Versa Launches Fully Sovereign SASE for EU Enterprises

TechInsyte Team By · 3 min read
Versa Launches Fully Sovereign SASE for EU Enterprises

Versa Networks has announced the general availability of Europe's first fully sovereign Secure Access Service Edge (SASE), providing EU enterprises of any size with a managed service that converges wide-area networking and cloud-delivered security into a single, unified platform. Operated from redundant ISO 27001-certified facilities by noris network AG, the service ensures that traffic inspection, policy enforcement, and operational control remain within Germany. This launch addresses a critical distinction for European organizations: while data residency only specifies where data sits, true sovereignty controls who has access to that data, from where, and under whose law, ensuring protection holds when it matters most.

Versa SASE Architecture and Four-Plane Sovereignty

The new offering addresses a significant "sovereign gap" in the European market. Many incumbent SASE vendors deliver services from global infrastructure where, even if points of presence (PoPs) exist locally, the control planes—the systems responsible for inspection and enforcing access policy decisions—operate on infrastructure outside the EU. This subjects EU users to non-European legal jurisdiction, meaning that while a user may access a sovereign cloud in the EU, the decisions governing that traffic are made elsewhere. Some vendors offer regional log storage or in-country gateways as a "sovereign" solution, but because the management and control planes remain outside EU jurisdiction, the sovereignty claim is only partial.

To solve this, Versa's architecture provides sovereignty across four distinct planes to ensure that legal jurisdiction and operational control are maintained within the region:

  • Data Plane: Traffic inspection, content filtering, and threat prevention policy enforcement are performed at local Sovereign PoPs, ensuring traffic is not routed outside Germany for processing.
  • Control Plane: Full Zero Trust access—including identity validation, continuous authentication, and access decisions—is performed entirely within the sovereign environment.
  • Management Plane: Platform administration, configuration, logging, and operational access are locally governed and fully auditable under EU law.
  • Legal Jurisdiction: The service is contracted through Versa Networks B.V., a Netherlands-based EU legal entity.

Integration of VersaONE and VersaAI within EU Boundaries

Unlike some sovereign deployments that restrict functionality or remove advanced features to achieve compliance, Versa has deployed the full VersaONE Universal SASE Platform within the sovereign boundary. Customers receive the same platform available in Versa's standard cloud service, with no capabilities removed or restricted. This includes Zero Trust Network Access (ZTNA), Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Data Loss Prevention (DLP), Next-Generation Firewall (NGFW), Intrusion Prevention System (IPS), Advanced Threat Protection (ATP), and Secure SD-WAN.

The deployment also includes VersaAI, the platform's AI layer used for automated security operations, real-time threat detection, and AI-driven analytics. Versa stated that all telemetry, inference operations, and processing for VersaAI remain within the German sovereign boundary. This ensures that no data leaves the jurisdiction for AI processing, providing a security layer for AI workloads that meets the same sovereignty standard as the rest of the infrastructure.

Regulatory Alignment for Regulated EU Industries

The service is positioned for organizations of all sizes, particularly those in regulated industries such as healthcare, manufacturing, public administration, and financial services. These organizations are often subject to European regulatory frameworks—including GDPR, NIS2, DORA, and Germany's KRITIS framework—which require demonstrable control over where access decisions are made and where policy is enforced, rather than just where data is stored at rest.

For financial entities under DORA, the architecture is designed to support third-party oversight, operational resilience testing, and ICT risk management, with all operations contained within EU jurisdiction. For operators designated under KRITIS, the service maintains all operational control and data processing within Germany, utilizing BSI-aligned certifications and supporting ICS and OT environments. Similarly, for industries subject to NIS2, the architecture supports supply chain security controls, incident reporting timelines, and governance accountability.

Versa noted that this architectural standard was previously available only to organizations that built and operated their own infrastructure, such as the U.S. Department of Defense Thunderdome program and Swisscom's beem service—the first carrier-grade sovereign SASE deployment at national scale in Switzerland. The new managed service allows EU enterprises to access these high-level capabilities without the associated operational overhead of building their own sovereign infrastructure.

Key Takeaways

  • The service provides sovereignty across four planes: data, control, management, and legal jurisdiction, with operations handled within Germany.
  • The full VersaONE Universal SASE Platform and VersaAI processing remain entirely within the German sovereign boundary without functionality restrictions.
  • The offering is designed to meet the specific compliance requirements of GDPR, NIS2, DORA, and Germany's KRITIS framework.

TechInsyte's Take

This launch signals a shift from simple data residency to full operational sovereignty, which is critical for EU entities in highly regulated sectors like finance and critical infrastructure. Buyers should evaluate whether their current SASE providers' control planes operate outside EU jurisdiction, as this may create compliance gaps under DORA or NIS2. The primary point of interest for CTOs will be whether the promised "no-compromise" functionality of the sovereign tier holds up against the standard global cloud service in real-world performance.

Source: Businesswire

More Articles You'll Love

Continue reading on topics you care about

Moody’s Debuts Decision‑Grade AI Skills on Microsoft 365 Copilot
Cloud

Moody’s Debuts Decision‑Grade AI Skills on Microsoft 365 Copilot

Moody’s Corporation (NYSE: MCO) announced the launch of its first set of AI “skills,

3 min read
Energy Dome and SRP to Deploy CO2 Battery Project in Arizona
Cloud

Energy Dome and SRP to Deploy CO2 Battery Project in Arizona

Energy Dome, a provider of capacity solutions for utilities and AI infrastructure, and Salt River

3 min read
HPE Unifies Partner Programs Under HPE Partner Ready Vantage
Cloud

HPE Unifies Partner Programs Under HPE Partner Ready Vantage

HPE is consolidating its partner programs with those of Juniper Networks into a single global

4 min read
TechInsyte technology intelligence workspace

About TechInsyte

TechInsyte is a B2B technology news and intelligence platform covering major developments across AI, cloud, cybersecurity, enterprise software, semiconductors, startups, policy, and markets. We focus on the signals that matter for decision-makers.

The idea behind TechInsyte is simple. Technology moves fast, and professionals need clear information without unnecessary noise. New platforms emerge, security risks evolve, enterprise software changes, and the AI shift continues to reshape how companies operate. We help readers understand those developments in a practical and business-focused way.

Our coverage focuses on meaningful technology updates, product launches, enterprise strategy, funding activity, regulatory change, infrastructure trends, and the broader forces shaping the technology industry. The goal is to keep every article clear, relevant, and useful for professionals who need to know what happened, why it matters, and what it could mean next.

TechInsyte is built for readers who want sharper context, cleaner coverage, and a more focused view of technology without the clutter.