Operated from redundant facilities and built in collaboration with noris network, Versa delivers sovereignty across all four planes – data, control, management, and legal jurisdiction – as a fully managed service
MUNICH--(BUSINESS WIRE)--Versa Networks, the global leader in unified security and networking, today announces the general availability of Europe's first fully sovereign SASE, or Secure Access Service Edge, which converges wide-area networking and cloud-delivered security into a single, unified platform, operated from redundant ISO 27001-certified facilities by noris network AG. EU enterprises of any size can now consume enterprise-grade sovereign SASE as a fully managed service, with traffic inspection, policy enforcement, and operational control handled within Germany in accordance with applicable European laws and regulations.
Data residency tells you where data sits. Sovereignty controls who has access to it, from where, under whose law, and whether that protection holds when it matters most. For European organizations that have invested in sovereign strategies, that distinction has become critical. The data may be in a sovereign cloud or data center, but the access to it is often not.
The Sovereign Gap in the European SASE Market
Prior to today, European enterprises procured SASE that was part of a global infrastructure of cloud security vendors – without any sovereignty option across all layers of the architecture.
Most incumbent SASE vendors deliver the service from a global infrastructure. While some maintain points of presence (PoPs) within specific jurisdictions, their control planes – the systems responsible for inspection and enforcing access policy decisions – typically operate on infrastructure outside the jurisdiction, thus subjecting those in the EU to non-European legal jurisdiction. Therefore a user may access a sovereign cloud or data center in the EU, but the decisions governing that traffic are made elsewhere.
A number of vendors have responded to European sovereignty requirements by offering data residency options, regional log storage, or in-country gateways, and describe the result as sovereign. In these architectures, the control and management planes remain outside EU jurisdiction. The data localization is real; the sovereignty claim is partial.
For organizations subject to GDPR, NIS2, DORA, or Germany's KRITIS framework, this distinction matters. These frameworks require demonstrable control over where access decisions are made, where policy is enforced, and under whose legal authority infrastructure operates – not simply where data is stored at rest.
Versa Offers Four-Plane Sovereignty
Versa's Sovereign SASE provides sovereignty across all four planes of the SASE architecture, delivered as a fully managed service.
- Data plane: Traffic inspection, policy enforcement for threat prevention, and content filtering are performed at the local Sovereign PoP. Traffic is not routed outside Germany for processing.
- Control plane: Full Zero Trust access – including identity validation, continuous authentication, and access decisions – is performed entirely within the sovereign environment.
- Management plane: Platform administration, logging, configuration, and operational access are locally governed and fully auditable under EU law.
- Legal jurisdiction: The service is contracted through Versa Networks B.V., a Netherlands-based EU legal entity.
Built on Existing Sovereign Deployments
Versa has been delivering sovereign SASE for more than five years and has many production customers in defense, telecommunications, and critical infrastructure that require full control and operational independence. For example, Swisscom's beem service, the first carrier-grade sovereign SASE deployment at national scale in Switzerland, runs on Versa's sovereign architecture. Additionally, the U.S. Department of Defense Thunderdome program is built and operated on the same principles.
Until now, this level of sovereignty required organizations to build and operate their own sovereign infrastructure. Today's announcement makes the same architectural standard available as a fully managed service within a specific jurisdiction, without the associated operational overhead.
Regulatory Alignment
The service is designed for organizations of all sizes and scales, but most appealing for those operating in regulated industries – including financial services, healthcare, critical infrastructure, manufacturing, and public administration.
- For financial entities subject to DORA, the architecture supports ICT risk management, operational resilience testing, and third-party oversight requirements, with all operations contained within EU jurisdiction.
- For critical infrastructure industries subject to NIS2, the architecture supports governance accountability, incident reporting timelines, and supply chain security controls.
- For KRITIS-designated operators, all data processing and operational control remain within Germany, with BSI-aligned certifications and support for OT and ICS environments.
Full SASE Capability Within the Sovereign Boundary – Including AI
A common limitation of sovereign SASE deployments from competing vendors is that sovereignty comes at the cost of functionality. Advanced security capabilities are stripped back, AI features are unavailable, or customers are directed to a reduced-capability sovereign tier. Versa's sovereign deployment does not work that way.
The full VersaONE Universal SASE Platform is operational within the sovereign boundary, including Zero Trust Network Access (ZTNA), Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Data Loss Prevention (DLP), Next-Generation Firewall (NGFW), Intrusion Prevention System (IPS), Advanced Threat Protection (ATP), and Secure SD-WAN. No capabilities are removed or restricted in the sovereign deployment. Customers receive the same platform available in Versa's standard cloud service.
This includes VersaAI, Versa's AI layer for real-time threat detection, automated security operations, and AI-driven analytics. All VersaAI processing, telemetry, and inference operations remain within the German sovereign boundary. No data leaves the jurisdiction for AI processing. For organizations beginning to deploy AI workloads, this means the security layer governing those workloads meets the same sovereignty standard as the rest of the infrastructure.
Quotes
“Many enterprises invested in sovereign cloud strategies only to discover that their secure access, management and control plane were still operating outside their jurisdiction. Deploying a cloud SASE provider's appliance on customer premises does not make a solution sovereign. True sovereignty requires control over where policy is enforced, where control and management occur, and who governs that data while it is in motion. This deployment makes that available to any EU enterprise as a managed service.” – Kelly Ahuja, Chief Executive Officer, Versa Networks
“We are thrilled to support Versa with our noris sovereign Cloud Platform (nSC) hosted in our German data centers. Customers who operate in security-critical and regulated sectors can rely on noris to deliver highly secure and compliant IT operations.” – Joachim Astel, CRO, noris network AG
Availability
Versa Sovereign SASE-as-a-Service is available now. The service is available directly from Versa Networks and through authorized Versa channel partners and managed service providers. All contracts are executed through Versa Networks B.V., Versa's Netherlands-based EU legal entity.
For more information, visit versa-networks.com/products/sovereign-sase.
About Versa
Versa, the global leader in unified networking and security, enables organizations to create self-protecting networks that radically simplify and automate their network and security infrastructure. Powered by AI, the VersaONE Universal SASE Platform delivers converged SSE, SD-WAN, and SD-LAN solutions that protect data and defend against cyberthreats while providing a superior digital experience. Thousands of customers globally, with hundreds of thousands of sites and millions of users, trust Versa with their mission-critical networks and security. Versa is privately held and funded by investors such as Sequoia Capital, Mayfield, and BlackRock. For more information, visit https://www.versa-networks.com and follow Versa on LinkedIn and X (Twitter) @versanetworks.
About noris network
noris network AG is one of Germany's leading IT service providers for business-critical IT infrastructure. Our mission is to reduce IT complexity and secure future readiness for industries with the highest demands. Whether enterprise, finance, automotive, or public sector, noris network delivers high-performance, auditable and fully managed cloud, data center, network, and security platforms designed for digital sovereignty, compliance, and innovation. With its own highly available, highly energy-efficient data centers, which set standards for security, sustainability and technological excellence, noris network acts as a technology leader with forward-looking engineering and the highest quality standards. Our customers rely on operational excellence, certified security, and a partner that takes responsibility. More information is available at: https://www.noris.de/.
Contacts
Media Contact: Jim Brady
Media@versa-networks.com
