Disclaimer: I work at ScaleFT - we offer BeyondCorp-like access controls as a service for servers (SSH & RDP) and internal web apps.
Exactly right... BeyondCorp is more of a reference architecture than a product. Google's own internal implementation is what the research papers focus on, but we're seeing more companies adopt similar models by shifting access controls to the application layer, where a request can be independently authenticated (corporate IdP) and authorized (RBAC, policies) against more dynamic conditions - such as the security posture of the user's device.
The Identity piece is a critical component to the system as the user system of record, but really just one of the inputs in a BeyondCorp-like environment.
Exactly right... BeyondCorp is more of a reference architecture than a product. Google's own internal implementation is what the research papers focus on, but we're seeing more companies adopt similar models by shifting access controls to the application layer, where a request can be independently authenticated (corporate IdP) and authorized (RBAC, policies) against more dynamic conditions - such as the security posture of the user's device.
The Identity piece is a critical component to the system as the user system of record, but really just one of the inputs in a BeyondCorp-like environment.