A distributed policy model for access control is disclosed. In an
enterprise-only mode, each node within a networking environment has its
resource access governed by the same enterprise-wide policy. The
enterprise-wide policy is set through creation of one or more enterprise
policy objects. In an integrated mode, nodes are organized in a number of
arrays. Each array has an array-wide policy set through creation of an
array policy object. Each array-wide policy initially inherits the
enterprise-wide policy. Additional resource access and protocol use
restrictions can be added to the individual array-wide policies. In an
array-only mode, each array has an array-wide policy also set through
creation of an array policy object, but the policy does not necessarily
initially inherit an enterprise-wide policy. In a stand-alone mode, a
single server has its own policy.