The HPE Aruba Networking ClearPass Policy Manager provides role- and device-based network access control for employees, contractors and guests across multi-vendor wired, wireless and VPN infrastructures.
I believe that Cisco Wireless LAN Controllers are well suited for the enterprise environment for medium sized to very large companies. While there are smaller WLC appliances for smaller sized businesses, a case can be made for simpler or more cost effective wireless licensing solutions (e.g. Cisco Meraki). Cisco Wireless LAN Controllers are extremely well suited for dense deployments like stadiums, arenas, hospitals, theaters, and large offices because of their ability to support a large number of APs with a very diverse technology feature set.
Aruba ClearPass is suited well for large enterprise networks with many connecting buildings and branches. Aruba ClearPass protects your endpoints from unauthorized or unknown devices accessing your network. You can apply policies that prevent devices from meeting the required policies in ClearPass. ClearPass will allow only authorized access for devices that are using the policies.
You can use ClearPass authenticate using wired and wireless network devices. This is helpful that you don't have to have multiple systems to accomplish this.
Because devices can have different purposes Clearpass can configure groups that will specify what access they have. You can use parameters such as vendor or mac address so clearpass know what group to push them to.
It is very easy to view device logs. This is really helpful to troubleshoot auth issues. Once you find the device Clearpass provides more than enough info to know what the issue is and to fix it.
Configuring wireless settings is very confusing because various settings are scattered all over the interface in different tabs
Lots of settings use Cisco's technical verbiage rather than common phrasing, so it's confusing what a lot of settings will do and requires researching the meaning before modifying the setting
The interface could be easier to use to do simple tasks such as reboot an access point
Although it is a very good product, support is easy and can manage by Level 1 support persons and downtime is too much less but still there is a cost factor matters which is consider by each organization. Furthermore, organizations also compare with other competitors so it is hard to pursue and defend the high prices.
As I said before, the only thing we miss in our old model is the fact that the management interface never received an improvement in design. It has the same look and feels since it was launched. It's not that it's hard to use. It's just the case of could be modernized.
Though Aruba ClearPass offers a lot of insight and features, it is not the easiest to navigate. A lot of other systems can be figured out as you go, but Aruba ClearPass often requires a lot of research in order to set something up correctly. It's not always easy to find what you're looking for. Once you learn the basics, it becomes a lot more manageable, but it's definitely worth investing in some sort of training.
Downtime fear is the first fear which IT persons look and want to eliminate as much as they can but eventually you have to face it as nothing is perfect. Cisco Wireless Lan controller are feasible to use and easy to manage and other than this their issue reported are pretty low so you can get the best up time. now it also depends on scenario as well as environment.
Cisco Wireless Lan controller are feasible to use and easy to manage and other than this their issue reported are pretty low so you get the better uptime. if your get the uptime then it means its a stable product in your environment. Product performance also depends on the product management and Cisco Wireless Lan controller management is easy so you can get the great output.
As usual, the support from Cisco's TAC (Technical Assistance Center) is lacking. Granted, they always get the job done, but the amount of lead time on a non-emergency is enough to make you just handle it yourself. The good news is that if you ask for Cisco's assistance and forget about it, they'll jump on by the time you've forgotten where you were in troubleshooting it and have it fixed for you.
This product has consistently provided the results needed from it and when issues arose, Aruba TAC was able to provide support effectively. In the previous question, I stated that Aruba Wireless is used as well. With those systems in place with ClearPass troubleshooting becomes much easier. I am sure other issues may arise if calling support while using another vendor for wireless such as Cisco, Juniper, etc.
Originally, when we deployed our first controller it was on a very limited basis. We only deployed it to our administration building and our High School. It was pretty straight forward. Because this was new to us we leaned heavily on our Cisco partner to assist us. With our last upgrade, we upgraded the controllers, added redundancy and expanded the building count along with new SSID's and restrictions. It went much easier, but again, we did rely on Cisco TAC and our partner to clarify and assist as needed. Having already been familiar with the product help tremendously.
The Aironet access points are used for employee WiFi access, and they integrate well with Meraki. They would offer a separate guest network, too, but the decision was made to physically separate the guest network, so even if a bad actor would gain access to the ethernet port of the AP, they'd still not see any company traffic.
From my experience, ClearPass has been the best NAC server of all I've seen. Even though configuration is somewhat hard and it's hard to get training, once you learn how to configure it it works very well. The policies are very granular and scalable and the interface is a well-done web GUI that does not need any extra plugins installed, as some of Cisco's product require. There are many more options than with FortiNAC, and many more integration options. Also, troubleshooting and logging is good.
Cisco is a brand name and people trust on it. if any one thing about the networking then Cisco is among those brand which is count as trusted brand and people rely on it. Also it support is good so people can use it. Cisco Wireless Lan controller are easy to use and manage so it requires less effort.
We have had our [Cisco Wireless LAN Controller] 5508s for a very long time now and although they are getting dated, they have earned us our money's worth with consistency, stability, and ease of use. Users have minimal wireless complaints and when they do seldom are they WLC-related.
ClearPass has streamlined everything so we don't have to have as many people managing our device auth systems.
Our Security team loves that ClearPass can deny unauthorized users and devices from the network. This alone has probably saved us a lot of money and headaches.
