Cisco Meraki MR Wireless Access Points vs. HPE Aruba Networking ClearPass Policy Manager vs. Tufin Orchestration Suite

It's ideal if the company frequently uses mobile devices that need to work on Wi-Fi. It's also ideal if a company has multiple locations. Cisco Meraki MR Wireless Access Points can then be easily deployed and managed via a central Meraki Dashboard. It also offers a powerful content filtering feature within the Cisco Meraki environment. This can be particularly useful for guest networks and in locations where certain content cannot be downloaded, such as a school.It's less suitable if a company has a limited IT budget and the network needs to be continuously expanded. In those cases, the associated license costs can quickly add up. In factories or other robustly built environments, RF tuning isn't feasible. As a result, the signal quality can sometimes be somewhat reduced.

Incentivized

Aruba ClearPass is suited well for large enterprise networks with many connecting buildings and branches. Aruba ClearPass protects your endpoints from unauthorized or unknown devices accessing your network. You can apply policies that prevent devices from meeting the required policies in ClearPass. ClearPass will allow only authorized access for devices that are using the policies.

Incentivized

Well suited scenarios - 1) Firewall Policy / Ruleset management 2) Where all the products are from Tufin like TOS ST, SC, SecureApp etc 3) Where customer focuses on ruleset compliance - USP violations, and other features Less suited - 1) Agnostic/distributed environment - Tough with integrate with 3rd party like CyberArk 2) FW recertification processes / exception process when complex process is included

Incentivized

• It's cloud based, so as long as we have an internet connection, we can access it. Whenever we push a change, it's one stop like a single pane of glass to manage all our equipment. And so that's what I liked about it.

Incentivized

• You can use ClearPass authenticate using wired and wireless network devices. This is helpful that you don't have to have multiple systems to accomplish this.
• Because devices can have different purposes Clearpass can configure groups that will specify what access they have. You can use parameters such as vendor or mac address so clearpass know what group to push them to.
• It is very easy to view device logs. This is really helpful to troubleshoot auth issues. Once you find the device Clearpass provides more than enough info to know what the issue is and to fix it.

Incentivized

• Firewall management
• Compliance reports
• Unused rules and optimization
• Policy Automation

Incentivized

• It can expand its radio range in terms of distance reach
• It can improve it's design as it looks like a plain flat brick
• I would like to see more integration with security
• Better solution in segmenting and authentication like clearpass

Incentivized

• Going to the end of the page to edit the rules and save them later causes problems.
• An AND operation can be performed within a rule, but an OR operation cannot. therefore having to write too many rules
• The license structure seems very complex at first.

• Palo Alto Networks Integration
• Better/more user friendly api for integration with ticketing systems
• Web UI structure is not user-friendly

Incentivized

It is a solution that works very well. It is almost like setup and forget, since the solution works. When issues occur, documentation is available with detailed steps on how to solve this problems you are facing, of course Technical Support is always ready to help. We have had instances where an Access Point fails and within 2 days we have the replacement

Incentivized

It's a great product, does what we expect from it however it's not easy to set up. You'll likely need an integrator to assist

Incentivized

To get basic functionality doesn't take long. Set up a new Meraki Dashboard activate the licenses and get internet connection for the APs and you are more or less done. The Dashboard will find your items and you're good to go.

Incentivized

Though Aruba ClearPass offers a lot of insight and features, it is not the easiest to navigate. A lot of other systems can be figured out as you go, but Aruba ClearPass often requires a lot of research in order to set something up correctly. It's not always easy to find what you're looking for. Once you learn the basics, it becomes a lot more manageable, but it's definitely worth investing in some sort of training.

Incentivized

We have been deploying Meraki since last 8 years and even the first one deployed seems to be working fine till now!

Incentivized

We have it as a cluster

Incentivized

It’s very responsive

Incentivized

We have not had any issues with the Meraki WiFi Access Point hardware but we did encounter a problem with a Meraki LAN switch that failed to power up. Upon a email into the Meraki Support, they promptly called back and we went over some quick tests to determine a power supply problem. A replacement LAN switch was sent to me the next day.

This product has consistently provided the results needed from it and when issues arose, Aruba TAC was able to provide support effectively. In the previous question, I stated that Aruba Wireless is used as well. With those systems in place with ClearPass troubleshooting becomes much easier. I am sure other issues may arise if calling support while using another vendor for wireless such as Cisco, Juniper, etc.

Incentivized

There were documents that detailed how the WiFi Access Point was to be installed and mounted. The only issue was to cable the device, we use a third party for this type of work and typically has to be performed after normal business hours. Other than that, the installation was easy.

We were more on a Cisco Wireless Controller set up, which takes a lot longer to control and that's why we've actually gone through a cloud-based product, which is very easy compared with the old traditional way that we used to have. It's more ease of software. They've got very similar features, but it's easy to set up and maintain into the future.

Incentivized

From my experience, ClearPass has been the best NAC server of all I've seen. Even though configuration is somewhat hard and it's hard to get training, once you learn how to configure it it works very well. The policies are very granular and scalable and the interface is a well-done web GUI that does not need any extra plugins installed, as some of Cisco's product require. There are many more options than with FortiNAC, and many more integration options. Also, troubleshooting and logging is good.

Incentivized

1) Fairly okay overall but definitely needs improvement overall Vs the other products available in the market like Palo Alto XSOAR 2) Cost wise okay at the beginning but when client demands add-ons/ more features/customization tailored to their needs, Tufin Orchestration Suite recommends RFE / custom costs/development costs 3) USP feature is cool to use overall Vs FireMon 4) Tufin ProServ needs to buckle-up/Support compared to other competitors in the market

Incentivized

As far as I know, it's 10. I mean, because like I said, I manage stuff in the south. I have coworkers that manage it in the north. And so the scalability of it to be able to be go in and see the configurations of the ones in the north as well as they can see in the south. So across the board, it works really well for how widespread out it is.

Incentivized

It’s very reliable

Incentivized

Got the job done

Incentivized

• Uptime has improved significantly. The dashboard automatically keeps devices up to date by scheduling upgrades at remote times (say 2am on a Sunday)
• Swapping to Cisco Meraki MR Wireless Access Points has reduced the management overhead. No more long controller software hardware upgrades and obviously no more need for beefy central controllers.

Incentivized

• ClearPass has streamlined everything so we don't have to have as many people managing our device auth systems.
• Our Security team loves that ClearPass can deny unauthorized users and devices from the network. This alone has probably saved us a lot of money and headaches.

Incentivized

• I think if you correctly configure your SIEM, you don't need Tufin. You can correlate a lot of things for firewalls.

Incentivized