This work develops a Convolutional Neural Network (CNN) for anomaly detection (AD) in Software-Defined Networking (SDN) environments, utilizing six flow dimensions: bits per second, packets per second, source and destination IP entropy, and source and destination port entropy. The model is designed to identify network anomalies, including DDoS and portscan attacks, by analyzing network traffic and predicting future destination IP entropy. Two decision threshold strategies were evaluated to balance detection accuracy and system reliability. The first method aimed at maximizing the F1 score but resulted in a high number of false positives (15%) and false negatives (18%), decreasing the model’s reliability due to frequent false alarms. The second method focused on minimizing false positives, reducing them to near zero but at the cost of higher false negatives (25%) and delayed anomaly detection by over one second in some cases.