Definition

Dynamic ARP Inspection (DAI)

Contributor(s): Sonia Groff

Dynamic ARP Inspection (DAI) is a security feature that verifies address resolution protocol (ARP) requests and responses in a network.

ARP allows hosts within a Layer 2 broadcast domain to communicate. It does this by mapping an IP address to the individual host's media access control (MAC) address. If a particular host wants to send information to another host but does not have the second host's MAC address in its ARP cache, it sends a message to all hosts throughout the domain seeking that information. The second host then responds with its MAC address.

These transmissions can be vulnerable to man in the middle attacks. DAI stops these attacks by intercepting all ARP requests and responses and dropping packets with invalid IP-to-MAC address bindings. This approach ensures that only valid ARP requests and responses are passed through.

 

 

This was last updated in March 2014

Continue Reading About Dynamic ARP Inspection (DAI)

Dig Deeper on Network Security Monitoring and Analysis

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close