Another feature of Layer2 security is to make the entries on the bridge as static ones. If we look to the bridge, we can see the following entries in its Host table which are learned dynamically:

If you want to make them static for security reason, you can do so. Just click on + and add an entry (I will do the one on Ether2):

You will see right away that it is now static. To even make it more secure, you can go to the bridge interface and enable ARP mode to be reply only, so the bridge will answer to ARP requests for entries which are inside the Host table.