Fortinet FortiAuthenticator OverviewUNIXBusinessApplication

Fortinet FortiAuthenticator is the #2 ranked solution in top Single Sign-On (SSO) tools and #3 ranked solution in top Authentication Systems. PeerSpot users give Fortinet FortiAuthenticator an average rating of 7.6 out of 10. Fortinet FortiAuthenticator is most commonly compared to Fortinet FortiToken: Fortinet FortiAuthenticator vs Fortinet FortiToken. Fortinet FortiAuthenticator is popular among the large enterprise segment, accounting for 50% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 20% of all views.
Fortinet FortiAuthenticator Buyer's Guide

Download the Fortinet FortiAuthenticator Buyer's Guide including reviews and more. Updated: December 2022

What is Fortinet FortiAuthenticator?

Fortinet FortiAuthenticator is the primary secure point of approved access into the Fortinet network, authorizing users, reviewing access permissions, and relaying the information to all Fortigate devices for comparison with identity-based protocols. Fortinet FortiAuthenticator is a top-ranked authorization and SSO solution.

Appropriate secure access is fundamental to every role in an enterprise ecosystem. It is an integral function of every organization to ensure that every access and privilege is secure and to mitigate any possible risk to an organization. Approved users should only have access to the necessary information when they need it, from the appropriate location(s) to safeguard an organization's security at all times.

Fortinet FortiAuthenticator is available as an appliance, virtual machine, or in the cloud.

Fortinet FortiAuthenticator Methods

  • FSSO: FortiAuthenticator Single sign-on user will easily identify users and assign role or group access based on preset identity-based protocols. FortiAuthenticator integrates well with third-party LDAP or active directories, is very flexible, and combines these methods to provide effective security.

  • Active Directory Polling: Active directory access is securely identified by consistent polling of domain controllers. As users log in, username, IP address, and other details are logged into the database and can be shared across devices as directed by FortiAuthenticator protocols.

  • FortiAuthenticator Portal and Widgets: If a user system does not support AP polling, or for other reasons it is not feasible, FortiAuthenticator offers a unique secure authentication portal. Users can be manually authenticated and, to diminish the effect of numerous logins, an intuitive set of widgets is available to integrate into an organization's ecosystem that will automatically grant access to users when they access the organization's intranet homepage.

  • RADIUS Accounting Login: For organizations that use RADIUS authentication, RADIUS Accounting is available for user identification. This process will prompt user access information (IP and group, etc.) and eliminate the need for multiple levels of authentication.

Reviews from Real Users

Ernesto C., Presales Engineer at a comms service provider, shares,

”Key Features and Benefits

  1. Two-factor/OTP Authentication with FortiToken: Enforce user-based policies. Fortitoken is available in soft and hard versions for flexible usage. Most Valuable in Mobile Phones App for OTP.
  2. Integration with LDAP and AD: This solution integrates with existing enterprise systems and technologies from diverse vendors of user information management systems.
  3. LPAD/AD/RADIUS/SYSLOG/KERBEROS/REST API/FSSO and Web Portals: There is flexible integration with these services.
  4. It is usable in network, WAN, wireless, and VPN Scenarios.
  5. The domain and guest-users support are good.”

Ibrahim M., Senior Network & Security Engineer at a tech services company, relates, "The initial setup is a valuable point on Fortinet products. Most of the time, putting the theory into practice on the devices is quite friendly and straightforward. As long as you can read English you can find your way around the solution and make it work. This is a high value point on Fortinet - the way everything is laid out in the web UI is user-friendly and quite straightforward. The UI is quite simple."




Fortinet FortiAuthenticator was previously known as FortiAuthenticator.

Fortinet FortiAuthenticator Customers

Black Gold Regional Schools, Amadeus Hospitality, Jefferson County, Chunghwa Telecom, City of Boroondara, Dimension Data

Fortinet FortiAuthenticator Video

Fortinet FortiAuthenticator Pricing Advice

What users are saying about Fortinet FortiAuthenticator pricing:
  • "Between paying them to help with the configuration, the box itself, and the support, it came to like $12,500, including a three-year service agreement."
  • "FAC is an affordable solution for Middle Range (200E/400E) and also needs a package of mobility agents (2,000) perpetual."
  • "When we buy the Fortinet FortiAuthenticator device there is a comparison between price and security."
  • "The licensing structure is cost-effective for us compared to some of the other solutions that have recurring monthly costs."
  • Fortinet FortiAuthenticator Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Network admin at Penobscot Valley Hospital
    Real User
    Top 10
    A reasonably priced solution that can be scaled toward different functionalities and offers flexible SMS messaging
    Pros and Cons
    • "The most valuable feature is the flexibility in using the SMS messages."
    • "I would like to see more support from Fortinet with tech support people who have as much expertise on the authenticator as they do on their firewalls."

    What is our primary use case?

    The solution syncs with our active directory and allows configuration for 
    two-factor authentication. We're using the two-factor authentication for our Office 365 email and cloud. We needed a way to use the authenticator to configure a trusted network so that when the users are in-house, on our network, they don't get prompted for two-factor. We don't want to go through that rigmarole every time, so basically it authenticates through active directory that this trusted network that we're on is going to encrypt the data. Then, when they're not on a trusted network or they're at home and trying to log in, the user gets a SMS message to put in a token to validate their identity for their email username and password.

    What is most valuable?

    The most valuable feature is the flexibility in using the SMS messages. People give me their cell phone numbers, I put them in the active directory, it syncs over to the authenticator, and then they're able to use the two-factor authentication when they're at home or doing something outside of our network.

    What needs improvement?

    It was very hard to find the right people to help us set up the solution. We hired a third party, but they were not as helpful as they could have been. After that, we got a higher level of support through Fortinet, and they engaged with us and worked out the final bit. The connectivity between Microsoft Office and the authenticator is very tricky when it comes to certificates and you need more expertise for that, so if you don't have the experience, you need a higher level person to help with it.

    I would like to see more support from Fortinet with tech support people who have as much expertise on the authenticator as they do on their firewalls. They don't have enough people with that expertise.

    Once you get comfortable, you want to ask questions like "Okay, what if I do this, what is the impact?" You don't know what changes you can apply until they happen. It's better to have somebody who knows what they're doing, and knows what changes you apply are going to make a difference. Once I was able to talk to the second level Fortinet person I said, "Well, what does this do? What does that do?" Then he helped me and I said, "Okay." That makes a difference, because it's new and you don't know what you're supposed to do.

    For how long have I used the solution?

    I have been using this solution for about five months. 

    Buyer's Guide
    Fortinet FortiAuthenticator
    December 2022
    Learn what your peers think about Fortinet FortiAuthenticator. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
    655,994 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    The stability of the solution has been very good. I haven't had any issues. 

    The funny thing is, when I first got the authenticator there was a problem with it and I couldn't get it configured. I had to go through Fortinet to troubleshoot the fact that it was basically inoperable. I had to send it back and then they sent me another one, and that one has worked fine, so that was just one of those freak things that happens.

    What do I think about the scalability of the solution?

    I think you can scale it toward different functionalities. For example, we have a Fortinet firewall and I could have used 40 tokens to configure the authenticator for that usage, but I chose to use it just for the email. In the same vein, there's scalability for other applications, servers, and cloud servers to set up a two-factor configuration on this authenticator. For other applications you have to pony up with the vendor who's doing it and log into their application in the cloud, then they have to be able to coordinate this thing, so that's kind of hard to figure out.

    We use the solution for anybody who wants to have remote access to their email, so pretty much anybody who says, "Yeah, I'm going to be checking my email from home," I configure it so that they can do that. I'd say most everybody in our company has it. Whether they use it or not is a different story, but I have to buy SMS messages licenses for every person who wants the option to use it.

    You only need one person, like myself, for maintenance. Once it's up and running, people can log in and get their email, and if there are issues I can look at the log and say, "Well, it's telling me you're putting the wrong password in or username." Or it shows, "Oh, you got it right. Success." 

    The solution is an integral part of our security for our email network, and like I said, we'll begin using it for other cloud applications. We signed a three-year contract for the solution, so it's here to stay.  

    How are customer service and support?

    The tech support is okay. If you have complex problems, there are not enough people to help, and you have to get to a higher level of support, so it can be a little challenging to get to the right person. That's on Fortinet as a company, though; what they provide is excellent. It's just getting to the right person.

    Which solution did I use previously and why did I switch?

    We used to use an authenticator called Duo, but we're a small rural hospital, and that solution is a lot more expensive. It was probably at least three times the cost of Fortinet. The other thing was that I already had a Fortinet firewall, so I wanted something in conjunction with that to work alongside it.

    How was the initial setup?

    It was complex when it came to the active directory portion of the product. Knowing what was required to have the active directory integration with the authenticator was a little tricky, and figuring out how the users' email addresses were going to be displayed. When you go to Office 365, it redirects it back to the authenticator and you have to make sure you have the right configuration and the right domain because it inputs it based on your domain name. It was difficult to get that figured out.

    What about the implementation team?

    We used a third party in conjunction with higher level Fortinet support for deployment. We had to get a certificate and the third party helped us with that, and then we had to talk with Microsoft too, so it was tricky.

    During setup it was hard to make sure that the solution was doing what it was supposed to do. There were different factors that made it difficult, but it might have been because the person who was trying to implement the solution didn't understand it fully. There were some inconsistencies in standards for active directory account names, for example, usually you'd have first initial, last name, and that would be your domain name. However, we had some older users, myself included, that had a different format that included their department name, like 46-JMoore for example, and the authenticator didn't understand that. You'd have to tell the user, "Okay, you're using this old formatting for your username, but you need to put it in differently so the authenticator can understand it." It wasn't really the authenticator's problem, but more so had to do with fitting the environment into the authenticator's configuration.

    What's my experience with pricing, setup cost, and licensing?

    First you have to buy the unit, then you have to buy the license for it. I think we have a 100-user license. The price depends on the model. We have a FAC 300, which channels X number of users, so if you have a lot more users, you're going to buy a higher model, like with any other solution. 

    We got the reseller price, so we paid $3,450 for the authenticator model itself. The support contract is about $2,900 for three years, which is a pretty good deal.
    Then you've got to pay the fee for their help with the installation. That was like $6,000, but it varies depending on the vendor. So between paying them to help with the configuration, the box itself, and the support, it came to like $12,500, including a three-year service agreement.

    The only other cost is for the SMS messages, which are not expensive. It's under $30 for like 100 SMS messages, so it's not a big deal.

    What other advice do I have?

    My advice to people considering this solution is that I think you need somebody who has experience with FortiAuthenticator, and most places are going to have to use a third party to get it installed correctly. I also think the third parties have some leverage on accessing the higher level of Fortinet support, which helps. I think you can do certain parts yourself, like preparing the device for your active directory, but when it comes to actually getting comfortable with the commands and knowing what you're doing, you need a third party to help you get it installed correctly.

    I would rate this solution as a nine out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Ayokunmi Ogundapo - PeerSpot reviewer
    Systems Administrator at Interswitch
    Real User
    Top 5Leaderboard
    Easy to deploy with intuitive interface; integration with certain enterprise applications lacking
    Pros and Cons
    • "Intuitive interface and easy to deploy."
    • "Integration with some other enterprise applications could be improved."

    What is our primary use case?

    We use this solution for two-factor authentication of most of our services. It includes VPN but also many other services that we have on our internet servers. We use the on-premise version because we also want it integrated into our in-house applications. We are customers of Fortinet and I'm a systems administrator. 

    How has it helped my organization?

    Security is such a big issue these days, a password alone is no longer enough for securing identity. In that sense, providing a second layer of authentication for users gives the company some level of comfort. 

    What is most valuable?

    I think the ease of deployment is a valuable feature. I like that the interface is intuitive and that natively and easily, it integrates with radios, ILDAP, fan mail, and with any applications supporting those protocols

    What needs improvement?

    I'd say that the integration with some other enterprise applications could be improved. For instance, ADFS. FortiAuthenticator does not work natively with ADFS and the company is not looking in that direction. It's one of our in-house applications and it was a challenge integrating with FortiAuthenticator. We had to write a separate, customized adapter for ADFS before we could make it work. We tried to get Fortinet to work on it but I don't think their development team is interested. It's not in their plan. The other challenge was when I integrated with I think VMware - there was an issue between the radio adapter and FortiAuthenticator. Both parties were not ready to work together and the implementation was buggy. 

    I believe this solution can be adapted to so many things, depending on the technical side and the implementation engineers. I'd like to see some additional use cases that can be infused into the solution, such as ADFS.

    For how long have I used the solution?

    I've been using this solution for two years. 

    What do I think about the stability of the solution?

    I haven't had any issues with stability. 

    What do I think about the scalability of the solution?

    It's a very scalable solution. They now have the option of deployment as a VM, and then they have the hardware. I believe we use the 1000D for the hardware - it's able to support up to 10,000 users. You license the appliance based on the number of users and if you need to add more, you buy additional licenses. Almost everybody in the company uses it and I'd say we've had a total of around 4,000 users.

    How are customer service and technical support?

    The technical support is mid-range It's not your wow kind of support but they do have levels of support. The support is in connectivity with their clients and it has to be renewed every year. You might do better if you go through their partners or something similar. They're not really there when it comes to support.

    Which solution did I use previously and why did I switch?

    We used RSA SecurID before Fortinet. We switched because of the high costs associated with RSA. I believe that with RSA you need to pay a token license every three years but with Fortinet, once you buy it, you own it. Even if a token is lost, you can always reposition the token and that will not come at any extra cost. It's cost-effective for us. We also have several channels we can use for authentication with FortiAuthenticator. With RSA, users are stuck with either carrying the dongle, the hardware token, or maybe having the mobile application token on their phone. With Fortinet you can decide whether to use a hardware token, soft token, email token, push notification, or SMS. It gives us flexibility and comfort.

    How was the initial setup?

    Initial setup was pretty straightforward. We were up and running within three days. I carried out the deployment. 

    What's my experience with pricing, setup cost, and licensing?

    The license is a one-off payment. 

    What other advice do I have?

    Every environment is obviously different so each user needs to know what they are looking for, and make a decision based on that. This is a cost effective and flexible solution. If a company is looking to use it on their server, it's important to look at the integration channels and your environment, the support. It's important to know that the channels are supported. 

    I would rate this solution a seven out of 10. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Fortinet FortiAuthenticator
    December 2022
    Learn what your peers think about Fortinet FortiAuthenticator. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
    655,994 professionals have used our research since 2012.
    Ibrahim Massad - PeerSpot reviewer
    Senior Network & Security Engineer at a tech services company with 11-50 employees
    MSP
    Top 10
    Affordable solution with a friendly UI
    Pros and Cons
    • "The initial setup is a valuable point on Fortinet products. Most of the time, putting the theory into practice on the devices is quite friendly and straightforward. As long as you can read English you can find your way around the solution and make it work. This is a high value point on Fortinet - the way everything is laid out in the web UI is user-friendly and quite straightforward. The UI is quite simple."
    • "We would like to see Linux-based operating systems be able to integrate with FortiAuthenticator to get two-factor authentication running on them. as well. This is a shortcoming that I have faced a few times already."

    What is our primary use case?

    Fortinet FortiAuthenticator is being used in our clients' companies. These companies are medium to enterprise level.

    What is most valuable?

    The feature that I have found most valuable is the fact that you can utilize your tokens across the whole Fortinet fabric once you have the FortiAuthenticator. You can use FortiAuthenticator to provide two-factor authentication among all your network devices as long as they support the RADIUS protocol. Even for servers, especially Windows OS-based servers.

    If you have any products that support RADIUS, you will be able to use the two-factor authentication. You can integrate them with the FortiAuthenticator and you can make use of the 2FA token among all our network devices, not just the Fortinet ones.

    What needs improvement?

    So far there hasn't been any major feature that we wished for and didn't find, but I would say in regards to bugs, sometimes we face unexpected issues that delay the implementation a little. However, I believe Fortinet will sort this out soon. Hopefully the solution will be more stable overall.

    In terms of what additional features we would like to see in the next release, we would to see support for more of the common operating systems. They already support Windows OS, with the use of an agent installed on the windows machine.

    However, we would like to see support for Linux-based operating systems for example. This is a shortcoming that I have faced a few times already.
    Also a nice addition would be agents for End-user Machines especially Windows OS & MAC OS. 

    For how long have I used the solution?

    We've done quite few deployments of Fortinet FortiAuthenticator over the last one and a half years.

    How are customer service and technical support?

    Some bugs that we find we can work around, but usually we open the ticket with Fortinet anyway. This is because sometimes we suspect that we do not have the proper understanding or maybe there is something that we need to get an insight on from the technical support because they have their big databases and can provide us with additional valuable information about our cases. Sometimes we may find a workaround, but if we don't know what happened and why, we open a case anyway to get the full details.

    Fortinet support is quite good. Their engineers are experienced and well-trained. Generally speaking, we feel that the technical support is capable and know what they're doing. You don't feel that you're speaking to someone who doesn't understand what the product is, which we face sometimes with other vendors. I would say, generally speaking, we are happy with it.

    How was the initial setup?

    The initial setup is a valuable point on Fortinet products. Most of the time, putting the theory into practice on the devices is quite friendly and straightforward. As long as you can read through the menus, you can find your way around the solution and make it work. A 10 minute surf through the tabs will give you an idea of what you can do and how to do it. Documentations and guides are also available when needed.

    This is a high value point on Fortinet - the way everything is laid out in the web UI is user-friendly and quite straightforward. 

    What's my experience with pricing, setup cost, and licensing?

    Generally speaking, Fortinet prices are competitive enough. It depends on the markets, but in our market, the price sensitiveness is high, especially now with the current economic situation after the COVID-19. This became something to take into consideration even more. Price is always important, but after such a situation, it's even more so. Customers became even more sensitive to the prices. So, price is another value point for Fortinet.

    What other advice do I have?

    If two-factor authentication is needed also for the end-devices, for example a endpoints or servers, I think FortiAuthenticator is not yet the most mature solution. However, if it is great for network devices, then this product is competitive enough price-wise and easy to use. It just works.

    On a scale from 1 to 10, I would say Fortinet FortiAuthenticator is an 8.

    Disclosure: My company has a business relationship with this vendor other than being a customer: partner
    PeerSpot user
    Ernesto Chang - PeerSpot reviewer
    Presales Engineer at a comms service provider with 5,001-10,000 employees
    Real User
    Top 10
    Strengthens security, flexible two-factor authentication options, and integrates well with other solutions
    Pros and Cons
    • "It reduces the need for network administrator intervention by allowing the user to perform their own registration and resolve their own password problems and issues."
    • "I would like to see integration and customization capabilities with the end-user portal to solve authentication issues with diverse implementation scenarios."

    What is our primary use case?

    We primarily use Fortinet FortiAuthenticator to centralize the management of user identity information in Security Architectures, enforce Role-Based authentication, and allow Two Factor authentication with Softclient support.

    This is a must-have technology in Fortinet implementations with several gateways and distributed environments.

    It is easy to set up and will reduce Network administrators' efforts to integrate diverse identification methods. Must evaluate Single Sing On Mobility Agents to full integration of users position on the network and complete the solution.

    How has it helped my organization?

    Using this product strengthens enterprise security. It offers role-based security policies and User Identity Management with different methods.

    This product provides automatization. There is a self-service user portal for registry and support for domain and non-domain guest users, with diverse channels vía hardware tokens, software tokens, e-mail, and SMS.

    This solution brings user satisfaction. It reduces the need for network administrator intervention by allowing the user to perform their own registration and resolve their own password problems and issues.

    What is most valuable?

    Key Features and Benefits

    1. Two-factor/OTP Authentication with FortiToken: Enforce user-based policies. Fortitoken is available in soft and hard versions for flexible usage.  Most Valuable in Mobile Phones App for OTP.
    2. Integration with LDAP and AD: This solution integrates with existing enterprise systems and technologies from diverse vendors of user information management systems.
    3. LPAD/AD/RADIUS/SYSLOG/KERBEROS/REST API/FSSO and Web Portals: There is flexible integration with these services.
    4. It is usable in network WAN, wireless, and VPN Scenarios.
    5. The domain and guest-users support are good.

    What needs improvement?

    I would like to see integration and customization capabilities with the end-user portal to solve authentication issues with diverse implementation scenarios. Specifically, with web applications, enterprise networks, and VPN.

    For how long have I used the solution?

    We have been using Fortinet FortiAuthenticator for three years.

    What do I think about the stability of the solution?

    This is a stable, set-and-forget product. Logical operations run in the Gateways.

    What do I think about the scalability of the solution?

    FAC 200E/400E will support environments for hundreds of users, based on Physical Appliances. If future needs are in the scope then I suggest implementing virtual deployments.

    How are customer service and technical support?

    Technical support is not needed in any sense. We have three years running without hardware appliance incidents or major issues.

    Which solution did I use previously and why did I switch?

    This is the first authentication platform that I have worked with.

    How was the initial setup?

    The initial setup process will vary from simple to complex and depends on your existing User Identity Systems, integrations, and scale of the network

    What about the implementation team?

    In-house engineers, properly trained, are responsible for deployment and maintenance.

    What was our ROI?

    Our ROI was reached in less than a year. This solution is good in terms of financial returns.

    What's my experience with pricing, setup cost, and licensing?

    FAC is an affordable solution for Middle Range (200E/400E) and also needs a package of mobility agents (2,000) perpetual.

    There is nothing to buy in the gateways (FG) and it is fully integrated.

    Which other solutions did I evaluate?

    As a Fortinet customer, the logical evaluation was FAC from the same vendor.

    What other advice do I have?

    This is a must-have technology in Fortinet deployments with distributed environments.

    Which deployment model are you using for this solution?

    On-premises

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: My company has a business relationship with this vendor other than being a customer: We implement and support Fortinet Technologies as MSSP.
    PeerSpot user
    Pedro Andrade - PeerSpot reviewer
    General Manager at Ip4u
    Real User
    Top 5
    Easy to set up with helpful support and good authentification capabilities
    Pros and Cons
    • "The product is stable and reliable."
    • "We had issues trying to integrate the keys properly during the initial setup."

    What is our primary use case?

    We primarily use the solution to gain VPN access to the main client site. 

    What is most valuable?

    The authentification for the VPN is quite useful.

    It is easy to set up.

    The product is stable and reliable. 

    The solution is reasonably priced.

    Technical support has proven to be helpful. 

    What needs improvement?

    We had issues trying to integrate the keys properly during the initial setup.

    For how long have I used the solution?

    We have only used the solution for about a year or so. We haven't used it for too long just yet.

    What do I think about the stability of the solution?

    I have no complaints in relation to the stability. It's reliable. There are no bugs or glitches. It doesn't crash or freeze. 

    What do I think about the scalability of the solution?

    We only have around 20 users. Our use case isn't very big. Therefore, we haven't really needed to scale so much. 

    How are customer service and support?

    We haven't used technical support yet, aside from the migration issue. They were fine. They were able to help us. 

    How was the initial setup?

    The implementation process is simple and straightforward. It's not overly complex. 

    It was deployed in about four hours or so. It doesn't take too long. However, we had many issues when we upgraded the equipment. The keys were not integrated properly and therefore it wasn't completely simple to manage.

    We had one engineer handling the deployment. 

    What was our ROI?

    I haven't looked into if we have seen any ROI just yet.

    What's my experience with pricing, setup cost, and licensing?

    The licensing costs are reasonable. It's not overly expensive. We pay either by the number of users or for a certain number of users that fall under a specific licensing tier. 

    What other advice do I have?

    I'd rate the solution eight out of ten. We've been pretty happy with its capabilities overall. This is a very important product if a company wants to use a VPN. It's great for clients that already use Fortinet products. 

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Jozef Beliansky - PeerSpot reviewer
    Network engineers at a government with 501-1,000 employees
    Real User
    Top 5
    Excellent scalability, straightforward installation for a government organization, with proven results
    Pros and Cons
    • "I prefer the passing tool that sent an active directory console to a Fortinet FortiAuthenticator, then Fortinet FortiAuthenticator does not pass the locks."
    • "I would like to see more security features in reference to identity login or identity identification."

    What is our primary use case?

    We use it for single sign-on. After connecting to VPN it creates an active directory or up session and we know who it is and then we use Fortinet FortiAuthenicator. 

    What is most valuable?

    I prefer the passing tool that sent an active directory console to a Fortinet FortiAuthenticator, then Fortinet FortiAuthenticator not passing the locks. If I ask the Fortinet FortiAuthenticator, give me the name of the group. FortiAuthenticator passes the lock, the group name, or the directory.

    What needs improvement?

    I would like to see more security features in reference to identity login or identity identification. I would like to see a troubleshooting option. For troubleshooting or viewing the lock of the device set or separate the locks from the connected device. Maybe with any device connected to the Fortinet FortiAuthenticator. And then I need the parsing device and type of locks of this device.

    For how long have I used the solution?

    I have been using Fortinet FortiAuthenticator for the past two months. Before that, we were only testing Fortinet FortiAuthenticator.

    What do I think about the stability of the solution?

    I believe Fortinet FortiAuthenticator is stable.

    What do I think about the scalability of the solution?

    We are finding it to be fully scalable at this point one hundred percent.

    How are customer service and support?

    Technical support is excellent with Fortinet FortiAuthenticator.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    The initial setup was straightforward. The only problem we faced was the POC. We configure only through self-configuration. If we had an integrator or consultant to configure Fortinet FortiAuthenticator it would be easier than doing a self-configuration.

    What about the implementation team?

    It was easy for me, but I had to read the documents about LDAP authentication. I did an in-house self-configuration. It was time-consuming.

    What's my experience with pricing, setup cost, and licensing?

    When we buy the Fortinet FortiAuthenticator device there is a comparison between price and security. We have a government organization and we want to buy cheap products.

    What other advice do I have?

    I would rate Fortinet FortiAuthenticator an eight out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    IT Manager at a tech services company with 11-50 employees
    Real User
    Top 20
    Good support, integrates well with Fortinet products, and the licensing is cost-effective
    Pros and Cons
    • "FortiAuthenticator is really good software that integrates very well with Fortinet products."
    • "I would like to see more ways to authenticate, such as adding facial recognition to the two-factor, where you log into your phone or another device."

    What is our primary use case?

    Our primary use case is two-factor authentication, and we use it for a handful of our clients.

    What is most valuable?

    FortiAuthenticator is really good software that integrates very well with Fortinet products.

    The licensing structure is cost-effective for us compared to some of the other solutions that have recurring monthly costs. We like that it has more one-time costs than the monthly recurring cost per user.

    What needs improvement?

    Although two-factor authentication has come a long way, there are a lot of companies that are going further. The reason for this is because people are finding ways to compromise traditional, web-based solutions. I would like to see more ways to authenticate, such as adding facial recognition to the two-factor, where you log into your phone or another device. That would be great.

    What do I think about the stability of the solution?

    I have had stability issues with FortiAuthenticator.

    What do I think about the scalability of the solution?

    As long as you purchase the right amount of licensing, it's scalable.

    How are customer service and technical support?

    Generally, the technical support is very good. I know some people that work for Fortinet and we haven't had any issues with getting to the right resources when needed.

    Which solution did I use previously and why did I switch?

    We have always used Fortinet products.

    How was the initial setup?

    The initial setup is fairly simple because there's product training available for all of the tools from Fortinet. Our team is fully versed in those products, so it wasn't very difficult.

    What's my experience with pricing, setup cost, and licensing?

    The licensing fee is less in the long term because it's not a recurring cost.

    What other advice do I have?

    My advice is that for any solution you want to deploy, you have to ensure that your team is trained so that you can support it. Before FortiAuthenticator goes into play, make sure that your team is trained.

    Overall, we are pretty satisfied with FortiAuthenticator.

    I would rate this solution a nine out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Security Engineer at Futuretec
    Real User
    Top 5Leaderboard
    Good support that responds quickly, but it's complex to set up and some protocols are not supported
    Pros and Cons
    • "I work a lot with Fortinet products and I call the support often. They are very quick to respond and the support is very good."
    • "There are some protocols, such as SHA and SHA-2, that are not supported."

    What is our primary use case?

    We are a solution provider and we work with Fornet products, including FortiAuthenticator. I have installed it for a bank and their users authenticate their access through it.

    Our implementation involved the creation of local users for the VPN, and they are authenticated using this product. This is the main purpose of it, and what had been requested by the client.

    What is most valuable?

    The most valuable feature is the authentication tokens.

    What needs improvement?

    There are some protocols, such as SHA and SHA-2, that are not supported. This is something that Fortinet is working on.

    For how long have I used the solution?

    I have been working with Fortinet FortiAuthenticator for one year.

    What do I think about the stability of the solution?

    One of our clients has faced a lot of issues with FortiAuthenticator. For example, one of the devices restarted by itself, and the database was corrupted. To remedy this, we reinstalled the image and did the installation from scratch.

    What do I think about the scalability of the solution?

    This is a scalable product.

    How are customer service and support?

    The technical support by Fortinet is okay.

    I work a lot with Fortinet products and I call the support often. They are very quick to respond and the support is very good.

    Which solution did I use previously and why did I switch?

    I have worked on most of the Fortinet products, as well as with products from Palo Alto. At this time, the only single sign-on product that we use is FortiAuthenticator.

    How was the initial setup?

    The initial setup was very complex. The was one cluster and one load balancer that had to be configured.

    Which other solutions did I evaluate?

    We expect to do another installation, although this time it will be using the RADIUS server.

    What our engineers say about FortiAuthenticator is that when compared with other vendors, it has not yet reached the same level.

    What other advice do I have?

    I would rate this solution a six out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Buyer's Guide
    Download our free Fortinet FortiAuthenticator Report and get advice and tips from experienced pros sharing their opinions.
    Updated: December 2022
    Buyer's Guide
    Download our free Fortinet FortiAuthenticator Report and get advice and tips from experienced pros sharing their opinions.