What is Aruba ClearPass and How Does it Protect Your Network?
With the advent of smartphones, tablets, and other mobile devices, companies and IT departments are facing the challenge of managing the vast assortment of devices on their network. Which devices get which levels of network access? Which users get which levels of network access? How do you ensure that your network is secure?This predicament is magnified by the growing prevalence of BYOD (bring your own device).
According to a 2018 Bitglass survey, 85% of organizations already allow the use (or are planning to allow the use) of personal devices at work. It makes sense - not only do your employees benefit from the convenience, but your IT team is also free from dedicating the time needed to purchase and manage all of those devices.
These advantages do present some downsides, though.
The sheer number of requests to grant device access can overburden any IT team. Your IT team could also easily lose track of which devices and users are connected to the network. Ensuring network compliance and troubleshooting issues also becomes far more complicated.
But the number of devices connecting to your network isn’t the only cause for concern. Your employees are connecting to Wi-Fi networks everywhere they go, and they’re downloading apps and data for both work and personal reasons. Personal apps hardly have the security protections needed to safeguard business networks. So when your employees come back from the outside world with their devices and reconnect to your business network, they could jeopardize your security.
So, how do you take the burden of onboarding so many new devices away from your IT department without sacrificing security or policy enforcement? Look no further than Aruba ClearPass.
What is Aruba ClearPass?
Aruba ClearPass is a policy management platform that many businesses are implementing to effortlessly onboard new devices, grant varying access levels, and keep their networks secure.
ClearPass allows you to safely connect business and personal devices to your network in compliance with your security policies. It allows you to grant full or limited access to devices based on users’ roles, device type, and cybersecurity posture.
This solution leverages a three-step plan:
With this new demand for network access, the burden on your IT department has increased exponentially and it’s not just laptops and smartphones that should be on your radar. IoT devices, printers, and even surveillance cameras are connecting to companies’ wireless networks.
ClearPass helps you identify which devices are being used, how many are connected to your network, where they’re connecting from, and which operating systems are supported. It gives you continuous visibility into changes on your network, including which devices are connecting and disconnecting.
When you need device-specific information, you can easily identify a device’s:
- Type and model name
- MAC address
- IP address
- NIC vendor
- OS and version number
Learn how to protect your organization by improving your cybersecurity habits:
Enforcing network policies can pose a huge challenge to IT departments. When an employee wants to add a new device to the network, they often have to go through extensive IT protocols. They may even need someone from IT to walk them through the process.
ClearPass allows you to enforce policies during the onboarding of new devices without any involvement from your IT department – whether it’s a laptop, smartphone, or security camera. A built-in certificate authority lets you support devices more quickly without any additional IT resources.
Your IT team will simply need to establish your foundation of security and write rules that define:
- Who can onboard a device
- The type of device users can onboard
- How many devices each user can onboard
You can then enforce access a number of ways. You can use a portal, or you can use the more secure and preferred method that uses encryption in the authentication process. After devices are granted access, ClearPass uses active and passive profiling methods to monitor your network and keep it safe.
Hundreds, if not thousands of devices are connecting to your network. How will you ensure that your network stays secure?
The health of individual devices connected to your network is an essential component to network security. With ClearPass OnGuard, your IT team can define the “level of health” a device must have in order to gain network access.
This solution automatically conducts critical endpoint health checks and posture assessments to ensure that all devices are compliant with your requirements (and industry best practices). It works for both wired and wireless networks.
ClearPass also offers a variety of third-party integrations (which we’ll touch on shortly). These integrations empower you to implement dynamic policy controls and threat remediation. You’ll have real-time insight into the activity on your network, equipping you to identify and address any threats that may present themselves.
After all, you have to be prepared to take action if you discover unusual network behavior. That requires establishing a unified approach that can block traffic and disconnect devices when necessary – even in the middle of the night.
The right network security solution must be comprehensive and that often requires you to create a seamless solution comprised of several different platforms.
Aruba ClearPass Exchange integrates with over 25 IT partners – the vast majority of your current technology and security stacks - to ensure that every element of your system is working without issue.
These third-party technology systems could include:
- Enterprise mobility management (EMM)
- Mobile device management (MDM)
- Security information and event management (SIEM)
Whichever platforms you use (or are considering), they will work with ClearPass’ REST based APIs, Syslog messaging, and extensions repository. Your collective solution will deliver end-to-end policy enforcement and the visibility you need to keep your network secure.
Learning to Build A Formidable Network Security Solution
Every business faces its own unique challenges, and protecting its network requires a unique solution. With IT-managed laptops, unmanaged smartphones or tablets, and even IoT devices connecting to your network, you need to make sure that users can gain access without compromising your security.
Without expertise about what systems work best in different environments, and how separate systems might work together, you run the risk of implementing a solution that’s unfit to adequately protect your network.
Our network and cybersecurity experts work with dozens of small- to medium-sized businesses in the Connecticut, Massachusetts, and Rhode Island region to help keep their networks secure and help them implement best practices for cybersecurity.
Download our Cybersecurity Guide to see how you can get started with some basics to secure your network without burdening your employees or IT team.
If your business is in Connecticut, Massachusetts, or Rhode Island and you want to dive in even deeper into your network vulnerabilities, sign up for a no-cost Security Assessment to understand the current vulnerabilities of your company.