Date Added: May 2009
Network Access Control requirements are typically implemented in practice as a series of heterogeneous security-mechanism-centric policies that span system services and application domains. For example, a Network Access Control policy might be configured in terms of firewall, proxy, intrusion prevention and user-access policies. While defined separately, these security policies may interoperate in the sense that the access requirements of one may conflict and/or be redundant with respect to the access requirements of another. Thus, managing a large number of distinct policies becomes a major challenge in terms of deploying and maintaining a meaningful and consistent configuration.