The Inverse Team is pleased to announce the immediate availability of PacketFence 3.2.0. This is a major release with new features, new hardware support, enhancements, bug fixes (including a security fix) and updated translations. This release is considered ready for production use.
=== What is PacketFence ? === PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system. Boosting an impressive feature set including: * Registration and remediation through a captive portal * Detection of abnormal network activities using Snort IDS * Proactive vulnerability scans using Nessus * Isolation of problematic devices * 802.1X for wired and wireless networks * Wireless integration for all provided features * Supports complex and heterogeneous environments * VoIP / IP Telephony support and more! A complete overview of the solution is available from http://www.packetfence.org/about/overview.html === Changes Since Previous Release === Security * Reflected Cross-site scripting (XSS) in Web Admin printing system (#1362) New Hardware Support * Ruckus wireless controllers New Features * OpenVAS Vulnerability Assessment integration for client-side policy compliance * Bandwidth violations based on RADIUS accounting information * Billing engine integration for allowing the use of a payment gateway to gain network access Enhancements * Migrated our documentation from a binary-only ODT to a flexible asciidoc format * Code and tests refactoring * Minor documentation update for Aruba Controllers * Performance: avoiding some redundant operations on startup * A DHCP listener will run by default on the management interface * pfcmd_vlan is now able to run arbitrary methods on network devices * Debug statement with the resolved SSID now available to troubleshoot SSID problems live * Added getSwitchLocation to pfcmd_vlan which fetches SNMP sysLocation on switch (#1250, Thanks to Maikel!) * Introduced more aggressive exception-based configuration error handling * Introduced new trigger types (nessus and openvas) and removed the scan type * Added the capability to use dots in trigger id * Added a new config flag: registration.guests_self_registration to control if self-registered guests are enabled (#1361) * Made it easier to override preregistered guest usernames (default is email) * Added a new config flag: vlan.trap_limit to enable/disable the trap limit feature * RADIUS captive portal authentication can now target several RADIUS servers for fault tolerance * Added a multi-threaded EAP test script in t/stress-test/ * Performance: node_view query optimized for 100x+ gain in environments where MySQL is taking a lot of CPU * Performance: faster command line response time (15%+ with bin/pfcmd) * Our FreeRADIUS module packetfence.pm now logs in radius' log instead of syslog (related to #1377) * Performance: ~2x FreeRADIUS performance by avoiding superfluous queries Bug Fixes * Buttons in graphs.php of type ifoctetshistoryswitch, ifoctetshistoryuser, ifoctetshistorymac (#1110) * Web Admin usability fixes (#1071) * Small typo error in node.pm log message (#1357) * Interpolation issue in pf::web::custom's code which is disabled by default (#1358) * Allow more than one SNMPv3 EngineID per user (#1354) * OS and violation classes properly displayed in printer-friendly tables in the Web Admin * Disabled config ownership tests because of too many false positives (#1345) * Pass-through doesn't work with domains without an ending slash (#1368) * Returning exit status 0 on command line tools when asked to show help * pfcmd's general help is now sent to standard ouput instead of standard error * Globally disabled privilege detection in hardware requiring Telnet / SSH. All except Trapeze. (#1370) * Thread crash with floating network devices with VoIP through SSH transport (#1369) * MAC authentication / 802.1X translation fixes for the Cisco Catalyst 3550 * No more obscure error message if no management interface is defined in pf.conf * pfcmd exit status now more consistent regarding config * No more "Can't call method "tag" on an undefined value" on broken pf.conf configuration (#1352) * More reliable SSID extraction in Called-Station-Id (#1379) * Fixed FreeRADIUS crashes in heavily loaded environments (#1377) Translations * Updated Brazilian Portuguese (pt_BR) translation (Thanks to Diego de Souza Lopes) * Updated Brazilian Portuguese (pt_BR) Admin guide translation (Thanks to Diego de Souza Lopes) ... and more. See the ChangeLog file for the complete list of changes and the UPGRADE file for notes about upgrading. Both files are in the PacketFence distribution. === Getting PacketFence === PacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release from: http://www.packetfence.org/download/releases.html or by getting the sources from the official monotone server using the instructions at http://www.packetfence.org/development/source_code_repository.html Documentation about the installation and configuration of PacketFence is available from: http://www.packetfence.org/documentation/ === How Can I Help ? === PacketFence is a collaborative effort in order to create the best Free and Open Source NAC solution. There are multiple ways you can contribute to the project: * Documentation reviews, enhancements and translations * Feature requests or by sharing your ideas * Participate in the discussion on mailing lists (http://www.packetfence.org/support/community.html) * Patches for bugs or enhancements * Provide new translations of remediation pages === Getting Support === For any questions, do not hesitate to contact us by writing to supp...@inverse.ca You can also fill our online form (http://www.inverse.ca/about/contact.html) and a representative from Inverse will contact you. Inverse offers professional services to organizations willing to secure their wired and wireless networks with the PacketFence solution. Enjoy PacketFence's finest iteration yet! -- Olivier Bilodeau obilod...@inverse.ca :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/ _______________________________________________ Packetfence-announce mailing list Packetfence-announce@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-announce