In the ever-evolving networking and security services landscape, standardization of new technologies is essential for innovation to thrive. It drives quicker market adoption and, most importantly, the adopters' ability to evaluate, compare, contrast and ultimately select the best technology that meets their needs. So, what happens with networking technology that doesn’t have a foundation in standardization?
SD-WAN technology was a highly anticipated development in the networking industry that emerged in 2012. However, it didn't follow a clear path until its standardization by MEF in 2019. This caused market confusion and slowed down its adoption and growth.
SD-WAN started it allSD-WAN stands out as the first Enterprise Network Service that gained mainstream prominence without the firm guidance of industry bodies such as Internet Engineering Task Force (IETF) or IEEE.
This meant that vendors from multiple network or security disciplines decided on building capabilities based on their expectations of market evolution. Most startups focused on creating new capabilities, ignoring existing and complex MPLS VPN brownfield deployments. Such approaches set off an arms race for new features and functions, disregarding interoperability. Legacy branch appliance vendors took advantage of the lack of a framework by rebranding and repackaging legacy solutions as innovations.
Simultaneous with the heavy interest in SD-WAN, the Enterprise IT governance surface area began to increase substantially with the adoption of multiple public clouds and Software-as-a-Service clouds, resulting in the cyber security capabilities becoming intertwined with SD-WAN.
The absence of foundational standards bodies gave rise to industry analysts stepping in to define broad frameworks for these technologies, as evidenced by Gartner creating of the secure access service edge (SASE) architecture in 2019 and later the narrower security services edge (SSE) framework.
The market was awash overnight, with all SD-WAN solutions now calling themselves SASE-compliant. Likewise, security-only vendors started labeling their solutions as SASE-complaint. Vendors saw the opportunity to participate in a new, high-growth market, and the broad SASE framework allowed everyone to claim compliance. Market confusion ensued, and the adoption and market growth fell short of the predictions.
Service providers and enterprises IT, the buyers and adopters for whom these technologies and solutions had been developed, could not objectively compare, contrast and evaluate the technologies sold to them.
This market evolution was markedly different from the last exciting networking evolution circa 2001 when the now widely deployed VPLS and IP-VPN services using IP/MPLS as the substrate burst on the scene. In that case, vendors and service providers alike participated in defining IETF standards for both services. This ensured vendors had to build solutions compliant with the IETF standards and create differentiation with additional features/functions.
Creating product differentiation with standardizationStandardization and product differentiation are not mutually exclusive, although certain vendors worry that differentiation becomes challenging once standards are established. However, this perspective is not helpful for the adopters of these technologies, as cloud, network and security products differ from consumer products. It is well established that in the networking industry, there are multiple ways in which vendors can differentiate their offerings based on quality, usability, and functions, such as advanced logging, debugging, and user experience enhancements built upon the standardized foundation.
Service providers and enterprises rely heavily on their interconnected cloud, network, and security infrastructures. These components underpin the services that drive their core businesses. These infrastructures frequently consist of solutions from various vendors. This multifaceted approach involves selecting the best-of-breed solutions, which the service providers have always done to avoid vendor lock-ins. This approach has worked well due to the deployment of standardized technologies that facilitate interoperability. Since the last decade, Enterprises have expressed their strong desire to mirror this strategy, shifting from monolithic vendor solutions to adopting the best-of-breed approach.
Role of industry associations in standardizationSince its inception in early 2000, MEF, a global industry association of network, cloud, security and technology providers, has had a central objective: to streamline and expedite the adoption of emerging technologies and innovations across cloud, network, and security domains. After a few vendors introduced their SD-WAN solutions into the market without any standards, MEF stepped in to fill the void and defined standards for SASE and SD-WAN services. Through this initiative, MEF has introduced a universal lexicon and terminology, fostering industry-wide cohesion and hastening market growth trajectory.
SASE testing and certificationMEF is going one step further by partnering with CyberRatings to launch a new SASE certification program for MEF technology and service provider members worldwide. The SASE certification includes SD-WAN, SSE threat protection and zero trust network access certifications. These certifications are based on CyberRatings' methodologies, test programs and compliance with MEF standards.
The SASE certification program aims to bolster trust in cybersecurity solutions. It offers a report card and rating for vendors and service providers to indicate the effectiveness of their SASE offerings. MEF's certification registry will contain this information.
How to pick the best cloud, network and security systemsFor Enterprise businesses to operate effectively, it's crucial to have robust cloud, network and security systems in place. Selecting the best solutions that meet industry standards and have been certified accordingly is essential. By standardizing and certifying new technologies, we can ensure their success and hold legacy solutions being passed as new accountable. This process gives Enterprises the confidence to adopt advanced technologies and drives the industry forward.
Sunil Khandekar is a seasoned tech executive and advisor with over 25 years of experience in the telecom and networking industries. He specializes in developing high-value growth businesses from concept to customer adoption. Sunil’s most recent role was as the founder and CEO of Nuage Networks. During his career, Khandekar has held various product and business leadership roles at Alcatel-Lucent and is a frequent speaker at industry events and conferences.