开源网络准入系统(open source Network Access Control system)
开源网络准入系统(open source Network Access Control system)html
http://blog.csdn.net/achejq/article/details/51089996node
以前接触过两种网络准入系统git
1.微软 域控制器:主要经过软件层面准入,访问任何资源都须要终端与域控制器的准入,互联网采用ISA与域控联动。比较完整的解决方案,很牛,可是所有须要采用微软产品(严格上讲,不算是网络层准入,算是应用层准入,但总体方案很是强大)。github
2.Cisco NAC:主要经过硬件控制,两种方式1>in-band方式(流量经过认证系统,主要适配其它厂商设备)2>out-band方式(流量不通过认证系统,设备端口由NAC控制,认证事后浏览绕行)。web
(3.)各类无线控制器都大同小异。网络
两种准入系统体现了两种厂商的不一样的角度,一种是软件层面,一种从硬件层面。less
忽然想有没有开源的准入系统,发现了PacketFenceide
What is PacketFence ?
PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful BYOD management options, 802.1X support, layer-2 isolation of problematic devices; PacketFence can be used to effectively secure networks small to very large heterogeneous networks. Among the different markets are : The NAC that works!网站
看了《Administration Guide》和《Network Devices Configuration Guide》实现了不少CISCO NAC 的功能,而且适配了不少主流厂商的设备,支持HA,很是好,很适合中小企业的使用。ui
官方网站:http://packetfence.org/home.html
基于开源软件pfSense+FreeRadius的接入认证系统实现
https://wenku.baidu.com/view/67be1c3bbed5b9f3f90f1cda.html
开源网络准入系统 (NAC)——PacketFence v4.0
http://www.freebuf.com/sectool/9599.html
PacketFence是一款可靠、免费、开源的网络准入控制解决方案(NAC),具备一系列使人印象深入的特性。包括注册时的准入控制、有线和无线控制、802.1X支持,在2层孤立有问题的设备,并集成了Snort IDS和Nessus漏洞扫描器。
Packet Fence 4.0引入了一些新的分支和web管理员接口。同时简化了认证部分的定义源码并容许动态计算角色。如今,主要配置能够彻底由web接口来管理。
新特性
Brand new Perl-based Web administrative interface using the Catalyst framework
New violation actions to set the node’s role and deregister it
Support for scanning dot1x connections for auto-registration by EAP-Type
Support for auto registering dot1x node based of the EAP-Type
New searchable MAC Addresses module to query all existing OUI prefixes
New advanced search capabilities for nodes and users
New memory object caching subsystem for configuration files
Ubuntu packages
https://github.com/inverse-inc
- 1. Packetfence 开源网络准入系统
- 2. 开源发明网络 Open Invention Network (OIN)
- 3. NFS (Network File System网络文件系统)
- 4. 开放网络操作系统介绍(1)、ONL(Open Network Linux)
- 5. A Permissioned Blockchain based Access Control System for IOT
- 6. OSI (开放系统互联(Open System Interconnection))
- 7. CISCO SECURE ACCESS CONTROL SERVER
- 8. ACL(Access Control List)
- 9. 网络OSI七层协议(Open System Interconnection:开放式系统互联)
- 10. Source Control HOWTO
- 更多相关文章...
- • netwox网络工具集入门教程 - TCP/IP教程
- • 网络体系的构成和类型 - TCP/IP教程
- • Docker容器实战(七) - 容器眼光下的文件系统
- • PHP开发工具
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. Packetfence 开源网络准入系统
- 2. 开源发明网络 Open Invention Network (OIN)
- 3. NFS (Network File System网络文件系统)
- 4. 开放网络操作系统介绍(1)、ONL(Open Network Linux)
- 5. A Permissioned Blockchain based Access Control System for IOT
- 6. OSI (开放系统互联(Open System Interconnection))
- 7. CISCO SECURE ACCESS CONTROL SERVER
- 8. ACL(Access Control List)
- 9. 网络OSI七层协议(Open System Interconnection:开放式系统互联)
- 10. Source Control HOWTO