Network devices are often grouped into managed networks, such as local area networks (LANs), to reduce the exposure of the internal devices to outside, and potentially hostile, networks. Access to the internal devices in the managed networks is mediated by switches, firewalls, proxies, or other gateways that implement address or port filtering and translation, e.g. network address translation (NAT). Connectivity restrictions are typically applied to protect the internal devices from malicious accesses in inbound traffic that travels from outside to inside the managed network. Upcoming generations of communication systems, such as Fifth Generation (5G) communication systems and Industry 4.0, are expected to enable applications such as virtual reality, augmented reality, reliable remote operation of machines, factory automation, network-assisted control of traffic and self-driving vehicles, and the cellular “Internet of Things (IoT)” that supports internetworking of physical devices such as appliances, vehicles, buildings, and other items that are embedded with electronics, software, sensors, actuators, and network connectivity that enable the devices to collect and exchange data over the Internet. The number of devices in managed networks is therefore expected to grow dramatically, which raises new security issues for inbound traffic to the managed network, outbound traffic from the managed network, and internal traffic within the managed network.