Louis Munro
2017-07-11 15:42:01 UTC
ANN: PacketFence v7.2
The Inverse team is pleased to announce the immediate availability of PacketFence v7.2. This is an important release with new features, enhancements and bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised.
What is PacketFence?
PacketFence is a fully supported, trusted, Free and Open Source Network Access Control (NAC) solution. Boasting an impressive feature set, PacketFence can be used to effectively secure small to very large heterogeneous networks.
Among the features provided by PacketFence, there are:
powerful BYOD (Bring Your Own Device) capabilities
state-of-the art devices fingerprinting with Fingerbank
multiple enforcement methods including Role-Based Access Control (RBAC) and hotspot-style
compliance checks for endpoints present on your network
integration with various vulnerability scanners, intrusion detection solutions, security agents and firewalls
bandwidth accounting for all devices
A complete overview of the solution is available from the official website: https://packetfence.org/about.html <https://packetfence.org/about.html>
Changes Since Previous Release
New Features
Added support for authenticating users through OpenID Connect (PR #2394)
Added passthroughs for devices in violation state (isolation network) (PR #2328)
Added ability to report a device lost or stolen in self-service portal (PR #2337)
Added ability to change a local account password in self-service portal (PR #2337)
Improved overall user experience of self-service portal (PR #2337)
Enhancements
Use the attributes returned by a radius use source as attributes to compute the rules (PR #2369)
Most services now support systemd sd_notify notifications.
The GUI will now only display readonly actions in readonly mode (PR #2384)
Journald total file size is now capped at 1Gb (PR #2389)
The GUI will now allow sources to be cloned (PR #2395)
The GUI now visually splits Administration and Authentication rules when viewing sources (PR #2395)
The GUI now has the ability to run "fixpermissions" from the web admin GUI (PR #2398)
haproxy captive portal rate-limiting is now configurable (PR #2422)
winbindd will now use the regular samba mechanisms to locate and select DCs (PR #2410)
New pfcmd command pfcmd pfqueue clear_expired_counters to clear the expired task counters (PR #2433)
Allow to disable the captive portal haproxy abuse access lists (#2418)
Bug Fixes
Added a cleanup of the number in the SMS source (#1966)
TLS certificates and keys will no longer be overwritten (#2366)
Limit the amount of tasks a worker processes to avoid memory from growing
Fixed a case where the REJECT role isnât honored in inline and some web-auth (#2383)
Sponsor authentication CC address is now BCC to help preserve privacy (#2267)
Use plain HTTP for network access detection page (#2393)
Fixed an issue where DHCP broadcast were treated more than once in clustered mode (PR #2413) (#2408)
Fixed incorrect user login remaining count display (#2450)
Fixed a case where pfqueue counters show a count of 0 although queue is full (#2420)
node_discovered is no longer triggered when node hasnât been created in DB (#2436)
Detect date was not being populated when nodes were discovered via radius (#2424)
Fixed leftover httpd processes when restarting (#2439)
Mariadb binary logs files are now properly rotated (#2440)
Fixed scss settings and colors being wiped on each upgrade (#2317)
See https://github.com/inverse-inc/packetfence/compare/packetfence-7.1.0...packetfence-7.2.0 <https://github.com/inverse-inc/packetfence/compare/packetfence-7.1.0...packetfence-7.2.0> for the complete change log.
See the UPGRADE file for notes about upgrading: https://github.com/inverse-inc/packetfence/tree/packetfence-7.2.0/UPGRADE.asciidoc <https://github.com/inverse-inc/packetfence/tree/packetfence-7.2.0/UPGRADE.asciidoc>
Getting PacketFence
PacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release or by getting the sources: https://packetfence.org/download.html <https://packetfence.org/download.html>
Documentation about the installation and configuration of PacketFence is also available: https://packetfence.org/support/index.html#/documentation <https://packetfence.org/support/index.html#/documentation>
How Can I Help?
PacketFence is a collaborative effort in order to create the best Free and Open Source NAC solution. There are multiple ways you can contribute to the project:
Documentation reviews, enhancements and translations
Feature requests or by sharing your ideas
Participate in the discussion on mailing lists (https://packetfence.org/support/index.html#/community <https://packetfence.org/support/index.html#/community>)
Patches for bugs or enhancements
Provide new translations of remediation pages
Getting Support
For any questions, do not hesitate to contact us by writing to ***@inverse.ca <mailto:***@inverse.ca>
You can also fill our online form (https://inverse.ca/#contact <https://inverse.ca/#contact>) and a representative from Inverse will contact you.
Inverse offers professional services to organizations willing to secure their wired and wireless networks with the PacketFence solution.
--
Louis Munro
***@inverse.ca <mailto:***@inverse.ca> :: www.inverse.ca <http://www.inverse.ca/>
+1.514.447.4918 x125 :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu <http://www.sogo.nu/>) and PacketFence (www.packetfence.org <http://www.packetfence.org/>)
The Inverse team is pleased to announce the immediate availability of PacketFence v7.2. This is an important release with new features, enhancements and bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised.
What is PacketFence?
PacketFence is a fully supported, trusted, Free and Open Source Network Access Control (NAC) solution. Boasting an impressive feature set, PacketFence can be used to effectively secure small to very large heterogeneous networks.
Among the features provided by PacketFence, there are:
powerful BYOD (Bring Your Own Device) capabilities
state-of-the art devices fingerprinting with Fingerbank
multiple enforcement methods including Role-Based Access Control (RBAC) and hotspot-style
compliance checks for endpoints present on your network
integration with various vulnerability scanners, intrusion detection solutions, security agents and firewalls
bandwidth accounting for all devices
A complete overview of the solution is available from the official website: https://packetfence.org/about.html <https://packetfence.org/about.html>
Changes Since Previous Release
New Features
Added support for authenticating users through OpenID Connect (PR #2394)
Added passthroughs for devices in violation state (isolation network) (PR #2328)
Added ability to report a device lost or stolen in self-service portal (PR #2337)
Added ability to change a local account password in self-service portal (PR #2337)
Improved overall user experience of self-service portal (PR #2337)
Enhancements
Use the attributes returned by a radius use source as attributes to compute the rules (PR #2369)
Most services now support systemd sd_notify notifications.
The GUI will now only display readonly actions in readonly mode (PR #2384)
Journald total file size is now capped at 1Gb (PR #2389)
The GUI will now allow sources to be cloned (PR #2395)
The GUI now visually splits Administration and Authentication rules when viewing sources (PR #2395)
The GUI now has the ability to run "fixpermissions" from the web admin GUI (PR #2398)
haproxy captive portal rate-limiting is now configurable (PR #2422)
winbindd will now use the regular samba mechanisms to locate and select DCs (PR #2410)
New pfcmd command pfcmd pfqueue clear_expired_counters to clear the expired task counters (PR #2433)
Allow to disable the captive portal haproxy abuse access lists (#2418)
Bug Fixes
Added a cleanup of the number in the SMS source (#1966)
TLS certificates and keys will no longer be overwritten (#2366)
Limit the amount of tasks a worker processes to avoid memory from growing
Fixed a case where the REJECT role isnât honored in inline and some web-auth (#2383)
Sponsor authentication CC address is now BCC to help preserve privacy (#2267)
Use plain HTTP for network access detection page (#2393)
Fixed an issue where DHCP broadcast were treated more than once in clustered mode (PR #2413) (#2408)
Fixed incorrect user login remaining count display (#2450)
Fixed a case where pfqueue counters show a count of 0 although queue is full (#2420)
node_discovered is no longer triggered when node hasnât been created in DB (#2436)
Detect date was not being populated when nodes were discovered via radius (#2424)
Fixed leftover httpd processes when restarting (#2439)
Mariadb binary logs files are now properly rotated (#2440)
Fixed scss settings and colors being wiped on each upgrade (#2317)
See https://github.com/inverse-inc/packetfence/compare/packetfence-7.1.0...packetfence-7.2.0 <https://github.com/inverse-inc/packetfence/compare/packetfence-7.1.0...packetfence-7.2.0> for the complete change log.
See the UPGRADE file for notes about upgrading: https://github.com/inverse-inc/packetfence/tree/packetfence-7.2.0/UPGRADE.asciidoc <https://github.com/inverse-inc/packetfence/tree/packetfence-7.2.0/UPGRADE.asciidoc>
Getting PacketFence
PacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release or by getting the sources: https://packetfence.org/download.html <https://packetfence.org/download.html>
Documentation about the installation and configuration of PacketFence is also available: https://packetfence.org/support/index.html#/documentation <https://packetfence.org/support/index.html#/documentation>
How Can I Help?
PacketFence is a collaborative effort in order to create the best Free and Open Source NAC solution. There are multiple ways you can contribute to the project:
Documentation reviews, enhancements and translations
Feature requests or by sharing your ideas
Participate in the discussion on mailing lists (https://packetfence.org/support/index.html#/community <https://packetfence.org/support/index.html#/community>)
Patches for bugs or enhancements
Provide new translations of remediation pages
Getting Support
For any questions, do not hesitate to contact us by writing to ***@inverse.ca <mailto:***@inverse.ca>
You can also fill our online form (https://inverse.ca/#contact <https://inverse.ca/#contact>) and a representative from Inverse will contact you.
Inverse offers professional services to organizations willing to secure their wired and wireless networks with the PacketFence solution.
--
Louis Munro
***@inverse.ca <mailto:***@inverse.ca> :: www.inverse.ca <http://www.inverse.ca/>
+1.514.447.4918 x125 :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu <http://www.sogo.nu/>) and PacketFence (www.packetfence.org <http://www.packetfence.org/>)