The initial change ensured that mobile devices used a randomized MAC address when probing for new networks, as an end-user privacy measure – it suddenly became harder to track users, their location, and their behaviour. This view of the world started to crumble when Google and Apple began making changes to their respective mobile operating systems, Android 8 and iOS 8. For Cisco Identity Services Engine (ISE), like for many software platforms built for managing the network, a device’s MAC address was indeed sacred. But by and large, we continued to rely on the burnt-in MAC address of a network interface card to be the globally unique identifier of a network interface, and thus, the device. Over the years we learned about the fun things you could do by arbitrarily changing the MAC address of devices on the network. In layman’s terms, a MAC address can safely be used to identify a device on a network.
Whether you read papers published by Xerox PARC in the 1970’s, or the latest Wikipedia entry on MAC address, you’ll certainly be familiar with the description of a MAC address being a globally unique identifier of a Network Interface Card (NIC).