In modern datacenters, the physical host networking devices may be distributed across various locations. Through virtualized network architecture, the physical host networking devices can provide a virtual datacenter that appears cohesive to a user data plane. Telecommunication service providers can implement network virtualization platforms to share virtualized infrastructure that supports multiple communication services and network applications (including real-time and non-real-time applications). The majority of network traffic in most datacenters can occur internally, that is, between virtual machines and host devices that are included within the datacenter. Conventional systems may not monitor or screen network traffic that is internal to a virtualized datacenter. However, a compromised workload executing on one virtual or physical machine may attempt to laterally spread or migrate within the datacenter. In some instances, a compromised workload may attempt to connect with unauthorized servers that are within the datacenter and/or outside of the datacenter so as to relay sensitive information about the datacenter to a nefarious third party. In some conventional systems, each virtual machine may implement a personal firewall agent that is controlled from within the virtual machine. However, if a virtual machine is already compromised despite the personal firewall agent on the virtual machine, there remains the potential for compromised or otherwise malicious workloads to spread to other virtual machines. As such, the conventional techniques of implementing additional personal firewall agents on each virtual machine within a datacenter can dramatically reduce processing and memory resource capacity, while also slowing network efficiency due to increased maintenance of multiple virtual machines. Therefore, conventional approaches to addressing network vulnerabilities will not scale up in the highly virtualized, real-time, and dynamic environment of modern datacenters.