An organization is designing an IBM Security Verify Access deployment to protect multiple internal web applications. They want a single enforcement point in front of the apps and centralized authentication/authorization decisions. Which component best fulfills this enforcement role?