Network Security: Support for ARP Handler Inspection (arpon)
arpon should be added to UTM. You would need to add the ability to process the arpon.log file intelligently and escalate to the administrator accordingly.
arpon would be useful in situations where users add unauthorized equipment to the network, or ARP poisoning/spoofing is taking place.
William Warren commented
This is endemic to ipv6 and is well known. Keep in mind this would NOT stop machine to machine direct spoofing but only machine to ASg or through ASG spoofing. The base default drop system of Astaro would take care of this issue as well.