Also, keep in mind that most of our products support auth survivability in the latest versions. Check the release notes and user guides.
More importantly, I would question why you are placing a ClearPass server at a site and not an additional AD server? The fact that you need ClearPass there tells me that you either expect this link to go down or the link has high latency. If it is the latter, you will need an AD server there as well as ClearPass, otherwise RADIUS authentications will time out while we wait for a response from AD. This is not a fault of our products but is based on how Apple and Microsoft implement the 802.1x supplicant. There is a time limit upon which no response will cause a new 802.1x auth attempt.
A safe number is 100ms or less latency.