From: Dominik G. <dg...@in...> - 2008-08-04 18:42:05
|
The Inverse Team is pleased to announce the release of PacketFence 1.7.2. This is a maintainance release of the 1.7 branch of PacketFence. What is PacketFence ? PacketFence is a Free and Open Source network access control (NAC) system. It can be used to effectively secure networks - from small to very large heterogeneous networks. PacketFence has been deployed in production environments where thousands of users are involved. PacketFence provides an impressive list of supported features. Among them, there are: * NAC-oriented functionalities such as * Registration of new network devices * Detection of abnormal network activities (computer virus, worms, spyware, etc.) using Snort sensors * Registration-based and scheduled vulnerability scans using Nessus * Isolation of problematic devices * Remediation through a captive portal * VLAN isolation with VoIP support (even in heterogeneous environments) for multiple switch vendors such as Cisco, Edge-Core, HP, LinkSys, Nortel Networks and more * Support for 802.1X through a FreeRADIUS module * Wireless integration with FreeRADIUS which allows you to secure your wired and wireless networks the same way * DHCP fingerprinting which can be used to automatically register VoIP phones, game consoles and more * Web-based and command-line interfaces for management tasks Getting PacketFence PacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release from : http://prdownloads.sourceforge.net/packetfence/packetfence-1.7.2.tar.gz?download or by getting the sources from the official monotone server using the instructions at http://www.packetfence.org/development/monotone.html Documentation about the installation and configuration of VLAN Isolation is available from : http://www.packetfence.org/dokuwiki/doku.php?id=1.7 and http://www.packetfence.org/dokuwiki/doku.php?id=config_1.7.1 How can I help ? PacketFence is a collaborative effort in order to create the best Open Source NAC solution. There are multiple ways you can contribute to the project: * Documentation reviews, enhancements and translations: http://www.packetfence.org/wiki.html * Feature requests: http://www.packetfence.org/development/roadmap.html * Participate to the discussion in the mailing lists: http://www.packetfence.org/support/community.html * Patches for bugs or enhancements Getting Support For any questions, do not hesitate to contact us by writing an email to : su...@in... Inverse offers professional services around PacketFence to help organizations deploy the solution and migrate from their legacy systems. Changes * added RHEL5 to supported operating systems * stopped to distribute jpgraph with PF; the installer will now download jpgraph * `pfcmd service pf status` now indicates * if service should be started according to configuration file * all pids (in case several processus are running) * clean PID files in /usr/local/pf/var when necessary after service stop * unified pfcmd service and pfcmd control * replaced bin/pfwatcher with pfcmd service pf watch * added trapping.redirlocal parameter which is used by bin/ip2interface.pl * removed conf/ssl/server.crt and conf/ssl/server.key from distribution and added code to generate them to installer.pl * added DHCP fingerprint update to configurator.pl * configurator.pl reference to registration.authentication (http://www.packetfence.org/mantis/view.php?id=342) * port 162 is opened on internal interface instead of management interface (http://www.packetfence.org/mantis/view.php?id=344) * removed configurator.pl reference to arp.listendevice * perl-IPTables-IPv4 conflicts with PacketFence RPM (http://www.packetfence.org/mantis/view.php?id=348) * added authorizedips variable to each interface to customize IPTables rules (http://www.packetfence.org/mantis/view.php?id=345) * representation of adjustswitchportvlan reasons in web admin GUI (http://www.packetfence.org/mantis/view.php?id=343) * default values for multi config options are correctly shown in web admin GUI (http://www.packetfence.org/mantis/view.php?id=350) * added functionality to reset switch ports in case of desaster (http://www.packetfence.org/mantis/view.php?id=349) * parse for local trap OID instead of only 127.0.0.1 (http://www.packetfence.org/mantis/view.php?id=341) * iptables FORWARD ACCEPT chains in passive mode (http://www.packetfence.org/mantis/view.php?id=314) * wrong comparison in iplog_cleanup_sql (http://www.packetfence.org/mantis/view.php?id=352) * VLAN isolation should verify violation action parameter (http://www.packetfence.org/mantis/view.php?id=353) * support for linkup/linkdown traps on HP switches * administration/adduser.php - alignment of version information (http://www.packetfence.org/mantis/view.php?id=354) |