Businesses and large institutions dreaming of enforcing consistent security policies are finding solace in network access control — programs that establish authentic users, identify network devices, perform integrity checks, take remedial actions and authorize access to information system resources based on organization-wide security policies. Issues of cost, complexity and confusion surrounding vendor claims and actual performance means that buyers need to tread carefully.