Versa introduces cloud-based sovereign solution for enterprises of all sizes

Versa released Sovereign SASE-as-a-Service, a cloud-delivered SaaS offering in which the data, control, and management planes operate entirely within a region’s legal jurisdiction.

Digital sovereignty has moved from a compliance consideration to a board-level decision. Across Europe and other regions, governments are asserting stronger authority over data residency and protection. The European Union’s GDPR, NIS2, and DORA frameworks are tightening enforcement standards, and data residency alone is no longer sufficient.

Most SASE offerings fall short of true sovereignty

While vendors may operate a local POP (point of presence) within a country, user traffic is often forwarded to security gateways in other regions for content and threat inspection. Others perform localized inspection in a limited set of countries while maintaining operational control and management outside the jurisdiction where the data is processed, creating a critical sovereignty gap.

As a result, when users connect to the internet or private applications, traffic may be routed—or “hairpinned”—outside the country for inspection, and user metadata may be logged outside the country. True operational sovereignty requires far more than simply localizing the gateway, and placing gateways on customer premises does not close the gap.

Versa pioneered sovereign SASE and has delivered these capabilities in production for years, partnering with service providers worldwide to help them build and operate sovereign SASE services for their customers. Swisscom, for example, recently launched its beem service in Switzerland on Versa’s sovereign architecture, the first carrier-grade sovereign SASE deployment at national scale.

“Many enterprises invested in sovereign cloud strategies, only to discover that secure access to their applications and data was still governed outside their jurisdiction,” said Kelly Ahuja, CEO of Versa. “Deploying a cloud SASE provider’s appliance on customer premises does not make a solution sovereign. True sovereignty requires clarity on where access is secured, where policy is enforced, and who governs data while it is in motion.”

Sovereign SASE-as-a-Service: Enterprise-grade sovereignty, now accessible

Until now, building and operating a sovereign SASE infrastructure was limited to organizations with extensive resources and specialized expertise. With Sovereign SASE-as-a-Service, enterprises of all sizes can consume fully managed, jurisdictionally compliant security and networking without building or operating the infrastructure themselves.

Versa’s Sovereign SASE-as-a-Service offering in Germany and the DACH region includes:

• Full-stack architectural sovereignty: Data plane, control plane, management plane, and logging operating entirely on EU-hosted and controlled infrastructure, independent of Versa’s global cloud infrastructure.
• EU-governed jurisdiction: Contracted through Versa Networks B.V., a Netherlands-based legal entity, with EU-governed operations, localized data processing, and support.
• Cloud-simplicity: Fully managed SaaS-style consumption without requiring customers to build, staff, or operate sovereign infrastructure.

Sovereign cloud initiatives from hyperscalers address where applications reside and data is stored, but not where data is inspected, routed, logged, and protected in motion. Versa Sovereign SASE complements sovereign cloud initiatives, extending sovereignty beyond storage and enforcing Zero Trust policies and traffic inspection entirely within sovereign boundaries.

“Many of our enterprise customers are looking for the SASE capabilities they trust, but delivered in a way that meets strict EU sovereignty and GDPR requirements. Versa’s Sovereign SASE-as-a-Service approach allows us to address those needs without changing the underlying platform or operating model, which is exactly what the market is asking for,” said Boris Wetzel, Managing Director & Founder, Germany-based IT security managed services provider, Choin.