A method and apparatus for providing network security using role-based
access control is disclosed. A network device implementing such a method
can include, for example, an access control list. Such an access control
list includes an access control list entry, which, in turn, includes a
user group field. Alternatively, a network device implementing such a
method can include, for example, a forwarding table that includes a
plurality of forwarding table entries. In such a case, at least one of
the forwarding table entries includes a user group field.