Say I had an ansible management node/awx server that really only needs to be able to reach out to all of the nodes in the mesh, but I don't necessarily want the other nodes to be able to speak to each other, or back to the management node. You can fiddle with firewall rules or the firewall config to do that, but that's sort of a use case you can really sell to people if it's just a clicky UI thing.