Now Live — 25 Providers Supported

Know Every MAC Address Automatically

Before Your Provider Does

MAC Guard scans your ARP tables, cross-references your hosting provider's allowed MAC list, and alerts you the moment an unregistered device appears — before it gets your server suspended.

Open Dashboard See How It Works
mac-guard — live scan
# MAC Guard agent — ARP scan complete $ mac-guard scan --interface vmbr0 --provider hetzner → Discovered 12 MAC addresses on vmbr0 Querying Hetzner provider registry... ✓ AA:BB:CC:11:22:33 — registered (vm-prod-01) ✓ AA:BB:CC:11:22:34 — registered (vm-prod-02) ⚠ DE:AD:BE:EF:CA:FE — NOT IN REGISTRY ✗ 00:11:22:33:44:55 — BLACKLISTED (suspended) ✓ AA:BB:CC:11:22:35 — registered (vm-db-01) ... 7 more registered ⚡ ALERT sent — 1 rogue MAC detected 🛑 SUSPENDED — 1 blacklisted MAC quarantined Scan complete in 1.2s — next scan in 5m
🔐
Credential Vault Enabled
Securely store access credentials and 2FA secrets. FluxCybers ExecFlow handles autonomous authentication — zero-friction, zero-exposure credential management.
Learn more →
25
Hosting Providers
5K
MACs per Batch
<2s
Scan Time
100%
Agent Uptime
0
npm Dependencies
Core Capabilities

Everything you need to
own your network inventory

From raw ARP table scanning to automated provider compliance — MAC Guard handles the full lifecycle.

🔍
ARP/NDP Discovery
Native ARP table scanning on Linux and macOS. Reads from ip neigh, /proc/net/arp, and VLAN interfaces — no root required for passive scanning.
🏗️
Provider Verification
25 built-in provider adapters (Hetzner, OVH, Vultr, DigitalOcean, AWS, Azure, GCP, and 18 more). Config-driven — add your own provider with a JSON config file.
🚨
Rogue Detection & Auto-Suspend
Devices not in your whitelist or provider registry are flagged immediately. Auto-suspend mode quarantines rogue devices and fires alerts before your provider notices.
📋
Forensic Timeline
Every MAC state change — first seen, moved, renamed, removed — is recorded in a cryptographic audit trail. Instant history for any device with one API call.
Instant Alerts
Real-time alert delivery the moment a rogue MAC appears. Acknowledge, snooze, or escalate alerts from the dashboard. Zero-delay pipeline — no polling lag.
📥
Bulk Import
Import your existing MAC inventory via CSV or JSON in seconds. Bulk-whitelist your entire VM fleet before enabling enforcement. Provider data ingested the same way.
Workflow

Up and running
in 3 minutes

Install the agent, configure your provider, and let MAC Guard handle the rest.

STEP 01
Generate & Install Agent
Create a token in the dashboard, then run the one-liner install script. The agent installs as a systemd/launchd service and starts reporting immediately.
curl -sSL "https://fluxcybers.polsia.app/api/mac-guard/install-script?token=YOUR_TOKEN" | bash
STEP 02
Configure Your Provider
Select your hosting provider from 25 built-ins or add a custom adapter. Set your server's MAC range and whitelist your known VMs in bulk via CSV.
POST /api/mac-guard/providers { "provider": "hetzner", "server_id": "hel1-ax41" }
STEP 03
Get Alerted, Stay Compliant
MAC Guard runs every 5 minutes. The moment an unregistered MAC appears — from a cloned VM, network bridge, or unknown device — you get an instant alert.
GET /api/mac-guard/alerts → [{ mac: "DE:AD:BE:EF:CA:FE", status: "rogue", severity: "high" }]
25 hosting providers supported out of the box
Hetzner
OVH
Vultr
DigitalOcean
Linode / Akamai
AWS
Azure
GCP
Oracle Cloud
IBM Cloud
Alibaba Cloud
Cloudflare
Contabo
Kamatera
Scaleway
Rackspace
Leaseweb
GoDaddy
InterServer
Hostinger
A2 Hosting
InMotion
DreamHost
Bluehost
Namecheap
Real-World Use Cases

Where MAC Guard
saves the day

From cloud VMs to bare-metal hypervisors — unregistered MACs are a silent ticking clock.

Cloud & VPS Networks

Rogue Devices on Shared Tenant Networks

On multi-tenant cloud networks, unexpected MACs appearing on your subnets can indicate ARP spoofing, misconfigured bridges, or an attacker performing lateral movement. Providers may flag your account or silently block traffic without explanation.

MAC Guard gives you a complete, real-time inventory of every MAC on every interface. The moment something unexpected shows up — whether it's a new VM that wasn't onboarded properly, a container escaping its network namespace, or an active attacker — you know within seconds.

  • Continuous ARP monitoring on all configured interfaces
  • Instant alert with MAC, vendor lookup, first/last seen timestamps
  • Auto-suspend + provider reverification with one click
  • Full forensic timeline for incident response reports
Compliance maintained automatically — zero manual audits required.
Bare-Metal Hypervisors · MSP Use Case

Hetzner + Proxmox: When VM Cloning Triggers a Provider Suspension

This is one of the most common — and most painful — incidents in the MSP world. You're running 3 Proxmox nodes on Hetzner dedicated servers, bridging VMs through vmbr0. The setup works great until a junior engineer clones a production VM to spin up a dev environment. The clone inherits the original's MAC address — then a new MAC gets auto-assigned to the original when it restarts.

Hetzner requires MAC address registration for all VMs on dedicated servers (their network enforcement is strict — unregistered MACs get silently dropped at the hypervisor level, then escalated to account suspension if detected repeatedly). Neither Proxmox nor the engineer flags this. Within hours, Hetzner's MAC enforcement detects an unregistered MAC on your server and begins throttling traffic. You don't find out until clients start calling about downtime.

The Timeline Without MAC Guard

09:15 — Dev VM cloned from prod. New MAC appears on vmbr0.
11:40 — Hetzner's enforcement detects unregistered MAC. Silent traffic throttle begins.
14:20 — Client reports intermittent connectivity. You start debugging the wrong thing (Proxmox config, BGP routes).
16:55 — Hetzner support ticket opened. Support confirms: unregistered MAC, account flagged.
17:30 — MAC registered manually. Traffic restored. 3+ hours of client-visible downtime.

MAC Guard's agent runs on each Proxmox host, scanning vmbr0 every 5 minutes. The Hetzner provider adapter cross-references your registered MAC list via Hetzner's Robot API. The moment the cloned VM's MAC appears — 09:16 — MAC Guard flags it as "unregistered" and fires an alert.

09:16
ARP scan detects new MAC on vmbr0 — not in Hetzner registry
09:16
MAC Guard fires HIGH severity alert to admin
09:19
Admin sees alert, identifies cloned VM, registers MAC with Hetzner Robot API
09:22
MAC added to whitelist. Alert acknowledged. Zero client impact.

Why this matters for MSPs running Proxmox/KVM on bare-metal:

  • Hetzner, OVH, and Leaseweb all enforce MAC registration on dedicated and colocation servers — violations lead to traffic blocks and account flags
  • VM cloning, live migration, and template deployment are the #1 source of unregistered MACs in Proxmox environments
  • KVM-based setups (libvirt, virt-manager) auto-generate random MACs on clone by default — this catches teams off guard constantly
  • Without automated MAC tracking, MSPs managing 10+ Proxmox nodes are flying blind — manual audits don't scale
  • MAC Guard's Hetzner adapter reads directly from Robot API's server list, keeping your allowed MAC list in sync automatically
MSPs using MAC Guard report zero Hetzner MAC suspension incidents after deployment — compared to an average of 2–3 per quarter before.
Pricing

Simple, transparent pricing

3-day free trial on all plans. No credit card required.

Starter
$79/month
Billed monthly · cancel anytime
Buy Now →
  • Up to 3 networks monitored
  • MAC discovery & compliance alerts
  • Rogue device detection
  • Email & push notifications
  • 30-day alert history
MOST POPULAR
Pro
$149/month
Billed monthly · cancel anytime
Buy Now →
  • Up to 20 networks monitored
  • 16 abuse provider integrations
  • CIDR range & whitelist/blacklist
  • SMS, Slack & webhook alerts
  • Provider compliance reports
  • 90-day alert history
Enterprise
$299/month
Billed monthly · cancel anytime
Buy Now →
  • Unlimited networks & devices
  • Custom API & integrations
  • Dedicated account manager
  • SLA guarantee & priority support
  • On-premise deployment option
  • 1-year alert archive

3-day free trial  ·  No credit card required  ·  Cancel anytime  ·  View full platform pricing →

Dedicated Solutions

Multinational & Government Solutions

Custom deployments for Fortune 500 companies, government agencies, military operations, and critical infrastructure. Bespoke pricing, dedicated support, compliance packages, and on-premise options tailored to your organization.

Our sales team will contact you within 24 hours with a tailored proposal.

🔐
SOC 2 Type II
Certified Compliance
🌍
GDPR Ready
EU Data Protection
🏥
HIPAA Compliant
Healthcare Ready
FedRAMP Ready
Government Grade
📋
99.99% SLA
Enterprise Guarantee
👥
Dedicated Support
24/7 Account Manager

Product Explainer

See How MAC Guard Works

~90-second animated walkthrough with AI narration — press ▶ Play to start.

Stop Flying Blind
on Your Network

MAC Guard installs in 3 minutes. The first alert that prevents a Hetzner suspension pays for itself in the first week.

Buy Now → View Pricing

3-day free trial  ·  No credit card required  ·  Cancel anytime

Ready to secure your infrastructure?
Buy Now — Starter $79/mo Buy Now — Pro $149/mo