Our company develops web applications and uses them on the internal network. We need to set up a mechanism to control and monitor internal network traffic so that only approved applications on the network can be used by clients and not-certified applications are forbidden. Also there is no need to authenticate user or check access. All internal users should be able to access all certified applications. Is there any routine solution to this need? Should I implement local CA? How to certify applications in this mechanism?
Edited: Thanks to replies, In order for readers to better understand the problem: The problem is that some users have access to deploy or update internal web applications, but we need to make sure they are trusty. For each update, a set of reviews must be performed on and then a license should be publish for them. I'm looking for a mechanism to run this process. Also, all internal web applications should be monitored in this mechanism to detect untrusted application.