HPE Aruba ClearPass: NAC Product Overview and Insight

Friday Jul 7th 2017 by Drew Robb
Share:

HPE Aruba's ClearPass network access control (NAC) solution is suited for high-volume authentication environments and distributed enterprises.

See the complete list of top 9 network access control (NAC) solutions.

Company Description

Aruba, a Hewlett Packard Enterprise (HPE) company, provides mobility and IoT solutions for organizations of all sizes. With infrastructure services offered as software from the public or private cloud, Aruba enables secure connectivity for mobile and IoT. The company was founded in 2003 and is a wholly owned subsidiary of HPE.

Product Description

Aruba ClearPass provides role- and device-based network access control for employees, students, contractors and guests across any multivendor wired, wireless and VPN infrastructure. With a built-in context-based policy engine, support for multiple enforcement methods (RADIUS, TACACS, SNMP), device fingerprinting and comprehensive posture assessment, onboarding and guest access options, ClearPass provides a foundation for network security. It includes the ability to identify users and devices connecting to networks, to detect the state of those devices, to construct and enforce policies, and is vendor agnostic, said Madani Adjali, director of product management, Aruba.

Agents

For endpoint posture assessment and remediation, Aruba offers ClearPass OnGuard which is available as an always-on agent or web browser-based plug-in. The always-on agent (often referred to as persistent agent) is designed for applications where real-time endpoint compliance is required. This is deployed predominately in company/institution-owned computers. The web browser-based plug-in is typically used in applications where customers want to ensure BYOD devices meet at least certain requirements before allowing access. This latter option is invoked on an as-needed basis via a captive portal. Both technologies are supported on Windows, MacOS and Linux. Additionally, ClearPass can integrate with third-party MDM/EMM platforms to include mobile device posture validation before allowing access.

Markets and Use Cases

It is strong in areas such as education, finance, healthcare and retail.

Applicable Metrics

Aruba ClearPass is deployed in high-volume authentication environments (e.g. 10+ million authentications a day) as well as distributed environments requiring local authentication survivability across multiple geographies (e.g. 30 points of presence). The company also maintains over 120+ third party integrations (firewalls, SIEMs, MDM/EMM, Network Access Devices, etc.).

Security Qualifications

When ClearPass is running in FIPS Approved mode, it utilizes a FIPS 140 2 validated cryptographic module. It is also on the U.S. Department of Defense Unified Capabilities Approved Products List (UC-APL).

Intelligence

ClearPass Exchange and ClearPass Extensions allow integration with third parties to share information with other vendor platforms. Additionally, it can bi-directionally share information from UEBA products such as Aruba IntroSpect (formerly Niara), which provides machine learning based-security analytics to adjust network access should threat indexes reach certain levels.

Delivery

It is offered as virtual appliance running on VMware vSphere Hypervisor (formerly ESXi), Microsoft Hyper-V and Linux KVM, in addition to hardware appliances.

Pricing

Costs vary with size. Example: a smaller site with 500 endpoints with the ability to reach the larger cluster to provide redundancy, OnGuard services and central management capabilities – OnGuard device posture (if desired) is included as an option in the main site quote (approximately $10,000 U.S. list).

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved