The HPE Aruba Networking ClearPass Policy Manager provides role- and device-based network access control for employees, contractors and guests across multi-vendor wired, wireless and VPN infrastructures.
N/A
SafeConnect (discontinued)
Score 10.0 out of 10
N/A
SafeConnect was network access control technology developed by Impulse Point in Lakeland, Florida and acquired by OPSWAT December 2019. The product is no longer available for sale.
We have quite a few visitors to our campus and we don't want to have a set PSK for the wireless so we have configured a guest network where visitors can create an account and gain access to the internet and we don't have to "manage" it since the accounts will expire after a certain time. We have RF scanners in our warehouses and we want them to be allowed on the network and be put into its own VLAN. ClearPass can do this flawlessly by keying off of the MAC address when it comes online and putting it into the correct VLAN. This makes it so we don't have to add each device individually to the system. The only time ClearPass would not be appropriate is in a small deployment where the cost to value wouldn't make sense.
Getting data out of ClearPass is difficult. You can get some with SNMP but he API is lacking. There is only a limited amount of info that you can get from it. Even some data that shows up in ClearPass Insight is not available to import into a 3rd party application.
In the past, if you have hardware/software issues you could troubleshoot them yourself through the CLI in a Linux type interface but now they have locked everything down and it makes troubleshooting difficult. You have to rely on them for everything. As a person who likes to understand the ins and outs of the systems I manage it is somewhat frustrating.
Steep learning curve, although support can assist and their forums like airheads can be helpful. This is a complex system and can take a while to grasp how everything works and integrates.
Though Aruba ClearPass offers a lot of insight and features, it is not the easiest to navigate. A lot of other systems can be figured out as you go, but Aruba ClearPass often requires a lot of research in order to set something up correctly. It's not always easy to find what you're looking for. Once you learn the basics, it becomes a lot more manageable, but it's definitely worth investing in some sort of training.
This product has consistently provided the results needed from it and when issues arose, Aruba TAC was able to provide support effectively. In the previous question, I stated that Aruba Wireless is used as well. With those systems in place with ClearPass troubleshooting becomes much easier. I am sure other issues may arise if calling support while using another vendor for wireless such as Cisco, Juniper, etc.
Clearpass provides seamless protection to the enterprise network without the need of many licenses to be procured. Hardware LAN and Wireless are protected from unwanted or unknown visitors to the network. Unlike other vendors, you don't need multiple licenses, one device or cloud setup will get you going to manage and monitor your network
Set and forget. It made a positive contribution in terms of labor and cost without needing much technical support. Since NAC and TACACS features come together, you can meet your needs with a single license.
The number of supporting companies may be limited in the country you are affiliated with. Therefore, agreements with third-party companies are expensive and your support requests may take a long time.
