The firewall now provides
NDP monitoring. You can quickly track a device and user who has violated a security policy rule by viewing, in one location, the IPv6 addresses of devices on the link local network, their MAC address, associated username from User-ID (if the firewall has a User-ID mapping), reachability Status of the address, and Last Reported date and time the NDP monitor received a Router Advertisement from this IPv6 address. The username is on a best-case basis; there can be many IPv6 devices on a network with no username, such as printers, fax machines, servers, etc. You need the MAC address that corresponds to the IPv6 address in order to trace the MAC address back to a physical switch or Access Point.