PDF(246.7 KB) View with Adobe Reader on a variety of devices
ePub(287.6 KB) View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle)(212.7 KB) View on Kindle device or Kindle app on multiple devices
Updated:December 11, 2018
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Address Resolution Protocol (ARP) Access Control Rules Configuration on 300 Series Managed Switches
Address Resolution Protocol (ARP) maps the IP address of a device to the MAC address of the same device. ARP inspection is used to protect a network from ARP attacks. When a packet arrives on an interface (port/LAG) that is defined as untrusted, ARP inspection compares the IP address and MAC address of the packet with the IP addresses and MAC addresses previously defined in the ARP access control rules. If the addresses match, the packet is considered valid and is forwarded. This article explains how to create an ARP access control group, how to add rules to an ARP access control group, and how to configure an ARP access control group to a VLAN on the SF/SG 300 Series Managed Switches.
To create protection from ARP attacks, you must follow several steps: