If you follow Software-Defined Networks (SDN) you know that one of the great future promises of SDN was the ability to abstract the network hardware from the overlying software. Buy any hardware you want; add the most apt operating system and then add an SDN console that suits you to implement security, access and usage policies that the console then dynamically applies to the underlying network. In the SDN model network hardware would be driven to commodity, and the money would be made–if any money were to be made–would be in providing those higher-level functions.
Full-on SDN is still a while off but in the meantime some network providers have come out with those policy-based management applications that they add to their network equipment, or sell in addition to their equipment to make money in the higher-level space. Some of them run on anyone’s brand of hardware.
Policy-based management works with the underlying switches and access points to enforce which user get to access which network segment at which time, with which device, configured in some acceptable way, and do which particular things on the network. BYOD management and NAC are small components of policy management. The waterfall benefits are security, better resource utilization, perhaps user satisfaction, and lessened IT time burden. BOB