Least privilege networking solution that prevents attacks from spreading and causing damage by automatically restricting network access to only what is normally needed, everything else goes through 2-step verification.
It's basically an easy management console for all your endpoints. I especially like how it allows you to set up rules (like whitelists or blacklists) so that if a device attempts something too many times in a given timeframe - say 10 tries within 20 minutes - then it gets locked out. In addition, some of the rules are pretty specific about which apps can be used with them and will block things even when they're not explicitly mentioned as allowed.
For example, my employer runs Cisco ASA…
Pros
One system controls everything
Allows central access via web portal; also available locally through mobile app.
Supports lots/most popular platforms + applications including Android TV boxes / Chromecasts