The invention provides a network admission control method and system, and relates to the technical field of network security, and the method comprises the steps: detecting a real-time online terminalin a network; performing security auditing on the real-time online terminal according to a basic database; if the real-time online terminal passes the security auditing, permitting the real-time online terminal to access the network; if the real-time online terminal does not pass the security audit, performing security authentication on the real-time online terminal according to the basic data if the real-time online terminal passes the security authentication, permitting the real-time online terminal to access the network, and setting a first access permission; if the real-time online terminal does not pass the security authentication, performing security evaluation on the real-time online terminal according to the basic data if the real-time online terminal passes the securityevaluation, permitting the real-time online terminal to access the network, and setting a second access permission; and if the real-time online terminal does not pass the security assessment, refusingthe real-time online terminal to enter the network. According to the invention, multiple verification is carried out on the authenticity of the user identity and the terminal risk, network admissioncontrol and access permission acquisition are realized, and the network security is improved.