Test this out, create a few "home" pages for each department. Then on the root of your site (master page) go to Edit>Properties>Security tab and add role Everyone Allow read access. This will give everyone read access to everything on your site (no worries, we'll override it later).

Next in one of your department specific home pages in the Access box, select Yes to require authentication and click ok. Then in the Permissions box, add Not authenticated users role and deny full control. Then add the department specific role and allow read control. For any other department specific roles, add them to deny full control.

By setting the permissions at the top department specific home page, all the child pages will inherit the same permissions.

Lastly, in your webpart that displays the navigation, in the System Settings, select the Check Permissions box. What will happen is if you have someone from Marketing log in and there are lets say 5 different "Home" pages, it will only display the Marketing home page and none of the others will be accessible to this user.

The key to this is creating department specific nodes on your content tree so you can inherit permissions. Hope that helps.

Hello.

Another option you could consider is using the Content personalization as described in http://devnet.kentico.com/docs/devguide/cp_overview.htm.

Best Regards,
Radek Macalik