SASE

The industry standard for integrated policy, security, and connectivity.

SASE and Zero Trust

Secure Access Service Edge (SASE) has become one of the hottest topics in the industry; here, SD-WAN meets security, delivered in a cloud-centric offering. While Gartner introduced the SASE term in 2019, the general principles behind SASE have been in place for much longer; over time, enterprises have been observing a fundamental shift in how their users access their applications, their data, and their ICT systems: from network-centric to user-centric.

The SASE Cloud: Securing the Multi-access Edge Computing (MEC) Network Edge

Combining MEF 3.0 SD-WAN services, security and the MEC network edge into a SASE cloud.

SASE

Securing the Multi-Access Edge Computing (MEC) Network Edge

MEF uses the term Multi-access Edge Computing (MEC) network edge, the set of cloud-native functions grouped together in a small, defined computing environment at the edge of a service provider’s network, i.e. their Points of Presence (PoPs) or Central Offices (COs).

As an enterprise’s users become increasingly distributed outside any single, core location, or office, the ability to secure them and deliver a good user experience becomes more challenging. Enterprises must ensure that a user does not introduce a security risk into their domain, while at the same time ensuring an optimum experience.

In response, to achieve the desired user experience, service providers are increasingly pressured to move both security functions, as well as other application functions, to the edge of the network. This movement is often termed edge computing. The MEC network edge delivers this secured user experience. Together, all of a provider’s MEC network edges deliver a SASE service capability.

A Framework for Zero Trust

With an increasingly user-centric network pattern, in which those who need to access the network and its resources are no longer defined by a single, hard-wired location, the need to identify and authorize usage is increasingly necessary to support the enterprise’s digital transformation. Zero Trust is a concept in which users, hosts, and applications that connect to a network, must be blocked from accessing the network until after their identity can be confirmed.

MEF is defining a standardized Zero Trust framework that secures networked resources from the users, applications, and hosts connected to SASE Services.

With a combination of MEF’s SD-WAN services standards, MEC network edges, new security policy functions and zero-trust requirements, MEF is defining the well-needed standards for SASE services to help the industry successfully secure their digital services.

Learn More about SASE:

Educational Materials:

SASE Services Framework — 2020 Jul

Product Portfolio: SASE

Tags: SD-WAN, SASE

This White Paper is aimed at both enterprises that are increasingly depending on digital services serving users in increasing numbers, types and locations, as well as the service providers that want to offer them security for those digital services.

Learn More

MEF 3.0 Workshop – Application Security for SD-WAN Services — 2019 Nov

Product Portfolio: SASE

SD-WAN benefits end customers by enhancing their applications network traffic. The appetite to combine application protection with network efficiency is high. Hence, MEF is focused on defining the first standard description of a security service. Security done wrong actually could negate SD-WAN benefits in speed and availability.

Learn More

Technical Standards & SDKs:

MEF 88 Draft Release 1 Application Security for SD-WAN Services — 2020 Aug

Product Portfolio: SASE, SD-WAN

This document specifies the Policy Criteria needed to add Application Security to SD-WAN Services. As such, it is based on the framework specified in MEF 70.1.

Specifically, security functions and related actions are defined, each of which can be applied per Application Flow. These security functions include:

Learn More

I want to investigate further. See all SASE resources:

What Can I Achieve with MEF’s SASE Work?

Security is fundamental to enterprise digital transformation. MEF’s industry-driven collaboration to integrate security across multiple areas of its service standards and modeling—including defining a future SASE service standard—will enable the industry to successfully address the increasingly user-centric ICT environment.

Industry value of MEF’s SASE work:

  • Enhance the effectiveness of standard SASE services.
  • Enable providers to address enterprise needs of the user-centric network.
  • Remove market confusion to accelerate SASE adoption.
  • Automate service delivery and management securely.
  • Accelerate market adoption of security best practices that easily function across multiple ICT service provider domains.

Be In the Know

Engage in Defining the Industry-First SASE Standard

Collaborating with MEF members on the multi-faceted security work across MEF’s relevant standards ensures you are at the forefront of securing the enterprise’s digital transformation. Helping with the definition of a SASE standard will provide you a truly influential opportunity within the ICT industry. Our current SASE initiatives are available in the MEF 3.0 SASE Hub on the MEF Members’ Wiki.


All employees of active MEF-member companies are authorized to access MEF Members’ Wiki. Don’t have a login? Register. Not a member? Join MEF. Not sure? Contact Us.

Go to the Member Wiki
Woman with tablet

Be In the Industry—Secure the business of our industry and its stakeholders.

Join MEF