Hi People,
Can anyone here please let me know what is the risk of enabling the anti-MAC spoofing feature in SEP for client or even Windows Server ?
Because I believe there has to be a reason why it is disabled or unchecked in the first place.
When enabled, Symantec Endpoint Protection allows incoming and outgoing address resolution protocol (ARP) traffic if an ARP request was made to that specific host. All other unexpected ARP traffic is blocked and an entry is generated to the Security log.
It only allows ARP traffic destined for that specific host. The rest is blocked. There really isn't much to it other than that. It's just protection against sppofing, as the name says
Thanks all for the reply.
Is there any reason why this feature is disabled by default ?
There is a bigger chance of it causing an issue so it's up to you test first and rule out any potential problems.
Cool, thank you people for the clarification !