SASE Marketplace

SASE Network Security RFP Builder App

  • Netify operates as a specialised Network Security RFP Builder and Marketplace.
  • The application at app.netify.co.uk provides standard question sets alongside AI-assisted bespoke questions.
  • Users gain access to over 30 SASE vendors and managed service providers ready to bid.
  • The platform facilitates the scoring of complex vendor responses with AI assistance.
  • The application is designed for UK and North American companies.
  • We specifically support global multinationals in the Manufacturing, Retail, Healthcare and Financial Services sectors.
Fast Track

Quick RFI

Create a quick RFI to understand which SASE service providers and vendors fit your needs based on initial requirements.

Best for: Discovery and Budget Approval

Start Quick RFI
Deep Dive

RFP Builder

Comprehensive choice. Build a full evaluation module-by-module to deeply compare SASE vendor capabilities.

Best for: Technical Requirements and Contracting

Build Full RFP
Netify Platform User Inputs Requirements & Policy Ranked Shortlist Scored Results Vendor Vendor

The Netify SASE Standard

A SASE RFP is a structured evaluation of Identity, Networking and Security convergence. The Netify framework evaluates vendors across distinct axes including Zero Trust Maturity, Global Backbone Performance, Policy Unification, Compliance and Commercial Flexibility.

What's Included in an RFP?

Over 30 Vendors

Over 30 Vendors and Service Providers available directly through the marketplace.

Pre-built Modules

Pre-built SASE requirement modules for every security component.

In-Platform Scoring

Evaluation and shortlisting within the platform.

Evaluation Criteria Checklist

Don't just ask if they have a feature. Score how they deliver the capability. The Netify Builder includes over 100 weighted questions covering critical KPIs.

  • Latency & Performance: PoP-to-PoP latency guarantees and jitter metrics.
  • Zero Trust (ZTNA): Posture checks including OS version and disk encryption.
  • Encryption: Traffic inspection capacity including TLS 1.3.
  • Resilience: Automated failover times for voice and video traffic preservation.
  • Compliance: Data residency controls to pin log storage to specific regions.
Evaluation Scorecard

How the SASE RFP Builder Works

A SASE RFP through Netify is built through five phases: choosing questions for your business, security requirement specification, marketplace publication, response management and scoring.

  • Introduce your Company & Environment: Input your industry, company overview and primary contact details.
  • Define your Security Posture & Access Patterns: Input your existing identity provider, user types, device posture requirements and application access policies.
  • Specify Requirements: Detail ZTNA, SWG, CASB, FWaaS and DLP needs and your organisation's specific compliance obligations.
  • Collect submissions in-platform: Providers respond to each security requirement with standardised, directly comparable results.
  • Evaluate, rank and build shortlists: Score vendor responses, assess security capabilities and produce a shortlist highlighting capability differences.
1. Introduce Company Context & Industry 2. Define Security Posture & Access 3. Specify Select ZTNA, SWG, CASB Modules 4. Collect Unified Marketplace Responses 5. Evaluate Rank & Shortlist

Core Modules & Security Requirements

A SASE RFP must present consistent evaluation criteria spanning security services and operational controls - the Netify SASE RFP Builder delivers the ideal framework for modular requirement categories.

Mandatory

Company & Service Model

Evaluate the supplier's workforce composition, financial stability and accountability models to ensure long-term partnership viability.

Network Footprint

Covers the supplier’s Point of Presence (PoP) locations, backbone architecture and last-mile strategies to ensure global or local reach.

SD-WAN Capabilities

Focuses on technical performance, scalability and the ability to route traffic based on real-time application health.

SASE & Cybersecurity

Requirements for converging networking and security. This includes SSE, Zero Trust (ZTNA), cloud-delivered firewalls and deep packet inspection.

SLAs & Change Mgmt

Define measurable uptime, latency, and jitter targets, alongside clear procedures for Moves, Adds, Changes and Deletes (MACDs).

AI Powered

Custom Requirements

Use the AI Helper to draft organisation-specific questions addressing unique identity workflows, legacy application constraints or sector-specific compliance mandates.

Implementation & Governance

Define regulatory requirements (GDPR, PCI DSS, FCA PS21/3, DSPT) and specify where traffic inspection and logs must physically reside.

Sector-Specific SASE Requirements

As security priorities differ significantly across industries, organisations in the following sectors should consider these constraints, evaluation priorities and example requirements.

Healthcare

Clinical Workflows & Patient Data Protection

A SASE RFP for healthcare must emphasise clinical application access controls, medical IoT device segmentation, patient data protection within cloud services, and demonstrable compliance with DSPT and Caldicott Principles.

  • ZTNA policies that accommodate both managed devices and clinician-owned smartphones.
  • CASB capabilities specifically demonstrated with clinical SaaS platforms.
  • FWaaS segmentation with auditable policy enforcement for IoMT isolation.
  • Logging infrastructure with retention periods satisfying DSPT evidence requirements.
Clinical Zone IoMT Devices Patient Data Public/Guest Wi-Fi Access FW
HQ / Cloud Store 1 Store 2 Store 3 POS (Secure)

Retail

Distributed Branch Consistency

A SASE RFP for retail must prioritise consistent policy enforcement across distributed branches, third-party vendor access controls, payment network segmentation, and rapid deployment capability.

  • ZTNA policies designed for third-party contractor access without persistent VPN tunnels.
  • Centralised SWG and FWaaS policy management proven to scale across hundreds of endpoints.
  • Demonstrated PCI DSS segmentation capabilities with audit trail generation.
  • Failover mechanisms with documented recovery time objectives for store connectivity.

Manufacturing

IT/OT Network Separation

A SASE RFP for manufacturing must prioritise OT/IT network separation, global PoP coverage for plant-to-cloud connectivity, device posture controls for industrial systems, and operational models suited to sites with limited security staff.

  • ZTNA capabilities explicitly designed for OT access with least-privilege enforcement.
  • FWaaS segmentation demonstrating clear policy boundaries between production and corporate networks.
  • Global PoP distribution adequate for multinational plant operations.
  • Managed service offerings that reduce burden on plant-level teams.
IT Network (Corporate) OT Network (Industrial)
EVENT TYPE USER ID TIMESTAMP AUTH_SUCCESS usr_882 10:42:01 POLICY_CHECK usr_882 10:42:02 ACCESS_GRANT sys_admin 10:42:05

Financial Services

Regulatory Compliance & Auditability

A SASE RFP for financial services must prioritise comprehensive security stack integration, stringent identity and device controls, complete audit trail generation, and low-latency connectivity for trading platforms.

  • Integrated SASE capabilities spanning ZTNA, SWG, CASB, FWaaS and DLP without multiple management planes.
  • Comprehensive logging with retention periods meeting regulatory audit needs.
  • Policy governance featuring role-based access, approval workflows and immutable audit logs.
  • Identity Integration for strong authentication and MFA requirements.

Marketplace & Scoring

Publish directly to the Netify marketplace. Providers on the marketplace span cloud-native SASE platforms, security-led vendors, and managed specialists.

Unified Response Framework

Providers submit responses through the Netify platform, addressing each security requirement within a common structure.

Progress Visibility

Track which providers have accessed your RFP and monitor submission status as responses arrive, maintaining visibility throughout the evaluation cycle.

In-Built Scoring Capability

Score responses to individual questions 1-10, creating easy cumulative scores to allow comparisons between different vendors.

Frequently Asked Questions

What should a SASE RFP include to ensure fair provider comparison?

A SASE RFP should articulate your current security architecture, identity infrastructure and compliance requirements, followed by standardised questions across ZTNA, SWG, CASB, FWaaS, DLP and operational capabilities designed to produce comparable evidence.

What are the most important SASE RFP requirements for organisations replacing legacy VPNs?

For VPN replacement projects, emphasise ZTNA capabilities with clear device posture enforcement, user experience requirements for SSO and transparent authentication, phased migration methodology that maintains service during transition, and logging infrastructure that preserves or enhances your current visibility.

How do I evaluate integrated SASE platforms versus best-of-breed security tools in an RFP?

The Security Module sections and SD-WAN Convergence category include requirements asking providers to demonstrate whether security functions operate within a unified management plane or require integration between separate products. Questions address policy consistency, incident correlation across security layers and operational complexity of managing multiple consoles.

What should I ask about identity integration and MFA enforcement in a SASE RFP?

The Identity Integration & Authentication module includes requirements for documenting compatibility with your existing identity providers (Azure AD, Okta, on-premises Active Directory), MFA enforcement patterns for different application sensitivity levels, and SSO user experience for both managed and unmanaged devices.

How do I request pricing in a SASE RFP so proposals remain comparable?

The Commercials section includes requirements for itemised pricing separating ZTNA, SWG, CASB, FWaaS and DLP licensing, user-based versus bandwidth-based pricing models clearly explained, included capabilities versus additional charges, and contract term flexibility. This framework prevents providers from obscuring costs through vague bundling or omitting security components from initial quotations.

Can I reuse my SASE RFP for future security evaluations?

Yes. SASE RFPs created in Netify persist in your account with indefinite access. For contract renewals, security stack expansions or architecture reviews, you can duplicate your existing RFP, update requirement descriptions to reflect evolved security posture, modify module selections based on changed priorities and republish to the marketplace.