Network communications requires network entities (e.g., routers, switches, endpoint groups, endpoints, etc.) to trust one another. A misconfigured or malicious network entity, however, can disrupt the normal operation of the network. For example, such a network entity can unnecessarily consume network resources or launch an attack on other entities of the network. Identifying misconfigured or malicious network entities in real time can prove difficult for network systems and administrators. Oftentimes, a misconfigured or malicious network entity is identified a posteriori or after the fact when harmful network activity has already occurred and containment of the entire network or a significant portion of the network becomes the only remedy.