I'm trying to easily block and entire application class using the Omada Controller, Application Control newish functionality, and it's beyond impossible to figure out how to use this.

The only "option" I see when creating filters and rules in the Application Control tab is the option to enable (or disable) QoS. 

Now, when you go to QoS in Omada Controller, it works by "class" and by linking devices to classes. So what's the point of this new Application Control functionality? To control if a given application is included or not?

What I'm looking for is something extremely basic that I've done with other firewall software in a really easy fashion in the past: deny access to an entire application class. Simple. 

Is it that hard to implement that feature? I would want to believe it's way easier than try to implement some kind of QoS by application class, which by the way, the way it's implemented (if it's implemented) in Omada is beyond comprehension.

The only reason I'm not dumping Omada and going for a different solution is because I've invested already too much time to configure and learn this thing, but this single and very important feature of controlling application access in this firewall is still elusive at best.