Language Selection

English French German Italian Portuguese Spanish

Securing your network with PacketFence

Filed under
Software

Network access control (NAC) aims to unify endpoint security, system authentication, and security enforcement in a more intelligent network access solution than simple firewalls. NAC ensures that every workstation accessing the network conforms to a security policy and can take remedial actions on workstations if necessary. For example, NACs can check if a workstation has antivirus software installed and, if not, NAC will limit the workstation's access to the network. In some cases, if NAC is capable of remedial measures, it can force-install an antivirus program on the workstation so that it will conform to the security policy. Although NAC can improve the security of your environment, most commercial NACs cost several thousand dollars. However, using NAC does not need to be that expensive. PacketFence, a free open source NAC application, gives you the security of NAC for free.

By using PacketFence, you can be sure that all user workstations connect to your network will comply to your organization's network policy. You can easily restrict P2P services and track who owns a specific MAC address. In brief, PacketFence assures you that only authorized users and workstations have access to the network, and helps you track them.

For any NAC to work effectively, you must have a properly planned network security policy available in advance. You must identify possible sources of vulnerabilities and threats, actions that will be taken when such threats are detected, and ways to prevent unforeseen vulnerabilities and threats from recurring.

More Here




More in Tux Machines

Linux 3.17-rc6

It's been quiet - enough so that coupled with my upcoming travel, this might just be the last -rc, and final 3.17 might be next weekend. Of course, that still depends on what happens - if we have something scary coming up next week, I may have to delay things. But as it looks right now, we're all good to go. The shortlog is appended, but the view from ten thousand feet is pretty normal: a bit more than half is drivers (gpu, sound, iio, media, usb), just under a third is arch updates (arm, mips, x86), and the rest is mainly filesystem updates (gfs2, cifs, btrfs, nfs). Nothing particular stands out, and I'm not aware of any big pending issues either. So please go out and test, because this *should* all be pretty close to release. Read more

today's leftovers

F2FS Tools Gain FSCK Support

The F2FS Tools v1.4.0 release introduces fsck.f2fs for fixing corrupted images/partitions for Samsung's Flash-Friendly File-System. There's also now dump.f2fs for retrieving a specific file. Additionally, the f2fs-tools 1.4 update also has bug-fixes for the stat and fibmap utilities. Last but not least is some code refactoring for the Android build. The release was mentioned today on the kernel mailing list by Samsung's Jaegeuk Kim. Read more

xorg-server 1.16.1

xorg-server 1.16.1 is now available. A single fix since Monday's 1.16.0.901, to address an issue when building Xwayland from the tarball. Julien Cristau (2): xwayland: always include drm.xml in tarballs Bump to 1.16.1 git tag: xorg-server-1.16.1 Read more