Aruba ClearPass is network access control (NAC) technology from HPE company Aruba Networks. Aruba acquired Avenda and its eTips NAC in 2011.
N/A
Cisco 4000 Series Integrated Services Routers (ISR 4000)
Score 8.9 out of 10
N/A
Cisco 4000 Series Integrated Services Routers (ISR 4000) provides a scalable, flexible foundation so you can quickly integrate leading IT initiatives like SD-WAN and edge compute, while meeting the explosive network performance need driven by cloud-based application adoption.
N/A
Pricing
Aruba ClearPass
Cisco 4000 Series Integrated Services Routers (ISR 4000)
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Aruba ClearPass
Cisco 4000 Series Integrated Services Routers (ISR 4000)
Cisco 4000 Series Integrated Services Routers (ISR 4000)
Likelihood to Recommend
Hewlett Packard Enterprise
Aruba ClearPass is suited well for large enterprise networks with many connecting buildings and branches. Aruba ClearPass protects your endpoints from unauthorized or unknown devices accessing your network. You can apply policies that prevent devices from meeting the required policies in ClearPass. ClearPass will allow only authorized access for devices that are using the policies.
Actually if we place it into the internet gateway, we do nothing in front of the firewall. Yes, it's working well also, if we put into the routing, it works well. But we should not use it instead of switch. Because some people tend to use the router instead of layer three suite. So yes, I try to use it.
You can use ClearPass authenticate using wired and wireless network devices. This is helpful that you don't have to have multiple systems to accomplish this.
Because devices can have different purposes Clearpass can configure groups that will specify what access they have. You can use parameters such as vendor or mac address so clearpass know what group to push them to.
It is very easy to view device logs. This is really helpful to troubleshoot auth issues. Once you find the device Clearpass provides more than enough info to know what the issue is and to fix it.
The ISR 4000 is an excellent router for our voice services. We purchased CUBE licensing in order to do this.
The ISR 4000 is an excellent router for security purposes as well. We purchased the security license with the router and that allowed us to run a Zone-Based Firewall.
The ISR 4000 is very simple and straight forward to configure.
A greater number of onboard WAN ports would be an improvement over the model we purchased, which only had two. [This] means we'll have to buy more expensive network cards to get more convenience.
The small router was a plus in some branches, but it was a hindrance in others. Its width is about half the size of the rack, so we had to keep it on top of another device.
When compared to its competitors, the rack mounting kit is unreliable and expensive to purchase.
Though Aruba ClearPass offers a lot of insight and features, it is not the easiest to navigate. A lot of other systems can be figured out as you go, but Aruba ClearPass often requires a lot of research in order to set something up correctly. It's not always easy to find what you're looking for. Once you learn the basics, it becomes a lot more manageable, but it's definitely worth investing in some sort of training.
Regarding usability, this router has everything you need, except for a good GUI. Of course it can be integrated with other tools, but it lacks any native GUI option. Any engineer who is comfortable using CLI will find all options they need. Routing, security, voice are just examples of all the things you can do with it.
This product has consistently provided the results needed from it and when issues arose, Aruba TAC was able to provide support effectively. In the previous question, I stated that Aruba Wireless is used as well. With those systems in place with ClearPass troubleshooting becomes much easier. I am sure other issues may arise if calling support while using another vendor for wireless such as Cisco, Juniper, etc.
There is always room for improvement with support, but Cisco support has been good to me over the years. Being able to call or submit online TAC cases makes it so I can get my issues or questions answered faster. They have even added the TAC bot for TAC cases to get to support even faster!
If you planning on upgrading your network to software defined networks, Cisco 4000 Series Integrated Services Routers are the best. To successfully implement the project you need to plan and communicate with all your stake holders
From my experience, ClearPass has been the best NAC server of all I've seen. Even though configuration is somewhat hard and it's hard to get training, once you learn how to configure it it works very well. The policies are very granular and scalable and the interface is a well-done web GUI that does not need any extra plugins installed, as some of Cisco's product require. There are many more options than with FortiNAC, and many more integration options. Also, troubleshooting and logging is good.
We did not compare the Cisco 4000 Series Integrated Services Routers to other competitors as we used Cisco for a long period of time already. We selected this product as we used a lot of CISCO products in the past and with good support. Other products don't have the protocols that CISCO products have.
ClearPass has streamlined everything so we don't have to have as many people managing our device auth systems.
Our Security team loves that ClearPass can deny unauthorized users and devices from the network. This alone has probably saved us a lot of money and headaches.
Can be used for ISE, Meraki access point, FTD firewall, works well, no worry about integration with any third party product. As this device can be multipurpose, ROI is faster and usable for longer period of time, as no EOL any time soon
This is an integrated modular device so even if my small offices are closed over a period of time, this can be re-purposed for other requirements within organization
This device supports WAN optimization within software. This reduces the requirement of that specific optimization device, which reduces my overall cost for a branch network
