Fortinet FortiAuthenticator Reviews

In my recent job, I worked in tandem with Fortinet to enable 802.1X authentication for the Wi-Fi environment.

The web feature is quite versatile. It serves as the sole server authenticator and is valuable not only with FortiGate products but also within the entire Forti system, making it highly useful for me. However, from my experience, I find the visual data to be less practical. While some features might be more respected than others, it's valuable that, for instance, when a customer has a new lead cluster, I can authenticate or leverage alternative solutions to achieve the desired outcome.

The only issue I encounter is that when not using FortiAuthenticator for an extended period, it's typical to encounter some obstacles in the configuration process that you need to address. It's not a consistent problem, and I can't recall all the specifics. This issue is something I face with the entire product. While it's normal for products to require ongoing attention, this can be a challenge when checking the system.

I have experience with Fortinet FortiAuthenticator.

I recollect instances when customers didn't approach me about their issues, instead opting to submit tickets. From a personal perspective, customer mobility played a role, and sometimes I wasn't fully aware of the problem until later. However, I can't recall many details about these cases.

It's scalable. If the need arises, you can easily set up a cluster with two or more units. Additionally, if you require more licenses or features, you can expand.

It works well for me. I can review the initial check, explain it thoroughly, outline the subsequent steps, and attempt to address the problem. This often involves quickly escalating to technical levels two or three. In situations where I open a general ticket, it's standard to begin with a level one tech who collects information to understand and resolve the issue. The more detailed and accurate the data is, the easier it becomes to find a resolution.

Positive

It is deployed on-premises. One or two days for initial deployment is insufficient. It typically takes a few more days to set up the specific configurations. The standard device configuration is exceptionally fast.

Based on my experience it's been very good. I don't have much knowledge, for instance, about how it compares to Gartner's system and its current position in the market, or whether there are other systems that might have a better position. I've noticed that Fortinet lacks certain features that other solutions have implemented. This leads me to explore and understand other solutions, looking for differences. I've observed that some solutions offer features that Fortinet may excel in, while others may have strengths in different areas. I would rate it an eight out of ten overall. 

We use Fortinet FortiAuthenticator to maintain security, and access, and monitor authentication and authorization processes. It enables the proper functioning of the CA server. We can use various authentication methods, including EFTOS parameters like PKI (Public Key Infrastructure) for the CA server.

The product’s most valuable feature is integration with FortiGate, FortiToken, FortiTalk, and multi-factor authentication. It is inexpensive compared to Cisco and Clear Pass.

Fortinet FortiAuthenticator provides only authentication. It should also enable authorization services. There could be a central management point for both the services similar to Cisco and Clear Pass.

We have been using Fortinet FortiAuthenticator for around a year.

It is a stable product. I rate the stability a ten out of ten.

It is a scalable product. It is suitable for medium and enterprise businesses. Its scalability is a seven or eight out of ten.

Fortinet provides good support services.

Positive

Compared to Fortinet FortiAuthenticator, Cisco is a complicated tool to use. It is difficult to configure as it has many features. It is scalable but needs to be a more stable product.

The initial setup is very easy. It takes an hour to complete.

The product is inexpensive compared to Cisco. I rate its pricing a three to five out of ten.

I recommend Fortinet FortiAuthenticator and rate it an eight out of ten.

We are using FortiAuthenticator for authentication to connect to our network, either through some software or VPN or SSL or CyberArk, anything.

Samuel is good. We are using Samuel. Also, the good thing is that it's easy to use, and the logs are very precise.

There is a room for improvement. The log is a bit difficult to access, and searching the log codes is also a bit difficult. So it would be much better if, when we open a log, it could provide detailed information about errors, reasons for failure, and such.

We have been using this solution for approximately one and a half years.

It is very stable. We have never had any issues with this solution.

I would rate the scalability an eight out of ten. Some improvements, but it's on our end as well because we are still using the older variant. 

We have around five to seven end users using this solution.

The customer service and support are awesome for FortiAuthenticator.

I've been using Fortinet for the last eight or nine years. So, for other professional solutions from Fortinet, the support is not so good. You have to open a case as usual, and some technical contact will get in touch with you if they're available. If not, we have to call a toll-free number manually, and they will connect us to an available agent who will check our case and then escalate it. For normal issues with no business impact, it's okay to wait for two or three hours, no problem. But in critical situations, it's challenging to reach them.

Positive

The initial setup is simple. It's not that difficult. You have to know the functionality of FortiProtect, the requirements, and it depends on your network. It's not that difficult to implement.

We have VMs and devices. But mostly, we are moving to VMs.

We design and then, Fortinet team will implement.

I would rate the pricing a four out of ten, where one is cheap, and ten is expensive. It is not that costly. It is cheap, easy to manage, easy to install, and easy to configure. 

We evaluated Palo Alto. It's easy to use, offers a lot of features in one box, and it's cost-effective. And the support is very good.

Overall, I would rate the solution an eight out of ten. 

I am using Fortinet FortiAuthenticator for SSL and logins.

The most valuable features of Fortinet FortiAuthenticator are easy to configure, secure, and the application has good performance.

It would be helpful to receive a code by yourself for authentication instead of it registered to a phone.

I have been using Fortinet FortiAuthenticator for approximately two years.

I rate the stability of Fortinet FortiAuthenticator a nine out of ten.

Some additional features would be helpful.

Our customers are enterprise-sized companies.

I rate the scalability of Fortinet FortiAuthenticator an eight out of ten.

The support is responsive and the support is in our local language.

I rate the support from Fortinet FortiAuthenticator a nine out of ten.

Positive

The initial setup is simple compared to other solutions. 

I price of the solution is expensive.

I rotate the price of Fortinet FortiAuthenticator a seven out of ten.

We have one person for 100 users of the solution.

I rate Fortinet FortiAuthenticator a nine out of ten.

We're using Fortinet FortiAuthenticator to bypass identity to the Fortinet FortiGate. We do not use FortiAuthenticator too much because it is middleware.

Fortinet FortiAuthenticator has improved our organization because we are able to can create identity-based policies. For example, who are you and where are you. We are shifting from the IP-based to the identity-based.

The price of the solution could improve, it is expensive.

I have been using Fortinet FortiAuthenticator for approximately five years.

We have not had issues with Fortinet FortiAuthenticator. It is stable.

Fortinet FortiAuthenticator is scalable.

We have approximately two people that are using the solution.

We needed to use Fortinet FortiAuthenticator because we wanted to use the identity-based policy so that FortiAuthenticator can help us to pass the identity to the Fortinet FortiGate.

The initial setup of Fortinet FortiAuthenticator was straightforward. The implementation process took three to four days with multiple sites.

I rate the initial setup of Fortinet FortiAuthenticator four out of five.

We did the implementation of Fortinet FortiAuthenticator in-house and we have two people for the maintenance.

We typically purchase licenses for five years and when new projects come we reassess the situation and renew or switch solutions. 

There are no additional costs to the standard licensing fees.

I rate the price of Fortinet FortiAuthenticator a three out of five.

We did not evaluate other solutions before choosing Fortinet FortiAuthenticator.

I rate Fortinet FortiAuthenticator a five out of ten.

We are a solution provider and we work with Fornet products, including FortiAuthenticator. I have installed it for a bank and their users authenticate their access through it.

Our implementation involved the creation of local users for the VPN, and they are authenticated using this product. This is the main purpose of it, and what had been requested by the client.

The most valuable feature is the authentication tokens.

There are some protocols, such as SHA and SHA-2, that are not supported. This is something that Fortinet is working on.

I have been working with Fortinet FortiAuthenticator for one year.

One of our clients has faced a lot of issues with FortiAuthenticator. For example, one of the devices restarted by itself, and the database was corrupted. To remedy this, we reinstalled the image and did the installation from scratch.

This is a scalable product.

The technical support by Fortinet is okay.

I work a lot with Fortinet products and I call the support often. They are very quick to respond and the support is very good.

I have worked on most of the Fortinet products, as well as with products from Palo Alto. At this time, the only single sign-on product that we use is FortiAuthenticator.

The initial setup was very complex. The was one cluster and one load balancer that had to be configured.

We expect to do another installation, although this time it will be using the RADIUS server.

What our engineers say about FortiAuthenticator is that when compared with other vendors, it has not yet reached the same level.

I would rate this solution a six out of ten.

We primarily use Fortinet FortiAuthenticator to centralize the management of user identity information in Security Architectures, enforce Role-Based authentication, and allow Two Factor authentication with Softclient support.

This is a must-have technology in Fortinet implementations with several gateways and distributed environments.

It is easy to set up and will reduce Network administrators' efforts to integrate diverse identification methods. Must evaluate Single Sing On Mobility Agents to full integration of users position on the network and complete the solution.

Using this product strengthens enterprise security. It offers role-based security policies and User Identity Management with different methods.

This product provides automatization. There is a self-service user portal for registry and support for domain and non-domain guest users, with diverse channels vía hardware tokens, software tokens, e-mail, and SMS.

This solution brings user satisfaction. It reduces the need for network administrator intervention by allowing the user to perform their own registration and resolve their own password problems and issues.

Key Features and Benefits

1. Two-factor/OTP Authentication with FortiToken: Enforce user-based policies. Fortitoken is available in soft and hard versions for flexible usage.  Most Valuable in Mobile Phones App for OTP.
2. Integration with LDAP and AD: This solution integrates with existing enterprise systems and technologies from diverse vendors of user information management systems.
3. LPAD/AD/RADIUS/SYSLOG/KERBEROS/REST API/FSSO and Web Portals: There is flexible integration with these services.
   
4. It is usable in network WAN, wireless, and VPN Scenarios.
5. The domain and guest-users support are good.

I would like to see integration and customization capabilities with the end-user portal to solve authentication issues with diverse implementation scenarios. Specifically, with web applications, enterprise networks, and VPN.

We have been using Fortinet FortiAuthenticator for three years.

This is a stable, set-and-forget product. Logical operations run in the Gateways.

FAC 200E/400E will support environments for hundreds of users, based on Physical Appliances. If future needs are in the scope then I suggest implementing virtual deployments.

Technical support is not needed in any sense. We have three years running without hardware appliance incidents or major issues.

This is the first authentication platform that I have worked with.

The initial setup process will vary from simple to complex and depends on your existing User Identity Systems, integrations, and scale of the network

In-house engineers, properly trained, are responsible for deployment and maintenance.

Our ROI was reached in less than a year. This solution is good in terms of financial returns.

FAC is an affordable solution for Middle Range (200E/400E) and also needs a package of mobility agents (2,000) perpetual.

There is nothing to buy in the gateways (FG) and it is fully integrated.

As a Fortinet customer, the logical evaluation was FAC from the same vendor.

This is a must-have technology in Fortinet deployments with distributed environments.

We use this solution for two-factor authentication of most of our services. It includes VPN but also many other services that we have on our internet servers. We use the on-premise version because we also want it integrated into our in-house applications. We are customers of Fortinet and I'm a systems administrator. 

Security is such a big issue these days, a password alone is no longer enough for securing identity. In that sense, providing a second layer of authentication for users gives the company some level of comfort. 

I think the ease of deployment is a valuable feature. I like that the interface is intuitive and that natively and easily, it integrates with radios, ILDAP, fan mail, and with any applications supporting those protocols

I'd say that the integration with some other enterprise applications could be improved. For instance, ADFS. FortiAuthenticator does not work natively with ADFS and the company is not looking in that direction. It's one of our in-house applications and it was a challenge integrating with FortiAuthenticator. We had to write a separate, customized adapter for ADFS before we could make it work. We tried to get Fortinet to work on it but I don't think their development team is interested. It's not in their plan. The other challenge was when I integrated with I think VMware - there was an issue between the radio adapter and FortiAuthenticator. Both parties were not ready to work together and the implementation was buggy. 

I believe this solution can be adapted to so many things, depending on the technical side and the implementation engineers. I'd like to see some additional use cases that can be infused into the solution, such as ADFS.

I've been using this solution for two years. 

I haven't had any issues with stability. 

It's a very scalable solution. They now have the option of deployment as a VM, and then they have the hardware. I believe we use the 1000D for the hardware - it's able to support up to 10,000 users. You license the appliance based on the number of users and if you need to add more, you buy additional licenses. Almost everybody in the company uses it and I'd say we've had a total of around 4,000 users.

The technical support is mid-range It's not your wow kind of support but they do have levels of support. The support is in connectivity with their clients and it has to be renewed every year. You might do better if you go through their partners or something similar. They're not really there when it comes to support.

We used RSA SecurID before Fortinet. We switched because of the high costs associated with RSA. I believe that with RSA you need to pay a token license every three years but with Fortinet, once you buy it, you own it. Even if a token is lost, you can always reposition the token and that will not come at any extra cost. It's cost-effective for us. We also have several channels we can use for authentication with FortiAuthenticator. With RSA, users are stuck with either carrying the dongle, the hardware token, or maybe having the mobile application token on their phone. With Fortinet you can decide whether to use a hardware token, soft token, email token, push notification, or SMS. It gives us flexibility and comfort.

Initial setup was pretty straightforward. We were up and running within three days. I carried out the deployment. 

The license is a one-off payment. 

Every environment is obviously different so each user needs to know what they are looking for, and make a decision based on that. This is a cost effective and flexible solution. If a company is looking to use it on their server, it's important to look at the integration channels and your environment, the support. It's important to know that the channels are supported. 

I would rate this solution a seven out of 10.