I am two weeks away from Go-Live with ClearPass as a NAC. (Version 6.5.5 on CPPM - Aruba IAP wireless - Juniper switching) We were hoping to have posturing w/ OnGuard on day 1... but... I don't think it's going to happen. We have had INCREDIBLY inconsistent behavior across wired, wireless, Windows 10, & Windows 7.
Windows 10 gets kicked off wired after exactly 1 hour after the agent sends back a posture status of UNKNOWN, for literally no apparent reason. Unfortunately, CPPM stops there and the device is stuck until you disable/enable the NIC to restart the process from Initial, OnGuard check-in, CoA, and onto the correct VLAN. Windows 10 on wireless will run all day with no issues.
Windows 7 is flapping every single minute on both wired and wireless. I have tickets open for both issues and they think it's tied to a known bug on the 6.5.5 agent. It is resolved in 6.6, but they haven't let me try it yet. Engineering ticket #33360 if any Aruba employees want to check-in on that...