The Inverse team is pleased to announce the immediate availability of PacketFence 4.6.0. This is a major release with new features, enhancements and important bug fixes. This release is considered ready for production use and upgrading from 4.5.1 is strongly advised.

     What is PacketFence ?

PacketFence is a fully supported, trusted, Free and Open Source Network Access Control (NAC) solution. Boasting an impressive feature set, PacketFence can be used to effectively secure small to very large heterogeneous networks.

Among the features provided by PacketFence, there are:

 * Powerful BYOD (Bring Your Own Device) capabilities
 * Simple and efficient guests management
 * Multiple enforcement methods with Role-Based Access Control (RBAC)
 * Compliance checks for endpoints present on your network
 * Integration with various vulnerability scanners, intrusion detection
   solutions and firewalls
 * Bandwidth accounting for all devices

A complete overview of the solution is available from the official website:http://www.packetfence.org/about/overview.html


     Changes Since Previous Release

*New Features*

 * Added support for MAC authentication on the AeroHIVE Branch Router 100
 * Added support for MAC authentication floating devices on Juniper EX
   series, and on the Cisco Catalyst series
 * Added a hybrid 802.1x + web authentication mode for Cisco Catalyst 2960
 * Added a web notification when network access is granted
 * Added the ability to tag functions that are allowed to be exposed
   through the web API
 *

   Added WiFi autoconfiguration for Windows through
   packetfence-windows-agent

 *

   Added a "Chained" authentication source where a user must first
   login in order to register by SMS, Email or SponsorEmail

 * Added call to the web API from the VLAN filters
 * Added a way to retrieve user information after the first registration
 * Added the ability to filter profiles by connection type
 * Profiles can be matched by all or any of its filters
 * Can optionally cache the results of LDAP rule matching for a user
 * New portal profile parameter to set a retry limit for SMS-based
   activation
 * The information available from an OAuth source (first name, last
   name, ...) are now added to the person when registering
 * Allow limiting the user login attempts
 * Added Check Point firewall integration for Single Sign-On

*Enhancements*

 * Added httpd.aaa service as a new API service for the exclusive use
   of RADIUS
 * More precisely define which DHCP message types we are listening for
 * Removed dead code referring to 'external' interface type which was
   no longer supported
 * Added VLAN filter in getNodeInfoForAutoReg and update/create person
   even if the device has been autoreg
 * Refactored the VLAN filter code to reduce code duplication
 * Added IMG path configuration parameter in admin
 * Added the ability to restrict the roles, access levels and access
   durations for admin users based on their role/access level
 * Reduced deadlocks caused by the cleaning of the iplog table
 * Reduced deadlocks caused by the cleaning of the locationlog table
 * Reorganized the portal profile configuration page
 * Added checkup on Apache filters and VLAN filters
 * Created a single LDAP connection when matching against multiple rules
 * Reduced the numbers of entries in iplog table (update end_time
   instead of closing and inserting a new line)
 * Now matching on language and not only language/country combination
   for violation templates (See UPGRADE guide)
 *

   PacketFence FreeRADIUS will return reject on "NAS-Prompt-User"
   Service-Type requests (Console login using RADIUS as backend)

 *

   PacketFence now allows limiting the number of times a user can
   request an sms message

*Bug Fixes*

 * Fixed old MAC addresses being left on port-security enabled ports in
   a RADIUS + port-security environment
 * Fixed firewall rule that allows httpd.portal to be reached on
   management IP when pre-registration enabled
 * Fixed creating a new file from the Portal Profile GUI in a subdirectory
 * Improved log rotation handling
 * Fixed previewing templates in the admin GUI
 * Fixed bulk applying of roles and violations in the admin GUI
 * Fixed importing of nodes when no pid is given
 * Added a cleanup of trailing and leading spaces of the posted
   username during the login
 * Fixed wrong regex to detect ifindex in Cisco switches
 * Honor order of profiles when matching profile filters
 * Fixed URI based portal profiles
 * Fixed XSS vulnerabilities in the portal
 * Refresh node page after updating a node
 * Fixed multiple pfdhcplistener spawning
 * Fixed double display of the user page
 * Fixed displaying of rules description after updating source
 * Removed executable bit on some files which do not require it

Seehttps://github.com/inverse-inc/packetfence/commits/packetfence-4.6.0for the complete change log.

See the UPGRADE file for notes about upgrading:https://github.com/inverse-inc/packetfence/tree/packetfence-4.6.0/UPGRADE.asciidoc


     Getting PacketFence

PacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release or by getting the sources:http://www.packetfence.org/development/sourcecode.html

Documentation about the installation and configuration of PacketFence is also available:http://www.packetfence.org/documentation/


     How Can I Help ?

PacketFence is a collaborative effort in order to create the best Free and Open Source NAC solution. There are multiple ways you can contribute to the project:

 * Documentation reviews, enhancements and translations
 * Feature requests or by sharing your ideas
 *

   Participate in the discussion on mailing lists
   (http://www.packetfence.org/support/community.html)

 * Patches for bugs or enhancements
 * Provide new translations of remediation pages


     Getting Support

For any questions, do not hesitate to contact us by writing tosupp...@inverse.ca <mailto:supp...@inverse.ca>

You can also fill our online form (http://www.inverse.ca/about/contact.html) and a representative from Inverse will contact you.

Inverse offers professional services to organizations willing to secure their wired and wireless networks with the PacketFence solution.

--
Ludovic Marcotte
lmarco...@inverse.ca  ::  +1.514.755.3630  ::  http://inverse.ca
Inverse inc. :: Leaders behind SOGo (http://sogo.nu) and PacketFence 
(http://packetfence.org)

------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-announce mailing list
PacketFence-announce@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-announce

Reply via email to