I have been testing out the latest release and I like what a see so far. I don’t know if it is on the roadmap or not but the concept of application/service rule sets for egress traffic would really put this over the top for me. I would like to see ip/port ranges for a named group of rules that can then be assigned to users or devices. The ability to assign multiple groups of rules to a user or device is critical here so that it would be easy to cover all of the different user scenarios without duplicating rules. I would define services/applications with these rules and assign them to users or devices but I could see others using it for group level management. The ultimate goal would be to achieve least privilege access across users/devices.
Thanks for considering the request, let me know if you need any additional information.