The most valuable feature for us it the granular, logic-based nesting of objects which gives highly customizable control over AAA for TACACS+ and RADIUS.
Device profiling for basic/intermediate NAC is also highly useful.
The most valuable feature for us it the granular, logic-based nesting of objects which gives highly customizable control over AAA for TACACS+ and RADIUS.
Device profiling for basic/intermediate NAC is also highly useful.
Providing granular control over which devices are permitted to join our corporate wireless network, as well as in-depth AAA (accounting, in particular) for TACACS+ sessions, is huge. We can refer back to these logs at any time, which are especially useful when we undergo organization-wide audits.
Having a global business presence, CPPM helps us to ensure all sites are compliant with a unified set of standards passed down from our corporate headquarters.
I've used it for just over three years.
I don't recall any issues with deployment.
I don't recall any issues with stability.
I don't recall any issues with scalability.
Technical support was not all that great, actually. They are responsive, but oftentimes are VERY reluctant to initiate a screen-sharing session or give in-depth answers. URL links to knowledge-base articles are very typical for initial answers, which (1) slows resolution, and (2) increases frustration.
It seems, in general, that technical support is more interested in closing new cases than they are in actually solving the root issues. 90% of the questions I’ve had I’ve had solved (for free, mind you, without any maintenance fees) using Aruba’s Airheads online user-based forums.
The solution was implemented before I gained ownership of it. I'm not sure of the history behind it.
A local vendor was used.
Do your due-diligence in understanding how the product works before you deploy. CPPM (and many like it – Cisco ISE and ACS) are very complex in the way they are configured and operate.
If you can design the solution before implementation, you have a much better chance of scaling well, easily, and with little down-time as you grow the product throughout its life cycle in your organization.
We mainly use it for 802.1X authentication.
Our customers like its ability to authenticate using not just certificates but also MAC addresses is very helpful in mitigating unauthenticated access on networks and switches.
There is room for improvement in terms of scalability.
I have experience with Aruba ClearPass for five to six years.
I would rate the stability a nine out of ten.
I would rate the scalability an eight out of ten. Our customers are mostly medium-sized businesses.
I have some years of experience with FortiGate, Fortinet Firewalls, and Fortinet switches. Mostly with FortiSwitch models 6450, 548, and 124F.
I didn't set it up myself. I'm involved in operating the system.
Overall, I would rate the solution an eight out of ten.
I use this solution for securing company-wide logs.
I'm using the latest version. It's deployed on the public cloud. Microsoft Azure is the cloud provider.
Everyone in our organization uses this solution. It's about 300 people. There are four people who specifically operate the solution, do daily checks, check for errors, and help users who are having trouble with their login sessions.
I like that it's usable in both an on-premise and hybrid and cloud native environment. I like the integration options with a multitude of other vendors and Aruba applications.
The user interface could be more polished and modern. It would be useful to have more options for automation.
I would like to have more collaboration between different security platforms. For instance, the Fortinet portfolio, which we also use extensively.
I have used this solution for about one year.
It's very stable. We did have some issues with under provisioning the underlying resources, so that needs to be taken into account. If you do, then it is very stable.
The scalability is very high. You just need to add extra nodes. I would rate the scalability as eight out of ten.
Technical support is only approached by our third party network service provider.
Deployment took one day.
Implementation was done through a third party. We outsourced the deployment to our network vendor.
Maintenance is also outsourced. For the application itself, maintenance takes about four hours a month. For the actual usage of the applications on a day-to-day basis, we do that ourselves.
Compared to the functionality, the pricing is very favorable. It's affordable and provides good value for the money.
I would rate the pricing as three out of ten.
We evaluated other on-premises solutions, but they aren't very comparable to Aruba.
I would rate this solution as nine out of ten.
I would recommend Aruba ClearPass to others.
Aruba ClearPass is used for enforcing certain security policies all around the organization, it covers certain security policies, which is in turn, is deducted from the business requirements. You start with a security policy, then you need technology to enforce it, this is where Aruba ClearPass is used.
A lot of the issues in Forescout are mitigated in Aruba ClearPass, it supports all the expected protocols.
Aruba ClearPass has fewer deployment scenarios and flexibility than Forescout.
I have been using Aruba ClearPass for five years.
Aruba ClearPass is reliable.
I have found Aruba ClearPass to be scalable.
I have approximately two clients with 400 users each, giving a total of 800 users using the solution.
Aruba ClearPass has a very good technical support team. Whenever we need the vendor to be involved, we find a good deal of technical support.
I have used Forescout and I would rate Aruba ClearPass second best.
The initial installation is simple. The deployment could be better since it has fewer capabilities than other solutions, it could be more flexible.
We have a dedicated engineer for Aruba ClearPass when it comes to deploying and support of the solution. One engineer is enough for my client's environment.
The licensing model is very straightforward. There are two types of licensing for Aruba ClearPass, a perpetual license, and a subscription. Both of them are straightforward. We don't need to read an ordering guide, it's very clear.
I would recommend this solution to others if they have a certain use case. If there is a lot of Cisco environments that need to be implied under the security policy, then ClearPass is the right solution for them. It supports a wide range of Cisco technologies and Cisco protocols.
I rate Aruba ClearPass an eight out of ten.
Our primary use case is providing services for this solution. We've done a big proof of concept for Clearpass in our company. And another recent case I prepared was a proposal for one of our biggest customers regarding a solution for network access control. Clearpass was practically the heart of that solution.
My position in the company is independent. The company sells end products and services from various vendors and Aruba is one of them. We do the implementation.
One of the most valuable features of the solution is the maturity of the product and, of course, the functionality is also very good.
Possibly some of the functions could be improved, but it's hard to say. Generally, Clearpass is considered the leader in its field and it's a very good product.
I've been using this solution for about half a year.
We have quite good support from local representatives and we have our own team in the company for maintenance. A lot is available online.
Initial setup of the solution is relatively straightforward. There are a lot of videos and documentation available on the internet.
We looked at Pulse Policy Secure as a possible option. In some areas it has more flexibility than Clearpass but Clearpass came out on top in the end. Policy Secure has some ability issues and lack of good support.
I would rate this product a nine out of 10.
It's a reliable solution for our guest network access as well as mobile device registration.
The key functionality we're using is Active Directory in unison with device authentication, so every 45 days a user has to log in their password on their mobile phone so that you can use WiFi services in the office. We're going to be looking at ClearPass to do device authentication, which means the users will only have to register the device once and never have to re-enter the password again.
It was a complex solution to set up because of its newness. We needed a third-party implementor to help us.
It's a brand new installation for us, and we've only had it for a month.
So far, we haven't had any issues with deployment.
From what we've seen it's been pretty stable.
Right now, it's scaled. We're using it for guest internet services and it seems to be working pretty well. Our next phase with that would be to roll in for device registration as we roll out to our mobile device strategy.
10/10 for HP and 8/10 for the third-party.
Technical Support:We haven't really run into any support issues yet. On the integration side, there's obviously some expertise with the vendor, which is going to help us take care of some issues in the future, but it hasn't really been a difficult product to support.
We decommissioned other options. We had another, but we've since decoupled it and are now using ClearPass to do that.
Because of its newness it was complex, but the end result was pretty straightforward.
We did need a third party to come in and help us do the implementation. We had some initial help from an HP engineer on the Aruba side who spent some time with us, showing us an evaluation version of it, but when we went into production we had to get a third party to help us.
We're not really calculating ROI for the service. It's a necessary service delivered by IT to the corporation.
We're currently doing an entire refresh of our access point network, which is approximately 80 access points across the country. We've recently acquired all new hardware. We're refreshing the entire footprint.
Because Aruba was our primary vendor for our access points, it just made more sense for us to try to consolidate more services towards the new strategy.
It's only providing a very small service to us right now. It's not like we're looking at ClearPass on a very full-blown basis. My advice would be to just make sure to do a proper spectrum analysis, and each of your properties are areas that you intend to put WiFi, because it will be critical to where you put APs and how closely you put them together.
ClearPass provides authentication solutions for endpoints.
ClearPass is effortless to use and configure. It's not hard to learn the tool, and it has lots of features.
ClearPass' interface could be more user-friendly.
I've used ClearPass for more than four years.
ClearPass is stable. In my opinion, it's the best solution of its kind.
ClearPass is highly scalable.
ClearPass support is fine because we have a good relationship with the vendor, so we can call them whenever we have questions.
Deploying ClearPass is very straightforward. We are an Aruba integrator, and we've installed ClearPass for more than 10 clients. You can deploy it with two or three engineers, and the time needed for deployment depends on the client. Installing ClearPass for a larger client will take about one week, but a smaller client takes only about three days.
We pay a yearly subscription.
I rate Aruba ClearPass eight out of 10.
If for example, a user in my office received a particular VLAN for the USA and relocated to the UK, they will not get the same access. This is the challenge that we are trying to achieve through the CPPM.
Document authentications allows us to decide which users can connect to an office VLAN and this has been the most valuable feature. It is dependent upon the policies that we have created on CPPM. If a domain laptop needs a Windows update, the device is updated.
This solution could be improved by making it possible to use it across different territories. Currently, if a user moves from the US to the UK, their usage and access will be restricted.
I have been using this solution for one year.
This is a stable solution.
This is a scalable solution.
The initial setup is straightforward.
The suitability of this solution is dependent upon the requirements of the business. You need to consider if you want authentications for every network devices like switch, routers, firewalls and wireless. This can depend on the type of projects you are running.
We needed the enterprise authentication because we needed the wifi dot certification. Using this, we can access network devices and policies.
I would rate this solution a seven out of ten because the Aruba dashboard is quite simple compared to other solutions.