Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Door , , 1 reactie
Bron: Inverse

Voor het beveiligen van een netwerkomgeving kan onder andere een nac-systeem worden ingezet. Hiermee kunnen, op basis van vooraf ingestelde policies, automatisch netwerkapparaten worden geblokkeerd als zich een ongewenste situatie voordoet. Denk daarbij aan onbekende netwerkapparaten van bezoekers, een worm die zich probeert te verspreiden of een geautoriseerd apparaat dat via een bootflop of live-cd van een ander besturingssysteem is voorzien. PacketFence is zo'n nac-systeem met ondersteuning voor 802.1x en vlan isolation, waarmee een netwerkapparaat na analyse in het juiste vlan kan worden geplaatst. Voor meer informatie verwijzen we naar deze pagina. De ontwikkelaars hebben versie 2.2.0 uitgebracht en voorzien van de volgende aankondiging:

Changes in 2.2

PacketFence's captive portal now features network access detection using JavaScript and Kerberos can be used for authentication. The integration with FreeRADIUS 2 has also been greatly simplified and it's now possible to modify and preview remediation pages directly from PacketFence's web interface. Futhermore, support for new 3Com switches (4200G, E4800G and E5500G in MAC Authentication and 802.1X) and Motorola RF Switches wireless controllers was added. Apache's configuration is automatically adjusted on startup based on system resources to avoid performance degradation on heavy workloads. And finally, new reports were added such as "Nodes per SSID" or "Connection Type".

New Hardware Support:
  • Motorola RF Switches (Wireless Controllers)
  • 3Com Switches 4200G, E4800G and E5500G now supports MAC Authentication and 802.1X
  • Dlink DGS 3100 Switches
New features:
  • Captive Portal network access detection is more accurate and way faster (javascript-based)
  • Easier integration and configuration of FreeRADIUS 2.x using our new packetfence-freeradius2 RPM
  • Apache configuration is automatically adjusted on startup based on system resources to avoid performance degradation on heavy workloads (#1204)
  • New reports: Nodes per SSID (#1126) and Connection-Type (#1125)
  • User-Agent violation support completely re-written. It is now easier than ever to block devices or old browsers from your network. (#769, #1192)
  • Administrators can now modify and preview remediation pages from the Web Admin
  • VoIP autodetection in Wired 802.1X and Wired MAC Authentication can now use CDP / LLDP if available (#1175)
  • Kerberos Authentication on the Captive Portal (Thanks to Brad Lhotsky from NIH)
Enhancements:
  • Moved several configuration files from conf/templates/ into conf/ (#1166)
  • SSL certificate configuration for httpd is now in a separate file that is not overwritten by packages making it easier to maintain (#1207)
  • 3Com Super Stack 4500 now uses SNMP for MAC authorization (port-security)
  • OS Class ID are now visible when viewing DHCP Fingerprints (#1181)
  • Log levels can be changed without a restart (#748)
  • Process ID information in the logs for some daemons
  • Captive Portal minor usability improvements
  • Reorganized default violation classes to be more coherent and self-documented
  • More violation classes validation on startup (#992)
  • Improved database configuration error reporting
  • DHCP fingerprints sharing now allows submitter to send computer name, user-agent and a contact email to help us identify the devices better (#983)
  • Meru module now supports firmware version identification
  • Improvements in the logrotate script (#1198)
  • MAC address format xxxx-xxxx-xxxx supported in our FreeRADIUS' module
  • Removed unused configuration parameters (#767)
  • Refactoring of the code base (#1058)
  • New DHCP fingerprint for Cisco SPA series IP Phone, Mikrotik, Freebox, AeroHive Hive AP, Ubuntu Server, Suse Linux Desktop 11, Synology NAS, Polycom Conference IP Phone and Generic Intel PXE
Documentation:
  • Improvement to the samba configuration provided in the administration guide to fix uid mapping issues (#1205)
  • FAQ entry: Active directory integration in registration network
  • Updated Developer documentation regarding how to support new wireless hardware
  • Wired 802.1X and MAC Authentication corrections in Network Devices Guide
  • Minor corrections to the Administration Guide (#743)
Bug Fixes:
  • Fixed an important problem with VoIP in Wired 802.1X and Wired MAC Authenication modes (#1202)
  • Fixed important Nortel support regressions (introduced in 2.1.0: #1183, #1195)
  • Fixed an issue with the Meru module: If the controller sent SNMP traps to PacketFence a thread would crash. Hopefully this configuration is not required and is rarely done. Regression prevention tests have been added.
  • Fixed an issue with pfcmd-initiated VLAN re-evaluation if you assign VLANs based on a client's connection-type (which is not the default)
  • Fixed DHCP fingerprint sharing upload form
  • Violation grace no longer ignores time modifiers like minutes (#1154)
  • Fixed OS id not visible when dhcp-fingerprint view is filtered (#1180)
  • Fixed rare case of Web Admin user account corruption causing homepage to become status/dashboard instead of status/dashboard.php (#1196)
  • Warning avoidance in Extreme Network modules
  • installer and configurator scripts no longer output passwords on the terminal (#1021)
  • Fixed warnings and improved error reporting in our FreeRADIUS module (#1176)
  • Fixed broken person lookups if username is an email address (#1206)
  • Fixed Web Admin which referred to an inexistent Meru MC3000 module (it was renamed Meru::MC in 2.0.1)
  • Fixed overly aggressive Web Administration password validation (#1209)
Translations:
  • New German (de) translation (Thanks to Tino Matysiak of Meetyoo Conferencing)
... and more. See the ChangeLog file for the complete list of changes and the UPGRADE file for notes about upgrading. Both files are in the PacketFence distribution.
Moderatie-faq Wijzig weergave

Reacties (1)

Op dit item kan niet meer gereageerd worden.



Apple iOS 10 Google Pixel Apple iPhone 7 Sony PlayStation VR AMD Radeon RX 480 4GB Battlefield 1 Google Android Nougat Watch Dogs 2

© 1998 - 2016 de Persgroep Online Services B.V. Tweakers vormt samen met o.a. Autotrack en Carsom.nl de Persgroep Online Services B.V. Hosting door True