BeyondCorp Enterprise release notes

This page documents production updates to BeyondCorp Enterprise. Check this page for announcements about new or updated features, bug fixes, known issues, and deprecated functionality.

You can see the latest product updates for all of Google Cloud on the Google Cloud page, browse and filter all release notes in the Google Cloud console, or programmatically access release notes in BigQuery.

January 03, 2024

BeyondCorp Enterprise and Tanium integration was officially shut down because Tanium has deprecated the APIs on which this integration was built.

December 14, 2023

General Availability: You can now protect against insider risk and data loss with enhanced monitoring of Chrome activity across your organization. Navigate to the Workspace Admin console home page to get started with monitoring and visibility right away! For more information, see Monitoring for insider risk and data loss.

December 13, 2023

General Availability: You can now use certificate-based access to secure access from trusted devices to enterprise web applications running on Google Cloud. For more information, see Enable certificate-based access for web applications.

October 09, 2023

The BeyondCorp Enterprise Policy Remediator is in Preview. You can use the Policy Remediator to provide users with actionable steps that they can take to remediate access denied issues.

For more information, see Remediate denied access with the Policy Remediator.

August 08, 2023

Cross-org authorization for device attributes in access levels is generally available (GA). You can now configure authorization across organizations by using Access Context Manager.

April 10, 2023

Dry run configuration of context-aware access policy for the Google Cloud console and Google Cloud APIs is generally available (GA). With this feature, users can understand the impact of a CAA policy change before applying them to end users and impacting the real traffic.

March 31, 2023

The BeyondCorp Enterprise Client Connector is deprecated as of March 15, 2023, and is planned for shut down on December 31, 2023. Contact your account team with any questions.

January 31, 2023

The Cloud Run Hosted Login page for external Identities has been fixed to follow the Best practices for using signInWithRedirect on browsers that block third-party storage access. See Hosting a sign-in page with Cloud Run to learn more.

January 26, 2023

The ability to configure authorization across organizations when using BeyondCorp Enterprise is in Preview.

Cross-org authorization lets you configure an access policy to trust and use data, such as device attributes, owned by other organizations. For example, you can configure the access policy of your organization to allow access to its resources from devices in other organizations.

December 07, 2022

BeyondCorp Enterprise integration with Microsoft Intune is generally available (GA).

With this integration, you can collect real-time information about the devices in your organization using Microsoft Intune, and use this information to manage your devices and control access to your organizational resources using BeyondCorp Enterprise.

July 29, 2022

The following Identity-Aware Proxy (IAP) enhancements are generally available (GA):

Identity-Aware Proxy (IAP) SAML attribute propagation is available in Preview.

July 20, 2022

The BeyondCorp Enterprise app connector is now generally available. The app connector provides low-touch, frictionless, secure connectivity between Google Cloud and customer workloads in other cloud environments.

For more information, see Securing non-Google Cloud applications using the BeyondCorp Enterprise app connector.

June 30, 2022

IAP TCP forwarding is now generally available. You can use IAP TCP forwarding to create tunnels to endpoints by using the endpoint private IP address or hostname. If you have external resources (on premises or in other clouds) connected to Google Cloud through Cloud Interconnect or a VPN, you can use IAP TCP forwarding with those resources.

For more information, see Using IAP TCP forwarding with an IP address or hostname

June 29, 2022

The BeyondCorp Enterprise client connector is now generally available. The client connector extends identity and context-aware access to non-web applications by creating a secure connection from endpoint devices to apps running in both Google Cloud and non-Google Cloud environments.

For more information, see Securing client-server applications.

October 01, 2021

The BeyondCorp Enterprise and Tanium integration is now generally available.

With this integration, you can collect the real-time information about the devices in your organization using Tanium, and use this information to manage your devices and control access to your organizational resources using BeyondCorp Enterprise.

For more information, see BeyondCorp Enterprise and Tanium integration overview.

The BeyondCorp Enterprise and Crowdstrike Falcon Zero Trust Assessment (Falcon ZTA) integration is now generally available.

With this integration, you can collect the real-time information about the devices in your organization using Falcon ZTA, and use this information to manage your devices and control access to your organizational resources using BeyondCorp Enterprise.

For more information, see BeyondCorp Enterprise and Falcon ZTA integration overview.