Aruba ClearPass Overview
Aruba ClearPass is the #3 ranked solution in our list of top Network Access Control tools. It is most often compared to Cisco ISE (Identity Services Engine): Aruba ClearPass vs Cisco ISE (Identity Services Engine)
What is Aruba ClearPass?
ClearPass Policy Manager provides secure network access in a world made up of mobile and IoT devices. It features ultra-scalable AAA with RADIUS and uses contextual data based on every user and device to enforce adaptive policies for wireless, wired or VPN access.
Aruba ClearPass is also known as Avenda eTIPS.
Download the Network Access Control Buyer's Guide including reviews and more. Updated: May 2021
Aruba ClearPass Customers
Consulate Health Care, Los Angeles Unified School District, Science Applications International Corp (SAIC), San Diego State University, KFC, ACTS Retirement-Life Communities
Aruba ClearPass Video
Filter Archived Reviews (More than two years old)
- Highest Rating
- Lowest Rating
- Review Length
Showingreviews based on the current filters.
Network Architect with 10,001+ employees
Apr 17, 2018
Its clustering model saved us staff time and reduced errors by eliminating the need to manage individual RADIUS servers
What is our primary use case?We used ClearPass for wireless 802.1x Authentication in a large campus deployment (more than 10,000 access points). We are also going to use it for our guest WiFi access solution. I would like to promote its use for wired network authentication as well.
Pros and Cons
- "We are able to satisfy many different organizational needs because of its flexibility."
- "It eliminated the management of 10 different individual discrete RADIUS servers."
- "Its clustering model saved us staff time and reduced errors by eliminating the need to manage individual RADIUS servers."
- "The product's graphical user interface (GUI) could use an update and better integration between the guest management and policy management interfaces."
What other advice do I have?Do a proof of concept. Actually get your hands on the product and don't just look at the brochure, the glossy about the product. I rate it a nine out of 10 because it's done everything that we've been able to ask it to do.
Network Administrator with 51-200 employees
Mar 12, 2018
It has an easy to learn web GUI and command lines
Pros and Cons
- "It has an easy to learn web GUI and command lines."
- "The support is top notch, expert, and very friendly. "
- "The AirWave Dashboard heat maps could be better designed."
- "Instructions on adding layouts are not as clear as they could be."
Find out what your peers are saying about Aruba Networks, Cisco, ForeScout and others in Network Access Control. Updated: May 2021.
502,499 professionals have used our research since 2012.
Gives us network access control, visibility, scalability, security, and control
What is our primary use case?OnBoard, OnGuard, SSO and IntroSpect UEBA, including Palo Alto integration. These are valuable from engineer to C-level executives, who want visibility, performance, statistics, and a platform which can take action for them without manual intervention, saving time and money.
Pros and Cons
- "Gives us network access control, visibility, scalability, security, and control in what is becoming an uncontrollable, inundated BYOD and IoT world."
- "I would like to see is “AAS”. Not only Aruba APs with central, but NAC/ClearPass, AirWave, and everything licensed as a Service. This way, like AWS, they can spin up what they need when they need it and vice versa."
Feb 27, 2018
Makes it easy to require robust user authentication for both wired and wireless endpoints
What is our primary use case?ClearPass is the best Network Access Control "Swiss army knife" out there right now. It can do 802.1x (WPA2-Enterprise) for WiFi and LAN. It also has one of the slickest guest captive portal experiences and workflows out there, along with an easy, drop-in BYOD application. I have not had too much experience with OnGuard, the endpoint integrity feature, but it does that too. With all of the ClearPass integrations and RADIUS Change of Authorization (CoA), it is possible to login wired or wireless endpoints based on a variety of identity stores, then create and associate security policies, e.g., DACLs, based on a device. Dynamically provision VLAN assignments, i.e., no more "color-coded ports", write Palo Alto Networks (PAN) NGFW policies that are associated…
The features work in concert to provide secure on-boarding for guests and bring-your-own-device users. A more streamlined setup and more in-depth tutorials would be helpful.
What other advice do I have?It's very powerful, but the individual needs to have a lot of knowledge across several IT disciplines.
Manager, IT Operations at a real estate/law firm with 1,001-5,000 employees
Apr 28, 2016
Reliable solution for our guest network access as well as mobile device registration.
What other advice do I have?It's only providing a very small service to us right now. It's not like we're looking at ClearPass on a very full-blown basis. My advice would be to just make sure to do a proper spectrum analysis, and each of your properties are areas that you intend to put WiFi, because it will be critical to where you put APs and how closely you put them together.
IT Support Engineer at a energy/utilities company with 501-1,000 employees
Feb 23, 2016
The most valuable feature for us is the ability to manage each access point from a single application.
What other advice do I have?You should go for it.
Wireless Network Engineer at a tech services company with 501-1,000 employees
The policy manager is the most valuable feature for us because it allows us to manage every client request in the way we want.
What other advice do I have?Attend first a ClearPass course as it’s very important in order to understand the product deeply.
Senior Network Engineer at a tech services company with 10,001+ employees
Feb 3, 2016
This product has provided us a tool to create authentication requirements that users have to meet in order to perform 802.1x authentication.
What other advice do I have?Make sure you take a look at all the types of authentication you want to do and evaluate if you have enough appliances to handle the load. Keep in mind resiliency for failover as well.
Senior Network & Security Engineer at a tech services company with 501-1,000 employees
The advanced RADIUS functionality is the most valuable feature for us. It needs to be more intuitive to use with simplified administration.
What other advice do I have?It is a very complete solution with some important functionalities, but it can be difficult to implement and the support is not the best.
ClearPass Guest allows us to build a structured external captive portal with customized landing page for each customer.
What other advice do I have?Plan very carefully your final configuration or you can lose yourself in the configurations phase.
The greatest feature in Aruba ClearPass, in my opinion, is its modularity.
What other advice do I have?I would advise customers who want to protect their network, do health checks on BYOD, provide guest access and of course AAA functions to manage their network devices to go for ClearPass, but they have to be ready to get into so much details as the power of ClearPass is in its ability to customize even the smallest details as they wish of course.
Feb 2, 2016
The feature that I use the most is the Access Tracker. It displays all relevant information of each authentication request and troubleshooting is a breeze on how the data is displayed.
Jan 18, 2016
The interface is a little confusing as is setting up some of the options but this is partially due to the flexibility of the product. There are wizards available to create policy which is helpful.
What other advice do I have?Tread carefully when estimating the number of unique device nodes for licensing. If using Active Directory for MSCHAPv2 authentication make sure that you add Clearpass to the Windows Domain.
Senior Information Security Specialist at a energy/utilities company with 10,001+ employees
Jan 13, 2016
It has eliminate unauthorized access to the corporate network, hence minimizing the threat level.
What other advice do I have?Use the DHCP options for a long time to profile all types of devices communicating on a network. Keep ClearPass in monitoring mode and start blocking profiled devices in batch.
Senior Network Administrator at a manufacturing company with 1,001-5,000 employees
Jan 12, 2016
It helps us to ensure all sites are compliant with a unified set of standards passed down from our corporate headquarters.
What other advice do I have?Do your due-diligence in understanding how the product works before you deploy. CPPM (and many like it – Cisco ISE and ACS) are very complex in the way they are configured and operate. If you can design the solution before implementation, you have a much better chance of scaling well, easily, and with little down-time as you grow the product throughout its life cycle in your organization.
Jan 12, 2016
It has automated the bring-your-own-device process through the Onboard feature and posture health check validation through the OnGuard module.
What other advice do I have?I would advise you to at least include ClearPass in any PoC.
Information Security Assistant Manager at a financial services firm with 1,001-5,000 employees
Jan 4, 2016
It checks the health of computers before granting them access to the network.
What other advice do I have?I would advise you to get support directly from the vendor and not use the partner support.
Professional Services Engineer and Trainer at a tech services company with 51-200 employees
Jan 3, 2016
The OnGuard feature checks the compliance of corporate laptops and restricts network access for users who are not compliant with security policies.
What other advice do I have?You should test all the requirements during the PoC itself so that the planning and deployment will be smooth.
Assistant Manager - Solution Design at a tech services company with 1,001-5,000 employees
Nov 29, 2015
It has improved WiFi security and guest on-boarding to our networks, but it needs to be more vendor independent.
What is most valuable?The most valuable feature is the guest on-boarding (BYOD provisioning, centralized access policies, posture assessment, etc.)
How has it helped my organization?It has improved WiFi security and guest on-boarding to our networks.
What needs improvement?It could be more vendor independent.
For how long have I used the solution?I've used it for one year.
What do I think about the stability of the solution?I have had issues in regards to the stability.
How are customer service and technical support?The technical support is satisfactory. However, there is a room for improvement.
Which solution did I use previously and why did I switch?I did not use any other similar product.
How was the initial setup?The initial setup was quite complex…
Product CategoriesNetwork Access Control
Download our free Network Access Control Report and find out what your peers are saying about Aruba Networks, Cisco, ForeScout, and more!