The Inverse team is pleased to announce the immediate availability of
PacketFence v7.3. This is an important release with new features,
enhancements and bug fixes. This release is considered ready for
production use and upgrading from previous versions is strongly advised.
What is PacketFence?
PacketFence is a fully supported, trusted, Free and Open Source Network
Access Control (NAC) solution. Boasting an impressive feature set,
PacketFence can be used to effectively secure small to very large
heterogeneous networks.
Among the features provided by PacketFence, there are:
* powerful BYOD (Bring Your Own Device) capabilities
* state-of-the art devices fingerprinting with Fingerbank
* multiple enforcement methods including Role-Based Access Control
(RBAC) and hotspot-style
* compliance checks for endpoints present on your network
* integration with various vulnerability scanners, intrusion detection
solutions, security agents and firewalls
* bandwidth accounting for all devices
A complete overview of the solution is available from the official
website:https://packetfence.org/about.html
Changes Since Previous Release
*New Features*
*
Added a RADIUS only mode to PacketFence
* Add a cluster wide view of pfqueue statistics (#2195) (PR #2573)
* Added the possibility of importing switches from a CSV file (PR #2480)
*Enhancements*
* The GUI will now display the VLAN in the locationlog view
* The timezone is now a selectable item to prevent invalid input
* Updated ACE text editor to version 1.2.8
* Search forms for nodes and users can now be reset (PR #2555)
* Configuration files can now be saved in read-only mode except
violation, switches, role (#2464) (PR #2566)
* Extended descriptions are now supported in the custom reports
* Mail can now be sent using SSL and StartTLS (PR #2446)
* Self-signed certificate errors for Nessus 6 can now be ignored (PR
#2568)
* Violations can now be triggered by Nessus 6 scanner (PR #2568)
* The device registration page now supports connection profiles like
any other portal
* The username sent in firewall SSO now supports a configurable format
(PR #2499)
*
PacketFence will now monitor TLS certificates expiration and alert
if they are expired (PR #2444)
* LDAP source caching is now caching the rule match rather that the
whole source match (PR #2560)
* The admin GUI startup time has been decreased (#2545)
* New and improved documentation for Debian clustering
* Show DHCP Option82 data in the node view (#2396)
* Custom reports columns representing a node or a user can now be
configured to be clickable for details on the object in question
(#PR 2508)
* New Fortigate 50E 802.1x support
* The computer authentication username can now be normalized when
using EAP-TLS (PR #2414)
* Added a task count jitter to reduce the chance that pfqueue workers
exit at the same time
* Experimental support for Content Security Policy (CSP) has been
added, but is disabled by default (PR #2336)
* A violation can now redirect to a URL specified in a template (PR #2400)
*Bug Fixes*
* The syslog parser has moved from Compliance to Integration in the
GUI (#2467)
* pfsso now logs in packetfence.log (#2553) (PR #2557)
* httpd.dispatcher now logs in httpd.dispatcher.log (PR #2557)
* Fixed incorrect inline sub type detection
* Fixed ipset update with the incorrect ip address
* Fixed missing confirm prompt when restarting all services via the
admin interface (#2365) (PR #2571)
* Fixed violation definition sync when removing a violation from the
config
* Fixed incorrect Connection-Type when using EAP-TTLS (#2582)
* Fixed VoIP logic to reduce the chance of duplicate locationlog
entries (#2527)
* Fixed SNMP connection issues on Extricom controllers
* Fixes segfaults when logging in the multithread environments (#2603)
* reuseDot1x: Changed the way authentication sources are matched with
realms regarding a security concern(#2536)
* Trust the wsrep_ready flag of MariaDB Galera cluster for read only
detection as putting the DB in read-only can result in occasional
de-synchronization between members. (#2593) (PR #2594)
* Run the configreload as the pf user when done through pfcmd (PR #2510)
* Run the 6.0+ upgrade scripts as the pf user to prevent permissions
issues after running them (PR #2509)
* Fixed incorrect NULL realm use when authenticating to the admin GUI
(#2529)
* Enforced use of the system time instead of browser time when using
preset time values (#2559)
* Logging into the status page when reuse dot1x is enabled is no
longer broken (#2542) (PR #2598)
Seehttps://github.com/inverse-inc/packetfence/compare/packetfence-7.2.0...packetfence-7.3.0for
the complete change log.
See the UPGRADE file for notes about
upgrading:https://github.com/inverse-inc/packetfence/tree/packetfence-7.3.0/UPGRADE.asciidoc
Getting PacketFence
PacketFence is free software and is distributed under the GNU GPL. As
such, you are free to download and try it by either getting the new
release or by getting the sources:https://packetfence.org/download.html
Documentation about the installation and configuration of PacketFence is
also available:https://packetfence.org/support/index.html#/documentation
How Can I Help?
PacketFence is a collaborative effort in order to create the best Free
and Open Source NAC solution. There are multiple ways you can contribute
to the project:
* Documentation reviews, enhancements and translations
* Feature requests or by sharing your ideas
*
Participate in the discussion on mailing lists
(https://packetfence.org/support/index.html#/community)
* Patches for bugs or enhancements
* Provide new translations of remediation pages
Getting Support
For any questions, do not hesitate to contact us by writing
tosupp...@inverse.ca <mailto:supp...@inverse.ca>
You can also fill our online form (https://inverse.ca/#contact) and a
representative from Inverse will contact you.
Inverse offers professional services to organizations willing to secure
their wired and wireless networks with the PacketFence solution.
--
Ludovic Marcotte
lmarco...@inverse.ca :: +1.514.755.3630 :: http://inverse.ca
Inverse inc. :: Leaders behind SOGo (http://sogo.nu), PacketFence
(http://packetfence.org) and Fingerbank (http://fingerbank.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-devel mailing list
PacketFence-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-devel
