Draft 1 of MEF W131 released

28 July 2022 - Reading time: 3 minutes

Probably I should have published this news much earlier, but as they say, "better late than never". So here we go: I am delighted to announce that Metro Ethernet Forum (MEF) formally issued Draft Release 1 of MEF Secure SD-WAN Certification Test Requirements (MEF 131). As a nominated editor, I was leading this project for a year, and happy to see that now it has been released.

A quick intro to SD-WAN: it is an acronym for Software-Defined Wide Area Networking. It is a networking paradigm that promises to change the way we think about networking. In a nutshell, SD-WAN technology is a software-defined solution that allows the network to be centrally managed. This leads to a whole new way of designing, deploying and managing the network that is less complex, more flexible, and more user-friendly. The SD-WAN solutions are based on a suite of software and hardware components and can be deployed on various platforms and technologies. SD-WAN delivers a flexible and cost-effective infrastructure to support a unified data centre in the cloud where all applications and servers can reside and interconnect with the network and each other, resulting in lower Total Cost of Ownership and simplified network architectures. At the same time, it is important to know that the last thing you want is when yours or your customers’ data is compromised due to an insecure network, so it is imperative to have a clear understanding of how SD-WAN should be secured before going live.

Now a bit more about the document. MEF 131 describes the certification test requirements needed to verify that a service conforms to MEF 88, which outlines requirements for Application Flow Security for SD-WAN Services. The requirements in MEF 88 have been analyzed to determine which ones are valuable and testable, and this standard outlines the certification test requirements for those requirements. This standard also includes the ACTP Test Plan and ACTP Test Report, which specify the detailed test requirements and test cases, respectively. MEF 88 requirements were mapped to a set of Test Cases:

Mapping MEF W88 Requirements to MEF W131 Test Cases

Each Test Case can cover one or more MEF 88 Requirements. This is possible due to the fact that each Test Case can have one or more Tests. There is no mandatory direct relationship between the number of Tests and related Requirements, as one Test can cover more than one MEF 88 Requirement. 

MEF W131 Test Cases

It was a very interesting project, and I am happy to have a chat with you if you want to know more about it and also learn a thing or two about the cybersecurity of SD-WAN. 

So the document is publicly available, and I think it is a good time to say thank you for the tremendous support: my colleagues from Spirent Communications and also from MEF members.

[The article is also published on LinkedIn]