The difference between this and Tailscale, is that tailscale is everything open by default, and this would be everything blocked by default. Role and Conditional based access would allow people to touch only what they should have access to, at the network level. Tailscale doesnt mesh Identity/Role/Firewall into a denylist.