A distributed policy model for access control is disclosed. In an enterprise-only mode, each node within a networking environment has its resource access governed by the same enterprise-wide policy. The enterprise-wide policy is set through creation of one or more enterprise policy objects. In an integrated mode, nodes are organized in a number of arrays. Each array has an array-wide policy set through creation of an array policy object. Each array-wide policy initially inherits the enterprise-wide policy. Additional resource access and protocol use restrictions can be added to the individual array-wide policies. In an array-only mode, each array has an array-wide policy also set through creation of an array policy object, but the policy does not necessarily initially inherit an enterprise-wide policy. In a stand-alone mode, a single server has its own policy.