ClearPass Policy Manager
ClearPass Policy Manager provides secure network access in a mobile world. It features ultra-scalable AAA with RADIUS and TACACS+ and a policy engine that leverages contextual data based on user roles, device types, app usage and location.
With a built-in context-based policy engine, RADIUS, TACACS+ protocol support, device profiling and comprehensive posture assessment, onboarding, and guest access options, ClearPass is unrivaled as a foundation for network security in any organization.
The Clearpass Difference
The ClearPass Policy Manager is the only policy solution that centrally enforces all aspects of enterprise-grade
mobility and NAC for any industry. Granular network access enforcement is based on a user’s role, device type and role, authentication method, EMM/MDM attributes, device health, location, and time-of-day.
Offering unsurpassed interoperability, ClearPass offers extensive multivendor wireless, wired and VPN infrastructure support which enables IT to easily rollout secure mobility policies across any environment.
Deployment scalability supports tens of thousands of devices and authentications which surpasses the capabilities offered by legacy AAA solutions. Options exist for small to large organizations, from local to distributed environments.
- Role-based network access enforcement for multivendor Wi-Fi, wired and VPN networks.
- Industry-leading performance, scalability, high availability and load balancing.
- Intuitive policy configuration templates and visibility troubleshooting tools.
- Supports multiple authentication/authorization sources (AD, LDAP, SQL dB) within one service.
- Self-service device onboarding with built-in certificate authority (CA) for BYOD
- Guest access with extensive customization, branding and sponsor-based approvals.
- Supports NAC, Microsoft NAP, and EMM/MDM integration for mobile device assessments.
- Comprehensive integration with third party systems such as SIEM, Internet security and EMM/MDM.
- Single sign-on (SSO) and Aruba Auto Sign-On support via SAML v2.0.
- Advanced reporting of all user valid authentications and failures.
- Built-in profiling using DHCP and TCP fingerprinting.
- Hardware and virtual support for ESXi and Hyper-V appliances.