This community is currently in a read-only state due to a maintenance window. For more info click here
Contributor I

ClearPass rules combined or split?

I was at recent event and a discussion came up about clearpass deployments.


Some say for better proformance you should combine your clearpass service rules e.g. mac auth/social into one rule, others say you should split them out as it makes it easier to troubleshoot.


What is the community view?


Guest Blogger

Re: ClearPass rules combined or split?

My personal preference is to combine as much as possible in one service. But I make a distinction between wired, wireless and management services. 


And I use "dividers" to order the services in a more readable way.


@rene_booches | AMFX #26, ACMX #438, ACCX #725, ACDX #760, CCNP R&S, CEH | Co-owner/Solution Specialist@4IP / blog

Re: ClearPass rules combined or split?

There's not a one size fits all answer. Literally every ClearPass deployment is different in some way.

If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | |

Contributor I

Re: ClearPass rules combined or split?

Tim, this is true no clearpass is same, i have deployed multiple CPPMs of varing sizes and none are them same.


It does bring up the point, however there is no clear, best practice guide on deployments.

Search Airheads
Showing results for 
Search instead for 
Did you mean: