Hi there,
I'm quite new to PacketFence, but so far I'm amazed with the functionality it
provides.
I do have some suggestions tho.
Those are:
- Support for IOS Sensor
Cisco devices now support an IOS based profiler (IOS Sensor). Catalyst switches
and wireless controllers running the latest IOS can send interim RADIUS
accounting messages to the RADIUS server with information about the device
(DHCP, LLDP, CDP).
More information here:
http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/15.0_1_se/device_sensor/guide/sensor_guide.pdf
- Extended Fingerprinting
As NMAP will be supported soon (SoC), it would be nice to derive a better
fingerprint with information from it. For example, a printer fingerprint could
be the result of DHCP and the open ports. That way, we could prevent or make it
harder for a person to spoof a device.
- Granular violations / per vlan violations
Some times we just want to trigger violations for some type of users, devices
or VLANs. For example, I may want to block Bittorrent on guest vlan but not on
production vlan. I may also want to block bittorrent for regular users, but not
for VIPs.
Best regards.
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
PacketFence-devel mailing list
PacketFence-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-devel
