Still trying to get some alerting in place. During our last security audit the question came up on the ability to detect unknown hosts attached to the network. Do any of you know how to setup an alert for an unknown host attaching to the network? Would I be looking at the AD level, switch or router level?
Any assistance would be great.
Thanks,
Jeremy