HPE Aruba Networking ClearPass Policy Manager Reviews & Insights

Score9.1 out of 10

50 Reviews and Ratings

Community insights

TrustRadius Insights for Aruba ClearPass are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.

Pros

Wide range of compatible devices: Many users have found the wide range of compatible devices in ClearPass to be helpful, as it allows for easy integration with various systems. This flexibility enables users to seamlessly connect and manage their network infrastructure without any compatibility issues.

Easy-to-understand rule-writing structure: The hierarchical and easy-to-understand rule-writing structure in ClearPass has been appreciated by several users. This feature simplifies the process of configuring access for different devices and purposes, making it convenient for users to set up and manage user authentication rules.

Seamless integration with Microsoft Active Directory: Users have praised the seamless integration of ClearPass with Microsoft Active Directory. This functionality allows for efficient user authentication and eliminates the need for multiple SSIDs, streamlining the user experience while ensuring secure network access.

HPE Aruba Networking ClearPass Policy Manager Reviews

11 Reviews

Aruba ClearPass offers security features and insight beyond just a peace of mind.

Rating: 9 out of 10

Incentivized

May 19, 2025

Use Cases and Deployment Scope

Aruba ClearPass has become essential for us over the last few years. We use various features that it offers and know there is a lot more that we don't use currently. We use it currently for TACACs and RADIUS central authentication, OnGuard, guest WIFI, central authentication for wireless and more. We've utilised the role based policy management and are continuing to develop it more and more to suit our changing requirements. We've been integrating Aruba ClearPass with more of our other systems for tighter security. It offers security insight and logs that give us greater clarity when troubleshooting and also a peace of mind over security concerns.

Pros

Role Based Policy Management
Logging and security troubleshooting
Guest WIFI management

Cons

UI can be hard to navigate
Ease of use could be improved
Email alert setup could be more streamline

Likelihood to Recommend

It is well suited to medium-to-large organisations who are trying to mange multiple roles that access the network each day. It helps with guest access and takes out a lot of administration once setup correctly. It can really help with 3rd party, guest and contractor access, without the security concerns. It can integrate really well with other systems that they might already have in place. Smaller companies would still benefit from Aruba ClearPass, but would probably not see the full benefits it can really offer, especially if they don't work with multiple VLAN and varied IT systems. If a company does not have the need for guess access or policy roles, it might not really be beneficial.

Verified User

Engineer in Information Technology (1001-5000 employees)

Vetted Review

4 years of experience

Aruba ClearPass does not disappoint

Rating: 10 out of 10

Incentivized

January 16, 2025

Use Cases and Deployment Scope

We use Aruba ClearPass for our wireless and switching infrastructure on both campuses. It has served well in addressing our identity access management needs for authentication, authorization, and accounting needs for our campus community needs. Students, faculty, staff, and guests are provided the correct access needs with the principle of least privileged being applied. After more than 5 years of utilization, Aruba Clearpass still serves our needs.

Pros

Security
Access control
Audits
AAA

Cons

The virtual VM could be easier for migration from Linux distribution changes
Licensing could be more dynamic when renewal is performed.

Likelihood to Recommend

The product simply works well and is easy to use. The learning curve is not high and anyone switching from Cisco ISE will not have a problem using it. It is also very compatible with 3rd party applications and appliances vis TACACS+. The solution is clean and clear and is highly recommended.

Verified User

Administrator in Information Technology (51-200 employees)

Vetted Review

6 years of experience

Aruba ClearPass is your network check point.

Rating: 9 out of 10

Incentivized

January 8, 2025

Use Cases and Deployment Scope

Aruba ClearPass is our security method for protecting our organization's LAN and Wi-Fi endpoints. ClearPass helped us preserve our endpoints by blocking unwanted visitors or unknown devices connecting to our enterprise network. We are blocking unauthorized access to our enterprise network by applying security policies. Not only LAN devices but also wireless and mobile devices.

Pros

Protecting network endpoints from unauthorized access.
Listing all devices that have access to our enterprise.
Protecting Wi-Fi networks from unwanted access to enterprise networks.

Cons

When a ClearPass server loses access to the Domain, it must reconnect automatically to avoid disconnecting devices.
ClearPass policy managers could use redesigns for easy management.
ClearPass agent sometimes loses connection and disconnects users.

Likelihood to Recommend

Aruba ClearPass is suited well for large enterprise networks with many connecting buildings and branches. Aruba ClearPass protects your endpoints from unauthorized or unknown devices accessing your network. You can apply policies that prevent devices from meeting the required policies in ClearPass. ClearPass will allow only authorized access for devices that are using the policies.

Verified User

Engineer in Information Technology (1001-5000 employees)

Vetted Review

2 years of experience

Clearpass NAC solution is top of game!

Rating: 9 out of 10

Incentivized

August 18, 2023

Use Cases and Deployment Scope

ClearPass is used for endpoint management of devices. We're using it to authenticate business owned computers, function as a portal for guest devices and certificate management. We are able to see which device are connecting to the network in real time and troubleshoot devices that aren't able to connect. We are also able to push devices into different wireless roles depending on who is connecting.

Pros

Reliable
Informative dashboards
Priced well
Integrates into non-aruba platforms
Easy to install patches
Little downtime

Cons

The user interface is outdated
Support is not as responsive as it used to be
I'd like to be able to build dashboards

Likelihood to Recommend

For mid/large organizations I think this is a great product, system requirements aren't too high, after the product is up and running it requires little maintenance except for patches and there is a large talent pool for resources. Clearpass is agnostic to vendors so whatever your wireless solution is this platform should be able to integrate with it. It may not be needed for smaller organizations as set up does take a lot of time and may not provide much value in return.

Verified User

Administrator in Information Technology (501-1000 employees)

Vetted Review

5 years of experience

Most useful NAC product

Rating: 9 out of 10

May 31, 2022

Use Cases and Deployment Scope

It is used in our wired and wireless networks with nac, radius and tacacs features. Within the scope of information security, it is used as RADIUS-NAC with features such as dynamically assigning the devices that come with certificates to the relevant vlan group in wired networks, and restricting their authority with dacl. In addition, tacacs feature is used for user authentication in connection to various network and security products. In the wireless network, it is used to ensure the security of guest and BYOD networks.

Pros

wide range of compatible devices
have an easy-to-understand and hierarchical rule-writing structure
easy-to-use interface and extensive documentation
seamless MS AD integration

Cons

Going to the end of the page to edit the rules and save them later causes problems.
An AND operation can be performed within a rule, but an OR operation cannot. therefore having to write too many rules
The license structure seems very complex at first.

Likelihood to Recommend

Regardless of large or small businesses, if a secure access such as client authorization, authentication and activity monitoring is desired on the wired or wireless network side, it can be preferred as the easiest to use and more performance product than its competitors.

Mehmet Fatih Onal

Technical Architect in Information Technology at Vakıf Katılım (1001-5000 employees)

Vetted Review

4 years of experience

Aruba Clearpass

Rating: 10 out of 10

Incentivized

September 8, 2020

Use Cases and Deployment Scope

This is the network access control system used for the organization. This system allows several different types of devices to easily connect to the network and get the proper access required for that individual or appliance. This solves a security issue that many organizations may face, properly restricting users or devices to only the resources they need.

Pros

Network access control
Guest network access
Network segmentation

Cons

More intuitive upgrade process.
Add in-service software upgrades.
Use common syntax across the various systems within Clearpass. For instance, monitoring view and guest view use different syntax's.

Likelihood to Recommend

Aruba Clearpass is well suited for organizations that require diverse network segmentation. This system provides the ability to lock down user access to only the resources one needs. The initial setup of a system like this is resource-intensive and may require outside consulting, but once in place, day to day system management is minimal and network visibility is increased.

Verified User

Manager in Information Technology (201-500 employees)

Vetted Review

4 years of experience

ClearPass Integration in a University Environment

Rating: 10 out of 10

Incentivized

June 7, 2020

Use Cases and Deployment Scope

Clearpass is being used as our primary authentication platform for our university of around 4000 students and 1000 staff. It provides TACACS for management and radius services for 802.1X authentication for wireless and wired infrastructure. Additionally, we use the product for registering and managing guest wireless users and whitelisting IoT devices via a self-service portal that has Azure AD integration. These self-service options help reduce management overhead for IT staff and make the experience much more convenient for students.

Pros

Heavily extensible logic that can solve a myriad of authentication and authorization scenarios.
Extensive logging for troubleshooting services and device connections
Standards based and compatible with nearly any device capable of 802.1X.
Good user base for support and solutions.

Cons

Policy manager and guest sections of ClearPass are disjointed, and where they overlap isn't readily apparent.
Some changes require a full service restart which can take 5 to 10 minutes.
Documentation is a bit dense and hard to navigate.

Likelihood to Recommend

ClearPass is well suited for 802.1X (PEAP or EAP-TLS) in wired and wireless scenarios. It can also do MAC authentication using its endpoint database. The fingerprinting is robust, as it can verify that a device is reported as the actual brand or model, instead of relying solely on MAC OUI. This is achieved by capturing DHCP request information that has been forwarded to the appliance. Using this information, extensive role mapping can be utilized in enforcement policies. For instance, you can apply one policy to a device that is considered a VoIP phone, but if you only want to target Polycom phones, that can be specified in the role mapping, which then can be enforced as a specific VLAN pushed to the switch port or a specific QoS policy. Downloadable user roles are another impressive feature of ClearPass which can be fully integrated with Aruba switches. Instead of deploying ACLs to switches, you can simply have the switch download the ACL from ClearPass. This helps with issues of management and scalability where extensive L3 segmentation is utilized across a network. Similarly, QoS and other options can also be included in download user roles. There are too many options to list all in this review. I liken the experience to a AAA Swiss Army Knife.

Verified User

Engineer in Information Technology (1001-5000 employees)

Vetted Review

2 years of experience

Aruba ClearPass delivers

Rating: 9 out of 10

Incentivized

March 12, 2020

Use Cases and Deployment Scope

Aruba ClearPass is being used across the organization; we use it for authenticating wireless devices and assigning users to appropriate VLANs by membership in AD security groups. It is used by more than 14000 users daily, with a mix of devices from iPads to Chromebooks to Windows PCs and laptops, with some personal cell phones (more than 3000 daily) mixed in.

Pros

It does a great job of authenticating users and eliminating the need for us to run multiple SSIDs to “manually” separate users.
Integrates well with AD to support assigning users to segments based on security group membership
It integrates well with our Aruba controller environment

Cons

We’d like to see some logic being applied to the VLAN assignment so that we could do it based on more than one condition - for example, membership in a security group and operating system.

Likelihood to Recommend

Aruba ClearPass is ideal in an HP/Aruba environment, and it works well with Active Directory as well. We use it in a busy enterprise environment with an average of 18000-20000 devices connecting daily. Our main applications are streaming video and audio, with other less taxing web environments in use, but most with significant animation.

Don Ringelestein

Director of Technology/CTO in Information Technology at West Aurora School District 129 (1001-5000 employees)

Vetted Review

2 years of experience

Best NAC server out there at the moment, but needs improvement in training materials and support

Rating: 9 out of 10

Incentivized

December 7, 2019

Use Cases and Deployment Scope

ClearPass is used as a NAC and access server for wireless connectivity, and we are planning to use it for wired NAC in the future. It is used for wireless employee authentication with EAP-TLS, as well as wireless guest access with self-registration. It addresses wireless authentication problem in a reliable and scalable manner.

Pros

Wireless authentication with EAP-TLS.
Wireless guest access with self-registration.
Interfacing with Aruba wireless controllers.
Very good logging/troubleshooting.

Cons

Wired NAC with non-Aruba switches is clunky and hard.
Configuration is not intuitive.
Training materials online are practically nonexistent.
Even when given on official training courses, training materials are terrible.

Likelihood to Recommend

It works very well with Aruba wireless controllers and, according to the demos, with Aruba switches for wired NAC. Works well for guest portals with self-registration. Posture checking - Onguard - is limited on Macs, but extensive on Windows. Onboarding with EAP-TLS on android phones requires an app. However, wired NAC is very hard with non-Aruba switches. Policies can be very granular.

Verified User

Engineer in Information Technology (1001-5000 employees)

Vetted Review

5 years of experience

Clearpass: Everything you hope for and more from a network access control system

Rating: 9 out of 10

Incentivized

November 7, 2019

Use Cases and Deployment Scope

ClearPass is being used company-wide. Every person's device is authenticated through ClearPass and depending on what department they are they are put into a VLAN that gives them access to the systems they need. I love that ClearPass can grant or deny access to certain systems based on the user because it saves time not having to build that manually. We also use ClearPass to create guest accounts for visitors that come to our campus. These guest accounts grant access to the internet but not to our internal systems. ClearPass solves the problem of having multiple departments with different needs and being able to grant them access to what they need while keeping the network secure. ClearPass allows us to use 802.1x so we can put a base config on our network devices and not have to configure each port specific to each person or device.

Pros

You can use ClearPass authenticate using wired and wireless network devices. This is helpful that you don't have to have multiple systems to accomplish this.
Because devices can have different purposes Clearpass can configure groups that will specify what access they have. You can use parameters such as vendor or mac address so clearpass know what group to push them to.
It is very easy to view device logs. This is really helpful to troubleshoot auth issues. Once you find the device Clearpass provides more than enough info to know what the issue is and to fix it.

Cons

Getting data out of ClearPass is difficult. You can get some with SNMP but he API is lacking. There is only a limited amount of info that you can get from it. Even some data that shows up in ClearPass Insight is not available to import into a 3rd party application.
In the past, if you have hardware/software issues you could troubleshoot them yourself through the CLI in a Linux type interface but now they have locked everything down and it makes troubleshooting difficult. You have to rely on them for everything. As a person who likes to understand the ins and outs of the systems I manage it is somewhat frustrating.
Steep learning curve, although support can assist and their forums like airheads can be helpful. This is a complex system and can take a while to grasp how everything works and integrates.

Likelihood to Recommend

We have quite a few visitors to our campus and we don't want to have a set PSK for the wireless so we have configured a guest network where visitors can create an account and gain access to the internet and we don't have to "manage" it since the accounts will expire after a certain time. We have RF scanners in our warehouses and we want them to be allowed on the network and be put into its own VLAN. ClearPass can do this flawlessly by keying off of the MAC address when it comes online and putting it into the correct VLAN. This makes it so we don't have to add each device individually to the system. The only time ClearPass would not be appropriate is in a small deployment where the cost to value wouldn't make sense.

Verified User

Administrator in Engineering (1001-5000 employees)

Vetted Review

2 years of experience

Loading Reviews List....

Clearpass: Everything you hope for and more from a network access control system

Rating: 9 out of 10

Incentivized

November 7, 2019

Use Cases and Deployment Scope

Pros

You can use ClearPass authenticate using wired and wireless network devices. This is helpful that you don't have to have multiple systems to accomplish this.
Because devices can have different purposes Clearpass can configure groups that will specify what access they have. You can use parameters such as vendor or mac address so clearpass know what group to push them to.
It is very easy to view device logs. This is really helpful to troubleshoot auth issues. Once you find the device Clearpass provides more than enough info to know what the issue is and to fix it.

Cons

Getting data out of ClearPass is difficult. You can get some with SNMP but he API is lacking. There is only a limited amount of info that you can get from it. Even some data that shows up in ClearPass Insight is not available to import into a 3rd party application.
In the past, if you have hardware/software issues you could troubleshoot them yourself through the CLI in a Linux type interface but now they have locked everything down and it makes troubleshooting difficult. You have to rely on them for everything. As a person who likes to understand the ins and outs of the systems I manage it is somewhat frustrating.
Steep learning curve, although support can assist and their forums like airheads can be helpful. This is a complex system and can take a while to grasp how everything works and integrates.

Likelihood to Recommend

Verified User

Administrator in Engineering (1001-5000 employees)

Vetted Review

2 years of experience