Gartner termed secure access service edge (SASE) in 2019 as an effective way to deliver converged security and networking in an increasingly cloud-based world. The framework has since become one of the “hottest markets in the industry in terms of activity and potential revenue growth for the next several years,” noted Stan Hubbard, analyst for industry association MEF.

However, the widespread availability of SASE managed services and overall growth of the SASE services market have been “hamstrung by multiple challenges,” Hubbard added in an email to SDxCentral.

MEF research this year identified top challenges faced by SASE service providers – with the primary two being customer education and a lack of industry standards.

“The SASE vendor ecosystem is fragmented with a lack of common terminology,” Hubbard wrote. “Organizations are challenged to compare SASE feature sets and solutions resulting in confusion that can lead to incomplete service offerings that don’t meet needs and expectations.”

SASE standards – like MEF’s recently announced SASE Standard and Zero Trust Framework – are “key to addressing these challenges,” Hubbard added. “Standards help simplify offerings and provide clarity for organizations when selecting SASE services. Choices can be made based on industry-standard features and common definitions allowing for easier evaluation and faster decision making and implementation.”

The new standard framework – MEF 117 – defines SASE services and other related terminology including SASE agent, identity and access management, SASE Edge, and network termination point.

Chief among MEF’s key SASE features is that the framework combines security functions and connectivity services like SD-WAN with subscriber policies to address modern security concerns, according to Hubbard. Security also must be identity-driven, with focus shifted from site-centric to user-centric.

“The user can be anything and anywhere, and security and network functions can be distributed away from the enterprise data center to maximize the availability of high-performance edges [points of presence] and security clouds,” he noted.

Hubbard wrote that MEF’s SASE standard focuses on defining the service from the customer experience. He cited benefits of standardized SASE services, such as “increased industry efficiency” by aligning stakeholders on common terminology when developing, buying, selling, deploying, and delivering SASE services.

Standardization also makes it easier to interface policy with security functions to provide cloud-based cybersecurity postures from anywhere, he added.

SASE has been one of the loudest buzzwords this year and will remain an enterprise priority in 2023, with the market anticipated to reach $8 billion, according to a new report from Dell’Oro Group.

MEF CTO Pascal Menezes told SDxCentral earlier this year that despite all this buzz around SASE, there is still a need to eliminate “market confusion.”

The lack of standardization within the early SD-WAN market led to an arms race of features and functions that every vendor went to the market with, but Menezes said there is an opportunity with SASE to standardize early and “create a massive market.”

“Going up the stack in SD-WAN, SASE, zero trust, we have to get the vendors and service providers agreeing,” he said. “That’s the benefit for everybody to come together. Because when the market’s confused, you won’t get buyers buying.”