Aruba ClearPass vs Cisco ISE (Identity Services Engine) comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on May 8, 2022

We performed a comparison between Aruba ClearPass and Cisco ISE (Identity Service Engine) based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Aruba ClearPass users relate that one does need to have some technical expertise to install and deploy this solution. Although it is not so complex, it is definitely not easy, either. Users tell us the integration with the Active Directory can be very involved. They feel that some type of wizard to streamline the process would be very helpful.

    Cisco has a bit of a reputation for being complex across the board with all its offerings, and Cisco ISE is no different. For those users that are heavily invested in the Cisco ecosystem, deployment is not a big challenge. For those that are novices or not so tech savvy, the process can seem very complex. Additionally, if the environment is complex or there are multiple policies to deploy, the process can be more time-consuming.
  • Features: Aruba ClearPass valued features include its ease of use, stable policy management platform, and reliability. The authentication mechanisms and the integration with Active Directory (AD) are also very good. It is considered a very secure product that offers full transparency and solid security; no one can get inside without authentication. Additionally, Aruba ClearPass offers complete NAC features. Many users would like to see improved cloud deployment options, however.

    The features users liked best about Cisco ISE are that the solution is very stable, flexible, and secure. Cisco ISE is a great global product that operates consistently and looks the same wherever it is deployed across the world. The GUI with Cisco ISE is top-notch and the security protocols they provide are excellent. Cisco ISE users would like to see better migration to the cloud and a hybrid option made available. They users would also welcome a solution that was more user-friendly and less complex.
  • Pricing: Users of both solutions felt that the prices were on the high side.

  • Service and Support: Aruba ClearPass users tell us the technical support they have received is exceptional, and they are very satisfied. Cisco ISE offers training and licensing courses. However, users felt that when support was needed, it was not up to their satisfaction.

Comparison Results: Although Cisco is a worldwide, well-known, trusted, and respected branded product, with many known complexities, Aruba ClearPass is flexible, versatile, and more user-friendly than Cisco. Aruba’s aggressive stance on keeping hackers out with strict authentication policies and its cost-effective business model and excellent technical service make it a NAC solution to consider seriously.

To learn more, read our detailed Aruba ClearPass vs. Cisco ISE (Identity Services Engine) Report (Updated: March 2024).
763,955 professionals have used our research since 2012.
Q&A Highlights
Question: Which is better - Aruba Clearpass or Cisco ISE?
Answer: Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely connect different types of devices to the network and get identity access control for human or non-human entities. This helps our company to control user access to exactly what we need. I like that it can also do Mac authentication. We could then apply different policies for different types of devices. If you need diverse network segmentation, Aruba ClearPass gives you the ability to restrict what your users can access. On the downside, it was a kind of frustrating to set up and we needed outside help for installing it. However, once we set it up, it was very easy to manage. The standards are compatible with almost any device with 802.1X capability. It saves us from having to separate users by running multiple SSIDs. We can easily create guest accounts for visitors and specify their permission levels. I see Cisco ISE as more suited to managing high-privilege access. With it, you can assign privileges and access levels according to the user and device, which improves the user experience since the access level is set depending on the device. We find it very useful for users that need to log in physically or via remote VPN access. The end-to-end visibility helps implement a zero-trust-security approach. However, the integration of third-party products is limited, and the interface is not very user-friendly. Integrating with social networks could be a good idea for authenticating guests. Conclusions In my opinion, Cisco ISE is a very valuable product that is great for accounting, authorization, and authentication. However, Aruba ClearPass has the advantage of solving very different authentication scenarios, so in my opinion, in these days of remote and hybrid working, it has the upper hand.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It's very easy to access support and the documentation is self-explanatory.""What I like most about Aruba ClearPass is that it has the best enforcement feature for the network. I also like its Guest Captive Portal and virtual security enforcement features, but the virtual security enforcement feature is still under testing by my company. Aruba ClearPass also has a wonderful UI which I find valuable.""The solution has been working well.""We can double verify whether a machine is compliant with our policy on the one hand, and on the other hand if it's one of our machines we let it into the network.""The aspect of Aruba ClearPass that I like most is that it has a lot of options, it is very versatile.""Aruba ClearPass's most valuable features are simple accessing, operating, and management. Additionally, the dashboard and performance work well.""Authentication capabilities are one of the most valuable features.""ClearPass prevents hackers from accessing the network. No one can get inside without authentication. It provides a lot of features we are missing. It's incredibly powerful and stable."

More Aruba ClearPass Pros →

"The profiling model included is the most valuable feature.""Not having to trust devices and being able to set those levels of trust and more finely control our network is a benefit.""The interface is pretty easy to use.""The solution cuts down on the repercussions of getting malware or ransomware.""The biggest value of ISE is that it can get so granular with gaming systems, versus IoT and BYOD.""Authentication is the most valuable feature because it puts our company at another level of security.""Improves switch account management.""The most valuable features are authentication, we have more granular control on the access policies for the administrators. The solution is easy to use, has a center point administration, and has a good GUI."

More Cisco ISE (Identity Services Engine) Pros →

Cons
"The user interface could be more polished and modern. It would be useful to have more options for automation.""There is room for improvement in the support.""Licensing cost is extremely high.""The setup of ClearPass can be a bit convoluted at times.""This solution could be improved by making it possible to use it across different territories. Currently, if a user moves from the US to the UK, their usage and access will be restricted.""The product's graphical user interface (GUI) could use an update and better integration between the guest management and policy management interfaces.""The scalability could improve.""In the next version, I would like to see some enhancement or extension on the tracking side. For example, when any user enters the network, it should be more visible in the graphical form."

More Aruba ClearPass Cons →

"ISE is a little clunky. The front-end feels like it is from the 1980s.""I'd like to see an easier way to upgrade to larger versions, as well as more best practices that are easier to locate on their support page.""The policies could be adjusted to make them more easily implementable.""It does a good job of establishing trust for every access request. We have had a little bit of a challenge with profiling, but we are probably about 80% there.""There should be a single button that can be pressed to dismiss all of the alarms at once.""Sometimes some of Cisco ISE's graphical interfaces could be a little bit smoother. However, with the different versions, the product is getting better and better.""I don't like the fact that we can see the logs only for 24 hours. Maybe that happens because of the way we set it up.""Cisco ISE requires a lot of time-consuming administration."

More Cisco ISE (Identity Services Engine) Cons →

Pricing and Cost Advice
  • "Licensing and pricing are extremely straightforward."
  • "Run a 90 day free Proof of Concept (POC) for each product by implementing and using it fully in your environment. This way you will be educated on its features, functionality, and manageability.​"
  • "​Cost is important. I switched because Aruba's costs were well below Cisco's."
  • "We pay an annual licensing fee for Aruba and there are no additional costs."
  • "The pricing is not bad and everything is included."
  • "It is affordable. In Lebanon, companies are small, and they do not have a big budget. They cannot invest a lot of money, and Aruba ClearPass is quite affordable for them."
  • "The licensing model is very straightforward. There are two types of licensing for Aruba ClearPass, a perpetual license, and a subscription. Both of them are straightforward. We don't need to read an ordering guide, it's very clear."
  • "Aruba is a little more expensive than other products in the market here."
  • More Aruba ClearPass Pricing and Cost Advice →

  • "There are three levels of pricing: basic, plus, and apex. Basic satisfied our needs."
  • "If you go directly with Cisco for the implementation it's very, very expensive."
  • "The SMARTnet technical support is available at an additional cost."
  • "For the Avast virus scan, we pay around USD $95 per machine for five years which includes all updates and technical support."
  • "The price for Cisco ISE is high."
  • "The price can be lower, especially for subscriptions. It should be a lot cheaper to have a wide range of customers. The price should be comparable to competitive products like Forescout or Fortinet FortiNAC. Forescout is cheaper for customers looking for a cloud solution."
  • "There are other cheaper options available."
  • "The price is okay."
  • More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.
    763,955 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely… more »
    Top Answer:I've done quite a lot of work with ClearPass, and not a lot with FortiNAC/Bradford. ClearPass incorporates a number of different functions including ClearPass Guest for creating complex wireless… more »
    Top Answer:Aruba ClearPass's most valuable feature is dynamic segmentation.
    Top Answer:OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers… more »
    Top Answer:Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user… more »
    Ranking
    Views
    20,030
    Comparisons
    13,681
    Reviews
    31
    Average Words per Review
    406
    Rating
    8.5
    Views
    24,825
    Comparisons
    16,525
    Reviews
    74
    Average Words per Review
    756
    Rating
    8.5
    Comparisons
    Also Known As
    Avenda eTIPS
    Cisco ISE
    Learn More
    Overview

    Aruba ClearPass is a network access control (NAC) solution that provides a range of security and access management capabilities for wired, wireless, and VPN networks. ClearPass enables organizations to secure their networks and devices, enforce security policies, and provide secure access to network resources.

    Aruba ClearPass Features

    Aruba ClearPass has many valuable key features. Some of the most useful ones include:

    • Device profiling: Aruba ClearPass automatically profiles and classifies network devices based on type, manufacturer, operating system, and more, to help organizations secure their networks.
    • Guest management: The solution provides a secure and easy-to-use guest management system for organizations to provide guest access to their networks.
    • User-friendly interface: The Aruba ClearPass includes a user-friendly interface, enabling administrators to easily manage and enforce security policies, monitor network activity, and respond to security threats.
    • Policy enforcement: Users can enforce security policies based on device type, user role, and other factors, to help secure their networks and devices.
    • Threat detection and response: With its real-time monitoring and threat detection capabilities, organizations are able to quickly identify and respond to security threats.
    • Authentication and authorization: Aruba ClearPass offers a range of authentication and authorization methods, including certificate-based authentication and 802.1X, to provide secure access to network resources.
    • Reporting and analytics: The solution Includes real-time reporting and analytics capabilities, enabling administrators to monitor network activity, track security incidents, and improve security over time.

    Aruba ClearPass Benefits

    There are many benefits to implementing Aruba ClearPass. Some of the biggest advantages the solution offers include:

    • Comprehensive solution: Aruba ClearPass integrates with a range of network security technologies, including firewalls, intrusion detection and prevention systems, and VPN gateways, to provide a comprehensive security solution.
    • Scalability: Designed to scale from small to large organizations, ClearPass provides a solution that can grow with an organization's needs.
    • Increased visibility: By implementing Aruba ClearPass, administrators can monitor network activity, track security incidents, and improve security over time.
    • Improved user productivity: The solution’s secure and seamless access to network resources helps users be more productive and access the resources they need, when they need them.
    • Better business agility: With the solution, organizations can quickly respond to security threats and enforce security policies, improving overall business agility.

    Reviews from Real Users

    Aruba ClearPass is a solution that stands out when compared to many of its competitors. Some of its major advantages are that it’s easy to use, has a valuable Guest Captive Portal and virtual security enforcement, and has a good web dashboard and policy manager.

    “It is easy to use and more integrated with the Aruba wireless networks,” says Muhammad N., Network & Information Security Engineer at a healthcare company.

    Ammar F., Head of IT at Hubtech, explains, “What I like most about Aruba ClearPass is that it has the best enforcement feature for the network. I also like its Guest Captive Portal and virtual security enforcement features, but the virtual security enforcement feature is still under testing by my company. Aruba ClearPass also has a wonderful UI which I find valuable."

    Another PeerSpot reviewer mentions, "The web dashboard and the policy manager are very intuitive and very easy for the engineers to use."

    Cisco ISE is an all-in-one solution that streamlines security policy management and reduces operating costs. Cisco ISE delivers visibility and access control over users and devices across wired, wireless, and VPN connections.

    Identity Services Engine enables enterprises to deliver secure network access to users and devices. It shares contextual data, such as threats and vulnerabilities, with integrated solutions from Cisco technology partners. You can see what is happening in your network, which applications are running, and more.

    Features of Cisco ISE

    • Centralized management helps administrators configure and manage user profile characteristics - a single pane of glass for integrated management services.
    • Contextual identity and business policy: The rule-based attribute is a driven policy model. The goal is to provide flexible access control policies.
    • Wide range of access control options, including Virtual LAN (VLAN) URL redirections, and access control lists.
    • Supplicant-less network access: You can roll out secure network access by deriving authentication from login information across application layers.
    • Guest lifecycle management streamlines the experience for implementing and customizing network access for guests.
    • Built-in AAA services: The platform uses standard RADIUS protocol for authentication, authorization, and accounting.
    • Device auditing, administration, and access control provide users with access on a need-to-know and need-to-act basis. It keeps audit trails for every change in the network.
    • Device profiling: ISE features predefined device templates for different types of endpoints.
    • Internal certificate authority: Qn easy-to-deploy single console to manage endpoints and certificates.

    Benefits of Cisco ISE

    Cisco’s holistic approach to network access security has several advantages:

    • Context-based access based on your company policies. ISE creates a complete contextual identity, including attributes such as user, time, location, threat, access type, and vulnerability. This contextual identity is used to enforce a secure access policy. Administrators can apply strict control over how and when endpoints are allowed in the network.
    • Better network visibility via an easy-to-use, simple console. In addition, visibility is improved by storing a detailed attribute history of all endpoints connected to the network.
    • Comprehensive policy enforcement. ISE sets easy and flexible access rules. These rules are controlled from a central console that enforces them across the network and security infrastructure. You can define policies that differentiate between registered users and guests. The system uses group tags that enable access control on business rules instead of IP addresses.
    • Self-service device onboarding enables the enterprise to implement a Bring-Your-Own-Device (BYOD) policy securely. Users can manage their devices according to the policies defined by IT administrators. (IT remains in charge of provisioning and posturing to comply with security policies.)
    • Consistent guest experiences: You can provide guests with different levels of access from different connections. You can customize guest portals via a cloud-delivered portal editor with dynamic visual tools.

    Support

    You can get ISE as a physical or virtual appliance. Both deployments can create ISE clusters that create scale, redundancy, and requirements.

    Licensing

    Cisco ISE has four primary licences. Evaluation for up to 100 endpoints with full platform functionality. The higher tiers are Partner, Advantage and Essential.

    Reviews from Real Users

    "The user experience of the solution is great. It's a very transparent system. according to a PeerSpot user in Cyber Security at a manufacturing company.

    Omar Z., Network & Security Engineer at an engineering company, feels that "The RADIUS Server holds the most value."

    “Whether I deploy in China, the US, South Africa, or wherever, I can get all the capabilities. It allows me to directly integrate with 365, and from a communications point of view, that is a good capability," says Rammohan M., Senior Consultant at a tech services company.

    Hassan A.,Technology Manager at Advanced Integrated Systems, says that "The most valuable feature is the integration with StealthWatch and DNA as one fabric."




    Sample Customers
    Consulate Health Care, Los Angeles Unified School District, Science Applications International Corp (SAIC), San Diego State University, KFC, ACTS Retirement-Life Communities
    Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
    Top Industries
    REVIEWERS
    Comms Service Provider19%
    Computer Software Company19%
    Manufacturing Company11%
    Healthcare Company11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Government9%
    Manufacturing Company7%
    Educational Organization7%
    REVIEWERS
    Financial Services Firm13%
    Government11%
    Comms Service Provider11%
    Computer Software Company11%
    VISITORS READING REVIEWS
    Educational Organization23%
    Computer Software Company16%
    Government8%
    Financial Services Firm7%
    Company Size
    REVIEWERS
    Small Business42%
    Midsize Enterprise24%
    Large Enterprise34%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise17%
    Large Enterprise60%
    REVIEWERS
    Small Business24%
    Midsize Enterprise21%
    Large Enterprise55%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise32%
    Large Enterprise52%
    Buyer's Guide
    Aruba ClearPass vs. Cisco ISE (Identity Services Engine)
    March 2024
    Find out what your peers are saying about Aruba ClearPass vs. Cisco ISE (Identity Services Engine) and other solutions. Updated: March 2024.
    763,955 professionals have used our research since 2012.

    Aruba ClearPass is ranked 2nd in Network Access Control (NAC) with 31 reviews while Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control (NAC) with 76 reviews. Aruba ClearPass is rated 8.6, while Cisco ISE (Identity Services Engine) is rated 8.2. The top reviewer of Aruba ClearPass writes "Easy to use, integrates well with other Aruba solutions, and offers good performance". On the other hand, the top reviewer of Cisco ISE (Identity Services Engine) writes "Offers rich contact sharing, many self-service features, and the ability to categorically list all the endpoints in the infrastructure". Aruba ClearPass is most compared with Fortinet FortiNAC, Forescout Platform, Microsoft Intune, Ruckus Cloudpath and macmon Network Access Control, whereas Cisco ISE (Identity Services Engine) is most compared with Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager, Fortinet FortiAuthenticator and Microsoft Enterprise Mobility + Security. See our Aruba ClearPass vs. Cisco ISE (Identity Services Engine) report.

    See our list of best Network Access Control (NAC) vendors.

    We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.