In cases where the network configuration does not change frequently, it is perfectly possible to make a list of static ARP entries and deploy them to customers through an automated script. This will ensure that devices will always rely on its local ARP cache, instead of relying on ARP requests and replies.
Surveillance tools, such as Arpwatch, effectively assist in monitoring the ARP cache. Thus the detection of possible attacks, and even the risk of changes in network behavior becomes easier for the Safety of the system.
We could delve into this subject because it is very interesting, more like you just want to know the tools, I remember at the moment are:
Arpwatch, XArp and Arpon.
There is a set of techniques that should be studied in order to further minimize such an attack.