It's basically an easy management console for all your endpoints. I especially like how it allows you to set up rules (like whitelists or blacklists) so that if a device attempts something too many times in a given timeframe - say 10 tries within 20 minutes - then it gets locked out. In addition, some of the rules are pretty specific about which apps can be used with them and will block things even when they're not explicitly mentioned as allowed. For example, my employer runs Cisco ASA devices and we use Zer0Networks products for our client and visitor side VPNs. The main advantage here was being able to control those systems centrally without having people open ports one at a time.