The HPE Aruba Networking ClearPass Policy Manager provides role- and device-based network access control for employees, contractors and guests across multi-vendor wired, wireless and VPN infrastructures.
N/A
UniFi Cloud Gateways
Score 9.1 out of 10
N/A
Ubiquiti Networks supports enterprise network security and wireless WAN via the WiFi integrated UniFi Cloud Gateways, including the Dream Router 7, and the UniFi Express 7.
We have quite a few visitors to our campus and we don't want to have a set PSK for the wireless so we have configured a guest network where visitors can create an account and gain access to the internet and we don't have to "manage" it since the accounts will expire after a certain time. We have RF scanners in our warehouses and we want them to be allowed on the network and be put into its own VLAN. ClearPass can do this flawlessly by keying off of the MAC address when it comes online and putting it into the correct VLAN. This makes it so we don't have to add each device individually to the system. The only time ClearPass would not be appropriate is in a small deployment where the cost to value wouldn't make sense.
The Ubiquiti Wireless WAN solution can be used in both small and large corporate environments. However, as it has a rather high cost, its cost-benefit is greater in medium and large corporations, as small corporations may not take advantage of as many resources as the integration between Wi-Fi devices. In medium and large corporations, resources like this represent a very great facility in network management and in the availability of the connection in a transparent way at different points of the company, together with the security of isolated networks logically being made available by the same Wi-Fi device.
Getting data out of ClearPass is difficult. You can get some with SNMP but he API is lacking. There is only a limited amount of info that you can get from it. Even some data that shows up in ClearPass Insight is not available to import into a 3rd party application.
In the past, if you have hardware/software issues you could troubleshoot them yourself through the CLI in a Linux type interface but now they have locked everything down and it makes troubleshooting difficult. You have to rely on them for everything. As a person who likes to understand the ins and outs of the systems I manage it is somewhat frustrating.
Steep learning curve, although support can assist and their forums like airheads can be helpful. This is a complex system and can take a while to grasp how everything works and integrates.
Though Aruba ClearPass offers a lot of insight and features, it is not the easiest to navigate. A lot of other systems can be figured out as you go, but Aruba ClearPass often requires a lot of research in order to set something up correctly. It's not always easy to find what you're looking for. Once you learn the basics, it becomes a lot more manageable, but it's definitely worth investing in some sort of training.
This product has consistently provided the results needed from it and when issues arose, Aruba TAC was able to provide support effectively. In the previous question, I stated that Aruba Wireless is used as well. With those systems in place with ClearPass troubleshooting becomes much easier. I am sure other issues may arise if calling support while using another vendor for wireless such as Cisco, Juniper, etc.
We have not needed to contact support, except to replace one device that was damaged in shipping. The company immediately issued an RMA without delay, and we had our replacement product within a week
Clearpass provides seamless protection to the enterprise network without the need of many licenses to be procured. Hardware LAN and Wireless are protected from unwanted or unknown visitors to the network. Unlike other vendors, you don't need multiple licenses, one device or cloud setup will get you going to manage and monitor your network
Prior to this, we used Cisco Meraki wireless access points, which did not allow for centralized control, therefore several access points shared the same SSID. Because the client's movement from one device to another was not as seamless and reliable as it is with the current Ubiquiti solution, this shift cost both time and stability during configuration.
Set and forget. It made a positive contribution in terms of labor and cost without needing much technical support. Since NAC and TACACS features come together, you can meet your needs with a single license.
The number of supporting companies may be limited in the country you are affiliated with. Therefore, agreements with third-party companies are expensive and your support requests may take a long time.