MAC Spoofing Protection
The Network Threat Protection component tracks vulnerabilities in the Address Resolution Protocol (ARP). This way, the component protects the computer against attacks such as MAC spoofing. A MAC spoofing attack consists of changing the MAC address of a network device (network card). As a result, an attacker can redirect data sent to a device to another device and gain access to this data. Kaspersky Endpoint Security lets you block MAC Spoofing attacks and receive notifications about the attacks.
By default, Kaspersky Endpoint Security does not monitor MAC spoofing attacks.
To change the mode of protection against MAC spoofing attacks:
- In the lower part of the main application window, click the
button. - In the application settings window, select Protection → Network Threat Protection.
- Turn on the MAC Spoofing Protection toggle.
- In the Upon detection of MAC spoofing attack block, select one of the following options:
- Notify only.
- Notify and block.