The following is intended to outline our general product...
Kerberos data in LDAP. Root login disabled by default. Role auth via user password, Authentication caching. Audit Auditing on by default, audit policy in SMF, Secure remote audit trail. Delegation Sudo with aud