Aruba ClearPass is suited well for large enterprise networks with many connecting buildings and branches. Aruba ClearPass protects your endpoints from unauthorized or unknown devices accessing your network. You can apply policies that prevent devices from meeting the required policies in ClearPass. ClearPass will allow only authorized access for devices that are using the policies.
Sophos Network Access Control would be most effective in an enterprise environment where there are many different groups of users, including guest users because it has the ability to block unauthorized users and control the access of guest users. It would not be well suited for an environment with less than 1000 users because as far as I know, the license requires at least that many users.
You can use ClearPass authenticate using wired and wireless network devices. This is helpful that you don't have to have multiple systems to accomplish this.
Because devices can have different purposes Clearpass can configure groups that will specify what access they have. You can use parameters such as vendor or mac address so clearpass know what group to push them to.
It is very easy to view device logs. This is really helpful to troubleshoot auth issues. Once you find the device Clearpass provides more than enough info to know what the issue is and to fix it.
Customer support was basically non-existent during the time we needed it the most. This should be #1 priority for any company.
Lack of support for Linux servers and Mac OS
The reporting system relies on information provided by the agents
Wide scale removal process needs some vast improvements. When using a batch removal script, it wrecks the NIC drivers to the point that they have to be removed and reinstalled.
Aruba Clearpass is straight forward in terms of day to day use for monitoring and basic user connectivity issues. The system is very robust on the back end, therefore some larger configuration changes may not be the most intuitive. System upgrades and license management are not the most intuitive either.
We had some issues with ClearPass integration with AirGroup on Aruba Controller Clusters. Basically, it was tough to get coordinated between the controller support and the ClearPass support.
From my experience, ClearPass has been the best NAC server of all I've seen. Even though configuration is somewhat hard and it's hard to get training, once you learn how to configure it it works very well. The policies are very granular and scalable and the interface is a well-done web GUI that does not need any extra plugins installed, as some of Cisco's product require. There are many more options than with FortiNAC, and many more integration options. Also, troubleshooting and logging is good.
I have used Mcafee Antivirus Suite, Trend Micro, and Vipre Antivirus. I actually had more experience with Vipre than anything else so that is the one that I will be comparing it too. From what I remember, Vipre was more expensive but had better customer support. Other than that, they both do pretty much thing as well as what all the others do. I personally do not believe that any enterprise level antivirus solution is better than any other, it boils down to which one can your company afford, and which one fits best with your needs.
Set and forget. It made a positive contribution in terms of labor and cost without needing much technical support. Since NAC and TACACS features come together, you can meet your needs with a single license.
The number of supporting companies may be limited in the country you are affiliated with. Therefore, agreements with third-party companies are expensive and your support requests may take a long time.
Positive -- We were able to control guest users access
Positive -- Using the entire Sophos Security Suite I only remember one major virus while I was with the company which saves on downtime, and IT man hours
Negative -- The time we spent removing this, and reinstalling NIC drivers because the removal process crashed them cost the company in IT man hours.