This answer may be a little off track on what you are looking for and I’m sure with over two years of rolling out Peplink you already know about this though it may help some others.
At the moment we find controlling permission levels and what can be accessed within Peplink is best achieved by creating organisations for each of your customers, then within the organisation you can create separate group permissions. We learnt this the heard way when first starting out with InControl2 and had to take our customers through a transition process that took about two months to complete (done progressively customer by customer). The advantages we now have gained from putting customers into separate organisations out way attempting to run them all from a single organisations.
The only thing we have lost is the ability to see all system for all customers from a single top level screen, though we can live without that.
In now using separate organisations we can personalise that organisation with the customers own logo and icons, this also means that when we are working with an organisation that is on selling our services, then we are helping them to with a branded solution in there name.
One example we did recently, we were supplied a solution through another IT company and used that IT companies logo and icon for the organisation, the whole solution was then at the IT companies request moved to the end client, all we need to do was change three things, the organisation name, the customers logo and the customers Icon.
Another IT customer we have helped integrate with has the top level organisation for there customers IT department with each sub branch having its own group allowing for discrete and separate visibility of the branches activities for the locally responsible teams.
We find that this setup works really well for our customer who are Managed Service Providers that we integrate for too.
Sorry we can not show you any images of our InControl2 organisational structures and group structures at this point in time.
Yes it would also be nice to able to have additional refinement on what can be seen and done for groups and individuals within a group, though if they do not need access to that information, then for now we just don’t give them any access.
If you need further help with this please reach out to the forum here or the Peplink Team.
Happy to Help,