Divide and Conquer Algorithm?

A divide and conquer algorithm is about solving large problems. Breaking the problem into smaller parts, and managing them one by one is the solution. And we have large problems like lots of users, computers, applications and access policies. We need to divide these items into smaller parts for a better security result.

What is Applications Network?

Normally a network consists of computers. A group of computers makes a network. But we are following a different path for creating a zero trust network.

Grouping applications that works on different hosts, and creating a virtual network with them, applying different policies to these networks, makes applications network unique.

What We Need This?

We need to divide and manage these complex networks. Today's networks are so big to efficiently manage and make them secure. If we divide these networks into smaller networks, we can then easily manage them one by one. From a security view, mitigating the attack surface is so important

Is This Zero Trust Micro-Segmentation

Absolutely yes, grouping only needed applications and creating a network, mitigates attack surface. You can create lots of small networks. Apply different policies to each network.

Is This VLAN?

As you know, in zero trust networks, you don't need VLANS. And we can easily say that this type of grouping makes the new Applications VLAN

Benefits

By grouping applications, you can mitigate attack surfaces. Easy management for applying policies.