This week’s Global NaaS Event (GNE) in Dallas, run by MEF, reminded me of past networking and telecom conferences that focused on nascent topics and technology that had caught the imagination of the industry and were poised for rapid growth.
There was a great energy level throughout the sessions, and enthusiasm about the role NaaS (Network-as-a-Service) and SASE (Secure Access Service Edge) will play in helping enterprises digitally transform. The general theme of the event was along these lines: 'We've done a lot to get NaaS and SASE going. Now let's take it to a new level.
To that end, MEF made three major announcements at the conference. They include the launch of a NaaS blueprint, a SASE certification program, and an enterprise leadership council.
A blueprint for NaaS
MEF and its member organizations are laying the groundwork to bring a new generation of Network-as-a-Service (NaaS) to market. They envision NaaS as services that combine on-demand connectivity, application assurance, cybersecurity, and multi-cloud-based services. To meet enterprise demands, those providing these services will need a standards-based automated ecosystem.
Enter the NaaS Industry Blueprint. The intent of the blueprint is to help accelerate a new generation of NaaS. “Some call this NaaS 2.0,” said Chris MacFarland, Chairman & CEO of Comcast Business Masergy, in a press briefing announcing the blueprint.
Specifically, the blueprint defines NaaS and proposes primary building blocks of NaaS solutions, including services, automation platforms, ecosystems, and certifications. It incorporates existing MEF service and Lifecycle Service Orchestration (LSO) automation API standards and industry tools for building and delivering NaaS services. Finally, the blueprint presents initial NaaS use cases in the areas of on-demand transport, SD-WAN, SASE, and multi-cloud.
When introducing the blueprint at the conference, MEF President Nan Chen noted that the blueprint said: “By providing a common framework for understanding and defining NaaS, the blueprint will help service providers develop and deliver innovative offerings and enable enterprises to make informed decisions about which are right for them.”
Some of the key elements within the blueprint that aim to take NaaS to new levels include automation APIs that will help deliver services in multi-provider and multi-cloud environments. That capability is increasingly critical to enterprise users who need performance and security assurances of global NaaS-based services that require the involvement of many providers.
SASE services are often quite complex. They meld networking and a variety of security offerings, allowing enterprises to provide remote users and sites, as well as partners and customers, with secure access to enterprise applications and other resources.
By default, SASE services include many elements that must work together to ensure enterprise assets and data are easily accessible yet hard for unauthorized users to compromise. Gauging the security effectiveness of an offering is not a trivial matter.
“Cybersecurity is a black box. And SASE is a black box in a black box,” said Vikram Phatak, CEO of CyberRatings.org. “Nobody really knows if it’s working.
To help enterprises get a better grasp of these issues, MEF and CyberRatings.org (CyberRatings) teamed up to offer a SASE certification program, an effort to provide users with confidence in SASE cybersecurity products and services.
The program is based upon CyberRatings’ methodologies and test programs and will issue a rating on product and service effectiveness of Software-Defined Wide Area Network (SD-WAN), Security Service Edge (SSE Threat Protection), Zero Trust Network Access (ZTNA) and SASE. Certification will ensure compliance with MEF SD-WAN (MEF 70.1) standard and industry standards for SASE (MEF 117) and Zero Trust (MEF 118).
Sixteen service and technology providers are currently participating in a beta program. They include MEF Technology Advisory Board (TAB) member companies Cisco, Fortinet, Juniper Networks, Palo Alto Networks, Versa Networks, and VMware. The SASE certification program is supported by MEF’s Board of Directors, which includes senior executives from AT&T Business, Colt Technology Services, Comcast Business, Liberty Latin America, Lumen, Microsoft, PCCW Global, Orange, Sparkle, and Verizon Business.
Once the beta program is completed later this year, certification will be available to MEF membership at large in the first half of 2024.
Speaking with MEF CTO Pascal Menezes, he noted that with cybersecurity, you cannot just certify something once. Threats change, and the solutions and services to counter threats change. As such, providers in the program will need to continuously certify.
Given that NaaS, SASE, and other services will be consumed by enterprises, MEF wants to make sure the work it and its member organizations are doing meets enterprise needs. To help in this effort, MEF announced the formation of an Enterprise Leadership Council (ELC). It includes senior executives representing major enterprise vertical markets with mission-critical network infrastructures.
The ELC will provide an enterprise perspective on MEF’s strategies and work. The aim is to use that input to help prioritize MEF’s execution of cloud, network infrastructure, and security projects.
ELC members were selected for their experience and domain expertise. The founding ELC members include:
- Nabil Bitar, Bloomberg, Head of Network Architecture, Office of the CTO
- Christian Carmody, UPMC, CTO and Senior VP of Information Technology Division
- Raleigh Mann, Williams Sonoma, SVP Technology
- Neal Secher, TD Bank, Vice President, Head of Network Services
The members will serve a one-year term.
A final word on the Global NaaS Event
The next generation of NaaS is still in its early stages and will be a work in progress for years to come. Progress and success will be dependent on the ability of various stakeholders, including multiple cloud, service, and technology providers, to bring together their offerings into a seamless entity for enterprise users.
A common theme throughout the conference was that collaboration and interoperability will be essential to meet this objective. The three announcements get to the heart of the matter, providing a general blueprint to move NaaS forward, a SASE certification program to demonstrate the security of SASE solutions, and an enterprise council to get the view of the enterprise user front and center to help guide future MEF efforts.