Endpoint Protection Small Business Edition

 View Only
  • 1.  MAC Spoofing

    Posted May 29, 2019 04:55 AM

    Dear team Symantec,

    We are using Version 14 (14.2) build 1031 (14.2.1031.0100).
    We faced an issue lately where the LAN computers were not able to communicate with the Servers VLAN. After much research we found out that  from Symantec Endpoint Protection stating "Unsolicited incoming ARP reply detected, this is a kind of MAC spoofing that may consequently do harm to your computer." When we view the log file it is detecting this attack from the access switch. 

    We confirmed that there was no MAC spoof happening at this time. 

    On our Symantec endpoint manager firewall policy we've got "Enable Anti-MAC Spoofing" turned off and the system seems to work fine for now. 

    SEP was updated to this version few months back.

     

    Please advise a solution. 

    Thanks

    Rizwan

    r@mipco.ae



  • 2.  RE: MAC Spoofing

    Posted Oct 24, 2019 02:59 PM
      |   view attached

    We are using Version 14.2.1 (14.2 RU1 MP1) build 4814 (14.2.4814.1101)

    We are having a similar issue but we get "unsolicited incoming ICMPV6 reply detected, this is a kind of MAC spoofing that may consequently do harm to your computer".

     

    Do you have any solution for this issue?

     

     

     

    Thank you Tammy

     

    Tammy.Retzlaff@cartercasino.com