Adaptive access control management

What is claimed is: 1 . A method comprising: selecting an entity communicatively coupled to a network; determining one or more characteristics of the entity, wherein the one or more characteristics are associated with at least one of an identification or classification of the entity; selecting an access policy based on the one or more characteristics of the entity; determining one or more enforcement points closest to the entity; querying the one or more enforcement points to obtain a configuration of the one or more enforcement points; translating the configuration into a first portion of access rules; analyzing network traffic to obtain a second portion of access rules; determining, by a processing device, one or more access rules to be assigned to the one or more enforcement points based on the access policy, wherein the one or more access rules comprise a combination of the first portion and the second portion; assigning the one or more access rules to the one or more enforcement points closest to the entity to implement the access policy; and after assignment of the one or more access rules to the one or more enforcement points closest to the entity, verifying the assignment by: comparing the one or more access rules to the configuration. 2 . The method of claim 1 further comprising: repeating the assigning of the one or more access rules to the one or more enforcement points closest to the entity, in response to a mismatch between the configuration of the one or more enforcement points and the one or more access rules. 3 . The method of claim 1 , wherein the one or more access rules are assigned to the one or more enforcement points based on a port associated with the entity. 4 . The method of claim 1 , wherein the one or more access rules are configured to control network access in a manner customized for the entity. 5 . The method of claim 1 , wherein the one or more characteristics of the entity are determined without use of an agent. 6 . The method of claim 1 , wherein the entity is selected based on being detected communicatively coupling to the network. 7 . The method of claim 1 , wherein the one or more characteristics of the entity further comprise one or more of a location of the entity, a user, compliance, or risk associated with the entity. 8 . The method of claim 1 , wherein the one or more enforcement points comprise at least one of a firewall, a router, a switch, a portion of cloud infrastructure, hypervisor, software-defined networking (SDN) controller, or virtual firewall. 9 . The method of claim 1 , wherein the one or more access rules are configured using at least one of an application programming interface (API), a command line interface (CLI), or a simple network management protocol (SNMP) interface. 10 . The method of claim 1 , wherein the one or more access rules are associated with a destination of communications sent from the entity. 11 . The method of claim 1 , wherein the one or more access rules assigned to an enforcement point comprise at least one of an access control list (ACL), a switch command, or a cloud packet filtering ACL. 12 . The method of claim 1 , wherein the entity comprises at least one of a device, an endpoint, a virtual machine, a service, a serverless service, a container, or a user. 13 . A system comprising: a memory; and a processing device, operatively coupled to the memory, to: select an entity communicatively coupled to a network; determine one or more characteristics of the entity, wherein the one or more characteristics are associated with at least one of an identification or classification of the entity; select an access policy based on the one or more characteristics of the entity; determine one or more enforcement points closest to the entity; query the one or more enforcement points to obtain a configuration of the one or more enforcement points; translate the configuration into a first portion of access rules; analyze network traffic to obtain a second portion of access rules; determine one or more access rules to be assigned to the one or more enforcement points based on the access policy, wherein the one or more access rules comprise a combination of the first portion and the second portion; assign the one or more access rules to the one or more enforcement points closest to the entity to implement the access policy; and after assignment of the one or more access rules to the one or more enforcement points closest to the entity, verify the assignment, wherein to verify the assignment, the processing device is to: compare the one or more access rules to the configuration. 14 . The system of claim 13 , wherein the one or more access rules are assigned to the one or more enforcement points based on a port associated with the entity. 15 . The system of claim 13 , wherein the one or more access rules are configured to control network access in a manner customized for the entity. 16 . The system of claim 13 , wherein the one or more characteristics of the entity are determined without use of an agent. 17 . The system of claim 13 , wherein the one or more characteristics of the entity further comprise one or more of a location of the entity, a user, compliance, or risk associated with the entity. 18 . A non-transitory computer readable medium having instructions encoded thereon that, when executed by a processing device, cause the processing device to: select an entity communicatively coupled to a network; determine one or more characteristics of the entity, wherein the one or more characteristics are associated with at least one of an identification or classification of the entity; select an access policy based on the one or more characteristics of the entity; determine one or more enforcement points closest to the entity; query the one or more enforcement points to obtain a configuration of the one or more enforcement points; translate the configuration into a first portion of access rules; analyze network traffic to obtain a second portion of access rules; determine, by the processing device, one or more access rules to be assigned to the one or more enforcement points based on the access policy, wherein the one or more access rules comprise a combination of the first portion and the second portion; assign the one or more access rules to the one or more enforcement points closest to the entity to implement the access policy; and after assignment of the one or more access rules to the one or more enforcement points closest to the entity, verify the assignment, wherein to verify the assignment, the instructions cause the processing device to: compare the one or more access rules to the configuration of the one or more enforcement points that the one or more access rules are assigned to. 19 . The non-transitory computer readable medium of claim 18 , wherein the one or more access rules are assigned to the one or more enforcement points based on a port associated with the entity. 20 . The non-transitory computer readable medium of claim 18 , wherein the one or more access rules are configured to control network access in a manner customized for the entity.