.
Collaborating with MEF members on the multi-faceted security work across MEF’s relevant standards ensures you are at the forefront of securing the enterprise’s digital transformation. Helping with the definition of a SASE standard will provide you a truly influential opportunity within the ICT industry. Our current SASE initiatives are available in the MEF 3.0 SASE Hub on the MEF Members’ Wiki.
All employees of active MEF-member companies are authorized to access MEF Members’ Wiki. Don’t have a login? Register. Not a member? Join MEF. Not sure? Contact Us.
Go to the Member Wiki