Aruba ClearPass Review

We use this solution mainly for NAC, network access control.

It's security control after all so just like you have an EDR installed, we double verify whether a machine is compliant with our policy on the one hand, and on the other hand, if it's also one of our machines so that we can let it into the network. It's security control.

The most valuable feature for us is the policy compliance. They have an API that assists you in checking whether a machine has specific clients. For example, we check whether the EDR is updated and whether there are specific clients whose machine should be allowed to connect to the network.

The user interface should be improved. The logs and how the logging mechanism works can also use an upgrade. It should also have better reporting, we were trying to do the reports and didn't manage to do them because technically we couldn't. 

Better documentation on the API would be useful as well.

The solution is stable.

The scalability is good. We didn't have any problems there. We deployed it in 12 hours worldwide, so it's pretty scalable. There are about 2,500 users currently, in total.

In terms of increasing our user base, we increase the license whenever we acquire a company so it depends on whether we're growing organically or not organically. It's in the pipeline, so once we buy a company they go through us, pick a stage, and we implement all the security enforcement for that company. So as long as we buy companies, we implement this as well.

Most of the problems we had were solved by the integrator. The technical support is medium to good.

The initial setup was complex. The deployment was fast, but in order to tune the policy, install the agent, and do everything else, I would say it took around 4 to 6 months.

We used an integrator. They were very good. Most of the shortcomings were technology based, not implementation based.

My advice is to get a good integrator.

I would rate this solution as an eight and a half out of ten.