The Inverse team is pleased to announce the immediate availability of
PacketFence 4.3.0. This is a major release with new features,
enhancements and important bug fixes. This release is considered ready
for production use and upgrading from 4.2 is strongly advised.
What is PacketFence ?
PacketFence is a fully supported, trusted, Free and Open Source Network
Access Control (NAC) solution. Boasting an impressive feature set,
PacketFence can be used to effectively secure small to very large
heterogeneous networks.
Among the features provided by PacketFence, there are:
* Powerful BYOD (Bring Your Own Device) workflows
* Simple and efficient guests management
* Multiple enforcement methods with Role-Based Access Control (RBAC)
* Compliance checks for computers present on your network
* Integration with various vulnerability scanners and intrusion
detection solutions
* Bandwidth accounting for all devices
A complete overview of the solution is available from the official
website:http://www.packetfence.org/about/overview.html
Changes Since Previous Release
*New Features*
* Added MAC authentication support for Edge-corE 4510
* Added support for Ruckus External Captive Portal
* Support for Huawei S2700, S3700, S5700, S6700, S7700, S9700 switches
*
Added support for LinkedIn and Windows Live as authentication sources
* Support for 802.1X on Juniper EX2200 and EX4200 switches
* Added support for the Netgear M series switches
* Added support to define SNAT interface to use for passthrough
* Added Nessus scan policy based on a DHCP fingerprint
* Added support to unregister a node if the username is locked or
deleted in Active Directory
*
Fortinet FortiGate and PaloAlto firewalls integration
* New configuration parameters in switches.conf to use mapping by VLAN
and/or mapping by role
*Enhancements*
* When validating an email confirmation code, use the same portal
profile initially used by to register the device
* Removed old iptables code (ipset is now always used for inline
enforcement)
* MariaDB support
* Updated WebAPI method
*
Use Webservices parameters from PacketFence configuration
* Use WebAPI notify from pfdhcplistener (faster)
* Improved Apache SSL configuration forbids SSLv2 use and prioritzes
better ciphers
* Removed CGI-based captive portal files
* For device registration use the source used to authenticate for
calculating the role and unregdate (bugid:1805)
* For device registration, we set the "NOTES" field of the node with
the selected type of device (if defined)
* On status page check the portal associated to the user and
authenticate on the sources included in the portal profile
* Merge pf::email_activation and pf::sms_activation to pf::activation
* Removed unused table switchlocation
* Deauthentication and firewall enforcement can now be done throught
the web API
* Added support to configure high-availability from within the
configurator/webadmin
* Changed the way we're handling DNS blackholing when unregistered in
inline enforcement mode (using DNAT rather than REDIRECT)
* Now handling rogue DHCP servers based both on the server IP and
server MAC address
*Bug Fixes*
* Fixed pfdetectd not starting because of stale pid file
* Fixed SQL join with iplog in advanced search of nodes
* Fixed unreg date calculation in Catalyst captive portal
* Fixed allowed_device_types array in device registration page
(bugid:1809)
* Fixed VLAN format to comply with RFC 2868
* Fixed possible double submission of the form on the billing page
* Fixed db upgrade script to avoid duplicate changes to locationlog table
See the ChangeLog file for the complete list of
changes:https://github.com/inverse-inc/packetfence/tree/packetfence-4.3.0/ChangeLog
See the UPGRADE file for notes about
upgrading:https://github.com/inverse-inc/packetfence/tree/packetfence-4.3.0/UPGRADE.asciidoc
Getting PacketFence
PacketFence is free software and is distributed under the GNU GPL. As
such, you are free to download and try it by either getting the new
release or by getting the
sources:http://www.packetfence.org/development/sourcecode.html
Documentation about the installation and configuration of PacketFence is
also available:http://www.packetfence.org/documentation/
How Can I Help ?
PacketFence is a collaborative effort in order to create the best Free
and Open Source NAC solution. There are multiple ways you can contribute
to the project:
* Documentation reviews, enhancements and translations
* Feature requests or by sharing your ideas
*
Participate in the discussion on mailing lists
(http://www.packetfence.org/support/community.html)
* Patches for bugs or enhancements
* Provide new translations of remediation pages
Getting Support
For any questions, do not hesitate to contact us by writing
tosupp...@inverse.ca <mailto:supp...@inverse.ca>
You can also fill our online form
(http://www.inverse.ca/about/contact.html) and a representative from
Inverse will contact you.
Inverse offers professional services to organizations willing to secure
their wired and wireless networks with the PacketFence solution.
--
Ludovic Marcotte
lmarco...@inverse.ca :: +1.514.755.3630 :: http://inverse.ca
Inverse inc. :: Leaders behind SOGo (http://sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
PacketFence-devel mailing list
PacketFence-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-devel
