Security

Please I need to confirm the licensing for high availability scenarios for Clearpass in a virtual environment

Active/Passive --> 2 appliances with (1) Access licenses bundle

If active/active is needed would we need to also purchase (2) Access bundles?

If you are building a ClearPass Cluster based on virtual appliances, you will need VM Based License for each VM that you install. So in your case, with two VMs you will need two VM licenses.

Since, you will be building a cluster, the Access licenses will be shared across the cluster so you don't need to buy two access bundles. You can use both appliances (active/active or active/passive) based on how you configure your NAD devices.

Hi,

Licencing is quite simple from 6.7 and up on.

First of all you need one platform license for each virtual appliance. If you use an hardware appliance this is included in the hardware.

On top of the platform there are 3 licences available as subcribtion or perpetual use and are shared in the cluster.

• Access licences are needed and used concurrent for authentication 802.1x/mac/tacacs+/guestportal/ end so on.
• Onboard is optional for onboarding BYOD devices for certificate enrollment used for authentication.
• Onguard is optional for endpoint health/posture check based on an endpoint agent.

Just one additional note, as noted there are

Access, Onboard, OnGuard licenses, stating with 6.8 we also took the Access license and created an Entry-Access license to reduce the entry $$$ for some customer that didn't require all the features of an Access license, the Entry-Access deprecates three features

TACACS

Profiing

3rd-Party Integrations

So for customer wanting a low cost starting point this could be a consideration, note that you can at a later date upgrade to a "FULL-ACCESS" license if any of the above features are required.

.

Appliances in cluster will share the application licenses. Separate platform license keys are required to activate both the appliances/platforms.