With context-aware access, you can enforce granular access controls to web apps, VMs, GCP APIs, and G Suite apps based on a user’s identity and context of the request without the need for a traditional VPN. Based on the zero trust security model and Google’s BeyondCorp implementation, context-aware access enables you to provide a simpler access for your users, enforce granular controls, and use a single platform for both your cloud and on-premises applications and infrastructure resources.
Simpler user access
Enable your users to access web applications and infrastructure resources from virtually any device, anywhere, without the complexity of remote-access VPN gateways. This is how employees, contractors, and other users at Google and many other enterprise organizations across the world get their work done today.
Zero trust security
Give peace of mind to your IT and security teams by enabling them to enforce application-level, granular access controls without maintaining a VPN infrastructure. Based on the zero trust security model and Google’s BeyondCorp implementation, context-aware access allows you to verify users’ identity and validate context before allowing access to web apps, VMs, GCP APIs, and G Suite apps.
Unified access management
Reduce complexity and cost by leveraging a unified access management platform and a single set of policies for G Suite apps, GCP infrastructure (APIs, VMs, resources), and web applications, in the cloud or on-premises. Context-aware access is built on Google Cloud’s planet-scale infrastructure and is natively integrated with Cloud Identity, an identity-as-a-service (IDaaS) solution.
VPN-less user access
Make the lives of your employees, contractors, and partners easier by allowing them to access web applications and GCP workloads (APIs, VMs, resources) without VPN, from virtually any device, anywhere.
Zero Trust security
Adopt the zero trust security model to improve your organization’s security posture as more apps and infrastructure workloads move to the cloud.
Built-in with GCP and G Suite
Context-aware access capabilities are built-in with GCP infrastructure and G Suite, making your life a little easier since it requires less effort and time to configure and enforce access policies.
Cloud or on-premises
Enforce context-aware access policies for web apps hosted on GCP, on your premises, or other public clouds, including Amazon Web Services (AWS) and Microsoft Azure.
Single platform and policies
Reduce complexity, cost, and misconfiguration chances by leveraging a single cloud platform and policy engine to control access to your apps and infrastructure resources.
There is no charge for using Cloud Identity-Aware Proxy, Cloud Identity and Access Management, and VPC Service Controls to protect access to GCP workloads and web applications with context-aware access. However, when used with Compute Engine, the required load balancing and firewall configuration may incur additional costs. Read more about load balancing and protocol forwarding pricing in the Compute Engine pricing guide.
Manage access to apps and infrastructure based on a user’s identity and context