The Inverse team is pleased to announce the immediate availability of PacketFence v14.1. This is a minor release with new features, enhancements and bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised.
What is PacketFence? PacketFence is a fully supported, trusted, Free and Open Source Network Access Control (NAC) solution. Boasting an impressive feature set, PacketFence can be used to effectively secure small to very large heterogeneous networks. Among the features provided by PacketFence, there are: * powerful BYOD (Bring Your Own Device) capabilities * multiple enforcement methods including Role-Based Access Control (RBAC) and hotspot-style * built-in network behaviour anomaly detection * state-of-the art devices identification with Fingerbank * compliance checks for endpoints present on your network * integration with various vulnerability scanners, intrusion detection solutions, security agents and firewalls * bandwidth accounting for all devices A complete overview of the solution is available from the official website: https://packetfence.org/about.html Changes Since Previous Release New Features * Upgrade to FreeRADIUS 3.2.6 (#8290<https://github.com/inverse-inc/packetfence/issues/8290>) - Fixes RadiusBlast, enhances RADIUS security, and improves client and proxy handling. * NTLM Auth multi-threaded machine-accounts (#8335<https://github.com/inverse-inc/packetfence/issues/8335>) - Boosts authentication performance and scalability. * OS based Cisco Switch Modules (#8365<https://github.com/inverse-inc/packetfence/issues/8365>) - Simplifies setup and improves Cisco device compatibility. * Secrets encrypted at rest (#8406<https://github.com/inverse-inc/packetfence/issues/8406>) - Strengthens security by protecting sensitive data. Enhancements * Use proxysql packages in the docker image instead of compilling from the sources (#8267<https://github.com/inverse-inc/packetfence/issues/8267>) * Move SSO options to Firewall SSO from Advanced (#8303<https://github.com/inverse-inc/packetfence/issues/8303>) * PKI - Multiple certificate with same Common Name (#8310<https://github.com/inverse-inc/packetfence/issues/8310>) * Improved Ruckus Unbound DPSK (#8315<https://github.com/inverse-inc/packetfence/issues/8315>) * Improved Docker images (#8337<https://github.com/inverse-inc/packetfence/issues/8337>) * Support for case-insensitive LDAP Explorer attributes (#8366<https://github.com/inverse-inc/packetfence/issues/8366>) @E-ThanG<https://github.com/E-ThanG> * Custom taggable LDAP Explorer attributes (e6435e8) * Performance improvements on pfacct (#8369<https://github.com/inverse-inc/packetfence/issues/8369>) * Added Aruba-MPSK-password attribute (#6957<https://github.com/inverse-inc/packetfence/issues/6957>) * Reduce time to flush the RADIUS log (#8397<https://github.com/inverse-inc/packetfence/issues/8397>) * Improve DPSK (#8356<https://github.com/inverse-inc/packetfence/issues/8356>) * Improve Mikrotik Disconnect (#8418<https://github.com/inverse-inc/packetfence/issues/8418>) * Select the first device that matches MFA (#8400<https://github.com/inverse-inc/packetfence/issues/8400>) * Improve pfdhcp DB connection (#8419<https://github.com/inverse-inc/packetfence/issues/8419>) * Track TLS certificate attributes per node (#8416<https://github.com/inverse-inc/packetfence/issues/8416>) * Kafka UI Config (#8421<https://github.com/inverse-inc/packetfence/issues/8421>) * Netdata Upgrade (#8399<https://github.com/inverse-inc/packetfence/issues/8399>) * Updated Cisco-WLC AireOS WiSM module (#8455<https://github.com/inverse-inc/packetfence/issues/8455>) * FortiGate syslog DHCP parser (#8459<https://github.com/inverse-inc/packetfence/issues/8459>) * Improved regex for Forti-analyser (#8470<https://github.com/inverse-inc/packetfence/issues/8470>) * Update documentation for node-specific domain configuration file (#8437<https://github.com/inverse-inc/packetfence/issues/8437>) * Add ProxySQL metrics to Netdata (#8502<https://github.com/inverse-inc/packetfence/issues/8502>) * Add Webauth, DPSK and unbound DPSK for Juniper Mist (#8495<https://github.com/inverse-inc/packetfence/issues/8495>) * Improve NTLM Auth API logging (#8516<https://github.com/inverse-inc/packetfence/issues/8516>) * Update ip4log on RADIUS authentication request with Framed-Ip-Address (#8521<https://github.com/inverse-inc/packetfence/issues/8521>) Bug Fixes * Don’t generate all the time a mac address when using the GenericVPN switch module (#8270<https://github.com/inverse-inc/packetfence/issues/8270>) * Add missing parameters for authentication rule match (#8306<https://github.com/inverse-inc/packetfence/issues/8306>) * Fixed the dynamic role assignment issue for Aruba switch modules (#8331<https://github.com/inverse-inc/packetfence/issues/8331>) * Show only registered nodes on status page (#8382<https://github.com/inverse-inc/packetfence/issues/8382>) * Fixed pfperl-api restart (#8391<https://github.com/inverse-inc/packetfence/issues/8391>) * Fixed deauthOnPrevious with webauth (#7319<https://github.com/inverse-inc/packetfence/issues/7319>) * Fixed IP resolution on LDAP SSL verification (#6808<https://github.com/inverse-inc/packetfence/issues/6808>) * Fixed NAS-Port to ifIndex on Comware v7 switches (#8062<https://github.com/inverse-inc/packetfence/issues/8062>) @bmp96<https://github.com/bmp96> * Fix Debian sudoers (#7908<https://github.com/inverse-inc/packetfence/issues/7908>) @andrew-grasso<https://github.com/andrew-grasso> * Fix Clickatell Messages (#7623<https://github.com/inverse-inc/packetfence/issues/7623>) * Fix Fingerbank profile overwrite (#8468<https://github.com/inverse-inc/packetfence/issues/8468>) * Clear person lookup cache after deleting a person (#8460<https://github.com/inverse-inc/packetfence/issues/8460>) * Fix pfconnector TCP/UDP port allocation (#8446<https://github.com/inverse-inc/packetfence/issues/8446>) * Fix set VLAN on generic SNMP switch (#8486<https://github.com/inverse-inc/packetfence/issues/8486>) * Fix unbound DPSK in Ruckus and OpenWifi switch module (#8496<https://github.com/inverse-inc/packetfence/issues/8496>) * Fix machine account creation on cluster (#8512<https://github.com/inverse-inc/packetfence/issues/8512>) Security Fixes * Library updates (#8307<https://github.com/inverse-inc/packetfence/issues/8307>, #8328<https://github.com/inverse-inc/packetfence/issues/8328>, #8329<https://github.com/inverse-inc/packetfence/issues/8329>, #8336<https://github.com/inverse-inc/packetfence/issues/8336>, #8341<https://github.com/inverse-inc/packetfence/issues/8341>, #8353<https://github.com/inverse-inc/packetfence/issues/8353>, #8371<https://github.com/inverse-inc/packetfence/issues/8371>, #8404<https://github.com/inverse-inc/packetfence/issues/8404>, #8405<https://github.com/inverse-inc/packetfence/issues/8405>, #8407<https://github.com/inverse-inc/packetfence/issues/8407>, #8408<https://github.com/inverse-inc/packetfence/issues/8408>, #8409<https://github.com/inverse-inc/packetfence/issues/8409>, #8410<https://github.com/inverse-inc/packetfence/issues/8410>, #8412<https://github.com/inverse-inc/packetfence/issues/8412>, #8422<https://github.com/inverse-inc/packetfence/issues/8422>, #8423<https://github.com/inverse-inc/packetfence/issues/8423>, #8424<https://github.com/inverse-inc/packetfence/issues/8424>, #8425<https://github.com/inverse-inc/packetfence/issues/8425>, #8427<https://github.com/inverse-inc/packetfence/issues/8427>, #8524<https://github.com/inverse-inc/packetfence/issues/8524>) See https://github.com/inverse-inc/packetfence/compare/v14.0.0...v14.1.0 for the complete change log. See the Upgrade guide for notes about upgrading: https://packetfence.org/doc/PacketFence_Upgrade_Guide.html Getting PacketFence PacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release or by getting the sources: https://packetfence.org/download.html Documentation about the installation and configuration of PacketFence is also available: https://packetfence.org/support/index.html#/documentation How Can I Help? PacketFence is a collaborative effort in order to create the best Free and Open Source NAC solution. There are multiple ways you can contribute to the project: * Documentation reviews, enhancements and translations * Feature requests or by sharing your ideas * Participate in the discussion on mailing lists (https://packetfence.org/support/index.html#/community)<https://sourceforge.net/p/packetfence/mailman/packetfence-announce/(https:/packetfence.org/support/index.html#/community)> * Patches for bugs or enhancements * Provide new translations of remediation pages Getting Support Fill our online form (https://inverse.ca/#contact)<https://sourceforge.net/p/packetfence/mailman/packetfence-announce/(https:/inverse.ca/#contact)> and a representative from Inverse will contact you. Inverse offers professional services to organizations willing to secure their wired and wireless networks with the PacketFence solution. Darren Satkunas Software Engineer Senior Lead [signature_3654184523] Office: +1.617.444.1234 Cell: +1.617.444.1234 Akamai Technologies 145 Broadway Cambridge, MA 02142 Connect with Us: [signature_482944123]<https://community.akamai.com/> [signature_2459738396] <http://blogs.akamai.com/> [signature_1399831092] <https://twitter.com/akamai> [signature_1268147118] <http://www.facebook.com/AkamaiTechnologies> [signature_1256854266] <http://www.linkedin.com/company/akamai-technologies> [signature_2993747796] <http://www.youtube.com/user/akamaitechnologies?feature=results_main>
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
