ARP poisoning can be prevented by the following methods:
Packet filters: These help in reducing the chances of attacks being successful. These filters analyses each packet that has been sent over a network and filter outs and blocks malicious packets that are suspicious.
Encryption: Protocols such as SSH and HTTPS will also help you to reduce the ARP poisoning attacks.
VPNs: These are not suitable for larger organizations as each VPN connection needs to be placed between each computer and each server. If it is only a single person trying to attack using public wifi, then VPN will encrypt all the data that has been transmitted between the exit server and the client.
Static ARP entries: This is suitable for smaller networks. This ARP is added for every machine on a network into a single each individual computer.
