last person joined: 3 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

ClearPass Policies On Remote Connecting Users

  • 1.  ClearPass Policies On Remote Connecting Users

    Posted Sep 13, 2013 08:31 AM

    another vendor is offering NAC Solution  , They can enfornce NAC policies  for remote connecting SSLVPN users becaue they can offer SSLVPN access on the same HW of NAC

    I wanted to get equivalent from Aruba ,  it is ClearPass as NAC solution .... but since there is no remote  SSLVPN access @ aruba i wanted to check how to enforce clearpass policies on remote connected usres wwhoc connected to Firewall through  dynamic remote VPN ?  Can i force them to pass through Conrtoller & let controller act as FW to apply Clearpass policies ? because as i understand the controller acts as FW for wireless users , not for wired coming from normal Cisco switches


  • 2.  RE: ClearPass Policies On Remote Connecting Users

    Posted Sep 13, 2013 08:37 AM

    Aruba offers VIA as a VPN option; IPsec with failback to HTTPS.  With this you can terminate clients on the controllers and utilize your existing roles and policies.   Otherwise, you can use ClearPass to authenticate the users of the other SSL solution.   ClearPass can authenticate and authorize them; and depending on what SSL solution send back appropriate attributes for the solution to apply roles, etc.   However you cannot use the controller's roles/policies in this case.  


    If you are open to sharing the other solution, we can try and help with more specific options.