HPE is Discover 2025 It's been just three months since we announced the expansion of Cloud NAC capabilities at the event.
at las HPE Aruba Networking Central NAC The solution is now officially available to all customers.
This solution is designed to help customers simplify complex network security policy management, leverage the scalability of the cloud, reduce operational overhead, and dramatically reduce the training and deployment time required for IT professionals to become proficient on the platform.
HPE Aruba Networking Central customers No additional cost Leverage this powerful cloud-native NAC solution to: Core NAC featuresYou can use it, but, Advanced or Pro NAC featuresCustomers who want to implement NAC Subscription LicenseYou must purchase it separately.
Cloud-native NAC that addresses the security challenges of modern organizations.
Central NAC is a cloud-based NAC solution designed to provide secure, seamless access for users and devices across an organization through centralized authentication and authorization. The quantifiable business benefits this platform delivers include:.
- Ease of use: An intuitive interface enables quick onboarding and easy policy management.
- Strong security: Developed by the ClearPass team, we've implemented proven security features directly into the cloud environment.
- Cloud scalability: Easily scale NAC control without infrastructure bottlenecks.
- Reduce operating costs: Cloud delivery reduces operating expenses (OpEx) by minimizing hardware requirements.
HPE Aruba Networking Central NAC ‘Security First, AI-Native Networking’Supports HPE's vision of .
It was designed with the belief that security should be built in from the beginning, not added on later.
This solution is built into HPE Aruba Networking Central and integrates seamlessly with other capabilities of the platform.
Empowers IT teams to deploy Zero Trust Network Access (ZTNA) and maximize the platform's security potential without additional costs or NAC expertise.
Comparison of features by Core and Pro license
| Function classification | Central NAC (Core) Included in Central Basic License | Central NAC (Pro) Separate subscription required |
| certification | EAP-TLS, MAC authentication (Auth), MPSK, Captive Portal Support | (Includes all core features) |
| Identity Provider (IdP) | Google Workspace, Microsoft Entra ID, Okta Workforce Support | Multi-IdP support: Multiple IdPs can be used simultaneously |
| Visitor/Guest Access | Built-in visitor management and captive portal customization | (Includes all core features) |
| Access Control | User role-based access control (Context-based Access) provided | Fine-grained authentication and authorization: Implement more customized policy rules |
| Certificate | BYOC (Bring Your Own Certificate): Provides self-certificate use and real-time validation (OCSP) capabilities | |
| Heterogeneous device support | Third-party Network Access Device (NAD) support: Support through HPE Gateway Appliances |
Pro features detailed description
1. BYOC (Bring Your Own Certificate)
Customers can authenticate using their own certificates. Administrators can select which certificates to apply to each network.
In particular, HPE provides the option to validate certificate validity in real time using the Online Certificate Status Protocol (OCSP).
This means proactive certificate management, rather than relying solely on manual updates or expiration dates.
2. Support for third-party NAD (Network Access Device)
Central NAC (Pro) supports third-party network devices (NADs) through HPE Aruba Networking Gateway appliances.
In this setup, the third-party NAD communicates with the gateway using RADIUS, and this traffic is securely encapsulated with RadSec and sent over the Internet to HPE Aruba Networking Central.
When the system requires dynamic authorization (Change of Authorization, CoA or Disconnect Message), it automatically sends the message to the corresponding NAD. Zero Trust NetworkStrengthens the robustness of the .
3. Granular authentication and authorization
IT teams can implement sophisticated security controls through highly flexible, customizable policy rules.
These rules can be applied based on an expanding set of criteria, including various identity sources, certificate attributes, site locations, and network types.
The final policy decision is returned as a User Role or VLAN ID and is applied by the NAD.
Use Cases
- Retail Chain: Securely onboard thousands of IoT devices and employees across distributed stores with minimal IT intervention.
- Medical (hospital): We enforce strict access policies for medical equipment and staff, while providing uninterrupted guest access to patients.
- school: Ensuring compliance and visibility while supporting Bring Your Own Device (BYOD) for students and faculty.
HPE Aruba Networking Central AI Capabilities Integration
The biggest advantage of delivering Cloud NAC through HPE Aruba Networking is the AI capabilities: Seamless integrationno see.
- HPE Aruba Networking Central Client Insight: Provides AI-based device profiling and visibility, and acquires security context from third-party unified endpoint management (UEM).
- HPE Aruba Networking Central Policy Manager: Responsible for security policy orchestration at NAD
conclusion
HPE's Central NAC solution has been in use for decades. HPE Aruba Networking ClearPassIt was born from the experience and customer feedback gained from building and operating . It provides powerful, adaptable access control suitable for today's hybrid and multi-device environments, while reducing complexity and operational overhead.
For organizations seeking a zero-trust environment while reducing costs, Central NAC offers a comprehensive and forward-thinking solution.
For more detailed information, please refer to the HPE Aruba Networking technical documentation below.
HPE Aruba Networking TechDoc – Central NAC
