I’d like to propose adding an option in OutSystems to explicitly configure an application as Internet-facing or Intranet-only.

This feature would be highly beneficial for organizations that need to enforce strict network segregation policies. It would ensure certain applications, especially those handling internal workflows or sensitive data that are never exposed or discoverable via the public internet. When marked as Intranet-only, the platform could automatically enforce private routing or private tunneling configurations (e.g., VNet integration, Private Endpoints, or internal load balancers).

I understand this might not be feasible in OutSystems 11, as it relies on VM-based architecture and external network configurations. However, I believe this could be natively supported in OutSystems Developer Cloud (ODC), which is built on Kubernetes and modern cloud-native principles. Implementing this capability directly in ODC would improve security governance, simplify compliance alignment, and provide more control over how applications are exposed across environments.