The SINGULAR issue about access management is that AM never took into consideration to prove the identity of the user. All they were able to prove was the initial assertion of the user attempting to access. So AM is actually of no use, even dangerous unless the identity of the end-user is correctly proven, then thereafter manage the user once in the network
Another aspect to look for is proof of user identity.
Search for a product comparison in Access Management
The most important point is that identification and authentication must be checked in the real endpoint system, not in the gateway. because there are too many ways to access endpoint system like "server to server access" after gateway access control system.
I'd point you back to your use cases. There is no point in looking at Functional/Non Functional requirements as differentiating elements in selecting tools or services if you don't know what use cases/user journeys, in particular, you're putting AM in to manage.
Access management is the process of granting authorized users the right level of access to an organization's systems, applications, and data while restricting access to unauthorized users.
The SINGULAR issue about access management is that AM never took into consideration to prove the identity of the user. All they were able to prove was the initial assertion of the user attempting to access. So AM is actually of no use, even dangerous unless the identity of the end-user is correctly proven, then thereafter manage the user once in the network
Another aspect to look for is proof of user identity.
The most important point is that identification and authentication must be checked in the real endpoint system, not in the gateway. because there are too many ways to access endpoint system like "server to server access" after gateway access control system.
I'd point you back to your use cases. There is no point in looking at Functional/Non Functional requirements as differentiating elements in selecting tools or services if you don't know what use cases/user journeys, in particular, you're putting AM in to manage.