Aruba ClearPass vs Cisco ISE (Identity Services Engine) comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on May 8, 2022

We performed a comparison between Aruba ClearPass and Cisco ISE (Identity Service Engine) based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Aruba ClearPass users relate that one does need to have some technical expertise to install and deploy this solution. Although it is not so complex, it is definitely not easy, either. Users tell us the integration with the Active Directory can be very involved. They feel that some type of wizard to streamline the process would be very helpful.

    Cisco has a bit of a reputation for being complex across the board with all its offerings, and Cisco ISE is no different. For those users that are heavily invested in the Cisco ecosystem, deployment is not a big challenge. For those that are novices or not so tech savvy, the process can seem very complex. Additionally, if the environment is complex or there are multiple policies to deploy, the process can be more time-consuming.
  • Features: Aruba ClearPass valued features include its ease of use, stable policy management platform, and reliability. The authentication mechanisms and the integration with Active Directory (AD) are also very good. It is considered a very secure product that offers full transparency and solid security; no one can get inside without authentication. Additionally, Aruba ClearPass offers complete NAC features. Many users would like to see improved cloud deployment options, however.

    The features users liked best about Cisco ISE are that the solution is very stable, flexible, and secure. Cisco ISE is a great global product that operates consistently and looks the same wherever it is deployed across the world. The GUI with Cisco ISE is top-notch and the security protocols they provide are excellent. Cisco ISE users would like to see better migration to the cloud and a hybrid option made available. They users would also welcome a solution that was more user-friendly and less complex.
  • Pricing: Users of both solutions felt that the prices were on the high side.

  • Service and Support: Aruba ClearPass users tell us the technical support they have received is exceptional, and they are very satisfied. Cisco ISE offers training and licensing courses. However, users felt that when support was needed, it was not up to their satisfaction.

Comparison Results: Although Cisco is a worldwide, well-known, trusted, and respected branded product, with many known complexities, Aruba ClearPass is flexible, versatile, and more user-friendly than Cisco. Aruba’s aggressive stance on keeping hackers out with strict authentication policies and its cost-effective business model and excellent technical service make it a NAC solution to consider seriously.

To learn more, read our detailed Aruba ClearPass vs. Cisco ISE (Identity Services Engine) Report (Updated: March 2023).
688,083 professionals have used our research since 2012.
Q&A Highlights
Question: Which is better - Aruba Clearpass or Cisco ISE?
Answer: Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely connect different types of devices to the network and get identity access control for human or non-human entities. This helps our company to control user access to exactly what we need. I like that it can also do Mac authentication. We could then apply different policies for different types of devices. If you need diverse network segmentation, Aruba ClearPass gives you the ability to restrict what your users can access. On the downside, it was a kind of frustrating to set up and we needed outside help for installing it. However, once we set it up, it was very easy to manage. The standards are compatible with almost any device with 802.1X capability. It saves us from having to separate users by running multiple SSIDs. We can easily create guest accounts for visitors and specify their permission levels. I see Cisco ISE as more suited to managing high-privilege access. With it, you can assign privileges and access levels according to the user and device, which improves the user experience since the access level is set depending on the device. We find it very useful for users that need to log in physically or via remote VPN access. The end-to-end visibility helps implement a zero-trust-security approach. However, the integration of third-party products is limited, and the interface is not very user-friendly. Integrating with social networks could be a good idea for authenticating guests. Conclusions In my opinion, Cisco ISE is a very valuable product that is great for accounting, authorization, and authentication. However, Aruba ClearPass has the advantage of solving very different authentication scenarios, so in my opinion, in these days of remote and hybrid working, it has the upper hand.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It is beneficial from a security perspective because not everyone can connect to our wifi without going through an authentication process.""Aruba ClearPass's most valuable features are simple accessing, operating, and management. Additionally, the dashboard and performance work well.""The continuous server and posturing are valuable.""The most valuable features of Aruba ClearPass are the authentication mechanisms and the integration with Active Directory(AD).""ClearPass prevents hackers from accessing the network. No one can get inside without authentication. It provides a lot of features we are missing. It's incredibly powerful and stable.""The web dashboard and the policy manager are very intuitive and very easy for the engineers to use.""Aruba is a highly scalable product. It just works. We have no issues with scalability.""What I like best about Aruba ClearPass is its 802.1X certificate-based authentication feature."

More Aruba ClearPass Pros →

"It's easy to change and add policies.""It does what it's supposed to. We use a certificate-based authentication method for corporate-managed devices. That means when a user walks in with their managed laptop and plugs it into the network, it chats with Cisco ISE in the background, allows it on the network, and away they go.""Among the most valuable features is TACACS.""The core point is that Cisco ISE is the same globally compared to FortiAuthenticator. Whether I deploy in China, the US, South Africa, or wherever, I'm can get all the capabilities. It allows me to directly integrate with 365, and from a communications point of view, that is a good capability.""The posture assessment is a valuable feature because of the ability to do assessments on the clients before they connect to the network.""ISE's most valuable feature is integration between IT and OTs.""The way the ISE works is you can get into defining. Let's say, in my case, I've got a Windows laptop and I've got an Apple product and those have unique identifiers, unique back addresses. It would say that this in my profile so I could get to those apps with either device, 24/seven. That's how granular the ISE or these NAC Solutions can get.""Not having to trust devices and being able to set those levels of trust and more finely control our network is a benefit."

More Cisco ISE (Identity Services Engine) Pros →

Cons
"It would be good if ClearPass made it a SaaS solution.""In the next version, I would like to see some enhancement or extension on the tracking side. For example, when any user enters the network, it should be more visible in the graphical form.""ClearPass' GUI could be more user-friendly.""The GUI of Aruba ClearPass could improve, it is not user-friendly.""Licensing cost is extremely high.""A specific component is part of the solution called ClearPass Onboard, which can sometimes be complex and challenging to set up. If they could simplify the process and make it easier, that would be a benefit.""TLS authentication onboarding in Aruba ClearPass needs to be improved. The biggest problem we've seen in our environment is Huawei not being able to get onto Google Play. No Huawei device can be onboarded via Aruba ClearPass easily.""The implementation can improve because it is challenging to explain some of the concepts to the client."

More Aruba ClearPass Cons →

"The pricing is fair.""The interface could be more user-friendly and the ability to apply rules to MAC addresses, for example, if I wanted to allow a certain MAC address access at a particular time I cannot make this adjustment.""In an upcoming release, the solution needs to be more agentless and more independent. Additionally, there could be improved integration with other next-generation solutions, such as Palo Alto, Fortinet, or Check Point.""I would like for the next release to be easier to implement and to limit its dependencies around ISE, Windows, the network as a whole, etc.""It would be ideal if Cisco could provide some short training videos or documentation to customers to help them understand how to use the product.""Also, the menus could have been much simpler. There are many redundant things. That's a problem with all Cisco solutions. There are too many menus and redundant things on all of them.""The pricing and licensing structure are not ideal for customers.""Cisco ISE could be simplified somewhat. I would also prefer certificate-based authentication over confirmation-based authentication for all the processes. It's possible for us to do a workaround, but the process needs to be simplified."

More Cisco ISE (Identity Services Engine) Cons →

Pricing and Cost Advice
  • "It is affordable. In Lebanon, companies are small, and they do not have a big budget. They cannot invest a lot of money, and Aruba ClearPass is quite affordable for them."
  • "The licensing model is very straightforward. There are two types of licensing for Aruba ClearPass, a perpetual license, and a subscription. Both of them are straightforward. We don't need to read an ordering guide, it's very clear."
  • "Aruba is a little more expensive than other products in the market here."
  • "The price of Aruba ClearPass is expensive. When you want to build redundant systems it can be seen as necessary, so the enterprise will manage all of those costs."
  • "The starting price of Aruba ClearPass is 200k Hong Kong dollars. The licensing is based on the endpoints. For example, 100 - 500 end points."
  • "Aruba ClearPass has permanent licenses. You purchase it one time and this license is yours. You don't need to refresh it for five years, et cetera. They have a couple of licenses for enabled features with not only one license."
  • "I can't give the exact cost of Aruba ClearPass because that's handled by the purchasing team, but it's on the cheaper side, and on a scale of one to five, I'm rating the cost a four. Initially, the pricing for the solution is expensive in terms of deployment, but in the long term, for example, after more than five to ten years, the operational cost incurred by the company is quite affordable because you don't have to renew the license. It's a one-time purchase. My company only uses the standard license for Aruba ClearPass."
  • "The price of Aruba ClearPass is expensive. However, Cisco ISE was as expensive when we were comparing."
  • More Aruba ClearPass Pricing and Cost Advice →

  • "We are running Version 2.9 because Version 2.9 of the ISE has a persistent license — it's a one-time payment. The latest version (3.1) is only available if you do a yearly subscription."
  • "This solution requires an annual license and it is a bit expensive than competitors."
  • "The price of the solution is price fair for the features you receive."
  • "The price is a bit on the high side."
  • "I believe I have paid around $1,000 in licensing fees. The license is annual."
  • "The technology is good, but to use some of the other features, and capabilities, they request that we purchase the Cisco DNA Center. As a result, the bundled price is a little high."
  • "It would be beneficial to have a single license that included all of the features."
  • "The price of Cisco ISE (Identity Services Engine) is expensive and we are thinking about changing to FortiGate."
  • More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.
    688,083 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can… more »
    Top Answer:I've done quite a lot of work with ClearPass, and not a lot with FortiNAC/Bradford. ClearPass incorporates a number of different functions including ClearPass Guest for creating complex wireless… more »
    Top Answer:What I like best about Aruba ClearPass is its 802.1X certificate-based authentication feature.
    Top Answer:OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers… more »
    Top Answer:Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user… more »
    Top Answer:I really enjoy the live log section. Sometimes, you will have someone who is having issues connecting to the network, and then you have to ask them the dreaded question of, "Did you type a password… more »
    Ranking
    Views
    20,509
    Comparisons
    14,649
    Reviews
    29
    Average Words per Review
    416
    Rating
    8.6
    Views
    35,205
    Comparisons
    25,177
    Reviews
    55
    Average Words per Review
    676
    Rating
    8.1
    Comparisons
    Also Known As
    Avenda eTIPS
    Cisco ISE
    Learn More
    Overview

    Aruba ClearPass is a network access control (NAC) solution that provides a range of security and access management capabilities for wired, wireless, and VPN networks. ClearPass enables organizations to secure their networks and devices, enforce security policies, and provide secure access to network resources.

    Aruba ClearPass Features

    Aruba ClearPass has many valuable key features. Some of the most useful ones include:

    • Device profiling: Aruba ClearPass automatically profiles and classifies network devices based on type, manufacturer, operating system, and more, to help organizations secure their networks.
    • Guest management: The solution provides a secure and easy-to-use guest management system for organizations to provide guest access to their networks.
    • User-friendly interface: The Aruba ClearPass includes a user-friendly interface, enabling administrators to easily manage and enforce security policies, monitor network activity, and respond to security threats.
    • Policy enforcement: Users can enforce security policies based on device type, user role, and other factors, to help secure their networks and devices.
    • Threat detection and response: With its real-time monitoring and threat detection capabilities, organizations are able to quickly identify and respond to security threats.
    • Authentication and authorization: Aruba ClearPass offers a range of authentication and authorization methods, including certificate-based authentication and 802.1X, to provide secure access to network resources.
    • Reporting and analytics: The solution Includes real-time reporting and analytics capabilities, enabling administrators to monitor network activity, track security incidents, and improve security over time.

    Aruba ClearPass Benefits

    There are many benefits to implementing Aruba ClearPass. Some of the biggest advantages the solution offers include:

    • Comprehensive solution: Aruba ClearPass integrates with a range of network security technologies, including firewalls, intrusion detection and prevention systems, and VPN gateways, to provide a comprehensive security solution.
    • Scalability: Designed to scale from small to large organizations, ClearPass provides a solution that can grow with an organization's needs.
    • Increased visibility: By implementing Aruba ClearPass, administrators can monitor network activity, track security incidents, and improve security over time.
    • Improved user productivity: The solution’s secure and seamless access to network resources helps users be more productive and access the resources they need, when they need them.
    • Better business agility: With the solution, organizations can quickly respond to security threats and enforce security policies, improving overall business agility.

    Reviews from Real Users

    Aruba ClearPass is a solution that stands out when compared to many of its competitors. Some of its major advantages are that it’s easy to use, has a valuable Guest Captive Portal and virtual security enforcement, and has a good web dashboard and policy manager.

    “It is easy to use and more integrated with the Aruba wireless networks,” says Muhammad N., Network & Information Security Engineer at a healthcare company.

    Ammar F., Head of IT at Hubtech, explains, “What I like most about Aruba ClearPass is that it has the best enforcement feature for the network. I also like its Guest Captive Portal and virtual security enforcement features, but the virtual security enforcement feature is still under testing by my company. Aruba ClearPass also has a wonderful UI which I find valuable."

    Another PeerSpot reviewer mentions, "The web dashboard and the policy manager are very intuitive and very easy for the engineers to use."

    Cisco ISE is an all-in-one solution that streamlines security policy management and reduces operating costs. Cisco ISE delivers visibility and access control over users and devices across wired, wireless, and VPN connections.

    Identity Services Engine enables enterprises to deliver secure network access to users and devices. It shares contextual data, such as threats and vulnerabilities, with integrated solutions from Cisco technology partners. You can see what is happening in your network, which applications are running, and more.

    Features of Cisco ISE

    • Centralized management helps administrators configure and manage user profile characteristics - a single pane of glass for integrated management services.
    • Contextual identity and business policy: The rule-based attribute is a driven policy model. The goal is to provide flexible access control policies.
    • Wide range of access control options, including Virtual LAN (VLAN) URL redirections, and access control lists.
    • Supplicant-less network access: You can roll out secure network access by deriving authentication from login information across application layers.
    • Guest lifecycle management streamlines the experience for implementing and customizing network access for guests.
    • Built-in AAA services: The platform uses standard RADIUS protocol for authentication, authorization, and accounting.
    • Device auditing, administration, and access control provide users with access on a need-to-know and need-to-act basis. It keeps audit trails for every change in the network.
    • Device profiling: ISE features predefined device templates for different types of endpoints.
    • Internal certificate authority: Qn easy-to-deploy single console to manage endpoints and certificates.

    Benefits of Cisco ISE

    Cisco’s holistic approach to network access security has several advantages:

    • Context-based access based on your company policies. ISE creates a complete contextual identity, including attributes such as user, time, location, threat, access type, and vulnerability. This contextual identity is used to enforce a secure access policy. Administrators can apply strict control over how and when endpoints are allowed in the network.
    • Better network visibility via an easy-to-use, simple console. In addition, visibility is improved by storing a detailed attribute history of all endpoints connected to the network.
    • Comprehensive policy enforcement. ISE sets easy and flexible access rules. These rules are controlled from a central console that enforces them across the network and security infrastructure. You can define policies that differentiate between registered users and guests. The system uses group tags that enable access control on business rules instead of IP addresses.
    • Self-service device onboarding enables the enterprise to implement a Bring-Your-Own-Device (BYOD) policy securely. Users can manage their devices according to the policies defined by IT administrators. (IT remains in charge of provisioning and posturing to comply with security policies.)
    • Consistent guest experiences: You can provide guests with different levels of access from different connections. You can customize guest portals via a cloud-delivered portal editor with dynamic visual tools.

    Support

    You can get ISE as a physical or virtual appliance. Both deployments can create ISE clusters that create scale, redundancy, and requirements.

    Licensing

    Cisco ISE has four primary licences. Evaluation for up to 100 endpoints with full platform functionality. The higher tiers are Partner, Advantage and Essential.

    Reviews from Real Users

    "The user experience of the solution is great. It's a very transparent system. according to a PeerSpot user in Cyber Security at a manufacturing company.

    Omar Z., Network & Security Engineer at an engineering company, feels that "The RADIUS Server holds the most value."

    “Whether I deploy in China, the US, South Africa, or wherever, I can get all the capabilities. It allows me to directly integrate with 365, and from a communications point of view, that is a good capability," says Rammohan M., Senior Consultant at a tech services company.

    Hassan A.,Technology Manager at Advanced Integrated Systems, says that "The most valuable feature is the integration with StealthWatch and DNA as one fabric."




    Offer
    Learn more about Aruba ClearPass
    Learn more about Cisco ISE (Identity Services Engine)
    Sample Customers
    Consulate Health Care, Los Angeles Unified School District, Science Applications International Corp (SAIC), San Diego State University, KFC, ACTS Retirement-Life Communities
    Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
    Top Industries
    REVIEWERS
    Comms Service Provider21%
    Computer Software Company21%
    Manufacturing Company12%
    Energy/Utilities Company9%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Comms Service Provider11%
    Government9%
    Financial Services Firm6%
    REVIEWERS
    Comms Service Provider16%
    Financial Services Firm12%
    Government10%
    Computer Software Company9%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider11%
    Government10%
    Educational Organization8%
    Company Size
    REVIEWERS
    Small Business39%
    Midsize Enterprise23%
    Large Enterprise38%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise16%
    Large Enterprise62%
    REVIEWERS
    Small Business28%
    Midsize Enterprise23%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise19%
    Large Enterprise62%
    Buyer's Guide
    Aruba ClearPass vs. Cisco ISE (Identity Services Engine)
    March 2023
    Find out what your peers are saying about Aruba ClearPass vs. Cisco ISE (Identity Services Engine) and other solutions. Updated: March 2023.
    688,083 professionals have used our research since 2012.

    Aruba ClearPass is ranked 2nd in Network Access Control (NAC) with 31 reviews while Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control (NAC) with 60 reviews. Aruba ClearPass is rated 8.6, while Cisco ISE (Identity Services Engine) is rated 8.2. The top reviewer of Aruba ClearPass writes "Easy to use, integrates well with other Aruba solutions, and offers good performance". On the other hand, the top reviewer of Cisco ISE (Identity Services Engine) writes "Secures devices and has good support, but needs a better interface". Aruba ClearPass is most compared with Fortinet FortiNAC, Forescout Platform, Microsoft Intune, Sophos Network Access Control and macmon Network Access Control, whereas Cisco ISE (Identity Services Engine) is most compared with Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager, Fortinet FortiAuthenticator and Microsoft Enterprise Mobility + Security. See our Aruba ClearPass vs. Cisco ISE (Identity Services Engine) report.

    See our list of best Network Access Control (NAC) vendors.

    We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.