SB.10.007 Access and authentication attempts
Authentication attempts are logged including originating IP and attempted user. Passwords are not logged.
Access to the network is logged.
AD Security audit log central policy enabled.
Network authentication logs (802.1x, wifi access logging, clearpass logging).
IP address usage logging (monitoring of ARP for IPv4, NDP for IPv6).
Network address to network port logging.
Wireless network location logging.