l SAML 2.0 Service Provider, which allows seamless and secure access to ClearPass components using
federated/unified identity.
l Advanced reporting and granular alerts.
l Active and passive device fingerprinting
l High performance, scalability, High Availability, and load balancing
l A Web-based user interface that simplifies policy configuration and troubleshooting
l Network Access Control (NAC), Network Access Protection (NAP) posture and health checks, and Mobile
Device Management (MDM) integration for mobile device posture checks
l Social and Cloud Identity Network and Cloud Application single sign-on (SSO) via OAuth 2.0
l Facebook, Twitter, LinkedIn, Azure Active Directory and Office 365, Google G Suite, and so on.
l Device and User certificate enrollment via Simple Certificate Enrollment Protocol (SCEP), Enrollment over
Secure Transport (EST) and REST API-based workflows
l Advanced reporting of all user authentications and failures
l Enterprise Reporting, Monitoring, and Alerting
l HTTP/RESTful APIs for integration with third-party systems, Internet security, and MDM
l Device profiling and self-service onboarding
l Guest access with extensive branding and customization and sponsor-based approvals
l IPv6 administration support
Advanced Policy Management
ClearPass advanced policy management support includes:
l Employee access
ClearPass Policy Manager offers user and device authentication based on 802.1X, non-802.1X, and Web
Portal access methods. To strengthen security in any environment, you can concurrently use multiple
authentication protocols, such as PEAP, EAP-FAST, EAP-TLS, EAP-TTLS, and EAP-PEAP-Public.
For fine-grained control, you can use attributes from multiple identity stores, such as Microsoft Active
Directory, LDAP-compliant directory, ODBC-compliant SQL database, token servers, and internal databases
across domains within a single policy.
Additionally, you can add posture assessments and remediation to existing policies at any time.
l Built-in device profiling
ClearPass provides a built-in profiling service that discovers and classifies all endpoints, regardless of device
type. You can obtain a variety of contextual data(such as MAC OUIs, DHCP fingerprinting, and other
identity-centric device data) and use this data within policies.
Stored profiling data identifies device profile changes and dynamically modifies authorization privileges.
For example, if a printer appears as a Windows laptop, ClearPass Policy Manager can automatically deny
access.
l Access for unmanaged endpoints
Unmanaged non-802.1X devices (such as printers, IP phones, and IP cameras) can be identified as known
or unknown upon connecting to the network. The identity of these devices is based on the presence of
their MAC address in an external or internal database.
l Secure configuration of personal devices
ClearPass Onboard fully automates the provisioning of any Windows, macOS, iOS, Android, ChromeOS, and
Ubuntu devices via a built-in enrollment workflow.
Valid users are redirected to a template-based interface to configure required SSIDs and 802.1X settings,
and download unique device credentials.
3 ClearPass 6.7 Getting Started Guide
To Next Page
Loading...
Need help?
General
