Policy Enforcement > ARP Spoofing Prevention
Specify the IP and MAC addresses of your critical nodes to allow Network VirusWall Enforcer to prevent ARP spoofing by broadcasting legitimate Address Resolution Protocol (ARP) information. You can also configure whether Network VirusWall Enforcer actively detects and terminates programs that may be performing ARP spoofing.
A brief description of the options on this screen is available below.
Malware Monitoring Settings
Monitor for suspicious ARP traffic from endpoints—select this option to monitor applications for outgoing ARP traffic. Endpoint users are automatically notified when a malware program is detected.
Stop endpoint processes that send suspicious ARP traffic—select this option to configure Network VirusWall Enforcer to stop programs sending more than 100 ARP packets per second.
Spoofing Prevention Settings
Enable ARP spoofing prevention—select this option to provide a static map of the IP and MAC addresses of your critical nodes. Network VirusWall Enforcer regularly broadcasts this information to help prevent poisoned or spoofed ARP information from affecting endpoints.
Note: ARP spoofing prevention supports only IPv4 environments. You can add only IPv4 addresses to the static map.