The Aruba ClearPass Policy Manager platform delivers identityand device-based network access control across any wired, wireless and VPN infrastructure. With built-in RADIUS, SNMP and TACACS+ protocols, ClearPass Policy Manager automatically enforces user and endpoint access policies as devices connect to the network.
The result is consistent and secure network access that meets corporate bring-your-own-device (BYOD) requirements. Whether local or remote, ClearPass Policy Manager supports users across multiple locations, regardless of the network, device ownership or connection method.
Differentiated employee access
ClearPass authenticates users and devices on any wireless, wired and VPN network using 802.1X, non-802.1X or web portal access methods. Multiple authentication protocols such as PEAP, EAP-FAST, EAP-TTLS, can be used to enhance security in any environment. Attributes from multiple identity stores such as Microsoft Active Directory, LDAP-compliant directory, ODBC-compliant SQL database, token servers and internal databases can be used within a single policy for fine-grained control.
External captive portals
The ClearPass Policy Manager enables the creation of common policies from a central captive portal for Aruba and any multivendor wired and wireless equipment. The built-in MACtrac web-based registration tool lets users self-register BYOD device information, such as MAC address, user, device type and operating system version for smart devices, game consoles, and more.
Handling access for unmanaged endpointsProduct Highlights
Unmanaged non-802.1X devices - printers, IP phones and IP cameras - can be identified as known or unknown upon connecting to the network. The identity of these devices is based on the presence of their MAC address in an external or internal database, or via profiling.
- Out-of-band communication eliminates impact on network performance and scalability
- Intuitive web interface simplifies policy configuration and troubleshooting
- Policy simulation and monitoring allow testing of policies before deployment
- Supports NAC, NAP and emerging frameworks like Trusted Network Connect (TNC)
- Real-time user and device access logs track each authentication
- Extensive reports highlight user activity, authentications and failures
- Reusable policy building blocks simplify the creation of authentication services
- Configuration and authentication APIs simplify third-party integration
- Fully-replicated clustering for high availability, redundancy and load balancing