Security MAC ACLs can be used to permit and/or deny ethernet packets on the egress port by matching on the following

One of the primary functions of a switch is to forward packets to the correct next hop. This necessitates knowing the unique MAC addresses of all connected hosts and switches to a network interface. In dynamic environments like campus networks, the hosts often come and go, which means the number of connected hosts that the switch knows about expands continuously. Therefore, it becomes necessary to have a mechanism for the switch to eventually discard information about MAC addresses that are no longer active in the network. 

This feature adds three new SNMP traps for MAC move, learn, and age events: aristaMacMove, aristaMacLearn, and