Aruba ClearPass is network access control (NAC) technology from HPE company Aruba Networks. Aruba acquired Avenda and its eTips NAC in 2011.
N/A
Cisco Meraki MX
Score 9.1 out of 10
N/A
Cisco Meraki MX Firewalls is a combined UTM and Software-Defined WAN solution. Meraki is managed via the cloud, and provides core firewall services, including site-to-site VPN, plus network monitoring.
Aruba ClearPass is suited well for large enterprise networks with many connecting buildings and branches. Aruba ClearPass protects your endpoints from unauthorized or unknown devices accessing your network. You can apply policies that prevent devices from meeting the required policies in ClearPass. ClearPass will allow only authorized access for devices that are using the policies.
Well suited for trying to bring remote sites quickly into your network. It's also suited as a device for remote access to basically quickly set up a secure remote access service to get users to actually access your network from remotely.
You can use ClearPass authenticate using wired and wireless network devices. This is helpful that you don't have to have multiple systems to accomplish this.
Because devices can have different purposes Clearpass can configure groups that will specify what access they have. You can use parameters such as vendor or mac address so clearpass know what group to push them to.
It is very easy to view device logs. This is really helpful to troubleshoot auth issues. Once you find the device Clearpass provides more than enough info to know what the issue is and to fix it.
It provides a really good single pane of glass so you can really easily identify end to end, what is going on in your environment.
It provides the ability for someone that doesn't necessarily need a really deep level of knowledge to be able to operate and maintain it. I think that's probably a big selling point, but I think definitely for the people that I'm selling the products who just having a dashboard and being able to log onto it and see if things are good or bad is quite key. So it does that really well.
The simplicity and ease of use for the Meraki Dashboard make it an easy choice for our organization to renew our Meraki Enterprise Agreement. We will likely continue using the Meraki MC67-C, MX450, and other MX models in their catalog until we shift away from Meraki completely
Aruba Clearpass is straight forward in terms of day to day use for monitoring and basic user connectivity issues. The system is very robust on the back end, therefore some larger configuration changes may not be the most intuitive. System upgrades and license management are not the most intuitive either.
Some features simply aren't there, but the ones that are there are pretty easy to use. Sometimes it is easy to get lost when trying to find the specific device you want to work on, but that's mostly due to how rarely we have to go into the interface.
Meraki MX devices support high availability (HA) configurations, which ensures minimal downtime if one device goes offline. This feature has helped us maintain a stable and reliable network, even in cases of hardware failures. ince Meraki is cloud-managed, we've noticed that the cloud infrastructure is generally highly reliable, with minimal service interruptions or downtime. This makes it easier to manage the network remotely without significant availability concerns. Meraki automatically pushes firmware updates and patches, which helps maintain system stability without requiring manual intervention. These updates are rolled out in a manner that ensures minimal disruption to service.
The interface is pretty responsive. The lower end devices are easy to overwhelm if you have a lot of throughput. Be sure the model you get is rated for the amount of traffic you will have. Overbuild if possible, otherwise you won't be fully leveraging the connection from your ISP.
We had some issues with ClearPass integration with AirGroup on Aruba Controller Clusters. Basically, it was tough to get coordinated between the controller support and the ClearPass support.
I haven't ever had a bad experience with Meraki support. On the few occasions where I wasn't understanding the UI or needed some clarification about what a setting actually would do, I contacted them and they were very quickly able to provide help. Returns are simple and fast, too. We had to return a defective device one time and they shipped the replacement before we had even un-racked the one that was faulty. Unlike many other vendors, they didn't ask use to a do long list of scripted diagnostics, they just took my word for it that the device was broken and sent out a replacement immediately
great when they offered it, really tested your knowledge with hands on and see what your peers from other orgs know. glad to see that we were ahead of the curve of what our peers knew
Implementing Meraki MX devices in phases—starting with a pilot group or select branch offices—was invaluable. This allowed us to identify potential configuration issues, troubleshoot problems, and refine our setup before rolling it out company-wide. It also helped to get feedback from early users and adjust the deployment strategy accordingly. The SD-WAN capabilities in Meraki MX were essential for optimizing our WAN traffic and ensuring better application performance across various locations.
From my experience, ClearPass has been the best NAC server of all I've seen. Even though configuration is somewhat hard and it's hard to get training, once you learn how to configure it it works very well. The policies are very granular and scalable and the interface is a well-done web GUI that does not need any extra plugins installed, as some of Cisco's product require. There are many more options than with FortiNAC, and many more integration options. Also, troubleshooting and logging is good.
The main difference is the administration through the Meraki cloud, the ease of access to review the configuration at any time, and the scalability that Meraki provides in terms of the ease of adding new devices, today in addition to how well the devices work is It is important that administration and troubleshooting be simple as it saves time in the event of failures.
Due to the amount of traffic that some can handle, if the sites become too large, it is necessary to change the model, which is still a good option from the same family but still may be inconvenient for the budget of some.
Set and forget. It made a positive contribution in terms of labor and cost without needing much technical support. Since NAC and TACACS features come together, you can meet your needs with a single license.
The number of supporting companies may be limited in the country you are affiliated with. Therefore, agreements with third-party companies are expensive and your support requests may take a long time.
I'm going to say positive impact. The biggest thing is especially coming from having a third party taking care of our network to us doing it ourselves. The ease of this with the overall high level visual that we can get as to how our day is starting and running reports to see how many outages have we had, what areas have they actually been in running these reports and being able to gather if it's a certain service provider that's causing an issue in a general area, maybe we need to switch service providers for ISP. So it's been great in that mannerism for us. Ease of manage, I mean, we have a limited number of staff, we have a lot of different offices across the country. And then this is relatively new for us because we did have a previous provider doing all of this for us.
