If your network is a breeding ground for worms, PacketFence is for you. If you have no idea who connects to your network and who owns a particular computer, PacketFence is for you. If you have no way of mapping a network policy violation to a user, PacketFence is for you.
PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, integration with the Snort IDS and the Nessus vulnerability scanner; PacketFence can be used to effectively secure networks - from small to very large heterogeneous networks.
PacketFence provides an impressive list of supported features. Among them, there are ...
* Voice over IP (VoIP) support
* Wireless integration
* Detection of abnormal network activities
* Proactive vulnerability scans
* Isolation of problematic devices
* Remediation through a captive portal
* Command-line and Web-based management
* Forbid rogue access points
* Perform compliance checks
* Eliminate Peer-to-Peer traffic
* Provide guest access
* Simplify VLAN management
PacketFence Installation:
yum repository: Make sure your system is up to date and your yum database is updated: yum update
Some PacketFence dependencies are available through (http://dag.wieers.com/) so you need to configure YUM to use it.
First import the DAG RPM GPG key:
Execute the installer at /usr/local/pf/installer.pl and follow the instructions.
Once completed, PacketFence will be fully installed on your server. You are now ready to configure it.
PacketFence Configuration:
In order to properly begin the configuration of PacketFence, we strongly recommend to execute the configuration script located at /usr/local/pf/configurator.pl. This script will guide you through the process of creating a working PacketFence configuration file that is suitable to your needs.
Keep in mind that the resulting PacketFence configuration will be located in /usr/local/pf/conf/pf.conf, and it can always be adjusted by hand afterward.
PacketFence provides a web-based administration interface for easy configuration and operational management. In order to access the interface you need to create an administrator and a web services account.
You need to encrypt the new password in the admin.conf file with htpasswd:
Once PacketFence is started, administration interface is available at: https://ipaddress:1443/
PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, integration with the Snort IDS and the Nessus vulnerability scanner; PacketFence can be used to effectively secure networks - from small to very large heterogeneous networks.
PacketFence provides an impressive list of supported features. Among them, there are ...
* Voice over IP (VoIP) support
* Wireless integration
* Detection of abnormal network activities
* Proactive vulnerability scans
* Isolation of problematic devices
* Remediation through a captive portal
* Command-line and Web-based management
* Forbid rogue access points
* Perform compliance checks
* Eliminate Peer-to-Peer traffic
* Provide guest access
* Simplify VLAN management
PacketFence Installation:
yum repository: Make sure your system is up to date and your yum database is updated: yum update
Some PacketFence dependencies are available through (http://dag.wieers.com/) so you need to configure YUM to use it.
First import the DAG RPM GPG key:
rpm -import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txtThen install the latest version of the RPMForge package (http://dag.wieers.com/rpm/packages/rpmforge-release/):
rpm -i rpmforge-release-0.5.2-2.el5.rf.i386.rpmIn order to use the repository, just create a file named /etc/yum.repos.d/PacketFence.repo with the following content:
[PacketFence]Once the repository is defined, you can install PacketFence with all it's dependencies, and the required external services (DNS server, Database server, DHCP server, RADIUS server) using:
name=PacketFence Repository
baseurl=http://inverse.ca/downloads/PacketFence/RHEL5/$basearch
gpgcheck=0
enabled=0
yum groupinstall --enablerepo=PacketFence,rpmforge “Packetfence-complete”Or, if you prefer, to install only the core PacketFence without all the external services, you can use :
yum install --enablerepo=PacketFence,rpmforge packetfence
Execute the installer at /usr/local/pf/installer.pl and follow the instructions.
Once completed, PacketFence will be fully installed on your server. You are now ready to configure it.
PacketFence Configuration:
In order to properly begin the configuration of PacketFence, we strongly recommend to execute the configuration script located at /usr/local/pf/configurator.pl. This script will guide you through the process of creating a working PacketFence configuration file that is suitable to your needs.
Keep in mind that the resulting PacketFence configuration will be located in /usr/local/pf/conf/pf.conf, and it can always be adjusted by hand afterward.
PacketFence provides a web-based administration interface for easy configuration and operational management. In order to access the interface you need to create an administrator and a web services account.
You need to encrypt the new password in the admin.conf file with htpasswd:
htpasswd /usr/local/pf/conf/admin.conf adminThen again for webservice:
htpasswd /usr/local/pf/conf/admin.conf webservice
Once PacketFence is started, administration interface is available at: https://ipaddress
0 comments:
Post a Comment