Ludovic Marcotte
2016-04-19 22:25:06 UTC
The Inverse team is pleased to announce the immediate availability of
PacketFence 6.0.0. This is a major release with new features,
enhancements and important bug fixes. This release is considered ready
for production use and upgrading from previous versions is strongly advised.
What is PacketFence?
PacketFence is a fully supported, trusted, Free and Open Source Network
Access Control (NAC) solution. Boasting an impressive feature set,
PacketFence can be used to effectively secure small to very large
heterogeneous networks.
Among the features provided by PacketFence, there are:
* powerful BYOD (Bring Your Own Device) capabilities
* state-of-the art devices fingerprinting with Fingerbank
* multiple enforcement methods including Role-Based Access Control
(RBAC) and hotspot-style
* compliance checks for endpoints present on your network
* integration with various vulnerability scanners, intrusion detection
solutions, security agents and firewalls
* bandwidth accounting for all devices
A complete overview of the solution is available from the official
website:http://packetfence.org/about.html
Changes Since Previous Release
*New Features*
* Fully redesigned frontend and backend of the captive portal
* Parking state for unregistered devices (where it will have a longer
DHCP lease time and will only access a lightweight portal)
* CentOS 7 and Debian 8 (Jessie) support
* RADIUS support for Avaya switches
* New filter engine to return custom answers in pfdns
* Redirect URL are defined in Role by Web Auth URL switch
configuration (Cisco)
* Added support for Captive-Portal DHCP attribute (RFC7710)
* Added Google Project Fi as a SMS carrier for SMS signup option
* FreeRADIUS 3 support with Redis integration
*Enhancements*
* Added ability to expire users
* Automatically update all the Fingerbank databases (Redis, p0f, SQLite3)
* Do not allow the TRACE method to be used in any of the web processes
* Can now limit the maximum unregdate an administrator can set to a person
* Added option to disable the accounting recording in the SQL tables
* Added caching of the latest accounting request for use in access
reevaluation
* Reduced the number of webservices calls during RADIUS accounting
* Added configuration for Apache 2.4 with Template Toolkit
* Added a timer for each RADIUS request (radius audit log)
*
Assign the voice role to VoIP devices when PacketFence detects them
* Renamed VLAN to Role in admin GUI violation
* Unregistering a node from a secure connection to an unsecured one is
now managed by the VLAN filters
* Location history of a node now shows the role instead of the VLAN id
* Documentation to configure Cisco switches with Identity Networking
Policy
* Trigger violation on source or destination IP address only if they
are in the trapping range networks
* Performance improvement for VoIP detection
* Added new RADIUS filter return option (random number in a range)
* Reinstated iplog (iplog_history and iplog_archive) rotation/cleanup
jobs performed by pfmon
* An asynchronous LDAP lookup is now done on each 802.1x request to
populate the person fields for that user
*Bug Fixes*
* Compute unregistration date for secure connections
* Fixed unescape value in LDAP search
* Fixed Apache 2.4 core dump
* Fixed update locationlog from accounting start with the wrong
connection type
Seehttps://github.com/inverse-inc/packetfence/commits/packetfence-6.0.0for
the complete change log.
See the UPGRADE file for notes about
upgrading:https://github.com/inverse-inc/packetfence/tree/packetfence-6.0.0/UPGRADE.asciidoc
Getting PacketFence
PacketFence is free software and is distributed under the GNU GPL. As
such, you are free to download and try it by either getting the new
release or by getting the sources:http://packetfence.org/download.html
Documentation about the installation and configuration of PacketFence is
also available:http://packetfence.org/support/index.html#/documentation
How Can I Help?
PacketFence is a collaborative effort in order to create the best Free
and Open Source NAC solution. There are multiple ways you can contribute
to the project:
* Documentation reviews, enhancements and translations
* Feature requests or by sharing your ideas
*
Participate in the discussion on mailing lists
(http://packetfence.org/support/index.html#/community)
* Patches for bugs or enhancements
* Provide new translations of remediation pages
Getting Support
For any questions, do not hesitate to contact us by writing
***@inverse.ca <mailto:***@inverse.ca>
You can also fill our online form (http://inverse.ca/#contact) and a
representative from Inverse will contact you.
Inverse offers professional services to organizations willing to secure
their wired and wireless networks with the PacketFence solution.
PacketFence 6.0.0. This is a major release with new features,
enhancements and important bug fixes. This release is considered ready
for production use and upgrading from previous versions is strongly advised.
What is PacketFence?
PacketFence is a fully supported, trusted, Free and Open Source Network
Access Control (NAC) solution. Boasting an impressive feature set,
PacketFence can be used to effectively secure small to very large
heterogeneous networks.
Among the features provided by PacketFence, there are:
* powerful BYOD (Bring Your Own Device) capabilities
* state-of-the art devices fingerprinting with Fingerbank
* multiple enforcement methods including Role-Based Access Control
(RBAC) and hotspot-style
* compliance checks for endpoints present on your network
* integration with various vulnerability scanners, intrusion detection
solutions, security agents and firewalls
* bandwidth accounting for all devices
A complete overview of the solution is available from the official
website:http://packetfence.org/about.html
Changes Since Previous Release
*New Features*
* Fully redesigned frontend and backend of the captive portal
* Parking state for unregistered devices (where it will have a longer
DHCP lease time and will only access a lightweight portal)
* CentOS 7 and Debian 8 (Jessie) support
* RADIUS support for Avaya switches
* New filter engine to return custom answers in pfdns
* Redirect URL are defined in Role by Web Auth URL switch
configuration (Cisco)
* Added support for Captive-Portal DHCP attribute (RFC7710)
* Added Google Project Fi as a SMS carrier for SMS signup option
* FreeRADIUS 3 support with Redis integration
*Enhancements*
* Added ability to expire users
* Automatically update all the Fingerbank databases (Redis, p0f, SQLite3)
* Do not allow the TRACE method to be used in any of the web processes
* Can now limit the maximum unregdate an administrator can set to a person
* Added option to disable the accounting recording in the SQL tables
* Added caching of the latest accounting request for use in access
reevaluation
* Reduced the number of webservices calls during RADIUS accounting
* Added configuration for Apache 2.4 with Template Toolkit
* Added a timer for each RADIUS request (radius audit log)
*
Assign the voice role to VoIP devices when PacketFence detects them
* Renamed VLAN to Role in admin GUI violation
* Unregistering a node from a secure connection to an unsecured one is
now managed by the VLAN filters
* Location history of a node now shows the role instead of the VLAN id
* Documentation to configure Cisco switches with Identity Networking
Policy
* Trigger violation on source or destination IP address only if they
are in the trapping range networks
* Performance improvement for VoIP detection
* Added new RADIUS filter return option (random number in a range)
* Reinstated iplog (iplog_history and iplog_archive) rotation/cleanup
jobs performed by pfmon
* An asynchronous LDAP lookup is now done on each 802.1x request to
populate the person fields for that user
*Bug Fixes*
* Compute unregistration date for secure connections
* Fixed unescape value in LDAP search
* Fixed Apache 2.4 core dump
* Fixed update locationlog from accounting start with the wrong
connection type
Seehttps://github.com/inverse-inc/packetfence/commits/packetfence-6.0.0for
the complete change log.
See the UPGRADE file for notes about
upgrading:https://github.com/inverse-inc/packetfence/tree/packetfence-6.0.0/UPGRADE.asciidoc
Getting PacketFence
PacketFence is free software and is distributed under the GNU GPL. As
such, you are free to download and try it by either getting the new
release or by getting the sources:http://packetfence.org/download.html
Documentation about the installation and configuration of PacketFence is
also available:http://packetfence.org/support/index.html#/documentation
How Can I Help?
PacketFence is a collaborative effort in order to create the best Free
and Open Source NAC solution. There are multiple ways you can contribute
to the project:
* Documentation reviews, enhancements and translations
* Feature requests or by sharing your ideas
*
Participate in the discussion on mailing lists
(http://packetfence.org/support/index.html#/community)
* Patches for bugs or enhancements
* Provide new translations of remediation pages
Getting Support
For any questions, do not hesitate to contact us by writing
***@inverse.ca <mailto:***@inverse.ca>
You can also fill our online form (http://inverse.ca/#contact) and a
representative from Inverse will contact you.
Inverse offers professional services to organizations willing to secure
their wired and wireless networks with the PacketFence solution.
--
Ludovic Marcotte
***@inverse.ca :: +1.514.755.3630 :: http://inverse.ca
Inverse inc. :: Leaders behind SOGo (http://sogo.nu) and PacketFence (http://packetfence.org)
Ludovic Marcotte
***@inverse.ca :: +1.514.755.3630 :: http://inverse.ca
Inverse inc. :: Leaders behind SOGo (http://sogo.nu) and PacketFence (http://packetfence.org)