NS has invested big time in cockpit to be the base for web-ui, for good reasons because it integrates much of the Linux based distro’s application interfaces. In the end of day (like it or not… I do) it depends on systemd. This kinda puts all BSD’s out off the scope…
For the mortals among us, which includes me, solutions like OpenSense and pfSence and the like are awesome however (IMHO) the needed knowledge threshold to set it up in a reasonable way surpasses NS philosophy. Note do not say they are hard to use once you know what you are doing with a particular setting.
To keep the conversation going, could NS stay a all-in-one server which teams-up with a firewall on dedicate hardware? Meaning one administration interface face?