摘要 |
A method is provided to perform network access control. A computing device utilising Online Certificate Status Protocol responder functionality determines whether attempted communication should be allowed between other computing devices appropriately configured with Internet Protocol Security (IPsec), digital certificates and OCSP client software. This determination is based on a set of rules considering the role or roles of the computing devices attempting to communicate, and whether the computing devices attempting to communicate have previously exhibited suspicious or undesirable behaviour.
|