Network Security

The Network Security option in the Instant On mobile app, allows you to configure security protection against DHCP and ARP attacks.

DHCP Snooping

DHCP snooping provides network security by filtering DHCP messages from untrusted sources in the network. It differentiates between ports connected to untrusted end user devices and ports connected to trusted DHCP servers or other Instant On devices. To take effect, security protections must be enabled both at the network and at the port level. Uplink ports as well as ports interconnecting Instant On devices together are automatically configured to trust the devices connected.

ARP Attack Protection

ARP attack protection is a security feature that validates ARP packets in a network and discards ARP packets with invalid IP-to-MAC address bindings. The system automatically learns the IP to MAC bindings from the DHCP exchanges in the network and it protects the network from certain man-in-the-middle and impersonation attacks.

The option to enable DHCP Snooping and ARP Attack security protection only apply to Instant On switch ports and is displayed when the site has at least one Instant On switch in the device inventory. The following procedure enables Network Security on the Instant On network:

1. Tap Active Networks () tile on the Instant On home page and select a wired network from the list. The network details page is displayed.
2. Under More options, tap Network Security. The Network Security screen is displayed.
3. Slide the toggle switch () to enable the Network security protections setting. This setting is disabled by default.
4. Click Enable in the pop up window to confirm.
5. Ensure that the Security protections setting is also enabled in the Port Details page for the port on which the network is configured. For more information on Security protections, see Switch Details.
6. Tap Done, to save the configuration.