Security

last person joined: yesterday 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Can we move ClearPass 6.7 C2000V to Azure/AWS?

  • 1.  Can we move ClearPass 6.7 C2000V to Azure/AWS?

    Posted Dec 19, 2020 10:23 PM

    Hello All,

    Can we move ClearPass 6.7 C2000V to Azure/AWS?

    If Yes what would be the procedure.

    Do i need to purchase any subscription or i can use current license in Azure/AWS.



    ------------------------------
    MPY
    ------------------------------



  • 2.  RE: Can we move ClearPass 6.7 C2000V to Azure/AWS?

    Posted Dec 20, 2020 05:02 PM

    Hi MPY,

    I would advise to contact your local Aruba Partner or Aruba TAC support to discuss if it fits for your environment. Keep a close look at your WAN realibity when you like to put ClearPass into the cloud, delay time matters! Also ask yourself te question what's the impact to your infrastructe when the WAN uplink to the cloud is broken.

    The post of Danny is a good starting point; Airheads Community

    For migration to a new server licences can be migrates, AFAIK the same is true for AWS/Azure.

    See also; Deploying ClearPass Policy Manager in AWS

    ------------------------------
    Marcel Koedijk | MVP Expert 2020 | ACMP | ACCP | Ekahau ECSE
    ------------------------------



  • 3.  RE: Can we move ClearPass 6.7 C2000V to Azure/AWS?

    Posted Dec 20, 2020 09:38 PM

    In short, Yes. However there are multiple questions.

    Firstly you'll need to work with Aruba TAC to migrate/move over your licenses between the current on-prem and a new AWS VM. Start by requesting a private AMI image from here to get you started in terms of an AWS deployment.... https://forms.office.com/Pages/ResponsePage.aspx?id=YSBbEGm2MUuSrCTTBNGV3IQuClHxB29IlfFFMHxWbN1UNzdVN1VXVFIxM0dJRzlGU1hWN1RKMDBVRSQlQCN0PWcu

    Read this DOC for great guidance on deploying in AWS https://www.arubanetworks.com/techdocs/ClearPass/TechNotes/ClearPass_Policy_Manager_AWS/index.htm

    Now, there are multiple question that I'm not going to attempt {work your your aruba partner or aruba SE} but consider;

    Only one interface in AWS CPPM

    No VIP supported

    DO NOT PLAN on using an on-prem AD for for authN/authZ if your moving CPPM to AWS

    Consider RTT

    Consider how you'll get traffic to the VM..... via VPN, using an EIP etc.

    This will get you started.



    ------------------------------
    Danny Jump
    "Passionate about CPPM"
    ------------------------------