In most NAC architectures, the Policy Decision Point (PDP) corresponds to the solution's main policy server. The PDP applies three basic steps:
Collect a full range of information about a user or machine's session — authentication and authorization information, endpoint integrity, location, time of day, and more.
Use this information to decide which resources (applications, data, and network segments) can allow the user to access during that session.
The PDP is the device or service that provides authorization to the Policy Enforcement Point(s) for every user and machine that attempts to access network resources.