The appliance is connected to switches and does not let any client access the network unless the client is compliant with patch-level-policy, or anti-virus-policy. Non-compliant clients are moved into a quarantine VLAN.
Alternative approaches are "Inline-Solutions" (Vernier Networks, InfoExpress, Sygate which is currently been swallowed by Symantec) and homogenous switch-based solutions like Cisco NAC.
Cisco NAC eventually requires switch upgrades and the Cisco Trust Agent on each client. Lockdown's solution however works agent-less as long as the client is a member of the administrative domain (whatever that exactly means); guest-systems are supported by an applet-agent (whatever that exactly means ...).
Interesting stuff, especially now that DELL switches are so dirt cheap.