From: Olivier B. <obi...@in...> - 2011-12-23 20:56:47
|
The Inverse Team is pleased to announce the immediate availability of PacketFence 3.1.0. This is a major release with big features, new hardware support, enhancements, bug fixes and updated translations. This release is considered ready for production use. === What is PacketFence ? === PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system. Boosting an impressive feature set including: * Registration and remediation through a captive portal * Detection of abnormal network activities using Snort IDS * Proactive vulnerability scans using Nessus * Isolation of problematic devices * 802.1X for wired and wireless networks * Wireless integration for all provided features * Supports complex and heterogeneous environments * VoIP / IP Telephony support and more! A complete overview of the solution is available from http://www.packetfence.org/about/overview.html === Changes Since Previous Release === New Hardware Support * AeroHIVE, Aruba and Motorola support RADIUS Disconnect (RFC3576) to perform de-authentication * Stacked Cisco 3750 in MAC-Auth or 802.1X New Features * Statement of Health (SoH) support for reliable client-side policy compliance through 802.1X * MAC violation triggers allowing to isolate a single device (#1320) * Detection of rogue DHCP Servers even behind relays (#1151) * RFC3576 (RADIUS Change of Authorization / Disconnect) support added * Preview support for wired port-bounce on Cisco through CoA (RFC3576). Disabled by default. * Wireless profile provisioning for iPhone, iPod, and iPad devices * SNMP traps rate-limiting mechanism * New graphs in the web admin UI -- replaced jpgraph (PHP) by gRaphael (JavaScript) Enhancements * Using HTTP Return Code 501 "Not Implemented" for more effective client blocking * Cleanup in the Cisco 3560's code and documentation * Startup performance improvements * Added support for session-keyfile introduced in BIND 9.7 (#1257) * Several improvements in the dhcp_dumper.pl addon * Global option to disable rogue DHCP server detection * Performance improvements to pfdhcplistener * More startup validation on SNMPv3 Trap configuration * CentOS 6.2 support * Several new HTTP User-Agents detected * Several new DHCP fingerprints (from our spinoff www.fingerbank.org) * Better support of WISPr (captive portal detection) * Configuration flag to disable the captive portal's network detection feature * Added support for months in normalize_time (#1291) Bug Fixes * Slashes (/) not allowed in person id (#1322) * Inline: isolation not properly enforced by firewall if registration is disabled (#1330) * Several small fixes in pfdhcplistener * Inline: NAT out behavior of PacketFence was changed for the best * Keep IP to MAC associations across restarts (#1343) * Interface enforcement is now configurable through Web UI / CLI (#1335) * Violation charts now show proper values * Captive portal error "0" when no password is provided * Local SNMP Trap handler now configured by default * Years are now 365 days! * Interim fixes: #1349 Translations * New Hebrew (he_IL) translation (Thanks to Ereli) * Updated Brazilian Portuguese (pt_BR) translation (Thanks to Diego de Souza Lopes and Mauricio Lopes) ... and more. See the ChangeLog file for the complete list of changes and the UPGRADE file for notes about upgrading. Both files are in the PacketFence distribution. === Getting PacketFence === PacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release from: http://www.packetfence.org/download/releases.html or by getting the sources from the official monotone server using the instructions at http://www.packetfence.org/development/source_code_repository.html Documentation about the installation and configuration of PacketFence is available from: http://www.packetfence.org/documentation/ === How Can I Help ? === PacketFence is a collaborative effort in order to create the best Free and Open Source NAC solution. There are multiple ways you can contribute to the project: * Documentation reviews, enhancements and translations * Feature requests or by sharing your ideas * Participate in the discussion on mailing lists (http://www.packetfence.org/support/community.html) * Patches for bugs or enhancements * Provide new translations of remediation pages === Getting Support === For any questions, do not hesitate to contact us by writing to su...@in... You can also fill our online form (http://www.inverse.ca/about/contact.html) and a representative from Inverse will contact you. Inverse offers professional services to organizations willing to secure their wired and wireless networks with the PacketFence solution. Wish you all great holidays! -- Olivier Bilodeau obi...@in... :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) |