Software update: PacketFence 8.3.0

An NAC system can be used to secure a network environment. This allows, based on pre-set policies, network devices to be automatically blocked if an undesirable situation occurs. Think of unknown network devices of visitors, a worm that is trying to spread or an authorized device that is equipped with a different operating system via a boot flop or live CD. PacketFence is such a nac system, with support for 802.1x, finger bank and vlan isolation, which allows a network device to be placed in the correct vlan after analysis. The developers have released version 8.3.0.

New Features

• Added support for Juniper EX2300 (JUNOS 18.2) switches
• Clickatell authentication source support
• Added a random algorithm for VLAN pooling
• Added the ability to reserve IP addresses in pfdhcp
• Added a way to trigger a violation when device profiling detects a change in the device class
• New SSL Inspection portal module
• RADIUS proxy integration from web admin interface
• RADIUS filtering support for pre_proxy/post_proxy/preacct/accounting/authorize phases
• Updated the Windows provisioning agent to the new Golang based version

Enhancements

• Redis now only listens on localhost (#3729)
• Deprecate usage of roaring bitmap for the DHCP IP pool (#3779)
• Email and SponsorEmail sources can have banned and allowed email domains (#3807)
• Improved startup time or pfdhcp
• Removed OPSWAT Metadefender Cloud support
• Choose password hashing algorithm when creating a local user from a source
• Define the length of the password to generate when creating a local user from a source
• New “dummy” source just to compute the rules

Bug Fixes

• Logs permissions and configuration for Debian (#3780)
• Fixed missing cache directory for NTLM auth cache (#3788)
• Fixed working directory or NTLM auth cache sync script (#3777)
• Handled multiple LDAP hosts properly in NTLM auth cache (#3776)
• Issue with the DHCP server that sometimes gives a duplicate IP address
• Adjusted CentOS and RHEL dependencies
• Fixed MAC filtered lookups that were cached in pfdns (#3785)
• Fixed the OpenVAS integration to work with OpenVAS Manager 7.0 (OpenVAS 9)
• Fixed encoding of files created in the administration interface (force them to UTF-8)