Ability to set up permitted devices under licensing
I would want the ability to set up permitted devices under licensing.
Only devices 192.168.1.10 to 192.168.1.20 should be permitted to the network.
If a user attempts to connect from 192.168.1.21, this device should then be blocked (like the license count was exceeded), even if theres licenses left. (and that device should then not count in licensing)
This would mean that any device outside of this, would not be able to connect to the UTM at all, and thus would not "spend" licensed devices (eg, any devices outside of the specified entires, or course multiple entires should be able to be specified, will be treated in the same way as you would be above license count).
Lets say I have a 50 IP license and have captive portal on. If a malicious user enters the wireless network without authenticating and then starts scanning with a vuln scanner or starts spoofing IPs and such, this will spend licenses, and later on prevent a legit device from entering the wired network.
What I want to do, is to restrict via a interface so for example, "only devices 192.168.1.10 to 192.168.1.20 should be licensed", and any other device will be treated as above license count (and be blocked).
This would mean I could allocate licenses so the wireless network only gets say 10 licenses, and my lan only gets 20 licenses, and so on, so if a malicious user exhaust all licenses on WLAN, it won't affect the LAN.
Note that I don't say that this should in any way allow a user to delete licensed devices or something, just a very crude and simple firewall that will simply block off unlisted IPs at a stage before they count in licensing. (And listing 0.0.0.0 to 255.255.255.255 will make the UTM behave like before)