- Access Control
- Network Protection
- IoT Security
- Policy Enforcement
- Threat Protection
- Enterprise Security
- Endpoint Protection
- EAP-FAST
- EAP-MSCHAPv2
- EAP-GTC
- EAP-TLS
- PEAP
- EAP-PEAP
- TTLS
- MSCHAPv2
- EAP-MD5
- WPA3
- EAP
- TLS
- SMB
- TCP
- HTTP
Aruba's ClearPass Policy Manager, part of the Aruba 360 Secure Fabric, provides role- and device-based secure network access control for IoT, BYOD, corporate devices, as well as employees, contractors and guests across any multivendor wired, wireless and VPN infrastructure.
With a built-in context-based policy engine, RADIUS, TACACS+, non-RADIUS enforcement using OnConnect, device profiling, posture assessment, onboarding, and guest access options, ClearPass is unrivaled as a foundation for network security for organizations of any size.
For comprehensive integrated security coverage and response using firewalls, EMM/MDM and other existing solutions, ClearPass supports the Aruba 360 Security Exchange Program. This allows for automated threat detection and response workflows that integrate with thirdparty security vendors and IT systems previously requiring manual IT intervention.
In addition, ClearPass supports secure self-service capabilities, making it easier for end users trying to access the network. Users can securely configure their own devices for enterprise use or Internet access based on admin policy controls. Aruba wireless customers in particular can take advantage of unique integration capabilities such as AirGroup, as well as ClearPass Auto Sign-On (ASO). ASO enables a user's network authentication to pass automatically to their enterprise mobile apps so they can get right to work.
The result is detailed visibility of all wired and wireless devices connecting to the enterprise, increased control through simplified and automated authentication or authorization of devices, and faster, better incident analysis and response through the integration of Aruba IntroSpect UEBA and third-party partner ecosystems. This is achieved with a comprehensive and scalable policy management platform that goes beyond traditional AAA solutions to deliver extensive enforcement capabilities for IT-owned and BYOD security requirements.
THE CLEARPASS DIFFERENCE
ClearPass is the only policy platform that centrally enforces all aspects of enterprise-grade access security for any industry. Granular policy enforcement is based on a user's role, device type and role, authentication method, EMM/MDM attributes, device health, traffic patterns, location, and time-of-day.
Deployment scalability supports tens of thousands of devices and authentications which surpasses the capabilities offered by legacy AAA solutions. Options exist for small to large organizations, from centralized to distributed environments.
ADVANCED POLICY MANAGEMENT | Enforcement and visibility for wired and wireless
With ClearPass, organizations can deploy wired or wireless using standards-based 802.1X enforcement for secure authentication. ClearPass also supports MAC address authentication for IoT and headless devices that may lack support for 802.1X. For wired environments where RADIUS based authentication cannot be deployed, OnConnect, offers an alternative using SNMP based enforcement.
Authentication methods can be used to concurrently support a variety of use-cases. It also includes support for multifactor authentication based on log-in times, posture checks, and other context such as new user, new device, and more.
Attributes from multiple identity stores such as Microsoft Active Directory, LDAP-compliant directory, ODBC-compliant SQL database, token servers and internal databases across domains can be used within a single policy for fine- grained control.