MEF New Standards for SD-WAN Services; SASE Work Program; Dec 2022 UPDATE!

The Metro Ethernet Forum (MEF) [1.] has published new SD-WAN standards that add critical enhancements, including new service capabilities for underlay connectivity, important application performance metrics, and security zones for service providers deploying SD-WAN managed services.

Note 1. The MEF is an industry forum empowering enterprises to transform digitally with standard services and APIs for network, cloud, and technology providers.  While initially focused on Carrier Ethernet, the MEF scope has broadened to encompass overlay services like SD-WAN.  The ITU-T does not have an active SD-WAN standardization program so the industry must look to the MEF for service definitions and standards for that subject.

……………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………

The new MEF standards include:

  • MEF 70.1 updates MEF 70, the industry’s first global SD-WAN standard, to include new service attributes for underlay connectivity services, new measurable performance metrics that provide visibility into an application’s performance within the provider network and across multiple service providers, and the infrastructure to support application-based security defined in MEF 88 (see below).
  • MEF 88, MEF’s first security standard, enhances an SD-WAN service to add security functions. These include defining threats, malware protections, security policy terminology and attributes, and describing what actions a policy should take in response to certain threats.
  • MEF 95 provides a unified policy framework for MEF’s SD-WAN (MEF 70.1), Network Slicing (MEF 84), and SASE (MEF W117) and Zero Trust (MEF W118) standards coming in 2022.

“We’re seeing a healthy uptick in SD-WAN deployments driven by work from anywhere, as more users are connecting to the cloud and cloud-based applications. We estimate the global SD-WAN service market will grow from $2.85B in 2020 to $14.5B in 2025 (CAGR of 38%),” said Roopa Honnachari, vice president of research & global program leader – network & edge services, Frost & Sullivan.

“MEF’s work in standardizing and certifying SD-WAN managed services is helping to drive that adoption, and we believe certified services and professionals will continue to play an important role in moving the market forward.”

“MEF develops standards and certifications to provide clarity and assurance and remove complexity for SD-WAN managed services.

The new standards define the service behavior and associated policy language needed to deliver high-performance, secure SD-WAN managed services,” said Pascal Menezes, CTO, MEF.

Source:  MEF

……………………………………………………………………………………..

“These standards, and the forthcoming SASE and Zero Trust standards, benefit both customers and providers—customers know what to expect when purchasing SD-WAN managed services from a provider, and providers have the tools needed to deliver secure SD-WAN services that drive customer satisfaction,” Pascal added.

Both service providers and vendors can attain certification for MEF’s SD-WAN standards in the MEF 3.0 SD-WAN certification program which validates compliance with MEF standards for delivering managed SD-WAN services and the underlying technology.  The objective is to eliminate market confusion, and enable faster SD-WAN market adoption.

In 2022, secure SD-WAN requirements will be added to the MEF 3.0 certification program. Currently, 17 companies have achieved MEF 3.0 SD-WAN certification. In addition, the MEF-SDCP Professional Certification training and certification provides an opportunity for the engineers, architects, product managers, and others deploying SD-WAN solutions to demonstrate their expertise in MEF 3.0 service standards.

  • Worldwide, there are over 700 MEF-SDCP professionals employed by more than 120 companies.
  • Over 60 service providers have either the Carrier Ethernet or SD-WAN certification within the MEF 3.0 framework, and a handful have both.
  • AT&T, Verizon, Comcast Business and Windstream are among the service providers with MEF 3.0 SD-WAN Certification.  Those companies also rank within the top five of Vertical Systems Group’s 2020 US Carrier Managed SD-WAN Leaderboard.

MEF SASE Work:

MEF will also be releasing SASE (MEF W117) and Zero Trust (MEF W118) standards in 2022. MEF started developing its secure access service edge (SASE) framework last fall to clarify the service attributes and definitions for SASE.

The SD WAN market has already become bogged down by different SASE definitions, which has led to confusion among enterprise customers and frustration for service providers.

MEF defines SASE as a “service connecting users (machine or human) with their applications in the cloud while providing connectivity performance and security assurance determined by policies set by the Subscriber.” The networking and security functions within a SASE service include routing, VPN, path selection, traffic shaping, firewall, threat prevention and more.

Yet finding one vendor that meets all those requirements, and delivers a SASE service that is simple to deploy, is proving challenging for service providers that want to provide SASE as a managed service to enterprise customers.

“The ideal is one vendor, right? That’s the ideal, we all agree with it. But at least for enterprise customers, we’d haven’t found a single vendor solution that meets their needs yet from a SASE perspective,” said Verizon’s Vincent Lee.

MEF Media Contact: Melissa Power [email protected]

……………………………………………………………………………………………………………………………………………………………………………………………………

References:

MEF Introduces New Standards for High-Performance, Secure SD-WAN Services

https://www.mef.net/service-standards/overlay-services/sase/

https://www.lightreading.com/sd-wan/mef-adds-application-security-updates-to-sd-wan-standard/d/d-id/774205?

……………………………………………………………………………………………………………………………………………………………………………….

December 2022 UPDATE:

MEF SD-WAN and SASE Standards:

In August 2019, the MEF published the industry’s first global standard defining an SD-WAN service and its service attributes. SD-WAN Service Attributes and Services (MEF 70). The MEF SD-WAN standard describes requirements for an application-aware, over-the-top WAN connectivity service that uses policies to determine how application flows are directed over multiple underlay networks irrespective of the underlay technologies or service providers who deliver them.  However, it does not address interoperability because it does not specify either a UNI or NNI protocol stack.

MEF 70 defines:

  • Service attributes that describe the externally visible behavior of an SD-WAN service as experienced by the subscriber.
  • Rules associated with how traffic is handled.
  • Key technical concepts and definitions like an SD-WAN UNI, the SD-WAN Edge, SD-WAN Tunnel Virtual Connections, SD-WAN Virtual Connection End Points, and Underlay Connectivity Services.

SD-WAN standardization offers numerous benefits that will help accelerate SD-WAN market growth while improving overall customer experience with hybrid networking solutions. Key benefits include:

  • Enabling a wide range of ecosystem stakeholders to use the same terminology when buying, selling, assessing, deploying, and delivering SD-WAN services.
  • Making it easier to interface policy with intelligent underlay connectivity services to provide a better end-to-end application experience with guaranteed service resiliency.
  • Facilitating inclusion of SD-WAN services in standardized LSO architectures, thereby advancing efforts to orchestrate MEF 3.0 SD-WAN services across automated networks.
  • Paving the way for creation and implementation of certified MEF 3.0 SD-WAN services, which will give users confidence that a service meets a fundamental set of requirements.

In December 2022, MEF published two Secure Access Service Edge (SASE) standards defining 1.] SASE service attributes, common definitions & a framework and 2.] a Zero Trust framework that together allow organizations to implement dynamic policy-based actions to secure network resources for faster decision making and implementation for enterprises.  MEF’s SASE standard defines common terminology and service attributes which is critically important when buying, selling, and delivering SASE services. It also makes it easier to interface policy with security functions for cloud-based cybersecurity from anywhere. MEF’s Zero Trust framework defines service attributes to enable service providers to implement and deliver a broad range of services that comply with Zero Trust principles.

  1. SASE Service Attributes and Service Framework Standard:  specifies service attributes to be agreed upon between a service provider and a subscriber for SASE services, including security functions, policies, and connectivity services. The standard defines the behaviors of the SASE service that are externally visible to the subscriber irrespective of the implementation of the service. A SASE service based upon the framework defined in the standard enables secure access and secure connectivity of users, devices, or applications to resources for the subscriber. MEF’s SASE standard (MEF 117) includes SASE service attributes and a SASE service framework.
  2. Zero Trust Framework for MEF Services: The new Zero Trust Framework for MEF Services (MEF 118) defines a framework and requirements of identity, authentication, policy management, and access control processes that are continuously and properly constituted, protected, and free from vulnerabilities when implemented and deployed. This framework also defines service attributes, which are agreed between a subscriber and service provider, to enable service providers to implement and deliver a broad range of services that comply with Zero Trust principles.