You can put an app on a specific network-id (the org your app is on has a default network, but you can create others) with flyctl apps create --network.
Apps on their own network won’t be able to talk to apps on other networks. There’s no current bridging you can do from one network to another; our private network enforcement is very simple (which is why we trust it).