Methods and apparatuses for level-based network access restriction are described. A user of network resources logs on to the network according to any appropriate security procedure. The user is provided access to a known, trusted resource as a starting point. From the starting point, the user can access other network resources by following links from the starting point or in another manner. The network resources accessed by the user are analyzed to determined whether the resource is a trusted resource. If the resource is a trusted resource, the user is allowed to follow a predetermined number of links away from the trusted resource before access is denied.