Recently the release of a new version of PacketFence 8.3 was announced, which is un network access control system system Free (NAC) can be used to provide centralized access and effective protection for networks of any size.
The system code is written in Perl and distributed under the GPLv2 license. The installation packages are prepared for RHEL 7 and Debian 8.
PacketFence supports the provision of centralized user access to the network via wired and wireless channels with the ability to be activated through a web interface (captive portal).
Integration with external user databases is supported through LDAP and Active Directory.
It is possible to block unwanted devices (for example, the prohibition to connect mobile devices or access points), check traffic for viruses, detect intrusions (integration with Snort), audit the configuration and software for computers on the network.
Media is available for integration with equipment from popular manufacturers such as Cisco, Nortel, Juniper, Hewlett-Packard, 3Com, D-Link, Intel, and Dell.
Between the main features of monitoring and control of the application we find:
- Flexible VLAN management and role-based access control
- Guest access: bring your own device (BYOD)
- Portal Profiles
- More built-in rape types
- Automatic registration
- PKI and EAP-TLS support
- Device management
- Firewal integration
- Bandwidth accounting
- Floating network devices
- Flexible authentication
- Microsoft Active Directory integration
- Routed networks
- Gradual deployment
- Compatible Hardware
Which we can highlight that with PacketFence we are given the possibility to monitor the devices connected in a network and power manage your stay in it in which we can limit your time on the network, amount of band to use, apply Firewall policies.
We can also use an agent, allow compliance checks, configurations and more endpoints connected to your network. PacketFence can ensure that agents (or clients) are installed during the registration process and then for each new connection.
Main new features in PacketFence 8.3
In this new release of PacketFence 8.3 a new module was implemented to inspect SSL.
As well as the assistance to this system so that it can detect MAC spoofing attempts taking into account the profiles of the devices that are already registered.
With this also came the authentication through the Clickatell service, which was just added to the system.
On the other hand, the most important thing that can be highlighted from PacketFence 8.3 is He implemented a new algorithm to the system with which it is intended to be able to form VLAN groups for load balancing, based on a random selection of items.
Of the other changes found in this release we find the following:
- Added support for the Juniper EX2300 (JUNOS 18.2) switch.
- Added support for reserving IP addresses in pfdhcp.
- The ability to configure the RADIUS proxy has been added to the web interface.
- Support for RADIUS filtering has been added at the pre_proxy, post_proxy, preacct, accounting, and authorization stages.
- Agent for Windows is rewritten in Go.
In addition, it was made in an announcement that the developers are already working on what will be the new version of PacketFence 9 which they have in mind to launch in April.
In which a new web interface will be proposed, a new module will appear to analyze events related to inconsistencies, the formation of packages for Debian 9 will begin, the data storage scheme in the database will be modernized and It will include the Go services rewritten for WMI, Nessus and Rapid7.
How to get PacketFence 8.3?
For the rest of the distributions we can use the source code and compile the application