When a computer connects to a computer network, it is not permitted to access anything unless it complies with a business defined policy, including anti-virus protection level, system update level and configuration. While the computer is being checked by a pre-installed software agent, it can only access resources that can remediate (resolve or update) any issues. Once the policy is met, the computer is able to access network resources and the Internet, within the policies defined within the NAC system. NAC is mainly used for endpoint health checks, but it is often tied to Role based Access. Access to the network will be given according to profile of the person and the results of a posture/health check. For example, in an enterprise, the HR department could access only HR department files if both the role and the endpoint meets anti-virus minimums.