You're missing a few bits in this story.
First, actually you'd be surprised how much cost it adds, sure you may be lucky and get the guy who knows his stuff and goes great, but then you may get the guy who can't work his own computer and comes back with more questions day after day after day, expecting his tech problems solved because he has paid for that connection (blanket bans avoid silly support tickets)
(I recall I once recommended a hosting company I use to a fefriend £14 for a small amount of space and bandwidth for personal sites, in the first month he had logged support requests at a rate of almost two per day, I felt really bad for ever helping him, in the first month he wiped out probably a decade worth of profit on his account for that hosting company because he couldn't understand the FAQs and setup guides. (Which he had access to before he bought the service!)
Second, you're sharing that connection with everyone else, it's not a case of fair use, it's a case that people tying to get material online for work is just more important than the games you want to play! -so the it department don't want you to playing games.
Sure you could set up QOS for all the different traffic (assuming the equipment can handle that) but again that adds a support and maintenance overhead, not to mention with Cisco the difference between a 3750 that supports QOS macros applied to ports, and a 2960 that supports QOS but not via macros (so each port needs to be configured) is a more than a grand per device more expensive...
Then
Strict nat and open nat are just buil terms made up by Microsoft.
Strict nat effectively refers to saying you have a statefull firewall (any modern firewall) whilst open nat means you have setup port forwarding.
Whilst open nat essentially specifies that you've setup port forwarding.
Which is great at home where you have one Xbox, if there are a hundred students all wanting specific ports forwarded to them that can't be done. (A single port on a single external address can only be mapped to a single inside device...)
All that said...
When I worked at a university the institution had a big block of addresses (/16 I think) so all internal computers got non education 1918 addresses. If you have a non rfc 1918 address you might be able to have your own router and set up port forwarding on your own device.