Over the last few years, user-based policy enforcement firewalls are being deployed to address deficiencies associated with external firewalls. Conventional policy enforcement firewalls are adapted to tightly control what a user is permitted to access over a network and provide separation between user classes. However, such policy enforcement fails to address access control and optimization of network efficiency based on either the classification of an application being used during a session or the particular application itself.