Aruba ClearPass vs Cisco ISE (Identity Services Engine) comparison

Cancel
You must select at least 2 products to compare!
HPE Aruba Networking Logo
19,043 views|12,946 comparisons
95% willing to recommend
Cisco Logo
23,778 views|15,809 comparisons
88% willing to recommend
Comparison Buyer's Guide
Executive Summary
Updated on May 8, 2022

We performed a comparison between Aruba ClearPass and Cisco ISE (Identity Service Engine) based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Aruba ClearPass users relate that one does need to have some technical expertise to install and deploy this solution. Although it is not so complex, it is definitely not easy, either. Users tell us the integration with the Active Directory can be very involved. They feel that some type of wizard to streamline the process would be very helpful.

    Cisco has a bit of a reputation for being complex across the board with all its offerings, and Cisco ISE is no different. For those users that are heavily invested in the Cisco ecosystem, deployment is not a big challenge. For those that are novices or not so tech savvy, the process can seem very complex. Additionally, if the environment is complex or there are multiple policies to deploy, the process can be more time-consuming.
  • Features: Aruba ClearPass valued features include its ease of use, stable policy management platform, and reliability. The authentication mechanisms and the integration with Active Directory (AD) are also very good. It is considered a very secure product that offers full transparency and solid security; no one can get inside without authentication. Additionally, Aruba ClearPass offers complete NAC features. Many users would like to see improved cloud deployment options, however.

    The features users liked best about Cisco ISE are that the solution is very stable, flexible, and secure. Cisco ISE is a great global product that operates consistently and looks the same wherever it is deployed across the world. The GUI with Cisco ISE is top-notch and the security protocols they provide are excellent. Cisco ISE users would like to see better migration to the cloud and a hybrid option made available. They users would also welcome a solution that was more user-friendly and less complex.
  • Pricing: Users of both solutions felt that the prices were on the high side.

  • Service and Support: Aruba ClearPass users tell us the technical support they have received is exceptional, and they are very satisfied. Cisco ISE offers training and licensing courses. However, users felt that when support was needed, it was not up to their satisfaction.

Comparison Results: Although Cisco is a worldwide, well-known, trusted, and respected branded product, with many known complexities, Aruba ClearPass is flexible, versatile, and more user-friendly than Cisco. Aruba’s aggressive stance on keeping hackers out with strict authentication policies and its cost-effective business model and excellent technical service make it a NAC solution to consider seriously.

To learn more, read our detailed Aruba ClearPass vs. Cisco ISE (Identity Services Engine) Report (Updated: May 2024).
772,277 professionals have used our research since 2012.
Q&A Highlights
Question: Which is better - Aruba Clearpass or Cisco ISE?
Answer: Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely connect different types of devices to the network and get identity access control for human or non-human entities. This helps our company to control user access to exactly what we need. I like that it can also do Mac authentication. We could then apply different policies for different types of devices. If you need diverse network segmentation, Aruba ClearPass gives you the ability to restrict what your users can access. On the downside, it was a kind of frustrating to set up and we needed outside help for installing it. However, once we set it up, it was very easy to manage. The standards are compatible with almost any device with 802.1X capability. It saves us from having to separate users by running multiple SSIDs. We can easily create guest accounts for visitors and specify their permission levels. I see Cisco ISE as more suited to managing high-privilege access. With it, you can assign privileges and access levels according to the user and device, which improves the user experience since the access level is set depending on the device. We find it very useful for users that need to log in physically or via remote VPN access. The end-to-end visibility helps implement a zero-trust-security approach. However, the integration of third-party products is limited, and the interface is not very user-friendly. Integrating with social networks could be a good idea for authenticating guests. Conclusions In my opinion, Cisco ISE is a very valuable product that is great for accounting, authorization, and authentication. However, Aruba ClearPass has the advantage of solving very different authentication scenarios, so in my opinion, in these days of remote and hybrid working, it has the upper hand.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It is beneficial from a security perspective because not everyone can connect to our wifi without going through an authentication process.""I like the stability and the GUI, which is always improving.""It is a robust product.""The continuous server and posturing are valuable.""Aruba ClearPass's most valuable feature is dynamic segmentation.""What I like best about Aruba ClearPass is its 802.1X certificate-based authentication feature.""It eliminated the management of 10 different individual discrete RADIUS servers.""Stable with good QBT technology."

More Aruba ClearPass Pros →

"The best features are the scalability and the license structure.""It's keeping our company safe from rogue devices connecting to our network. From a security standpoint, there's peace of mind knowing that every device that connects is a good one.""The solution is great for establishing trust for every access request no matter where it comes from.""It's flexible and stable. It's been good as a standard environment to run.""Profiling is one of the most valuable features. We have a lot of different devices between cameras, access points, and laptops that get plugged in.""For us and our clients, the most valuable features of Identity Services Engine are really around the rich contact sharing that ISE gives you.""SGTs are valuable because they make it easy to enforce policies, instead of pushing them across all the other platforms.""Stable network administration solution that can be installed easily, and comes with fast technical support."

More Cisco ISE (Identity Services Engine) Pros →

Cons
"The implementation can improve because it is challenging to explain some of the concepts to the client.""Aruba ClearPass could improve when it comes to troubleshooting, it can be difficult. Some advanced problems are difficult.""The interface could be made easier and more intuitive.""The initial setup phase of the solution was really very difficult, owing to which the setup phase can be considered as an area that can be improved.""An issue with Aruba ClearPass is the lack of information and poor community support. You can't find the material easily on the internet for any issues. For example, if you're looking for any configuration or exploring any issue, it's not easy to find information, and this is the problem with Aruba ClearPass. Access to helpful information and poor community support could be improved. Another area for improvement in Aruba ClearPass is that some of its advanced features aren't easy to find. For example, my team needed to apply Google single sign-on, but it wasn't easy to find. Aruba ClearPass is a big solution with a lot of capabilities, and it's a very advanced solution, so you need to either have some experience with it or undergo some training. Aruba ClearPass is a very good solution from the network perspective, but the issue is the poor support you get from the community. When you try using the solution, some areas aren't easy. When you search on YouTube, you'll find very few materials about Aruba ClearPass. It isn't like Cisco where you can find information from hundreds of websites, on YouTube, etc. This is bad for Aruba, so this area should be improved. Aruba has a training center, but the usual training offered is only for Aruba Wireless and Aruba Switches. If you have another solution, it's not easy to integrate it with Aruba ClearPass, so this is an area for improvement. You need to do some research to successfully integrate your solution with Aruba ClearPass. We integrated Aruba ClearPass with Ubiquiti WiFi, and it's working fine with no issues. My next project is to start integrating Aruba ClearPass with Cisco Switches. The solution is good, but on the website, there's no book and no video, and you can't find the material on Aruba ClearPass easily. This is one of the issues with Aruba.""It would be good if ClearPass made it a SaaS solution.""Aruba needs to improve and the processes must be clear.""I remember our technical team stating that the installation front of the solution was a bit difficult when compared to other solutions."

More Aruba ClearPass Cons →

"I would rate this solution a 7.5 out of ten. To make it a ten they should have more people on tech support. They need to invest more in the product. It's a good product. They should just work on tech support. More support for the customer. It's not that easy to get somebody to understand this product. I have had some issues with tech before for the solution. One of them brought the solution down due to some of his activity. They need to hugely invest in their tech support.""There are still some bugs in ISE that need to be worked out.""It would be nice if it could be configured easily by default.""I'd like to see an easier way to upgrade to larger versions, as well as more best practices that are easier to locate on their support page.""I would like the product to include support for OSVS version three.""It should be virtualized because many people have begun migrating to the cloud. They should offer a hybrid version.""On the network services devices, when you click on filter, the filter comes up. However, when I type in a search and I want to click on something it defaults back to the main page. I keep having an issue with that, and I'm not doing anything wrong.""The intuitiveness of the user interface could be improved."

More Cisco ISE (Identity Services Engine) Cons →

Pricing and Cost Advice
  • "Licensing and pricing are extremely straightforward."
  • "Run a 90 day free Proof of Concept (POC) for each product by implementing and using it fully in your environment. This way you will be educated on its features, functionality, and manageability.​"
  • "​Cost is important. I switched because Aruba's costs were well below Cisco's."
  • "We pay an annual licensing fee for Aruba and there are no additional costs."
  • "The pricing is not bad and everything is included."
  • "It is affordable. In Lebanon, companies are small, and they do not have a big budget. They cannot invest a lot of money, and Aruba ClearPass is quite affordable for them."
  • "The licensing model is very straightforward. There are two types of licensing for Aruba ClearPass, a perpetual license, and a subscription. Both of them are straightforward. We don't need to read an ordering guide, it's very clear."
  • "Aruba is a little more expensive than other products in the market here."
  • More Aruba ClearPass Pricing and Cost Advice →

  • "There are three levels of pricing: basic, plus, and apex. Basic satisfied our needs."
  • "If you go directly with Cisco for the implementation it's very, very expensive."
  • "The SMARTnet technical support is available at an additional cost."
  • "For the Avast virus scan, we pay around USD $95 per machine for five years which includes all updates and technical support."
  • "The price for Cisco ISE is high."
  • "The price can be lower, especially for subscriptions. It should be a lot cheaper to have a wide range of customers. The price should be comparable to competitive products like Forescout or Fortinet FortiNAC. Forescout is cheaper for customers looking for a cloud solution."
  • "There are other cheaper options available."
  • "The price is okay."
  • More Cisco ISE (Identity Services Engine) Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.
    772,277 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely… more »
    Top Answer:I've done quite a lot of work with ClearPass, and not a lot with FortiNAC/Bradford. ClearPass incorporates a number of different functions including ClearPass Guest for creating complex wireless… more »
    Top Answer:If you are looking at the base installation, then it was a very straightforward process, which I would rate an eight or nine out of ten.
    Top Answer:OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers… more »
    Top Answer:Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user… more »
    Top Answer:Cisco ISE is a comprehensive solution that allows you to control access to network resources granularly based on policies.
    Ranking
    Views
    19,043
    Comparisons
    12,946
    Reviews
    28
    Average Words per Review
    435
    Rating
    8.5
    Views
    23,778
    Comparisons
    15,809
    Reviews
    72
    Average Words per Review
    761
    Rating
    8.5
    Comparisons
    Also Known As
    Avenda eTIPS
    Cisco ISE
    Learn More
    Overview

    Aruba ClearPass is a network access control (NAC) solution that provides a range of security and access management capabilities for wired, wireless, and VPN networks. ClearPass enables organizations to secure their networks and devices, enforce security policies, and provide secure access to network resources.

    Aruba ClearPass Features

    Aruba ClearPass has many valuable key features. Some of the most useful ones include:

    • Device profiling: Aruba ClearPass automatically profiles and classifies network devices based on type, manufacturer, operating system, and more, to help organizations secure their networks.
    • Guest management: The solution provides a secure and easy-to-use guest management system for organizations to provide guest access to their networks.
    • User-friendly interface: The Aruba ClearPass includes a user-friendly interface, enabling administrators to easily manage and enforce security policies, monitor network activity, and respond to security threats.
    • Policy enforcement: Users can enforce security policies based on device type, user role, and other factors, to help secure their networks and devices.
    • Threat detection and response: With its real-time monitoring and threat detection capabilities, organizations are able to quickly identify and respond to security threats.
    • Authentication and authorization: Aruba ClearPass offers a range of authentication and authorization methods, including certificate-based authentication and 802.1X, to provide secure access to network resources.
    • Reporting and analytics: The solution Includes real-time reporting and analytics capabilities, enabling administrators to monitor network activity, track security incidents, and improve security over time.

    Aruba ClearPass Benefits

    There are many benefits to implementing Aruba ClearPass. Some of the biggest advantages the solution offers include:

    • Comprehensive solution: Aruba ClearPass integrates with a range of network security technologies, including firewalls, intrusion detection and prevention systems, and VPN gateways, to provide a comprehensive security solution.
    • Scalability: Designed to scale from small to large organizations, ClearPass provides a solution that can grow with an organization's needs.
    • Increased visibility: By implementing Aruba ClearPass, administrators can monitor network activity, track security incidents, and improve security over time.
    • Improved user productivity: The solution’s secure and seamless access to network resources helps users be more productive and access the resources they need, when they need them.
    • Better business agility: With the solution, organizations can quickly respond to security threats and enforce security policies, improving overall business agility.

    Reviews from Real Users

    Aruba ClearPass is a solution that stands out when compared to many of its competitors. Some of its major advantages are that it’s easy to use, has a valuable Guest Captive Portal and virtual security enforcement, and has a good web dashboard and policy manager.

    “It is easy to use and more integrated with the Aruba wireless networks,” says Muhammad N., Network & Information Security Engineer at a healthcare company.

    Ammar F., Head of IT at Hubtech, explains, “What I like most about Aruba ClearPass is that it has the best enforcement feature for the network. I also like its Guest Captive Portal and virtual security enforcement features, but the virtual security enforcement feature is still under testing by my company. Aruba ClearPass also has a wonderful UI which I find valuable."

    Another PeerSpot reviewer mentions, "The web dashboard and the policy manager are very intuitive and very easy for the engineers to use."

    Cisco ISE is an all-in-one solution that streamlines security policy management and reduces operating costs. Cisco ISE delivers visibility and access control over users and devices across wired, wireless, and VPN connections.

    Identity Services Engine enables enterprises to deliver secure network access to users and devices. It shares contextual data, such as threats and vulnerabilities, with integrated solutions from Cisco technology partners. You can see what is happening in your network, which applications are running, and more.

    Features of Cisco ISE

    • Centralized management helps administrators configure and manage user profile characteristics - a single pane of glass for integrated management services.
    • Contextual identity and business policy: The rule-based attribute is a driven policy model. The goal is to provide flexible access control policies.
    • Wide range of access control options, including Virtual LAN (VLAN) URL redirections, and access control lists.
    • Supplicant-less network access: You can roll out secure network access by deriving authentication from login information across application layers.
    • Guest lifecycle management streamlines the experience for implementing and customizing network access for guests.
    • Built-in AAA services: The platform uses standard RADIUS protocol for authentication, authorization, and accounting.
    • Device auditing, administration, and access control provide users with access on a need-to-know and need-to-act basis. It keeps audit trails for every change in the network.
    • Device profiling: ISE features predefined device templates for different types of endpoints.
    • Internal certificate authority: Qn easy-to-deploy single console to manage endpoints and certificates.

    Benefits of Cisco ISE

    Cisco’s holistic approach to network access security has several advantages:

    • Context-based access based on your company policies. ISE creates a complete contextual identity, including attributes such as user, time, location, threat, access type, and vulnerability. This contextual identity is used to enforce a secure access policy. Administrators can apply strict control over how and when endpoints are allowed in the network.
    • Better network visibility via an easy-to-use, simple console. In addition, visibility is improved by storing a detailed attribute history of all endpoints connected to the network.
    • Comprehensive policy enforcement. ISE sets easy and flexible access rules. These rules are controlled from a central console that enforces them across the network and security infrastructure. You can define policies that differentiate between registered users and guests. The system uses group tags that enable access control on business rules instead of IP addresses.
    • Self-service device onboarding enables the enterprise to implement a Bring-Your-Own-Device (BYOD) policy securely. Users can manage their devices according to the policies defined by IT administrators. (IT remains in charge of provisioning and posturing to comply with security policies.)
    • Consistent guest experiences: You can provide guests with different levels of access from different connections. You can customize guest portals via a cloud-delivered portal editor with dynamic visual tools.

    Support

    You can get ISE as a physical or virtual appliance. Both deployments can create ISE clusters that create scale, redundancy, and requirements.

    Licensing

    Cisco ISE has four primary licences. Evaluation for up to 100 endpoints with full platform functionality. The higher tiers are Partner, Advantage and Essential.

    Reviews from Real Users

    "The user experience of the solution is great. It's a very transparent system. according to a PeerSpot user in Cyber Security at a manufacturing company.

    Omar Z., Network & Security Engineer at an engineering company, feels that "The RADIUS Server holds the most value."

    “Whether I deploy in China, the US, South Africa, or wherever, I can get all the capabilities. It allows me to directly integrate with 365, and from a communications point of view, that is a good capability," says Rammohan M., Senior Consultant at a tech services company.

    Hassan A.,Technology Manager at Advanced Integrated Systems, says that "The most valuable feature is the integration with StealthWatch and DNA as one fabric."




    Sample Customers
    Consulate Health Care, Los Angeles Unified School District, Science Applications International Corp (SAIC), San Diego State University, KFC, ACTS Retirement-Life Communities
    Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
    Top Industries
    REVIEWERS
    Comms Service Provider18%
    Computer Software Company18%
    Manufacturing Company11%
    Healthcare Company11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Government9%
    Manufacturing Company7%
    Financial Services Firm6%
    REVIEWERS
    Financial Services Firm14%
    Government11%
    Comms Service Provider11%
    Computer Software Company11%
    VISITORS READING REVIEWS
    Educational Organization23%
    Computer Software Company16%
    Government8%
    Financial Services Firm7%
    Company Size
    REVIEWERS
    Small Business42%
    Midsize Enterprise23%
    Large Enterprise35%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise17%
    Large Enterprise59%
    REVIEWERS
    Small Business25%
    Midsize Enterprise20%
    Large Enterprise55%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise32%
    Large Enterprise52%
    Buyer's Guide
    Aruba ClearPass vs. Cisco ISE (Identity Services Engine)
    May 2024
    Find out what your peers are saying about Aruba ClearPass vs. Cisco ISE (Identity Services Engine) and other solutions. Updated: May 2024.
    772,277 professionals have used our research since 2012.

    Aruba ClearPass is ranked 2nd in Network Access Control (NAC) with 75 reviews while Cisco ISE (Identity Services Engine) is ranked 1st in Network Access Control (NAC) with 137 reviews. Aruba ClearPass is rated 8.6, while Cisco ISE (Identity Services Engine) is rated 8.2. The top reviewer of Aruba ClearPass writes "Easy to use, multifeatured, and reliable policy management platform for identity authentication and new device onboarding". On the other hand, the top reviewer of Cisco ISE (Identity Services Engine) writes "Gives us that extra ability to assist the end user and make sure that we are making them happy". Aruba ClearPass is most compared with Fortinet FortiNAC, Forescout Platform, Microsoft Intune, Ruckus Cloudpath and macmon Network Access Control, whereas Cisco ISE (Identity Services Engine) is most compared with Fortinet FortiNAC, Forescout Platform, CyberArk Privileged Access Manager, Fortinet FortiAuthenticator and Microsoft Enterprise Mobility + Security. See our Aruba ClearPass vs. Cisco ISE (Identity Services Engine) report.

    See our list of best Network Access Control (NAC) vendors.

    We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.