An automated, policy-based system and method provides information security at various levels in the network, including at the baseline inventory, device, network frame, and command level. This approach improves over the conventional distributed security model by centralizing security in one multi-level management structure. Embodiments of the present invention may also provide a scheme for mapping vendor-unique opcodes to access rights.