Fortinet FortiAuthenticator Reviews

We primarily use Fortinet FortiAuthenticator to centralize the management of user identity information in Security Architectures, enforce Role-Based authentication, and allow Two Factor authentication with Softclient support.

This is a must-have technology in Fortinet implementations with several gateways and distributed environments.

It is easy to set up and will reduce Network administrators' efforts to integrate diverse identification methods. Must evaluate Single Sing On Mobility Agents to full integration of users position on the network and complete the solution.

Using this product strengthens enterprise security. It offers role-based security policies and User Identity Management with different methods.

This product provides automatization. There is a self-service user portal for registry and support for domain and non-domain guest users, with diverse channels vía hardware tokens, software tokens, e-mail, and SMS.

This solution brings user satisfaction. It reduces the need for network administrator intervention by allowing the user to perform their own registration and resolve their own password problems and issues.

Key Features and Benefits

1. Two-factor/OTP Authentication with FortiToken: Enforce user-based policies. Fortitoken is available in soft and hard versions for flexible usage.  Most Valuable in Mobile Phones App for OTP.
2. Integration with LDAP and AD: This solution integrates with existing enterprise systems and technologies from diverse vendors of user information management systems.
3. LPAD/AD/RADIUS/SYSLOG/KERBEROS/REST API/FSSO and Web Portals: There is flexible integration with these services.
   
4. It is usable in network WAN, wireless, and VPN Scenarios.
5. The domain and guest-users support are good.

I would like to see integration and customization capabilities with the end-user portal to solve authentication issues with diverse implementation scenarios. Specifically, with web applications, enterprise networks, and VPN.

We have been using Fortinet FortiAuthenticator for three years.

This is a stable, set-and-forget product. Logical operations run in the Gateways.

FAC 200E/400E will support environments for hundreds of users, based on Physical Appliances. If future needs are in the scope then I suggest implementing virtual deployments.

Technical support is not needed in any sense. We have three years running without hardware appliance incidents or major issues.

This is the first authentication platform that I have worked with.

The initial setup process will vary from simple to complex and depends on your existing User Identity Systems, integrations, and scale of the network

In-house engineers, properly trained, are responsible for deployment and maintenance.

Our ROI was reached in less than a year. This solution is good in terms of financial returns.

FAC is an affordable solution for Middle Range (200E/400E) and also needs a package of mobility agents (2,000) perpetual.

There is nothing to buy in the gateways (FG) and it is fully integrated.

As a Fortinet customer, the logical evaluation was FAC from the same vendor.

This is a must-have technology in Fortinet deployments with distributed environments.

We use this solution for two-factor authentication of most of our services. It includes VPN but also many other services that we have on our internet servers. We use the on-premise version because we also want it integrated into our in-house applications. We are customers of Fortinet and I'm a systems administrator. 

Security is such a big issue these days, a password alone is no longer enough for securing identity. In that sense, providing a second layer of authentication for users gives the company some level of comfort. 

I think the ease of deployment is a valuable feature. I like that the interface is intuitive and that natively and easily, it integrates with radios, ILDAP, fan mail, and with any applications supporting those protocols

I'd say that the integration with some other enterprise applications could be improved. For instance, ADFS. FortiAuthenticator does not work natively with ADFS and the company is not looking in that direction. It's one of our in-house applications and it was a challenge integrating with FortiAuthenticator. We had to write a separate, customized adapter for ADFS before we could make it work. We tried to get Fortinet to work on it but I don't think their development team is interested. It's not in their plan. The other challenge was when I integrated with I think VMware - there was an issue between the radio adapter and FortiAuthenticator. Both parties were not ready to work together and the implementation was buggy. 

I believe this solution can be adapted to so many things, depending on the technical side and the implementation engineers. I'd like to see some additional use cases that can be infused into the solution, such as ADFS.

I've been using this solution for two years. 

I haven't had any issues with stability. 

It's a very scalable solution. They now have the option of deployment as a VM, and then they have the hardware. I believe we use the 1000D for the hardware - it's able to support up to 10,000 users. You license the appliance based on the number of users and if you need to add more, you buy additional licenses. Almost everybody in the company uses it and I'd say we've had a total of around 4,000 users.

The technical support is mid-range It's not your wow kind of support but they do have levels of support. The support is in connectivity with their clients and it has to be renewed every year. You might do better if you go through their partners or something similar. They're not really there when it comes to support.

We used RSA SecurID before Fortinet. We switched because of the high costs associated with RSA. I believe that with RSA you need to pay a token license every three years but with Fortinet, once you buy it, you own it. Even if a token is lost, you can always reposition the token and that will not come at any extra cost. It's cost-effective for us. We also have several channels we can use for authentication with FortiAuthenticator. With RSA, users are stuck with either carrying the dongle, the hardware token, or maybe having the mobile application token on their phone. With Fortinet you can decide whether to use a hardware token, soft token, email token, push notification, or SMS. It gives us flexibility and comfort.

Initial setup was pretty straightforward. We were up and running within three days. I carried out the deployment. 

The license is a one-off payment. 

Every environment is obviously different so each user needs to know what they are looking for, and make a decision based on that. This is a cost effective and flexible solution. If a company is looking to use it on their server, it's important to look at the integration channels and your environment, the support. It's important to know that the channels are supported. 

I would rate this solution a seven out of 10. 

I am a solution architect and my company works purely for Fortinet, implementing all versions on a daily basis, so we're not end-users. The company is an exclusive distributor implementing the product.

The primary use case of the product is usually for multifactor authentication using two-factor authentication with tokens. Sometimes people require two factors with a token. Sometimes they need the latest POC. I do a proof of concept for windows login. They need the agent who authenticates with SMS, token or email.

Usually, I do an integration with the firewall. I would prefer to do it with FortiGate, but sometimes I need to integrate as a radius client and it depends on which firewall. I prefer FortiGate. Sometimes they'll need to add an SMS as the second factor of the two-factor authentication. But usually, we do it as an unarmed radius FortiGate, or firewall would be for a radius client and radius server. Sometimes clients will ask whether we have integration with a social portal like Facebook, but we don't. 

There aren't any major features that I think should be improved. I like this product. As a multifactor authentication, we have the SAML function. If you compare it with RSA or Gemalto, it does a good job. I'm able to perform multifactor authentication in different ways via emails, SMS, it's a great product. For someone concerned with multifactor authentication, I'm satisfied with the product.

There aren't any major additional features they could include in the next release but the one thing they used to include was the SMS gateway from the ISP. Fortinet used to sell that but they don't anymore and I think it would be helpful for end-users if they brought it back. I would recommend that. People are asking for it because they don't like having to rent it from their mobile provider. 

The product is very stable. I love it. 

I think it's a scalable product. I haven't compared it to the competitors but it's scalable. 

Part of the reason it's such a good product is that I don't recall ever needing to call for technical support. 

Initial setup and configuration are very straightforward. From a technical perspective, you need to know where to do the PDS but if you have a technical background it should be very straightforward. I just bring the VM or the trial license and I start to do the POC, usually with the VM.

Initial setup and deployment sometimes need integration with FortiGate, and sometimes via the captive portal. It takes a maximum of an hour, but it also depends on the end-user and what they need to be integrated into the system, like features such as SMS gateway parameters. 

I think the setup cost is reasonable, and we don't need to renew the license. Sometimes there are extra costs for the VM. Our main competitors are RSA and Gemalto, and the Fortinet prices are very competitive relative to their prices. 

As a distributor of Fortinet, I would suggest people give this product a little bit of focus. I mean we can do well on this product if we concentrate on it. People don't know about the two-factor authentication and that it's easy and straightforward. We also include some features for free but I suggest that people using Fortinet just focus on this product. FortiAuthenticator has created a straightforward easy-to-use product.  

I would rate it a nine out of ten. Not a ten because nothing is perfect. 

I use Fortinet FortiAuthenticator to access VPN. Fortinet FortiAuthenticator is an easy-to-use solution.

I would like to see some email options for Fortinet FortiAuthenticator.

I have been using Fortinet FortiAuthenticator for one year.

I rate Fortinet FortiAuthenticator an eight out of ten for stability.

Around 200 users use Fortinet FortiAuthenticator.

I rate Fortinet FortiAuthenticator an eight out of ten for scalability.

Fortinet FortiAuthenticator’s initial setup is simple.

Overall, I rate Fortinet FortiAuthenticator an eight out of ten.

Our company is based in Latin America and we work mainly in areas relating to telecommunications in the banking, retail and public sectors. We are partners with Fortinet. 

The solution is simple to deploy, simple to use, and user-friendly. 

I'd like to see a simplified two-factor authentication process and some additional security around the function of geolocation. If you can't authenticate to protect transactions, and the security is weak, it's a problem. 

If you have the correct architecture, the solution is stable. If there are a large number of users, there are likely to be some stability problems. 

The solution is scalable. 

We're happy with the customer support. 

Positive

The initial setup was straightforward. The solution functions 24/7 so the admin, operation and maintenance need to be in good shape round the clock so we generally have four engineers involved in maintenance. 

I think this is a good solution although there are some things that need to be improved so I rate this product eight out of 10. 

My customers use this solution for accessing banking applications online. 

I'm a reseller. I sell to my customers, and they use whatever I have. I provide Fortinet for my customers.

We work with the latest version of this solution. It is deployed on the Fortinet cloud. We don't do it independently.

There are 3,000 customers using this solution in my company on a daily basis.

FortiAuthenticator has made our operations secure.

The most valuable feature is the OTP on the mobile phone.

The speed of deployment on the cloud could be improved. It took a few days when it should have been just two days.

In the next release, I would like to see compatibility with non-Android and non-Apple platforms.

I have been working with Fortinet FortiAuthenticator for eight years.

It's very stable.

Scalability is fine. You can grow it easily.

Technical support is very quick.

It wasn't difficult to set up. It took two days to deploy this solution and a week to roll out.

The pricing is fair.

I would rate this solution 8 out of 10. 

I would absolutely recommend this solution to others.

The primary use case is internal authentication.

There are multiple areas that are in need of improvement. It is not a mature product.

It is difficult to successfully configure.

I have been using Fortinet FortiAuthenticator for one year.

The is not a very stable product.

This is a scalable product. However, due to multiple challenges in the implementation, I will not be expanding its usage. Rather, I will be changing products.

The support team is pathetic and does not properly understand the solution.

This was the first of this type of solution that we implemented.

The initial setup is not straightforward. Our deployment took almost two months to complete.

We had a system integrator to assist us with the implementation and deployment. The implementation partner does not have sufficient expertise.

One or two engineers can implement it.

We have not seen ROI for this solution.

We pay for licensing on a yearly basis. There are no costs in addition to the standard licensing fees.

Due to problems that I've been having with the implementation, after perhaps two years I will be changing to another product.

This is not a product that I would recommend to others. There are different industry standards that require different expertise, and this product does not much help.

I would rate this solution a three out of ten.

FortiAuthenticator can be useful for network security, resource security, and server security. It is a cloud-based solution.

The most valuable features are the performance and ease of use.

The only way the solution could be improved is if it were cheaper.

I have been using Fortinet Fortiauthenticator for five years. We have 200 users in our organization who use FortiAuthenticator.

The solution is stable.

Fortinet FortiAuthenticator is scalable.

Technical and customer support is okay.

We haven't used a different solution.

Installation was very straightforward and took three days.

We used a team of three people for deployment and maintenance.

The cost of the license could be less expensive. The license is paid on a yearly basis.

I would rate this solution an 8 out of 10. I would recommend Fortinet FortiAuthenticator for those who want to start using it.