Many factors pose potential risks to network security of enterprises, and seriously interfere with or even stop the normal business of the enterprises, for example, larger internal networks of the enterprises, more complex network structures, more internal terminals, the spread of viruses and Trojan horse in real networks, and the information leakage caused by the access of non-authorized personnel. As a result, the enterprises seek for appropriate network security solutions. In addition to deploying anti-virus and firewall systems, many enterprises implement access authentication and security check for the terminals by deploying a network access control system, so as to solve the security problem in the Intranet.
In the conventional art, in a network access control system, an 802.1x switch is deployed between terminals and the Intranet or Extranet, and security control software is installed in each of the terminals. The 802.1x switch controls the network access right of each terminal, and the security control software implements a security policy delivered by a server to monitor the operation of the terminals, so as to achieve the security access control of the terminals to the network and achieve the security of the Intranet.
During the implementation of the present invention, the inventor finds that the conventional art at least has the following problems: the 802.1x switch controls the network access right of a terminal by enabling or disabling the network access right of the terminal, and once the network access right of the terminal is enabled, the terminal can browse all information in the Intranet or Extranet without limitation. Therefore, the security access control in the conventional art cannot precisely control the network access right of the terminal.