A company needs to provide its mobile workforce with internet-based access to a CRM web interface hosted on GCP. The CRM is currently restricted to the corporate network. The solution must include an authentication layer that supports two-factor authentication.

Which GCP product should be used to meet these requirements?