I understand that you can change the mac address. I estimate that in my environment 1 out of 5 Routers installed might spoof the mac. I'd like to expose 2 or 3 people and make examples out of them. Most of these people are not aware of the policy.

Anyways, thanks for the info on passive fingerprinting.