I currently maintain a network for a small University that utilizes 9 class C public networks. We use a PIX 515E with NAT disabled. I would like to enable NAT and use the Class C public networks as my global NAT pool. We will also be implementing DHCP inside which will be 192.168.X.X (Divided amongst VLANs). Simple enough right?
The problem is that our Cheif Information Officer would like a way to track any inside host if we sense malicious activity or for any other reason. Right now it is quite easy since we all use static global IP addresses. So how can I track who is who if their IP's are dynamic and they use a dynamic NAT IP every time they pass through the PIX?