Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access.
You can securely connect different types of devices to the network and get identity access control for human or non-human entities. This helps our company to control user access to exactly what we need. I like that it can also do Mac authentication. We could then apply different policies for different types of devices.
If you need diverse network segmentation, Aruba ClearPass gives you the ability to restrict what your users can access. On the downside, it was a kind of frustrating to set up and we needed outside help for installing it. However, once we set it up, it was very easy to manage.
The standards are compatible with almost any device with 802.1X capability. It saves us from having to separate users by running multiple SSIDs. We can easily create guest accounts for visitors and specify their permission levels.
I see Cisco ISE as more suited to managing high-privilege access. With it, you can assign privileges and access levels according to the user and device, which improves the user experience since the access level is set depending on the device. We find it very useful for users that need to log in physically or via remote VPN access.
The end-to-end visibility helps implement a zero-trust-security approach. However, the integration of third-party products is limited, and the interface is not very user-friendly. Integrating with social networks could be a good idea for authenticating guests.
Conclusions
In my opinion, Cisco ISE is a very valuable product that is great for accounting, authorization, and authentication. However, Aruba ClearPass has the advantage of solving very different authentication scenarios, so in my opinion, in these days of remote and hybrid working, it has the upper hand.
Hello community,
I am a Mission Network Administrator at a medium-sized manufacturing company.
Can Cisco ISE manage VLANS and switch ports on Cisco switches? Can Cisco ISE disallow authentication based on OS?
Thank you for your help.
Senior Technical Consultant at International Turnkey Systems - ITS
Aug 25, 2023
Yes, you can do it by creating a profiling condition on the OS you want to disallow and setting a policy in the authentication to reject this exact OS.
Manager IT at a tech company with 201-500 employees
Aug 27, 2023
The VLAN on n any device including Cisco switches can be managed by Cisco ISE as long as SNMP is supported by the device.
In nut shell VLAN on a managed switch can be managed by Cisco ISE irrespective of that being Cisco or any other product.
Hello peers,
I am a Senior Network & Security Engineer at a large computer software company.
I am currently researching network access control solutions. What are the differences between Cisco ISE and Fortinet FortiNAC? Which solutions do you prefer and why?
Thank you for your help.
Here are the differences between Cisco ISE and Fortinet FortiNAC, two widely-used network access control (NAC) solutions designed to help secure networks:
Cisco ISE is a comprehensive NAC solution that offers a wide range of features, including:
User and Device Identity Management
Policy Enforcement
Risk Assessment
Compliance Reporting
Fortinet FortiNAC is a more focused NAC solution that provides visibility and control over wired and wireless devices and offers features such as:
Device Profiling
Policy Enforcement
Asset Inventory
Compliance Reporting
When choosing a NAC solution, base your decision on your company's requirements and needs.
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias.
Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why.
You can read user reviews for the top Top 5 Network Access Control (NAC) S...
Download our FREE report comparing Aruba ClearPass and Cisco ISE (Identity Services Engine) based on reviews, features, and more! Updated: September 2023.
Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access.
You can securely connect different types of devices to the network and get identity access control for human or non-human entities. This helps our company to control user access to exactly what we need. I like that it can also do Mac authentication. We could then apply different policies for different types of devices.
If you need diverse network segmentation, Aruba ClearPass gives you the ability to restrict what your users can access. On the downside, it was a kind of frustrating to set up and we needed outside help for installing it. However, once we set it up, it was very easy to manage.
The standards are compatible with almost any device with 802.1X capability. It saves us from having to separate users by running multiple SSIDs. We can easily create guest accounts for visitors and specify their permission levels.
I see Cisco ISE as more suited to managing high-privilege access. With it, you can assign privileges and access levels according to the user and device, which improves the user experience since the access level is set depending on the device. We find it very useful for users that need to log in physically or via remote VPN access.
The end-to-end visibility helps implement a zero-trust-security approach. However, the integration of third-party products is limited, and the interface is not very user-friendly. Integrating with social networks could be a good idea for authenticating guests.
Conclusions
In my opinion, Cisco ISE is a very valuable product that is great for accounting, authorization, and authentication. However, Aruba ClearPass has the advantage of solving very different authentication scenarios, so in my opinion, in these days of remote and hybrid working, it has the upper hand.