Packet Fence is an OpenSource NAC (Network Access Control) Solution available under GPL license and is completely free. Packet Fence is a Network Access Control solution with world class features and many features beating those provided by expensive commercial alternatives. Mostly installed in acamedic institutions, please visit here to find a list of organisations and institutions that use Packet Fence as a Network Access Control system.
Packet Fence is built on Redhat/Fedora Linux and can be built from source and installed on most if not on all of the Linux distributions. Packet Fence is easily configurable with a good GUI although installation takes a bit of a hardwork as it involves installing a lot of other opensource software and tools for it to work like Nessus (Opensource Security Vulnerability Scanner) and Snort (Opensource Intrusion Detection). Packet Fence is now also available as a VMware image (PF ZEN) that can be downloaded from their website. This requires no work (a zero effort installation) and can be operational almost instantly (ideal for testing before deployment).
Highlighting features of Packet Fence include:
- Operate in INLINE, PASSIVE using ARP Spoofing/Poisoning)& DHCP mode
- VLAN switching support to be available soon (a workaround for VLAN supoort has beed submitted here)
- Registration Mechanism similar to a Captive Portal systems with multiple authentication support (All Apache supported authentications)
- Worm and Virus Detection, alert and Supression (Snort for Detection)
- Worm and Bot detection and Isolation
- Mitigation and Remediation using User-direction for trapped hosts
- Proactive Vulnerability Scans using NESSUS
- DHCP Fingerprinting
- OS Fingerprinting and Banning
- NAC and AP detection and Isolation
Good documentation with installation and configuration information available online, Packet Fence is a great Opensource NAC.
Actively developed and supported by the community, packet fence can also offer commercial support on request.
For more information and download, please visit Packet Fence website here
1 Comment