Over the years lots of different solution for detecting ARP-attacks have been proposed. None of them became a standard as they were not able to detect a broad range of attacks. Furthermore there are five main solutions that are proposed when you ask around. All of them do not solve the problem. Some not even roughly:
Static ARP tables: Impossible administrative overhead. Secure distribution of tables not possible. Depending on OS version static ARP-entries are being overwritten.
Switches: Absolutely no security. The Port-Security Feature on high-end switches can easily be tricked
VLANs: Can’t put every machine into a VLAN. VLANs have their own set of security problems.
Encryption: Can only encrypt from IP-layer upwards. Man-in-the-middle attacks on secured connections have been shown.
Firewalls: See FAQ entry above.