A service mesh is a dedicated infrastructure layer for communication between microservices. It handles mutual TLS encryption (mTLS), traffic routing, retry logic, and observability without requiring you to build these into every service individually. Popular implementations include Istio and Linkerd. From a security perspective, a service mesh enables fine-grained access control at the service level and encrypts all internal traffic. In an ISMS you document the service mesh as a security control for internal network communication.