Context-aware network access control (CANAC) is an approach to managing the security of a proprietary network by granting access to network resources according to contextual-based security policies.
A common concern with traditional network access control is its rigidity and the impracticality of its deployment in networks with large numbers of diverse users and devices, the nature of which constantly change. Context-aware NAC addresses these issues by making access decisions based on the context of the connection. A context-aware NAC approach requires that information be gathered from the endpoint device, the infrastructure and network services before access to network resources can be granted. The endpoint is granted access, quarantined or blocked from the network depending on the device's type, location, identity and the operating system or applications running on it.