Abstract. As computer and network security threats become more sophisticated and the number of service dependencies is increasing, optimal response decision is becoming a challenging task for security administrators. They should deploy and implement proper network security policy enforcement mechanisms in order to apply the appropriate countermeasures and defense strategy.In this paper, we propose a novel modeling framework which considers the service dependencies while identifying and selecting the appropriate Policy Enforcement Points during an intrusion response process. First, we present the security implications of the service dependencies that have been developed in the literature. Second, we give an overview of Colored Petri Nets (CPN) and Hierarchical CPN (HCPN) and its application on network security. Third, we specify our Service Dependencies-aware Policy Enforcement Framework which is based on the application of HCPN. Finally and to illustrate the advantage of our approach, we present a webmail application use case with the integration of different Policy Enforcement Points.