I attended the Aruba Mobility Bootcamp and the Clearpass Essentials training in January.
Both courses (MBC and CPE) provide a solid overview and introduction of the Aruba Controller feature set and the Clearpass Policy Manager (RADIUS, TACACS, Guest, BYOD and NAC).
What impressed me most for the wireless controller is:
- Ease of troubleshooting wireless users, error rates etc.
- Role-based access, a very simple idea, but it makes user control so much easier to deal with. It takes some time to get used to the concept, but in the end, it totally makes sense.
- Impressive firewall feature set, especially the deep packet inspection, which provides application layer information and control for all the traffic.
As for Clearpass…, what can I say? This is just a AAA(RADIUS/TACACS) server how it should be:
- Just like the controller, a solution that is focused on role-based access, with strong condition/result processing.
- Ease of troubleshooting (Access tracker is SO easy to track the user sessions, it is one of the first times I feel I am not “forced” to use Wireshark for AAA troubleshooting)
- Impressive initial wizards. Just like the Mobility controller, it takes some time to get used to the concept and principles, so do not expect this to install and just work based on some trial and error. However, once these base principles are clear, the initial wizards really help the admin to quickly build a desired setup with all involved components and elements.
- Guest management: Again, everything I saw just made sense. Some networks just provide open network access for guests. But if you need any type of captive portal solution for either guest or contractor setup with sponsor approval, the Clearpass guest is definitely something to look at.
- BYOD: Built-in certificate authority to deploy and update certificates on BYOD devices
And that is just a selection of features, so it really feels like a very comprehensive, solid solution. While the course is mainly using Aruba based products (for obvious reasons), it is a generic RADIUS server that can handle any vendor equipment and supports easy import of RADIUS dictionaries.
For the certification, I took the Aruba ACMP and ACCP tests. Both tests were fair and closely matched the content of the training courses. So when you study the course content you should be fine for both tests.
In the HPE Partner program, the ACMP certification is a valid elective for the ASE Networking certification, so that may simplify the certification for existing Aruba certified network engineers.
Finally I also attended the Aruba Certified Instructor program this week, so I am now also officially allowed to do Aruba courses 😉