PacketFence: Free and open source network access control

PacketFence is a fully supported, free and open source network access control (NAC) solution. Its feature set includes a captive-portal for registration and remediation, centralized wired and wireless management, BYOD management options, 802.1X support, and layer-2 isolation of problematic devices.


New features in version 5.7

DNS-based enforcement – A new enforcement method for routed networks – allowing to easily deploy PacketFence in combination with a firewall appliance using SSO.

SAML authentication – Captive portal authentication using SAML is now possible – easing the integration process with other enterprise systems.

Online nodes – You can now check exactly which nodes (or endpoints) were connected and active on your network at any point in time.

“We now have added the capability to know if the devices were connected at any point in time. This is very interesting because while you might have 25,000 endpoints registered in PacketFence, you will now be able to know how many and which of them are connected for example, Monday afternoon during 2:00pm and 4:00pm,” Ludovic Marcotte, CEO of Inverse, the company that develops PacketFence, told Help Net Security.

File scanning – Using the Suricata file extraction plugin and OPSWAT Metascan Online, PacketFence can now scan for viruses all downloaded files and immediately quarantine a device that has downloaded a file that could cause a security problem.

“While it is very easy to integrate Suricata to PacketFence, we pushed this integration a bit further by enabling the file extraction plugin in Suricata. So once a user downloads a file over HTTP, Suricata will extract it and compute a file hash. We then run that hash using Metascan Online for virus scanning. If we found a virus in the file, we can trigger a violation in PacketFence and quarantine the user’s endpoint and let him/her know an infected file was downloaded,” said Marcotte.

Marcotte told us this should be the last release before PacketFence 6.0, which will include a flexible API, better reports, administration interface improvements, and more.

More about

Don't miss