Software-update: PacketFence 2.0

Voor het beveiligen van een netwerkomgeving kan onder andere een nac-systeem worden ingezet. Hiermee kunnen, op basis van vooraf ingestelde policies, automatisch netwerkapparaten worden geblokkeerd als zich een ongewenste situatie voordoet. Denk daarbij aan onbekende netwerkapparaten van bezoekers, een worm die zich probeert te verspreiden of een geautoriseerd apparaat dat via een bootflop of live-cd van een ander besturingssysteem is voorzien. PacketFence is zo'n nac-systeem met ondersteuning voor 802.1x en vlan isolation, waarmee een netwerkapparaat na analyse in het juiste vlan kan worden geplaatst. Voor meer informatie verwijzen we naar deze pagina. De ontwikkelaars hebben versie 2.0 uitgebracht en voorzien van de volgende aankondiging:

PacketFence 2.0.0 released

The Inverse Team is pleased to announce the immediate availability of PacketFence 2.0.0. This is a major release bringing new features, new hardware support, performance enhancements, documentation update and many other changes.

New Hardware Support:
  • SMC TigerStack 6128 L2 support in Port Security (feature sponsored by Seattle Pacific University)
  • HP ProCurve MSM710 Mobility Controller
  • Meru Networks MC3000 Wireless Controller
  • Juniper EX Series in MAC RADIUS (Juniper's MAC Authentication)
New Features:
  • Simplification of the Wireless, Wired 802.1X and Wired MAC Authentication configuration. Because of a new FreeRADIUS module and a Web Service interface, everything is now using standard PacketFence proccesses and configuration files.
  • VoIP devices authorization over RADIUS (#1008)
  • Proxy interception. PacketFence can now operate in an environment where there is a client-side proxy configured. Check proxy-bypass in addons/ for details. (#1035)
  • Passthroughs support! You can now configure PacketFence to let your users reach specific websites even if they are in registration or isolation. (#772) (feature sponsored by Shippensburg University)
  • New pf::web::custom extension point to customize the captive portal's code without the usual maintenance burden on upgrades (#1045)
  • Bulk importation of nodes through CLI or Admin Web interface
  • New parameter in switches.conf to ease FreeRADIUS integration
  • Optional automatic configuration of FreeRADIUS' clients using switches.conf (see addons/freeradius-integration/README for details)
  • New 'pending' status for node. Allows for a wide range of captive portal workflows where an administrator approves network access (by email, SMS...)
Enhancements:
  • New information available in Node Lookup (Connection Type, SSID, 802.1X User-Name, ...)
  • FreeRADIUS module improvements (#1034) and major revamping
  • Easier installation process using yum groupinstall (#1089)
  • Faster Web Services layer running under mod_perl
  • Refactoring of the pf::vlan method names for more meaningful ones
  • Removed unnecessary database connections and duplicated code
  • 802.1X improvements (#995, #1002)
  • General code base improvements, refactoring (#914, #977, #1001, #973)
  • Usability improvements (#1006, #820, #1075)
  • Migrated to the new Emerging Threats rules for snort and added rules for botnets, malware, shellcode, trojan and worm by default (#1102)
  • New DHCP fingerprints (HP ProCurve Wireless, Ricoh MFP, Cisco/Linksys, Netgear, D-Link, Trendnet, Belkin Home Wireless Routers, Sony Ericsson, Android, Aruba Access Point, Avaya IP Phone, Gentoo Linux and Fedora Linux 13)
  • pfcmd_vlan's logging is now consistent with the rest of the system (#874)
  • configurator.pl now handles DNS and DHCP basic configuration (#1112)
Documentation:
  • Merged Installation and Administration guides into a more coherent document
  • New documentation about DHCP and DNS services. Now easier to manage! (#1113)
  • New documentation about running in a routed environment
  • Improved documentation about Snort, Oinkmaster, and log rotation in Admin Guide
  • Improved documentation on violations (external remediation pages and redirect_url) in the Administration Guide
Bug fixes:
  • Captive Portal remediation pages can be hosted externally again! (#1024)
  • Fixes to the SMC TigerStack 8824M and 8848M modules (see UPGRADE)
  • No error reporting when trying to change configuration files with bad rights (#1088)
  • Violation priorities are now enforced according to documentation (1 = highest)
  • Wrong URL in the provided oinkmaster.conf (#1101)
  • MAC addresses of format xxxx.xxxx.xxxx properly recognized in pf::util
... and more. See the ChangeLog file for the complete list of changes and the UPGRADE file for notes about upgrading. Both files are in the PacketFence distribution.
Versienummer 2.0
Releasestatus Final
Besturingssystemen Linux
Website Inverse
Download http://www.packetfence.org/download/releases.html
Licentietype GPL

Door Japke Rosink

Meukposter

Feedback • 17-12-2010 11:14 1

17-12-2010 • 11:14

1

Bron: Inverse

Update-historie

12-'22 PacketFence 12.1.0 0
06-'20 PacketFence 10.1.0 0
01-'20 PacketFence 9.3.0 0
05-'19 PacketFence 9.0.0 4
01-'19 PacketFence 8.3.0 4
11-'18 PacketFence 8.2.0 0
07-'18 PacketFence 8.1.0 0
05-'18 PacketFence 8.0.1 0
01-'18 PacketFence 7.4.0 0
07-'17 PacketFence 7.2.0 0
Meer historie

Lees meer

PacketFence

geen prijs bekend

4 van 5 sterren
Netwerk en systeembeheer System en netwerk utilities Serversoftware Beveiliging Netwerkapparatuur

Reacties (1)

-Moderatie-faq
1
1
1
0
0
0
Wijzig sortering
HoeZoWie 18 december 2010 16:20
Iemand hier ervaring mee..? Ik wil dit wel eens gaan inzetten.

Op dit item kan niet meer gereageerd worden.

Apple iPhone 16e LG OLED evo G5 Google Pixel 10 Samsung Galaxy S25 Star Wars: Outlaws Nintendo Switch 2 Apple AirPods Pro (2e generatie) Sony PlayStation 5 Pro

Tweakers is onderdeel van DPG Media B.V.
Alle rechten voorbehouden - Auteursrecht © 1998 - 2025 Hosting door TrueFullstaq