Aruba ClearPass Overview

Aruba ClearPass is the #3 ranked solution in our list of top Network Access Control tools. It is most often compared to Cisco ISE (Identity Services Engine): Aruba ClearPass vs Cisco ISE (Identity Services Engine)

What is Aruba ClearPass?

ClearPass Policy Manager provides secure network access in a world made up of mobile and IoT devices. It features ultra-scalable AAA with RADIUS and uses contextual data based on every user and device to enforce adaptive policies for wireless, wired or VPN access. 

Aruba ClearPass is also known as Avenda eTIPS.

Buyer's Guide

Download the Network Access Control Buyer's Guide including reviews and more. Updated: May 2021

Aruba ClearPass Customers

Consulate Health Care, Los Angeles Unified School District, Science Applications International Corp (SAIC), San Diego State University, KFC, ACTS Retirement-Life Communities

Aruba ClearPass Video

Filter Archived Reviews (More than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Network Architect with 10,001+ employees
Real User
Its clustering model saved us staff time and reduced errors by eliminating the need to manage individual RADIUS servers

What is our primary use case?

We used ClearPass for wireless 802.1x Authentication in a large campus deployment (more than 10,000 access points). We are also going to use it for our guest WiFi access solution. I would like to promote its use for wired network authentication as well.

Pros and Cons

  • "We are able to satisfy many different organizational needs because of its flexibility."
  • "It eliminated the management of 10 different individual discrete RADIUS servers."
  • "Its clustering model saved us staff time and reduced errors by eliminating the need to manage individual RADIUS servers."
  • "The product's graphical user interface (GUI) could use an update and better integration between the guest management and policy management interfaces."

What other advice do I have?

Do a proof of concept. Actually get your hands on the product and don't just look at the brochure, the glossy about the product. I rate it a nine out of 10 because it's done everything that we've been able to ask it to do.
Network Administrator with 51-200 employees
Real User
It has an easy to learn web GUI and ​command lines

Pros and Cons

  • "It has an easy to learn web GUI and ​command lines.​"
  • "The support is top notch, expert, and very friendly. ​"
  • "​​The AirWave Dashboard heat maps could be better designed."
  • "Instructions on adding layouts are not as clear as they could be.​"
Find out what your peers are saying about Aruba Networks, Cisco, ForeScout and others in Network Access Control. Updated: May 2021.
502,499 professionals have used our research since 2012.
Solution Design Engineering at Cigna
MSP
Top 20Leaderboard
Gives us network access control, visibility, scalability, security, and control

What is our primary use case?

OnBoard, OnGuard, SSO and IntroSpect UEBA, including Palo Alto integration. These are valuable from engineer to C-level executives, who want visibility, performance, statistics, and a platform which can take action for them without manual intervention, saving time and money.

Pros and Cons

  • "Gives us network access control, visibility, scalability, security, and control in what is becoming an uncontrollable, inundated BYOD and IoT world."
  • "I would like to see is “AAS”. Not only Aruba APs with central, but NAC/ClearPass, AirWave, and everything licensed as a Service. This way, like AWS, they can spin up what they need when they need it and vice versa."
Consultant
User
Makes it easy to require robust user authentication for both wired and wireless endpoints

What is our primary use case?

ClearPass is the best Network Access Control "Swiss army knife" out there right now. It can do 802.1x (WPA2-Enterprise) for WiFi and LAN. It also has one of the slickest guest captive portal experiences and workflows out there, along with an easy, drop-in BYOD application. I have not had too much experience with OnGuard, the endpoint integrity feature, but it does that too. With all of the ClearPass integrations and RADIUS Change of Authorization (CoA), it is possible to login wired or wireless endpoints based on a variety of identity stores, then create and associate security policies, e.g., DACLs, based on a device.  Dynamically provision VLAN assignments, i.e., no more "color-coded ports", write Palo Alto Networks (PAN) NGFW policies that are associated…
Senior Network Engineer/Mobility Specialist at CCSI - Contemporary Computer Services, Inc.
Real User
ExpertTop 20
The features work in concert to provide secure on-boarding for guests and bring-your-own-device users. A more streamlined setup and more in-depth tutorials would be helpful.

What other advice do I have?

It's very powerful, but the individual needs to have a lot of knowledge across several IT disciplines.
Manager, IT Operations at a real estate/law firm with 1,001-5,000 employees
Vendor
Reliable solution for our guest network access as well as mobile device registration.

What other advice do I have?

It's only providing a very small service to us right now. It's not like we're looking at ClearPass on a very full-blown basis. My advice would be to just make sure to do a proper spectrum analysis, and each of your properties are areas that you intend to put WiFi, because it will be critical to where you put APs and how closely you put them together.
IT Support Engineer at a energy/utilities company with 501-1,000 employees
Vendor
The most valuable feature for us is the ability to manage each access point from a single application.

What other advice do I have?

You should go for it.
Wireless Network Engineer at a tech services company with 501-1,000 employees
Consultant
The policy manager is the most valuable feature for us because it allows us to manage every client request in the way we want.

What other advice do I have?

Attend first a ClearPass course as it’s very important in order to understand the product deeply.
Senior Network Engineer at a tech services company with 10,001+ employees
Real User
This product has provided us a tool to create authentication requirements that users have to meet in order to perform 802.1x authentication.

What other advice do I have?

Make sure you take a look at all the types of authentication you want to do and evaluate if you have enough appliances to handle the load. Keep in mind resiliency for failover as well.
Senior Network & Security Engineer at a tech services company with 501-1,000 employees
Consultant
The advanced RADIUS functionality is the most valuable feature for us. It needs to be more intuitive to use with simplified administration.

What other advice do I have?

It is a very complete solution with some important functionalities, but it can be difficult to implement and the support is not the best.
IT Division at Lais s.r.l.
Consultant
ClearPass Guest allows us to build a structured external captive portal with customized landing page for each customer.

What other advice do I have?

Plan very carefully your final configuration or you can lose yourself in the configurations phase.
Systems Engineer at a tech services company with 501-1,000 employees
Consultant
The greatest feature in Aruba ClearPass, in my opinion, is its modularity.

What other advice do I have?

I would advise customers who want to protect their network, do health checks on BYOD, provide guest access and of course AAA functions to manage their network devices to go for ClearPass, but they have to be ready to get into so much details as the power of ClearPass is in its ability to customize even the smallest details as they wish of course.
Network Professional at Transformation Networks Inc.
Vendor
The feature that I use the most is the Access Tracker. It displays all relevant information of each authentication request and troubleshooting is a breeze on how the data is displayed.

What other advice do I have?

It can easily handle all types of authentication methods and has a large amount of flexibility, which can cover all scenarios. However it is lacking in third party integrations and little to no documentation on customization. Aruba assumes that you have working knowledge of their CSS tags, JavaScript, REST API integration and others. If you are looking for a NAC solution ClearPass is one of the best all in one solution it covers all authentication methods and has a large flexibility that can be easily customized to fit any scenario in any industry vertical.
Co Founder at a tech services company with 51-200 employees
Consultant
The two most valuable features for us are ClearPass guest and policy manager.
Network Administrator at a university with 501-1,000 employees
Vendor
It has a customizable captive portal for quick and easy BYOD access for students.
Network and Systems Specialist at a university with 501-1,000 employees
Vendor
The interface is a little confusing as is setting up some of the options but this is partially due to the flexibility of the product. There are wizards available to create policy which is helpful.

What other advice do I have?

Tread carefully when estimating the number of unique device nodes for licensing. If using Active Directory for MSCHAPv2 authentication make sure that you add Clearpass to the Windows Domain.
Senior Information Security Specialist at a energy/utilities company with 10,001+ employees
Vendor
It has eliminate unauthorized access to the corporate network, hence minimizing the threat level.

What other advice do I have?

Use the DHCP options for a long time to profile all types of devices communicating on a network. ‎Keep ClearPass in monitoring mode and start blocking profiled devices in batch.
Senior Network Administrator at a manufacturing company with 1,001-5,000 employees
Vendor
It helps us to ensure all sites are compliant with a unified set of standards passed down from our corporate headquarters.

What other advice do I have?

Do your due-diligence in understanding how the product works before you deploy. CPPM (and many like it – Cisco ISE and ACS) are very complex in the way they are configured and operate. If you can design the solution before implementation, you have a much better chance of scaling well, easily, and with little down-time as you grow the product throughout its life cycle in your organization.
Security/Pre-Sales Consultant at a tech services company with 51-200 employees
Consultant
Its integration with existing tooling/databases improves efficiency and visibility.
Principal Network & Security Engineer at a tech services company with 1,001-5,000 employees
Consultant
It has automated the bring-your-own-device process through the Onboard feature and posture health check validation through the OnGuard module.

What other advice do I have?

I would advise you to at least include ClearPass in any PoC.
Information Security Assistant Manager at a financial services firm with 1,001-5,000 employees
Vendor
It checks the health of computers before granting them access to the network.

What other advice do I have?

I would advise you to get support directly from the vendor and not use the partner support.
Professional Services Engineer and Trainer at a tech services company with 51-200 employees
Consultant
The OnGuard feature checks the compliance of corporate laptops and restricts network access for users who are not compliant with security policies.

What other advice do I have?

You should test all the requirements during the PoC itself so that the planning and deployment will be smooth.
Assistant Manager - Solution Design at a tech services company with 1,001-5,000 employees
MSP
It has improved WiFi security and guest on-boarding to our networks, but it needs to be more vendor independent.

What is most valuable?

The most valuable feature is the guest on-boarding (BYOD provisioning, centralized access policies, posture assessment, etc.)

How has it helped my organization?

It has improved WiFi security and guest on-boarding to our networks.

What needs improvement?

It could be more vendor independent.

For how long have I used the solution?

I've used it for one year.

What do I think about the stability of the solution?

I have had issues in regards to the stability.

How are customer service and technical support?

The technical support is satisfactory. However, there is a room for improvement.

Which solution did I use previously and why did I switch?

I did not use any other similar product.

How was the initial setup?

The initial setup was quite complex…
Channel System Engineer-MEA at a tech services company with 501-1,000 employees
Consultant
I implemented it to make all authentication centralized and all vLAN assignments automated along with health checks.
Product Categories
Network Access Control
Buyer's Guide
Download our free Network Access Control Report and find out what your peers are saying about Aruba Networks, Cisco, ForeScout, and more!
Quick Links