Open Source Network access control system
http://blog.csdn.net/achejq/article/details/51089996
We've been exposed to two types of network access systems before
1. Microsoft domain controller: mainly through the software level admittance, access to any resource requires terminal and domain controller access, the Internet using ISA and domain control linkage. More complete solution, very cow, but all need to use Microsoft products (strictly speaking, not a network layer access, is the application layer access, but the overall plan is very powerful).
2.Cisco NAC: Mainly through hardware control, two ways 1>in-band way (flow through the authentication system, mainly suitable for other manufacturers equipment) 2>out-band Way (flow does not go through the authentication system, the device port is controlled by the NAC, the authentication after browsing around).
(3) A variety of wireless controllers are similar.
Two kinds of admittance system embody the different angle of two kinds of manufacturers, one is software level, one is from hardware level.
Suddenly want to have open-source access system, found the Packetfence
What is Packetfence?
Packetfence is a fully supported, trusted, free and Open Source Network access Control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wire Less management, powerful BYOD management options, 802.1X support, layer-2 isolation of problematic devices; Packetfence can used to effectively secure networks small to very large heterogeneous networks. Among the different are:the NAC that works!
See "Administration Guide" and "Network Devices Configuration Guide" realize a lot of Cisco NAC functions, and adapt to a lot of mainstream manufacturers of equipment, support ha, very good, very suitable for small and medium-sized enterprise use.
Official website: http://packetfence.org/home.html
realization of access authentication system based on open source software Pfsense+freeradius
Https://wenku.baidu.com/view/67be1c3bbed5b9f3f90f1cda.html
Open Source Network access System (NAC)--packetfence v4.0
Http://www.freebuf.com/sectool/9599.html
Packetfence is a reliable, free, open-source Network Admission Control solution (NAC) with an impressive array of features. Includes admission control at registration, wired and wireless control, 802.1X support, isolated problematic devices on layer 2, and integrated snort IDs and Nessus vulnerability scanners.
Packet Fence 4.0 introduces a number of new branch and Web Administrator interfaces. It also simplifies the definition of the authentication section and allows dynamic calculation of roles. Now, the primary configuration can be managed entirely by the Web interface.
New features
Brand New perl-based Web administrative interface using the Catalyst frameworknew violation actions to set the node's role and deregister itsupport for scanning dot1x connections for auto-registration by Eap-typesupport for auto registering dot 1x node based of the Eap-typenew searchable MAC Addresses module to query all existing OUI prefixesnew Advanced search Cap Abilities for nodes and Usersnew memory object caching subsystem for configuration Filesubuntu packages
Https://github.com/inverse-inc
Open Source Network access control system