Yet another company is stepping into the mobile-device-management arena to help organizations make sense of the influx of employee-owned devices into the corporate environment.
Aruba ClearPass is designed to simplify and automate the process of securely provisioning mobile devices onto an enterprise network, Aruba Networks said Feb. 21. The ClearPass Policy Manager software provides administrators with a set of modules to handle provisioning, asset inventory, security and management.
The Policy Manager consists of a core application and four separately licensed modules that customers can choose from. Onboard is a self-service mobile-provisioning portal for employees to register their own devices. Profiler creates a detailed inventory of each device. OnGuard is a network access control application that can quarantine compromised devices to prevent infecting the rest of the network and also remove the infection. The final module, Guest, allows organizations to register temporary visitors and grant them guess access on the network. Aruba also introduced a cloud service, ClearPass QuickConnect, to automatically configure wired and wireless network settings for personal devices.
The bring-your-own-device (BYOD) phenomenon is changing the network infrastructure, and IT departments have to keep up, Robert Fenstermacher, director of product marketing at Aruba, said in an interview.
Many mobile-device-management platforms typically don’t address provisioning or controlling the device’s network access, said Fenstermacher. IT administrators use Policy Manager to set a range of standard policies for devices based on device type, operating system version, user groups and other characteristics.
When a user registers a personal device, these predefined rules identify the device type and apply appropriate policies, such as using a VPN client, installing Exchange ActiveSync and downloading digital certificates. Certain types of devices may be given limited access, or senior executives may have extra privileges. Administrators can later tweak the device individually if additional policies are necessary.
Registered devices have a unique ID, which gives IT staff some control. If there is a problem, IT can immediately revoke access to that identifier without impacting other systems.
ClearPass Policy Manager relies heavily on technology Aruba acquired in 2011. The heart of the Policy Manager software comes from Avenda Systems mobile-management software, which Aruba acquired in December. Guest access and management capabilities are based on Amigopod technology, which was acquired December 2010.
Customers can buy ClearPass Policy Manager preloaded on a server appliance or as a VMware virtual machine instance. It can support the major operating systems in the enterprise, including Apple’s iOS, Google’s Android, Research in Motion’s BlackBerry OS, Apple’s OS X and Microsoft’s Windows 7. It will be available in March, and pricing will vary with the total number of users and devices, Aruba said.
Aruba sees ClearPass being used in a variety of settings, including the health care sector. In a hospital environment, medical professionals can be issued tablets to securely access the applications via VPNs over a WiFi or 3G network and be able to get access to information while making their rounds.
Aruba’s Fenstermacher claims ClearPass can save customers up to 76 percent over other platforms that require IT teams to replace existing infrastructure. In fact, organizations would likely spend 50 percent less on a Aruba ClearPass deployment than with a comparable Cisco Identity Services Engine implementation, Fenstermacher said.
ClearPass comes with FreeRADIUS, open-source software for authentication, authorization and accounting, but Policy Manager can also be used with existing authentication infrastructure.