Tuesday, March 16, 2021

Anyone move from Cisco ISE to Aruba Clearpass while still supporting Cisco APs?

Hey, all. We currently have a Cisco Aironet AP deployment, supported by a couple of Cisco 8510 WLCs and ISE for auth. We've moved towards Aruba for our access and core switching and it's looking like we may go to Aruba APs and Clearpass for wireless as well. However, with the size of our deployment, it wouldn't be a weekend gut-and-replace project, so we'd have to make the Cisco stuff play nice with Clearpass for some time.

I'm particularly looking into the migration experience from ISE to Clearpass pertaining to wireless dot1x and captive portal auth flows (that's all we're using ISE for, frankly) and what that would look like on the configuration side. Clearpass does seem somewhat a darling of this sub and I've liked the way Aruba has done other stuff, so I don't expect this to be a very uphill battle.

So...has anyone here migrated off of ISE and over to Clearpass? How is the multivendor support for Cisco APs on Clearpass? It's been a pain getting ISE to play nice with some Aruba stuff so far. Any gotchas, shortcomings, things to look out for? Any general wisdom and/or advice? Did you love the move? Hate it? Got any good resources to share in the meantime?

Thanks in advance for any shared knowledge!



No comments:

Post a Comment