Cisco has a security option that blocks communication between clients who are on the same local network subnet. It would be great if Aerohive offered this feature. Ideally it would be a check-box that can be configured at the SSID level. I may be wrong, but it appears the only way this can be accomplished today is by configuring a firewall rule at the User Profile level. If this were a check-box configuration option, I think it would be a bonus.