From: Andreas Steffen Date: Thu, 14 Oct 2010 19:20:27 +0000 (+0200) Subject: added TNC support to NEWS X-Git-Tag: 4.5.0~33 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8a1353fc0e006bfaa466b8b261db3210694f13bf;p=thirdparty%2Fstrongswan.git added TNC support to NEWS --- diff --git a/NEWS b/NEWS index 9796ee5788..d6292005dd 100644 --- a/NEWS +++ b/NEWS @@ -21,6 +21,15 @@ strongswan-4.5.0 authentication for client and server. It is compatible to Windows 7 IKEv2 Smartcard authentication and the OpenSSL based FreeRADIUS EAP-TLS backend. +- Implemented the TNCCS 1.1 Trusted Network Connect protocol using the + libtnc library on the strongSwan client and server side via the tnccs_11 + plugin and optionally connecting to a TNC@FHH-enhanced FreeRADIUS AAA server. + Depending on the resulting TNC Recommendation, strongSwan clients are granted + access to a network behind a strongSwan gateway (allow), are put into a + remediation zone (isolate) or are blocked (none), respectively. Any number + of Integrity Measurement Collector/Verifier pairs can be attached + via the tnc-imc and tnc-imv charon plugins. + - Fixed a bug not releasing a virtual IP address to a pool if the XAUTH identity was different from the IKE identity.