The management of modern computer networks becomes increasingly complex, which makes it challenging to determine and deploy decision policies that ensure effective network operation. Reasons for this are ever growing architectures with a large amount of edge and intermediate transit networks. While the first ones connect a huge variety of host systems, the second ones can provide multiple paths of either equal or unequal cost to support higher throughputs and guarantee fault-tolerance. Because devices located at the edge offer or access various network services and applications, data exchange and communication between a pair of involved systems is highly diverse. As versatile runtime behavior results in dynamic network traffic profiles that are subject to constant change, reflected patterns and conditions feature a high degree of complexity. Two affected disciplines are network performance and security management. The former covers tasks that aim to optimize the traffic routing and forwarding in a network. The latter includes those to secure an environment against potential threats, whereby its operation is monitored to discover network attacks and apply appropriate mitigation. Methodologies from the field of network traffic engineering can be leveraged to improve management decisions towards efficient traffic steering and reliable analysis. The general process involves network monitoring and measurement, investigation and optimization steps. In this regard, collected network state and traffic data is analyzed to determine suitable runtime policies that are deployed to pursue a desired management objective. In the context of performance management, equal-cost multi-path routing is a widely adopted standard to distribute the load of upcoming network flows over multiple alternative paths. Since the activity time and intensity level of coherent packet streams highly vary, an inefficient load distribution may result in imbalanced path utilization states. In addition, high loads or network congestion on certain paths have a negative impact on the experience of individual flows that are forwarded along these paths. For example, the perceived latency and the achieved throughput rate may thereby be increased and decreased respectively. One direction for improvement is to take dynamic utilization states into account during the path determination process: First, the use of monitored trends reflecting real conditions from the near past is conceivable. Second, estimated trends representing likely conditions for the near future can be considered. Thus, load balancing decisions are enhanced by performing either utilization- or prediction-aware flow routing. As the actual load of emerging network flows is thereby more evenly shared among available paths, closely balanced and thus efficient saturation levels are ensured. In the context of security management, network intrusion detection and prevention methods help to reveal and handle network attacks. Therefore, one option is to track and export data records for coherent network flows and feed collected data as investigation input to differentiate between benign and malicious packet streams. However, commonly deployed intrusion detection systems are independent and perform isolated traffic analysis that is based on just local attack knowledge. Because attack types and scenarios constantly evolve and may be executed in a highly distributed and coordinated manner, local decision knowledge may not be sufficient to achieve an acceptable level of accuracy and reliability. One direction for improvement is to employ collaborative traffic analysis, whereby a group of local environments forms a logical global setting. Each participant shares its local data views or locally extracted decision knowledge and contributes to a combined global perspective. While this mutual sharing process enhances overall attack detection performance, efficient data exchange and processing is of high importance to ensure scalability. At the same time, timely and granular decision outcomes are required, which enables to apply fast and effective reaction to occuring attacks on network flow level. Machine learning can assist both of the aforementioned network management tasks. For example, traffic prediction approaches can be used to estimate load profiles for upcoming network flows or to classify an observed packet stream as either benign or malicious. In general, large amounts of network traffic data that incorporate high feature diversity can be analyzed to discover included data patterns and extract corresponding knowledge. Then, prepared prediction models can either provide decision support or enable complete autonomy. Whereas the former still involves a human operator, the latter is decoupled and relies on independent system operation. Consequently, open- and closed-loop data processing and decision-making cycles are feasible. Since determined management decisions for traffic control highly depend on the quality of traffic prediction results, traffic monitoring methods have to deliver representative and consistent data views that are consumed as suitable analysis input. Due to the advancements around software-defined networking and the evolvement of programmable switches, network environments can be designed, deployed and operated in a highly flexible manner. While fine-grained network monitoring, analysis and control services are enabled, functionality can be located on centralized controller or distributed switch level. Independent single-step or cooperative multi-step approaches can be provisioned in a device's reconfigurable data plane, its open and customizable operating system (local control plane) or in an assigned controller platform (global control plane). As each system tier is associated with different deployment properties, a systematic combination allows to benefit from their individual advantages. Besides flexible capabilities for initial system provisioning, dynamic runtime adaption is possible as well. The integration of recent paradigms from the field of computer networking with selected methodologies from the field of machine learning allows to move towards self-driving network systems. In order to pursue a high-level management objective, a data processing pipeline with successive steps for continuous data collection and analysis plus subsequent policy enforcement can thereby be autonomously performed. While there are multiple sub-systems that are in charge of a particular runtime task, their individual operation and mutual interaction define overall system behavior. In general, the system's effectiveness in terms of decision efficiency and reliability must be constantly reviewed. If misbehavior or a significant deviation from intended system performance is detected, adaptation has to be initiated and appropriate change applied. This thesis contributes approaches that enable or support effective traffic engineering tasks in the areas of network performance and security management. Therefore, advanced network analytics as well as the principles of softwarized and programmable network architectures are considered. Whereas each proposed approach covers distinct aspects on network monitoring, analysis or control, their combination makes up integrated solutions. Regarding network performance management, predictive flow routing and forwarding is pursued to ensure more efficient load balancing in multi-pathing environments. Load profiling on network flow level allows to estimate likely path utilization states that are taken into account to balance path saturation trends over time more closely. Regarding network security management, collaborative flow classification is pursued to improve the decision accuracy and reliability. Besides an enhanced attack detection performance, efficient data processing with scalable and timely analysis outcomes is achieved.