"When truth is buried, it grows. It chokes. It gathers such an explosive force that on the day it bursts out, it blows up everything with it."
Depending on the gear, some policies may be applied based on users profiles.
These policies may be as simple as assigning them to a certain VLAN or more sophisticated such as denying administration protocols (such as ssh, telnet, SNMP, server activities), leaving to administrators that kind of access.
In order to grant certain priorities to key applications or users, some other policies may be enforced to applications such as IP phones (i.e.: priorities to keep latency low). Security may be enforced to certain users or devices (i.e.: allowing only certain types of traffic) by combining policies with security mechanisms such as authentication.
However, the very first step is putting in place a policy. That means to classify the different users, resources and applications / work on an acceptable policy for the network so that can be translated into configurations to be deployed. This is the missing bit in most networks and certainly something where Cruxen may help you.