ClearPass Policy Manager Platform

ManualsBrandsARUBA ManualsHardwareHPE ClearPass Policy Manager C1000 security appliance

Table Of Contents

QuickSpecs

Aruba ClearPass Policy Manager Platform

Overview

Page

Aruba 360 Security Exchange Program

Integrate with security and workflow systems

Support for the Aruba 360 Security Exchange Program is an integrated component of ClearPass. Using features like REST

-based

APIs, RADIUS Accounting Proxy, and Syslog ingestion help facilitate workflows with EMM/MDM,

SIEM, firewalls, help-desk systems

and more. Context is shared between each component for end

-to-end policy enforcement and visibility.

The ClearPass Ingress Event Engine provides 3rd party systems the means to share information in real

-time using Syslog. This

enables ClearPass to respond to changing threats for users and devices after they have authenticated to the network. By utili

zing

an open dictionary approach, anyone can write a parsing ruleset without the need for costly add

-ons or locked in 3rd party

ecosystems.

Advanced Reporting and Alerting

ClearPass Insight provides advanced reporting capabilities via customizable reports. Information about authentication trends,

profiled devices, guest data, on

-boarded devices, and endpoint health can also be viewed in an easy to use dashboard. Insight also

has support for granular alerts and a watchlist to monitor specific authentication failures.

Specifications

Appliances

ClearPass is available as hardware or as a virtual appliance.

Virtual appliances are supported on VMware vSphere Hypervisor (ESXi

), Microsoft Hyper-V, CentOS KVM & Amazon EC2.

• VMware ESXi 5.5 up to 6.5 Update 1

• Microsoft Hyper-V 2012/2016 R2 and Windows 2012/2016 R2 Enterprise

• KVM on CentOS 6.6, 6.7 and 6.8

• Amazon EC2

Platform

• Deployment templates for any network type, identity store and endpoint

• 802.1X, MAC authentication and captive portal support

• ClearPass OnConnect for SNMP-based enforcement on wired switches

• Advanced reporting, analytics and troubleshooting tools

• Interactive policy simulation and monitor mode utilities

• Multiple device registration portals - Guest, Aruba AirGroup, BYOD, and un-managed devices

• Admin/operator access security via CAC and TLS certificates

Framework and protocol support

• RADIUS, RADIUS CoA, TACACS+, web authentication, SAML v2.0

• EAP-FAST (EAP-MSCHAPv2, EAP-GTC, EAP-TLS)

• PEAP (EAP-MSCHAPv2, EAP-GTC, EAP-TLS, EAP-PEAP-Public, EAP-PWD)

• TTLS (EAP-MSCHAPv2, EAP-GTC, EAP- TLS, EAP-MD5, PAP, CHAP)

• EAP-TLS

• PAP, CHAP, MSCHAPv1 and 2, EAP-MD5

• OAuth2

• Windows machine authentication

• SMB v2/v3

• Online Certificate Status Protocol (OCSP)

• SNMP generic MIB, SNMP private MIB

• Common Event Format (CEF), Log Event Extended Format (LEEF)

Supported identity stores

• Microsoft Active Directory

• RADIUS

• Any LDAP compliant directory