You are designing a cloud application that will be accessed directly by users without a gateway VPN. The company aims to maintain user identity and context to secure access to applications and VMs. What solution would you recommend?