1. I understand it is a NAC that can be integrated into any 802.1x switch. However, certain level of firmware version is required. But I also heard that it still can be achieve using SNMP. Is that correct?
This is correct, but the snmp option have some caveats when changing VLANs or when a device is behind a VoIP phone
2. I also understand that a client software needs to be installed. But there is also an option for being clientless. What is the pro and cons with or without client software installed?
Yes
1- Persistent agent
provides nonstop monitoring and automatic remediation and control. When running persistent OnGuard agents, ClearPass
Policy Manager can centrally send system-wide notifications and alerts, and allow or deny network access. The persistent agent
also supports auto and manual remediation.
2- Dissolvable agent is ideal for personal
non IT-issued devices that connect via a captive portal and do not allow agents to be permanently installed. A one-time check at
login ensures policy compliance. Devices not meeting compliance can be redirected to a captive portal for manual remediation.
Once the browser page used during authentication is closed, the dissolvable agent is removed leaving no trace.