Ludovic Marcotte
2015-04-16 14:16:46 UTC
The Inverse team is pleased to announce the immediate availability of
PacketFence 5.0.0. This is a major release with new features,
enhancements and important bug fixes. This release is considered ready
for production use and upgrading from previous versions is strongly advised.
What is PacketFence ?
PacketFence is a fully supported, trusted, Free and Open Source Network
Access Control (NAC) solution. Boasting an impressive feature set,
PacketFence can be used to effectively secure small to very large
heterogeneous networks.
Among the features provided by PacketFence, there are:
* powerful BYOD (Bring Your Own Device) capabilities
* state-of-the art devices fingerprinting with Fingerbank
* multiple enforcement methods including Role-Based Access Control
(RBAC) and hotspot-style
* compliance checks for endpoints present on your network
* integration with various vulnerability scanners, intrusion detection
solutions, security agents and firewalls
* bandwidth accounting for all devices
A complete overview of the solution is available from the official
website:http://www.packetfence.org/about/overview.html
Changes Since Previous Release
*New Features*
* New active/active clustering mode. This allows HTTP and RADIUS load
balancing and improves availability
* Fingerbank integration for accurate devices fingerprinting. It is
now easier than ever to share devices fingerprinting.
* Built-in support for StatsD. This allows fine grained performance
monitoring and can be used to create a dashboard using Graphite
* Local database passwords are now encrypted using bcrypt by default
on all new installations. The old plaintext mode is still supported
for legacy installations and to allow migration to the new mode
* Devices can now have a "bypass role" that allows the administrator
to manage them completely manually. This allows for exceptions to
the authorization rules
*
Support for ISC DHCP OMAPI queries. This allows PacketFence to
dynamically query a dhcpd instance to establish IP to MAC mappings
*Enhancements*
* Completely rewritten pfcmd command. pfcmd is now much easier to
extend and will allow us to integrate more features in the near future
* Rewritten IP/MAC mapping (iplog). Iplog should now never overflow
* New admin role action USERS_CREATE_MULTIPLE for finer grained
control of the admin GUI. An administrative account can now be
prevented from creating more than one other account
*
PacketFence will no longer start MySQL when starting
*
PacketFence will accept to start even if there are no internal networks
* Added a new listening port to pfdhcplistener to listen for
replicated traffic
* Added a user named "default" in replacement of the admin one
*
Adds support for HP ProCurve 2920 switches
* Iptables will now allow access to the captive portal from the
production network by default
* Major documentation rewrite and improvements
*Bug Fixes*
* Fixed violations applying portal redirection when using web
authentication on a Cisco WLC
* Registration and Isolation VLAN ids can now be any string allowed by
the RFCs
* Devices can no longer remain in "pending" state indefinitely
Seehttps://github.com/inverse-inc/packetfence/commits/packetfence-5.0.0for
the complete change log.
See the UPGRADE file for notes about
upgrading:https://github.com/inverse-inc/packetfence/tree/packetfence-5.0.0/UPGRADE.asciidoc
Getting PacketFence
PacketFence is free software and is distributed under the GNU GPL. As
such, you are free to download and try it by either getting the new
release or by getting the
sources:http://www.packetfence.org/development/sourcecode.html
Documentation about the installation and configuration of PacketFence is
also available:http://www.packetfence.org/documentation/
How Can I Help ?
PacketFence is a collaborative effort in order to create the best Free
and Open Source NAC solution. There are multiple ways you can contribute
to the project:
* Documentation reviews, enhancements and translations
* Feature requests or by sharing your ideas
*
Participate in the discussion on mailing lists
(http://www.packetfence.org/support/community.html)
* Patches for bugs or enhancements
* Provide new translations of remediation pages
Getting Support
For any questions, do not hesitate to contact us by writing
***@inverse.ca <mailto:***@inverse.ca>
You can also fill our online form (http://www.inverse.ca/#contact) and a
representative from Inverse will contact you.
Inverse offers professional services to organizations willing to secure
their wired and wireless networks with the PacketFence solution.
PacketFence 5.0.0. This is a major release with new features,
enhancements and important bug fixes. This release is considered ready
for production use and upgrading from previous versions is strongly advised.
What is PacketFence ?
PacketFence is a fully supported, trusted, Free and Open Source Network
Access Control (NAC) solution. Boasting an impressive feature set,
PacketFence can be used to effectively secure small to very large
heterogeneous networks.
Among the features provided by PacketFence, there are:
* powerful BYOD (Bring Your Own Device) capabilities
* state-of-the art devices fingerprinting with Fingerbank
* multiple enforcement methods including Role-Based Access Control
(RBAC) and hotspot-style
* compliance checks for endpoints present on your network
* integration with various vulnerability scanners, intrusion detection
solutions, security agents and firewalls
* bandwidth accounting for all devices
A complete overview of the solution is available from the official
website:http://www.packetfence.org/about/overview.html
Changes Since Previous Release
*New Features*
* New active/active clustering mode. This allows HTTP and RADIUS load
balancing and improves availability
* Fingerbank integration for accurate devices fingerprinting. It is
now easier than ever to share devices fingerprinting.
* Built-in support for StatsD. This allows fine grained performance
monitoring and can be used to create a dashboard using Graphite
* Local database passwords are now encrypted using bcrypt by default
on all new installations. The old plaintext mode is still supported
for legacy installations and to allow migration to the new mode
* Devices can now have a "bypass role" that allows the administrator
to manage them completely manually. This allows for exceptions to
the authorization rules
*
Support for ISC DHCP OMAPI queries. This allows PacketFence to
dynamically query a dhcpd instance to establish IP to MAC mappings
*Enhancements*
* Completely rewritten pfcmd command. pfcmd is now much easier to
extend and will allow us to integrate more features in the near future
* Rewritten IP/MAC mapping (iplog). Iplog should now never overflow
* New admin role action USERS_CREATE_MULTIPLE for finer grained
control of the admin GUI. An administrative account can now be
prevented from creating more than one other account
*
PacketFence will no longer start MySQL when starting
*
PacketFence will accept to start even if there are no internal networks
* Added a new listening port to pfdhcplistener to listen for
replicated traffic
* Added a user named "default" in replacement of the admin one
*
Adds support for HP ProCurve 2920 switches
* Iptables will now allow access to the captive portal from the
production network by default
* Major documentation rewrite and improvements
*Bug Fixes*
* Fixed violations applying portal redirection when using web
authentication on a Cisco WLC
* Registration and Isolation VLAN ids can now be any string allowed by
the RFCs
* Devices can no longer remain in "pending" state indefinitely
Seehttps://github.com/inverse-inc/packetfence/commits/packetfence-5.0.0for
the complete change log.
See the UPGRADE file for notes about
upgrading:https://github.com/inverse-inc/packetfence/tree/packetfence-5.0.0/UPGRADE.asciidoc
Getting PacketFence
PacketFence is free software and is distributed under the GNU GPL. As
such, you are free to download and try it by either getting the new
release or by getting the
sources:http://www.packetfence.org/development/sourcecode.html
Documentation about the installation and configuration of PacketFence is
also available:http://www.packetfence.org/documentation/
How Can I Help ?
PacketFence is a collaborative effort in order to create the best Free
and Open Source NAC solution. There are multiple ways you can contribute
to the project:
* Documentation reviews, enhancements and translations
* Feature requests or by sharing your ideas
*
Participate in the discussion on mailing lists
(http://www.packetfence.org/support/community.html)
* Patches for bugs or enhancements
* Provide new translations of remediation pages
Getting Support
For any questions, do not hesitate to contact us by writing
***@inverse.ca <mailto:***@inverse.ca>
You can also fill our online form (http://www.inverse.ca/#contact) and a
representative from Inverse will contact you.
Inverse offers professional services to organizations willing to secure
their wired and wireless networks with the PacketFence solution.
--
Ludovic Marcotte
***@inverse.ca :: +1.514.755.3630 ::http://inverse.ca
Inverse inc. :: Leaders behind SOGo (http://sogo.nu) and PacketFence (http://packetfence.org)
Ludovic Marcotte
***@inverse.ca :: +1.514.755.3630 ::http://inverse.ca
Inverse inc. :: Leaders behind SOGo (http://sogo.nu) and PacketFence (http://packetfence.org)