Open Source Network access control system

Open Source Network access control system

http://blog.csdn.net/achejq/article/details/51089996

We've been exposed to two types of network access systems before

1. Microsoft domain controller: mainly through the software level admittance, access to any resource requires terminal and domain controller access, the Internet using ISA and domain control linkage. More complete solution, very cow, but all need to use Microsoft products (strictly speaking, not a network layer access, is the application layer access, but the overall plan is very powerful).

2.Cisco NAC: Mainly through hardware control, two ways 1>in-band way (flow through the authentication system, mainly suitable for other manufacturers equipment) 2>out-band Way (flow does not go through the authentication system, the device port is controlled by the NAC, the authentication after browsing around).

(3) A variety of wireless controllers are similar.

Two kinds of admittance system embody the different angle of two kinds of manufacturers, one is software level, one is from hardware level.

Suddenly want to have open-source access system, found the Packetfence

What is Packetfence?
Packetfence is a fully supported, trusted, free and Open Source Network access Control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wire Less management, powerful BYOD management options, 802.1X support, layer-2 isolation of problematic devices; Packetfence can used to effectively secure networks small to very large heterogeneous networks. Among the different are:the NAC that works!

See "Administration Guide" and "Network Devices Configuration Guide" realize a lot of Cisco NAC functions, and adapt to a lot of mainstream manufacturers of equipment, support ha, very good, very suitable for small and medium-sized enterprise use.

Official website: http://packetfence.org/home.html

realization of access authentication system based on open source software Pfsense+freeradius

Https://wenku.baidu.com/view/67be1c3bbed5b9f3f90f1cda.html

Open Source Network access System (NAC)--packetfence v4.0

Http://www.freebuf.com/sectool/9599.html

Packetfence is a reliable, free, open-source Network Admission Control solution (NAC) with an impressive array of features. Includes admission control at registration, wired and wireless control, 802.1X support, isolated problematic devices on layer 2, and integrated snort IDs and Nessus vulnerability scanners.

Packet Fence 4.0 introduces a number of new branch and Web Administrator interfaces. It also simplifies the definition of the authentication section and allows dynamic calculation of roles. Now, the primary configuration can be managed entirely by the Web interface.

New features

Brand New perl-based Web administrative interface using the Catalyst frameworknew violation actions to set the node's role and deregister itsupport for scanning dot1x connections for auto-registration by Eap-typesupport for auto registering dot 1x node based of the Eap-typenew searchable MAC Addresses module to query all existing OUI prefixesnew Advanced search Cap Abilities for nodes and Usersnew memory object caching subsystem for configuration Filesubuntu packages

Https://github.com/inverse-inc

Open Source Network access control system