The Inverse team is pleased to announce the immediate availability of PacketFence v15.0. This is a major release with new features, enhancements and bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised.
What is PacketFence? PacketFence is a fully supported, trusted, Free and Open Source Network Access Control (NAC) solution. Boasting an impressive feature set, PacketFence can be used to effectively secure small to very large heterogeneous networks. Among the features provided by PacketFence, there are: * powerful BYOD (Bring Your Own Device) capabilities * multiple enforcement methods including Role-Based Access Control (RBAC) and hotspot-style * built-in network behaviour anomaly detection * state-of-the art devices identification with Fingerbank * compliance checks for endpoints present on your network * integration with various vulnerability scanners, intrusion detection solutions, security agents and firewalls * bandwidth accounting for all devices A complete overview of the solution is available from the official website: https://packetfence.org/about.html Changes Since Previous Release New Features * Support for downloadable ACLs (dACLs) on Cisco WLC (Wireless LAN Controller) IOS XE (#8643<https://github.com/inverse-inc/packetfence/issues/8643>) * Default Apache Kafka configuration for simplified deployment (#8711<https://github.com/inverse-inc/packetfence/issues/8711>) * Admin UI for pfflow network flow monitoring (#8613<https://github.com/inverse-inc/packetfence/issues/8613>) * Security Event Purge feature for automated cleanup (#8615<https://github.com/inverse-inc/packetfence/issues/8615>) * Dynamic iptables rules management system (#8688<https://github.com/inverse-inc/packetfence/issues/8688>) * Cisco Easy PSK (Pre-Shared Key) support (#8637<https://github.com/inverse-inc/packetfence/issues/8637>) * RADIUS proxy support via pfconnector (#8676<https://github.com/inverse-inc/packetfence/issues/8676>) * RADIUS accounting rate limiting for httpd.aaa API calls (#8494<https://github.com/inverse-inc/packetfence/issues/8494>) * Local account creation support for Null authentication source (#8608<https://github.com/inverse-inc/packetfence/issues/8608>) * Base64 JSON decoding for RADIUS attributes (decode strings prefixed with base64:) (#8619<https://github.com/inverse-inc/packetfence/issues/8619>) Enhancements * Simplified Unbound DPSK (Dynamic Pre-Shared Key) code (#8519<https://github.com/inverse-inc/packetfence/issues/8519>) * Reduced CPU and memory usage for pfdhcp with code refactoring (#8631<https://github.com/inverse-inc/packetfence/issues/8631>) * Moved pfsetacl to pfdebian Docker image (#8599<https://github.com/inverse-inc/packetfence/issues/8599>) * Updated to Golang 1.24.1 and improved tests to pass go vet (#8589<https://github.com/inverse-inc/packetfence/issues/8589>) * Added pprof profiling support for Caddy web server (#8636<https://github.com/inverse-inc/packetfence/issues/8636>) * Implemented automatic SSH reconnection for pfconnector (#8656<https://github.com/inverse-inc/packetfence/issues/8656>) * Generated encryption keys with local path for material artifacts (#8560<https://github.com/inverse-inc/packetfence/issues/8560>) * Added upgrade capability to easily download latest RPM or DEB packages (#8526<https://github.com/inverse-inc/packetfence/issues/8526>) * Enabled GitLab pipeline creation via API matching web interface (#8752<https://github.com/inverse-inc/packetfence/issues/8752>) * Implemented KISS (Keep It Simple, Stupid) EAP-TLS (Extensible Authentication Protocol - Transport Layer Security) tests (#8665<https://github.com/inverse-inc/packetfence/issues/8665>) * Configurable Azure AD OAuth URLs (scope, graph, and OAuth endpoints) (#8612<https://github.com/inverse-inc/packetfence/issues/8612>) * Moved Fingerbank database to pfdebian Docker image (#8600<https://github.com/inverse-inc/packetfence/issues/8600>) * Major documentation overhaul with improved structure, troubleshooting guides, and cross-references (#8772<https://github.com/inverse-inc/packetfence/issues/8772>) * Updated Kafka, pfflow, and Fingerbank Collector documentation (#8614<https://github.com/inverse-inc/packetfence/issues/8614>) * Updated PKI certificate documentation (#8748<https://github.com/inverse-inc/packetfence/issues/8748>) * Improved documentation build process with includes (#8716<https://github.com/inverse-inc/packetfence/issues/8716>) * Added additional fields for improved troubleshooting in NTLM Auth API (#8567<https://github.com/inverse-inc/packetfence/issues/8567>) Bug Fixes * Fixed form validation issues (#8776<https://github.com/inverse-inc/packetfence/issues/8776>) * Fixed UID/GID (User ID/Group ID) ownership for PacketFence and Fingerbank (#8749<https://github.com/inverse-inc/packetfence/issues/8749>) * Fixed additional cluster UID/GID ownership issues (#8790<https://github.com/inverse-inc/packetfence/issues/8790>) * Fixed Firefox browser compatibility issues (#8758<https://github.com/inverse-inc/packetfence/issues/8758>) * Fixed email activation expiration handling (#8780<https://github.com/inverse-inc/packetfence/issues/8780>) * Fixed database backup behavior on cluster non-master nodes (#8789<https://github.com/inverse-inc/packetfence/issues/8789>) * Added double quotes when searching upgrade files in export (#8731<https://github.com/inverse-inc/packetfence/issues/8731>) * Fixed cluster-to-standalone migration documentation reference (#8724<https://github.com/inverse-inc/packetfence/issues/8724>) * Moved 11.x upgrade documentation to archive, added copy buttons, fixed documentation links (#8762<https://github.com/inverse-inc/packetfence/issues/8762>) * Fixed various issues (#8778<https://github.com/inverse-inc/packetfence/issues/8778>, #8755<https://github.com/inverse-inc/packetfence/issues/8755>, [#8718](https://github.com/inverse-inc/packetfence/issu es/8718), #8693<https://github.com/inverse-inc/packetfence/issues/8693>, #8686<https://github.com/inverse-inc/packetfence/issues/8686>, #8659<https://github.com/inverse-inc/packetfence/issues/8659>, #8652 <https://github.com/inverse-inc/packetfence/issues/8652> , #8605<https://github.com/inverse-inc/packetfence/issues/8605>, #8522<https://github.com/inverse-inc/packetfence/issues/8522>) * Fixed dynamic ACL (Access Control List) feature for HP AOS Switch v16 (#8583<https://github.com/inverse-inc/packetfence/issues/8583>) * Fixed pfperl-api manager exit triggered by pfperl-api worker termination (#8629<https://github.com/inverse-inc/packetfence/issues/8629>) * Disabled common name validation in certificate checks (#8606<https://github.com/inverse-inc/packetfence/issues/8606>) * Fixed logic conflict when pfacct and radius-acct are both enabled (#8175<https://github.com/inverse-inc/packetfence/issues/8175>) * Fixed skipped entries in RADIUS audit log (#8621<https://github.com/inverse-inc/packetfence/issues/8621>) * Improved VM (Virtual Machine) handling in paused state and test runner cleanup (#8655<https://github.com/inverse-inc/packetfence/issues/8655>) * Increased Cypress test timeout to 10 minutes (#8558<https://github.com/inverse-inc/packetfence/issues/8558>) * Updated VirtualBox version in test environment (#8568<https://github.com/inverse-inc/packetfence/issues/8568>) Security Fixes * Library dependency updates: * Bump github.com/cloudflare/circl from 1.6.0 to 1.6.1 (#8725<https://github.com/inverse-inc/packetfence/issues/8725>) * Bump github.com/go-chi/chi/v5 from 5.0.12 to 5.2.2 (#8679<https://github.com/inverse-inc/packetfence/issues/8679>) * Bump golang.org/x/net from 0.28.0 to 0.38.0 (#8626<https://github.com/inverse-inc/packetfence/issues/8626>) See https://github.com/inverse-inc/packetfence/compare/v14.1.0...v15.0.0 for the complete change log. See the Upgrade guide for notes about upgrading: https://packetfence.org/doc/PacketFence_Upgrade_Guide.html Getting PacketFence PacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release or by getting the sources: https://packetfence.org/download.html Documentation about the installation and configuration of PacketFence is also available: https://packetfence.org/support/index.html#/documentation How Can I Help? PacketFence is a collaborative effort in order to create the best Free and Open Source NAC solution. There are multiple ways you can contribute to the project: * Documentation reviews, enhancements and translations * Feature requests or by sharing your ideas * Participate in the discussion on mailing lists (https://packetfence.org/support/index.html#/community) * Patches for bugs or enhancements * Provide new translations of remediation pages Getting Support Fill our online form (https://inverse.ca/#contact) and a representative from Inverse will contact you. Inverse offers professional services to organizations willing to secure their wired and wireless networks with the PacketFence solution. To our community, As we release PacketFence v15.0, we’re planning the next phase of the platform’s evolution — including decisions around which operating systems to support in future versions. We’d appreciate your quick input in this short community survey (less than 3 minutes). Your feedback ensures that our choices reflect how you actually deploy PacketFence today. https://forms.gle/LpnCsVy4jvdyuSzX7 Thank you for helping us make PacketFence better for everyone. – The PacketFence Product Team Darren Satkunas Senior Software Engineer Lead [Akamai]<https://www.akamai.com/> Office: +1.613.670.8391 Akamai Technologies 145 Broadway Cambridge, MA 02142 Connect with Us: [https://www.akamai.com/us/en/multimedia/images/custom/community.jpg] <https://community.akamai.com/> [https://www.akamai.com/us/en/multimedia/images/custom/rss.png] <https://www.akamai.com/blog> [https://www.akamai.com/content/dam/site/en/images/logo/2024/x-logo.png] <https://x.com/akamai> [https://www.akamai.com/us/en/multimedia/images/custom/fb.png] <http://www.facebook.com/AkamaiTechnologies> [https://www.akamai.com/us/en/multimedia/images/custom/in.png] <http://www.linkedin.com/company/akamai-technologies> [https://www.akamai.com/us/en/multimedia/images/custom/youtube.png] <http://www.youtube.com/user/akamaitechnologies?feature=results_main>
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
