MEF adds application, security updates to SD-WAN standard

News Analysis Kelsey Kusterer Ziser, Editor 12/17/2021

MEF has launched MEF 70.1, an update to its SD-WAN standard, with new service capabilities for underlay connectivity, plus application performance and security updates.

The updated SD-WAN standard includes new metrics for application performance within and across multiple service provider networks and supports application-based security outlined in MEF 88. As its first security standard, MEF 88 defines security threats, policy terminology and attributes, and recommends responses to specific security threats in a SD-WAN service.

"We're seeing a healthy uptick in SD-WAN deployments driven by work from anywhere, as more users are connecting to the cloud and cloud-based applications. We estimate the global SD-WAN service market will grow from $2.85B in 2020 to $14.5B in 2025 (CAGR of 38%)," said Roopa Honnachari, vice president of research & global program leader – network and edge services for Frost & Sullivan, in a statement.

Pascal Menezes, CTO for MEF, explained in a statement why SD-WAN standards are beneficial both to service providers and their enterprise customers. He said that it helps when customers "know what to expect when purchasing SD-WAN managed services from a provider, and providers have the tools needed to deliver secure SD-WAN services that drive customer satisfaction."

Both service providers and vendors can attain certification for MEF's SD-WAN standards in the MEF 3.0 SD-WAN certification program, and MEF will add security requirements for SD-WAN to the program in 2022. Currently, 17 companies have completed the SD-WAN certification program. Over 60 service providers have either the Carrier Ethernet or SD-WAN certification within the MEF 3.0 framework, and a handful have both.

AT&T, Verizon, Comcast Business and Windstream are among the service providers with MEF 3.0 SD-WAN Certification, and they also rank within the top five of Vertical Systems Group's 2020 US Carrier Managed SD-WAN Leaderboard.

MEF will also be releasing SASE (MEF W117) and Zero Trust (MEF W118) standards in 2022. MEF started developing its secure access service edge (SASE) framework last fall to clarify the service attributes and definitions for SASE. The market has already become bogged down by varying SASE definitions, which has led to confusion among enterprise customers and frustration for service providers.

"Everyone has their own twist to what SASE is or is not," Vincent Lee, director of the Secure Network as a Service for Verizon Business, recently told Light Reading.

MEF defines SASE as a "service connecting users (machine or human) with their applications in the cloud while providing connectivity performance and security assurance determined by policies set by the Subscriber." The networking and security functions within a SASE service include routing, VPN, path selection, traffic shaping, firewall, threat prevention and more.

Yet finding one vendor that meets all those requirements, and delivers a SASE service that is simple to deploy, is proving challenging for service providers that want to provide SASE as a managed service to enterprise customers.

"The ideal is one vendor, right? That's the ideal, we all agree with it. But at least for enterprise customers, we'd haven't found a single vendor solution that meets their needs yet from a SASE perspective," said Verizon's Lee.

Related posts:

— Kelsey Kusterer Ziser, Senior Editor, Light Reading

Cover photo by Joshua Hoehne on Unsplash.