Some modern networks group applications by virtual local area networks (VLANs) and/or virtual extensible local area networks (VXLANs) and apply connectivity and policies based on those constructs. These groupings lead to restrictions on how applications can be grouped and how policies can be applied to those applications.
According to other example networks, endpoint groups (EPGs) provide a different model for mapping applications to the network. Rather than using forwarding constructs such as addressing or VLANs to apply connectivity and policies, EPGs use a grouping of application endpoints. EPGs act as containers for collections of applications, or application components and tiers that can be used to apply forwarding and policy logic. EPGs allow the separation of network policy, security, and forwarding from addressing, and instead apply it to logical application boundaries.