A network flow can be characterized as one or more packets sharing certain attributes that are sent within a network within a specified period of time. Packet attributes can include a network source address (e.g., Internet Protocol (IP) address, Media Access Control (MAC) address, Domain Name System (DNS) name, or other network address), source port, destination address, destination port, protocol type, class of service, among other characteristics. The network source address may correspond to a first endpoint (e.g., modem, hub, bridge, switch, router, server, workstation, desktop computer, laptop computer, tablet, mobile phone, desk phone, wearable device, or other network or other electronic device) of the network, and the network destination address may correspond to a second endpoint of the network. Network flow data is conventionally collected when a switch or a router forwards a packet, and thus, a switch or router interface can also be a packet attribute used to distinguish network flows. Network policies can determine whether a particular flow is allowed or denied by the network as well as a specific route by which a packet traverses the network. Policies can also be used to mark packets so that certain kinds of traffic receive differentiated service when used in combination with queuing techniques such as those based on priority, fairness, weighted fairness, token bucket, random early detection, round robin, among others. Network administrators typically create these policies and configure network devices to enforce them. When policies require updating, such as when the network is misconfigured or an endpoint becomes the subject of a network attack, a network administrator must generally define new policies, remove or update the priority of existing policies, and propagate these changes throughout the network. This can be a time-consuming task that may be highly susceptible to misconfiguration of the network due to newly defined malformed policies, unknown effects of existing policies, improper removal or modification of existing policies, or other errors.