The Inverse team is pleased to announce the immediate availability of
PacketFence v10. This is a major release with new features, enhancements
and bug fixes. This release is considered ready for production use and
upgrading from previous versions is strongly advised.
What is PacketFence?
PacketFence is a fully supported, trusted, Free and Open Source Network
Access Control (NAC) solution. Boasting an impressive feature set,
PacketFence can be used to effectively secure small to very large
heterogeneous networks.
Among the features provided by PacketFence, there are:
* powerful BYOD (Bring Your Own Device) capabilities
* multiple enforcement methods including Role-Based Access Control
(RBAC) and hotspot-style
* built-in network behaviour anomaly detection
* state-of-the art devices identification with Fingerbank
* compliance checks for endpoints present on your network
* integration with various vulnerability scanners, intrusion detection
solutions, security agents and firewalls
* bandwidth accounting for all devices
A complete overview of the solution is available from the official
website:https://packetfence.org/about.html
Changes Since Previous Release
*New Features*
* Added support for network anomaly detection through Fingerbank
*
New, fully integrated PacketFence PKI service
* New service for automatic clustering issue resolution
* New GUI for all filtering engines and switch templates
* New API and Vue.js based step-by-step configurator
* Added VMware Airwatch support
*Enhancements*
* Added support to run integration tests using Cumulus Linux and libvirt
* Added the ability to autoregister and assign a role to a device
authorized in a provisioner
* Added the ability to control whether or not a provisioner should be
enforcing (i.e. ensuring all devices matching it are authorized with it)
* Added the ability to sync the PID of devices authorized in a
provisioner (only for Airwatch and JAMF)
* Add single sign-on support for Cisco ISE-PIC
* Support for MySQL as DHCP pool backend and provide active/active
DHCP support
* Support Aruba switches using Aruba OS 16.10
* Added a new Meru controller module that supports RADIUS RFC3576
(RADIUS Disconnect)
* CLI login to Juniper switches
* Allow to configure VOIP RADIUS attributes in switch templates
* All configuration files have a copyright without year to avoid
useless rpmnew or dpkg-dist files each yearly upgrade
* Improved Unifi deauthentication using HTTP
* Set TTL to 5 seconds when the host match with a captive portal
detection host
* Enable tracking configuration service by default
* Better captive portal detection for Samsung devices
* Faster captive portal detection for Apple devices
* Routes are now managed by the keepalived service
* Parking security event can now be triggered without limitation
* Added a way to change the SQL table used by pfconfig
* Showing the configurator is now configurable (#5121)
* Node deletion in consistent between the the API and
pf::node::node_delete (#5088)
* Allow VLAN number greater than 1023 for floating devices
* Improved captive-portal health checks in monit (#5185)
* Added RADIUS disconnect for wired port on Aruba AP (#5016)
* Switch templates can now use SNMP up/down to perform access
reevaluation (#5197)
* HAProxy now serves the admin gui, httpd.admin disabled by default
* Reports are now tenant-aware
* Security events can be triggered when running node maintenance task
(#4948)
* Added parameter to prevent external portal requests from updating
the ip4log (#5336)
* Added new WMI examples
*Bug Fixes*
* Fixed logic to move MAC address to another port (Avaya)
* Fix serialization of the switch when calling ReAssignVlan/desAssociate
* Prevent double restart when setting the port admin status of an
EX2300 Juniper switch
* Sponsor field is missing on sponsored users when using forced
sponsor (#5171)
* Some DHCP info triggers use outdated Fingerbank data (#5106)
* Issue with the timezone in the admin not being honored on the system
(#5205)
* Issue with Chrome not showing the portal on self signed certificates
(#5233)
* Issue with RADIUS CLI access and ldap authentication source where
the cache is enabled (#5018)
* Distribute pfsnmp trap jobs between queues based off switch id (#5004)
* Deleting a portal profile doesn’t cleanup its templates (#793)
* pfacct doesn’t report metrics to dashboard (#5267)
Seehttps://github.com/inverse-inc/packetfence/compare/v9.3.0...v10.0.0for
the complete change log.
See the Upgrade guide for notes about
upgrading:https://packetfence.org/doc/PacketFence_Upgrade_Guide.html
Getting PacketFence
PacketFence is free software and is distributed under the GNU GPL. As
such, you are free to download and try it by either getting the new
release or by getting the sources:https://packetfence.org/download.html
Documentation about the installation and configuration of PacketFence is
also available:https://packetfence.org/support/index.html#/documentation
How Can I Help?
PacketFence is a collaborative effort in order to create the best Free
and Open Source NAC solution. There are multiple ways you can contribute
to the project:
* Documentation reviews, enhancements and translations
* Feature requests or by sharing your ideas
*
Participate in the discussion on mailing lists
(https://packetfence.org/support/index.html#/community)
* Patches for bugs or enhancements
* Provide new translations of remediation pages
Getting Support
For any questions, do not hesitate to contact us by writing
tosupp...@inverse.ca <mailto:supp...@inverse.ca>
You can also fill our online form (https://inverse.ca/#contact) and a
representative from Inverse will contact you.
Inverse offers professional services to organizations willing to secure
their wired and wireless networks with the PacketFence solution.
--
Ludovic Marcotte
lmarco...@inverse.ca :: +1.514.755.3630 :: https://inverse.ca
Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence
(https://packetfence.org) and Fingerbank (https://fingerbank.org)
_______________________________________________
PacketFence-devel mailing list
PacketFence-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-devel
