Zero Trust

Framework providing identity, authentication, and policy-based access control for services

A Framework for Zero Trust

MEF’s industry-first Zero Trust framework defines a framework and requirements of identity, authentication, policy management, and access control processes that are continuously and properly constituted, protected, and free from vulnerabilities when implemented and deployed.

The framework also defines service attributes agreed upon between a subscriber and service provider to enable service providers to implement and deliver a broad range of services that comply with Zero Trust principles.

The MEF Zero Trust Framework

With a combination of MEF’s SD-WAN and SASE service standards and a Zero Trust framework, MEF is defining the necessary standards to help the industry successfully secure their digital services.

Learn More about Zero Trust:

Technical Standards & SDKs:

MEF 118.1 Zero Trust Framework for MEF Services — 2024 Jul

Amends: MEF 118

Product Portfolio: SASE, Zero Trust

This standard defines a framework and requirements addressing Identity and Authentication of the different Actors plus Policy-Based Access Control providing enforcement at Policy End Points.

Learn More

MEF 163 Draft Release 3 Zero Trust Certification Test Cases and Requirements — 2024 May

Product Portfolio: Zero Trust, Zero Trust Certification

A Zero Trust Framework (ZTF), defined in MEF 118, is a cybersecurity architecture where users or clients (end users, applications, and other nonhuman Users, Devices, and Applications that request information from resources) are authenticated, authorized, and continuously validated before being granted access to, maintaining access to, or performing operations on applications.

Learn More

MEF 117 SASE Service Attributes and Service Framework — 2022 Oct

Product Portfolio: SASE, Zero Trust, SSE, SSE Certification

This document defines a Secure Access Service Edge (SASE) Service Framework and specifies Service Attributes that need to be agreed between a Service Provider and a Subscriber for SASE Services, including Security Functions, Policies and Connectivity Services.

Learn More

MEF 118 Zero Trust Framework for MEF Services — 2022 Oct

Product Portfolio: SASE, Zero Trust, Zero Trust Certification

This standard defines a framework and requirements addressing Identity and Authentication of the different Actors plus Policy-Based Access Control providing enforcement at Policy End Points.

Learn More

I want to investigate further. See all Zero Trust resources:

What Can I Achieve with MEF’s Zero Trust Framework?

The framework accelerates service and technology providers’ ability to offer robust, unified network and security services with Zero Trust to enterprises. And, in turn, enterprises are empowered to make better-informed choices based on industry-standard service attributes, frameworks, and definitions

Industry value of MEF’s Zero Trust work:

  • Deliver a broad range of services that comply with Zero Trust principles.
  • Enable enterprises to secure user-centric network services in work-from-anywhere environments.
  • Remove market confusion to accelerate SASE with Zero Trust adoption.

Be In the Know

Engage in Evolving the Industry-First Zero Trust Standard

Collaborating with MEF members on the multi-faceted security work across MEF’s relevant standards ensures you are at the forefront of securing the enterprise’s digital transformation. Helping to evolve the Zero Trust framework will provide you a truly influential opportunity within the ICT industry. Our current SASE and Zero Trust initiatives are available in the MEF 3.0 SASE Hub on the MEF Members’ Wiki.


All employees of active MEF-member companies are authorized to access MEF Members’ Wiki. Don’t have a login? Register. Not a member? Join MEF. Not sure? Contact Us.

Go to the Member Wiki
Man with glasses

Be In the Industry—Secure the business of our industry and its stakeholders.

Join MEF