For the rough profiles definitions, we can use "Windows" and "Linux" specific profiles.
Under Windows profile category, Servers and Clients (with Servers, omitting the things like Adobe Flash and Reader, IE and other, application specific protections).
Under Linux, same breakdown with Server and Client (with server, omitting browser and application specific protections).
MS SQL as a separate category, since it is now could run on both, Windows and Linux.
Separate overall SQL category covering all relational databases.
Separate Mail category.
Separate Cisco category (too many vulnerabilities and easily defined scope).
Separate category for the overall protection from worms.
Separate category for CPU level exploits.
I would think that the above will cover the needs of most lazy admins:)
Would be nice to have a correlation tool capable of matching protections to the results of the vulnerability scans, such as Nessus, Qualys, Open VAS and Vulners, by comparing their csv output with protections available from CP and generating custom profiles that could be imported.
Having this capability will enable admins to immediately plug the discovered holes.
If this tool could do differential profile updates, that will be totally awesome.
Ability to merge rules with identical scope may also be handy, (i.e. rule added immediately after 0 day discovery as a separate line item that could later be integrated with one or more stable rules).
Just my 2 cents.