传统的网络安全解决方案通常是被动防御,事后补救。网络准入控制则从用户终端入手,整合网络接入控制与终端安全产品,通过安全客户端、安全策略服务器、网络设备以及第三方软件的联动,对接入网络的用户终端强制实施安全策略,严格控制终端用户的网络使用行为,可以加强用户终端的主动防御能力,提高整个 网络的安全性。 关键词:准入控制;身份认证;网络安全;校园网 Abstract: The conventional solution of network security usually resolves the matter after it happened. Network admission control starts with terminal unit. It implements security policy and control End-User's behaviors strictly through cooperating with security client, security policy server, network device and third party software. This solution can enhance End-User's defense power and improve the whole network security. Key Words: Admission Control, Identity Authentication, Network Security, Campus Network