Dear team Symantec,
We are using Version 14 (14.2) build 1031 (14.2.1031.0100).
We faced an issue lately where the LAN computers were not able to communicate with the Servers VLAN. After much research we found out that from Symantec Endpoint Protection stating "Unsolicited incoming ARP reply detected, this is a kind of MAC spoofing that may consequently do harm to your computer." When we view the log file it is detecting this attack from the access switch.
We confirmed that there was no MAC spoof happening at this time.
On our Symantec endpoint manager firewall policy we've got "Enable Anti-MAC Spoofing" turned off and the system seems to work fine for now.
SEP was updated to this version few months back.
Please advise a solution.
Thanks
Rizwan
r@mipco.ae