One big issue is with the ARP broadcast problem. I cant close them at SMs as they unable to access Internet. 20-30% ARP in Network dont cause any problem, but at peak hours it raise upto 80-90%. At this point whole network hangs up. Client PCs are badly virus affected and they are broadcasting huge amount of ARP. Is there any solution for this??

on the advanced setup of the SM filter arp traffic. Search this forum, there are many suggestions on what should be filtered on an SM.

On every SM block the following protocols:

    PPPoE (unless you are using it)
    SMB (Network Neighborhood)
    Bootp Server
    IPv4 Multicast

That will quiet things down

You cannot block ARP storms at the SM right now.

But if you are running software version 8.2 you can set the broadcast/multicast MIR to 1kbps. This will help a lot.

The ARP storms should be traceable though.

If you set up a program like Wireshark and capture the broadcast packets you will probably see one or two sources of the ARP storm sending out resolution packets by the hundreds per second or worse.

It may be clients, it may even be your border router.

You have to find the source and shut it down, or fix it.

Some ARP requests are triggered on non-resolved IP’s, so manually assigning a bogus MAC to IP binding will stop the device from spewing broadcast packets to find the owner of the IP.