Aruba ClearPass

Aruba ClearPass

About TrustRadius Scoring
Score 9.3 out of 100
Aruba ClearPass

Overview

Recent Reviews

Aruba Clearpass

10
September 08, 2020
This is the network access control system used for the organization. This system allows several different types of devices to easily …
Read full review

Aruba ClearPass delivers

9
March 12, 2020
Aruba ClearPass is being used across the organization; we use it for authenticating wireless devices and assigning users to appropriate …

Simplifies day-to-day operations

10
October 23, 2019
We currently use Aruba ClearPass across the entire company. We have it tied to our Active Directory for 802.1x authentication on both the …
Read full review

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of Aruba ClearPass, and make your voice heard!

Pricing

View all pricing
N/A
Unavailable

What is Aruba ClearPass?

Aruba ClearPass is network access control (NAC) technology from HPE company Aruba Networks. Aruba acquired Avenda and its eTips NAC in 2011.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Would you like us to let the vendor know that you want pricing?

6 people want pricing too

Alternatives Pricing

What is Twingate?

Twingate allows businesses to secure remote access to their private applications, data, and environments, whether they are on-premise or in the cloud. Built to make the lives of DevOps teams, IT teams, and end users easier, it replaces outdated corporate VPNs which were not built to handle a world…

What is NordLayer (formerly NordVPN Teams)?

NordLayer is an adaptive network access security solution for modern businesses from Nord Security. The solution aims to help organizations of all sizes to fulfil scaling and integration challenges when building a modern secure remote access solution, within an ever-evolving SASE framework. The…

Features Scorecard

No scorecards have been submitted for this product yet..

Product Details

What is Aruba ClearPass?

Aruba ClearPass is network access control (NAC) technology from HPE company Aruba Networks. Aruba acquired Avenda and its eTips NAC in 2011.

Aruba ClearPass Video

Aruba ClearPass: Get a crystal-clear view of your networks

Aruba ClearPass Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Comparisons

View all alternatives

Compare with

Frequently Asked Questions

What is Aruba ClearPass?

Aruba ClearPass is network access control (NAC) technology from HPE company Aruba Networks. Aruba acquired Avenda and its eTips NAC in 2011.

What is Aruba ClearPass's best feature?

Reviewers rate Support Rating highest, with a score of 8.8.

Who uses Aruba ClearPass?

The most common users of Aruba ClearPass are from Enterprises (1,001+ employees) and the Education Management industry.

Reviews and Ratings

 (31)

Ratings

Reviews

(1-7 of 7)
Companies can't remove reviews or game the system. Here's why
Evren BOZTEPE | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use the product as RADIUS and TACACS in our institution's wired and wireless networks. We also use it to manage the wireless network for our guests coming from outside and the BYOD network we use for the institution personnel. We control the users coming with dot1x in the wired network via AD and assign VLANs according to the relevant department information. In the wireless network, users with client certificates are included in the network after the control over AD. We also have Tacacs access control with control over AD for our network devices (Router, L2 Switch and L3 switches).
  • Seamless integration with AD
  • Hierarchical rule writing and role definition
  • Seamless operation with network devices of different brands
  • SMS usage option for network authorization
  • A practical HA working logic
  • The user interface is extremely useless. For example, when you write Enforcement, in order to edit a rule above, you need to select the rule above and click the edit button below. In other words, its cosmetic properties should be improved.
  • The tutorials are good but not very detailed, so you won't find everything you're looking for. That's why you need to get training from a professional trainer. Further elaboration of training documents is required.
It is a product that can be easily used for the security and authorization of wired and wireless networks of all small or large enterprises. It is a necessary product for a security procedure at the network layer, especially to prevent the leakage of critical data to the outside. It is also a product that can be used for authorization in BYOD and GUEST networks for wireless networks. It is a very practical and stable product to use compared to the products of other equivalent companies.
September 08, 2020

Aruba Clearpass

Score 10 out of 10
Vetted Review
Verified User
Review Source
This is the network access control system used for the organization. This system allows several different types of devices to easily connect to the network and get the proper access required for that individual or appliance. This solves a security issue that many organizations may face, properly restricting users or devices to only the resources they need.
  • Network access control
  • Guest network access
  • Network segmentation
  • More intuitive upgrade process.
  • Add in-service software upgrades.
  • Use common syntax across the various systems within Clearpass. For instance, monitoring view and guest view use different syntax's.
Aruba Clearpass is well suited for organizations that require diverse network segmentation. This system provides the ability to lock down user access to only the resources one needs. The initial setup of a system like this is resource-intensive and may require outside consulting, but once in place, day to day system management is minimal and network visibility is increased.
This product has consistently provided the results needed from it and when issues arose, Aruba TAC was able to provide support effectively. In the previous question, I stated that Aruba Wireless is used as well. With those systems in place with ClearPass troubleshooting becomes much easier. I am sure other issues may arise if calling support while using another vendor for wireless such as Cisco, Juniper, etc.
Score 10 out of 10
Vetted Review
Verified User
Review Source
Clearpass is being used as our primary authentication platform for our university of around 4000 students and 1000 staff. It provides TACACS for management and radius services for 802.1X authentication for wireless and wired infrastructure. Additionally, we use the product for registering and managing guest wireless users and whitelisting IoT devices via a self-service portal that has Azure AD integration. These self-service options help reduce management overhead for IT staff and make the experience much more convenient for students.
  • Heavily extensible logic that can solve a myriad of authentication and authorization scenarios.
  • Extensive logging for troubleshooting services and device connections
  • Standards based and compatible with nearly any device capable of 802.1X.
  • Good user base for support and solutions.
  • Policy manager and guest sections of ClearPass are disjointed, and where they overlap isn't readily apparent.
  • Some changes require a full service restart which can take 5 to 10 minutes.
  • Documentation is a bit dense and hard to navigate.
ClearPass is well suited for 802.1X (PEAP or EAP-TLS) in wired and wireless scenarios. It can also do MAC authentication using its endpoint database. The fingerprinting is robust, as it can verify that a device is reported as the actual brand or model, instead of relying solely on MAC OUI. This is achieved by capturing DHCP request information that has been forwarded to the appliance. Using this information, extensive role mapping can be utilized in enforcement policies. For instance, you can apply one policy to a device that is considered a VoIP phone, but if you only want to target Polycom phones, that can be specified in the role mapping, which then can be enforced as a specific VLAN pushed to the switch port or a specific QoS policy. Downloadable user roles are another impressive feature of ClearPass which can be fully integrated with Aruba switches. Instead of deploying ACLs to switches, you can simply have the switch download the ACL from ClearPass. This helps with issues of management and scalability where extensive L3 segmentation is utilized across a network. Similarly, QoS and other options can also be included in download user roles. There are too many options to list all in this review. I liken the experience to a AAA Swiss Army Knife.

We had some issues with ClearPass integration with AirGroup on Aruba Controller Clusters. Basically, it was tough to get coordinated between the controller support and the ClearPass support.
Don Ringelestein | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Aruba ClearPass is being used across the organization; we use it for authenticating wireless devices and assigning users to appropriate VLANs by membership in AD security groups. It is used by more than 14000 users daily, with a mix of devices from iPads to Chromebooks to Windows PCs and laptops, with some personal cell phones (more than 3000 daily) mixed in.
  • It does a great job of authenticating users and eliminating the need for us to run multiple SSIDs to “manually” separate users.
  • Integrates well with AD to support assigning users to segments based on security group membership
  • It integrates well with our Aruba controller environment
  • We’d like to see some logic being applied to the VLAN assignment so that we could do it based on more than one condition - for example, membership in a security group and operating system.
Aruba ClearPass is ideal in an HP/Aruba environment, and it works well with Active Directory as well. We use it in a busy enterprise environment with an average of 18000-20000 devices connecting daily. Our main applications are streaming video and audio, with other less taxing web environments in use, but most with significant animation.
Our HP/Aruba team has been stellar. Always there to support us proactively, worked hard to build relationships with the staff, really top-notch.
Score 8 out of 10
Vetted Review
Verified User
Review Source
ClearPass is used as a NAC and access server for wireless connectivity, and we are planning to use it for wired NAC in the future. It is used for wireless employee authentication with EAP-TLS, as well as wireless guest access with self-registration. It addresses wireless authentication problem in a reliable and scalable manner.
  • Wireless authentication with EAP-TLS.
  • Wireless guest access with self-registration.
  • Interfacing with Aruba wireless controllers.
  • Very good logging/troubleshooting.
  • Wired NAC with non-Aruba switches is clunky and hard.
  • Configuration is not intuitive.
  • Training materials online are practically nonexistent.
  • Even when given on official training courses, training materials are terrible.
It works very well with Aruba wireless controllers and, according to the demos, with Aruba switches for wired NAC. Works well for guest portals with self-registration. Posture checking - Onguard - is limited on Macs, but extensive on Windows. Onboarding with EAP-TLS on android phones requires an app. However, wired NAC is very hard with non-Aruba switches. Policies can be very granular.
Support, unfortunately, is one thing that Aruba needs a lot of improvement. While some engineers are skilled, others have been quite low-quality. Engineers tend to not take ownership and one needs to keep calling to get a case moved forward in a timely manner. In my experience, many times an engineer owning my case would leave office and not be in the next day without resolving the case or handing it off properly. Licensing support in particular has been handled very poorly.
Score 9 out of 10
Vetted Review
Verified User
Review Source
ClearPass is being used company-wide. Every person's device is authenticated through ClearPass and depending on what department they are they are put into a VLAN that gives them access to the systems they need. I love that ClearPass can grant or deny access to certain systems based on the user because it saves time not having to build that manually. We also use ClearPass to create guest accounts for visitors that come to our campus. These guest accounts grant access to the internet but not to our internal systems. ClearPass solves the problem of having multiple departments with different needs and being able to grant them access to what they need while keeping the network secure. ClearPass allows us to use 802.1x so we can put a base config on our network devices and not have to configure each port specific to each person or device.
  • You can use ClearPass authenticate using wired and wireless network devices. This is helpful that you don't have to have multiple systems to accomplish this.
  • Because devices can have different purposes Clearpass can configure groups that will specify what access they have. You can use parameters such as vendor or mac address so clearpass know what group to push them to.
  • It is very easy to view device logs. This is really helpful to troubleshoot auth issues. Once you find the device Clearpass provides more than enough info to know what the issue is and to fix it.
  • Getting data out of ClearPass is difficult. You can get some with SNMP but he API is lacking. There is only a limited amount of info that you can get from it. Even some data that shows up in ClearPass Insight is not available to import into a 3rd party application.
  • In the past, if you have hardware/software issues you could troubleshoot them yourself through the CLI in a Linux type interface but now they have locked everything down and it makes troubleshooting difficult. You have to rely on them for everything. As a person who likes to understand the ins and outs of the systems I manage it is somewhat frustrating.
  • Steep learning curve, although support can assist and their forums like airheads can be helpful. This is a complex system and can take a while to grasp how everything works and integrates.
We have quite a few visitors to our campus and we don't want to have a set PSK for the wireless so we have configured a guest network where visitors can create an account and gain access to the internet and we don't have to "manage" it since the accounts will expire after a certain time. We have RF scanners in our warehouses and we want them to be allowed on the network and be put into its own VLAN. ClearPass can do this flawlessly by keying off of the MAC address when it comes online and putting it into the correct VLAN. This makes it so we don't have to add each device individually to the system. The only time ClearPass would not be appropriate is in a small deployment where the cost to value wouldn't make sense.
Aruba tier 1 support is not that great if your issue is more complex. For simple issues, the first contact is usually fine but if I know the issue is more complex I ask them from the start to escalate the issue which they are always happy to do. From there, their support have been great and I have had confidence that they know what they are talking about and there is a quick resolve. Airhead forum support is pretty good since it's community-based and I can find many answers to question there.
Score 10 out of 10
Vetted Review
Verified User
Review Source
We currently use Aruba ClearPass across the entire company. We have it tied to our Active Directory for 802.1x authentication on both the wired and wireless networks. When employees connect to the network, they are prompted for their credentials and are put in the proper VLAN according to the groups they belong to in Active Directory.
  • Granularity in access.
  • Multiple sources of authentication.
  • Manage guest and defined users with the same tool.
  • Nested configurations can get tiresome and hard to follow.
  • More robust reporting.
  • Add the ability to search MAC addresses including colons and periods.
Aruba ClearPass is perfect for implementing 802.1x access. Having the ability to configure the system to drop users into the proper network ad-hoc is invaluable when you have a large organization; the old method of manually configuring interfaces as employees move around is gone. If you are looking for something that has robust and easy to access logs, you will have to look at an external tool; the built-in options with ClearPass are not that great.
Technical support is easy to get a hold of and responsive to requests. There are certain options in the command line that TAC keeps to themselves for troubleshooting purposes, and I am not a fan of having to call in for support to have a deep-dive into a given issue. I would like it if the robust logging commands and controls were available to owners/administrators of the system.