Traffic Quota per IP not per user

Are there any updates to this limitation? I am facing the exact same problem, and I feel like it should be a basic requirement. I'm not sure how reasonable it is to have to force clients to be loaded onto any possible device type in order to gain basic control over traffic.

As an example, I have the default firewall rule set to allow traffic from LAN to WAN, but gets highest intensity IPS, AV for HTTP/S, etc., and should be set to lowest priority from a Traffic Shaping perspective.

IP addresses (mobile phones, tablets, etc.) along with laptops, 2 of which run VoiP, will hit different shaping rules, prioritization, IPS intensity, etc. based on which group it falls into. However, these controls shouldn't rely on loading a client - what if you want to control traffic on your network for machines you do not have admin access to load such a client? In an enterprise setting, this could be "guest access", and therefore likely clientless. In a home setting, this could be your work-provided laptop using your home network, with different rules (such as access & bedtime restrictions for kids tablet/iPods).

In both cases, it's difficult to set those machines apart from each other to set up different rules.

We can easily do the grouping, but once they're in a group, it's almost useless to have done so. Actually, even that isn't true. It isn't easy to populate the groups - it's convoluted, and difficult to do in bulk, you can't even add device IP's from multiple screens; you have to select the IPs that you know correspond to devices that are currently being displayed, add them, then go to the next screen and scroll through to find more hits, add those, then move to the next screen... but, I digress....

I was really using this as an opportunity to test out the UTM features of the Sophos platform, as I am also responsible for deployment of such services across my enterprise professionally.

Some of these silly quirks make it a hard sell.

Are there any updates to this limitation? I am facing the exact same problem, and I feel like it should be a basic requirement. I'm not sure how reasonable it is to have to force clients to be loaded onto any possible device type in order to gain basic control over traffic.

As an example, I have the default firewall rule set to allow traffic from LAN to WAN, but gets highest intensity IPS, AV for HTTP/S, etc., and should be set to lowest priority from a Traffic Shaping perspective.

IP addresses (mobile phones, tablets, etc.) along with laptops, 2 of which run VoiP, will hit different shaping rules, prioritization, IPS intensity, etc. based on which group it falls into. However, these controls shouldn't rely on loading a client - what if you want to control traffic on your network for machines you do not have admin access to load such a client? In an enterprise setting, this could be "guest access", and therefore likely clientless. In a home setting, this could be your work-provided laptop using your home network, with different rules (such as access & bedtime restrictions for kids tablet/iPods).

In both cases, it's difficult to set those machines apart from each other to set up different rules.

We can easily do the grouping, but once they're in a group, it's almost useless to have done so. Actually, even that isn't true. It isn't easy to populate the groups - it's convoluted, and difficult to do in bulk, you can't even add device IP's from multiple screens; you have to select the IPs that you know correspond to devices that are currently being displayed, add them, then go to the next screen and scroll through to find more hits, add those, then move to the next screen... but, I digress....

I was really using this as an opportunity to test out the UTM features of the Sophos platform, as I am also responsible for deployment of such services across my enterprise professionally.

Some of these silly quirks make it a hard sell.