Network access management is a broad term used to refer to the control of who can and cannot connect to a computer network. Some networks are unsecured and any computer or mobile device can connect to them. Many networks, though, contain sensitive information or provide Internet access and can only be accessed by certain devices. In some cases, the device attempting to connect to the network must meet certain minimum standards, such as running a certain operating system or passing a virus scan, in order to connect. In other cases, the device user must validate his identity with a password or other digital identification tool in order to connect.
People who manage computer networks use network access management techniques for a few different reasons. A device with a malicious computer virus that connects to a network could potentially infect other connected computers. If unauthorized users were able to connect to a network, they could access information on the network that was supposed to be secure. The use of network access management can ensure that only certain authorized users can access the network. This minimizes the risk of damage to or intrusion of the networked computers.
Some forms of network access management can provide different degrees of access to different computers. A user may, for instance, have full administrative access to everything on the network or may only have access to certain parts of the network. Similarly, some networks limit the degree of access to the Internet granted to some users. Many organizations allow certain people to access only the organization's intranet while restricting full Internet access to those who need it.
Identity verification is among the most common and most important of network access management strategies. Many networks require a password before allowing access, so only those with the password can use the network. A network may, particularly within organizations, require a personalized username and password that differs for each user. With this network access management method, the level of control granted to each user can be controlled.
Normally, network access management only controls access to the network and does not interfere with the user after access has been granted. "Post-admission" network access management, however, monitors a device's behavior after granting it access. Network access may be restricted based on the user's actions on the network instead of the identity of the user or the status of the device prior to access.