Methods and systems for managing authorized data flows using software defined networking include receiving flow criteria sent from a firewall and extracted from a first data packet, determining whether flow criteria of the first data packet matches an entry in a master data flow list, inserting the flow criteria from the first data packet into the master data flow list on a software defined networking controller, and sending the flow criteria of the first data packet to the router. The router may forward a second data packet associated with the data flow toward a destination based on the validation of the first data packet by the firewall. The flow criteria may not match an entry in a router data flow list on the router and may include at least two of: a source IP address, a destination IP address, a destination port, and a protocol of transmission.