Fortinet FortiToken OverviewUNIXBusinessApplication

Fortinet FortiToken is the #4 ranked solution in top Authentication Systems. PeerSpot users give Fortinet FortiToken an average rating of 8.0 out of 10. Fortinet FortiToken is most commonly compared to Microsoft Authenticator: Fortinet FortiToken vs Microsoft Authenticator. Fortinet FortiToken is popular among the large enterprise segment, accounting for 48% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 22% of all views.
Fortinet FortiToken Buyer's Guide

Download the Fortinet FortiToken Buyer's Guide including reviews and more. Updated: November 2022

What is Fortinet FortiToken?

As we've seen, passwords alone don't keep unwanted guests out of your network. Password-only authentication has led to security breaches, malware infections, and policy violations. With two-factor authentication, a password is used along with a security token and authentication server to provide far better security.  Authorized employees can remotely access company resources safely using a variety of devices, ranging from lpatops to mobile phones.

Fortinet FortiToken Customers

Black Gold Regional Schools, Amadeus Hospitality, Jefferson County, Chunghwa Telecom, City of Boroondara, Dimension Data

Fortinet FortiToken Video

Fortinet FortiToken Pricing Advice

What users are saying about Fortinet FortiToken pricing:
  • "Overall, it's cheaper than other solutions. Of course, we evaluated it five years back, and I haven't checked to see its current market position, but one reason we adopted FortiToken is its lower cost of ownership relative to other solutions we evaluated."
  • "It is included as part of our firewall license."
  • Fortinet FortiToken Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Sikhumbuzo Mthombeni - PeerSpot reviewer
    National Pre-Sales and Architecture Manager at a computer software company with 10,001+ employees
    Real User
    Ease of administration, durable, and is capable of performing solid RADIUS authentications
    Pros and Cons
    • "I believe FortiToken is the simplest to implement."
    • "I would like to see complete OAuth support. Also, if they can support it from a SaaS (Software as a Service) or cloud platform, that would be great."

    What is our primary use case?

    We use Fortinet FortiToken when a client requires it.

    The FortiToken from Fortinet is primarily used for VPN authentication. That is one of the most common use cases. VPN authentication as well as two-factor authentication on VPN. In addition, two-factor authentication is required for administration access to the FortiGates.

    In the rare case where the FortiAuthenticator is separate, they use it as a directory for the enterprise. It can also be used for other applications such as Microsoft. External applications and, on occasion, customer applications that use RADIUS.

    What is most valuable?

    I believe FortiToken is the simplest to implement. However, there is no difference in terms of features other than multi-factor authentication. It's very basic.

    Ease of administration, which is not always a feature, but the ease of administration, token importing, and exporting, is why FortiToken has been considered as a multi-factor authentication solution.

    What needs improvement?

    FortiToken could be made much more flexible. They're doing very well now. I think having two-factor authentication on their firewalls for administration, as well as being able to use them for VPN access for MFA, was a great idea. However, in terms of a broader base of support, I believe their support for SAML, for example, could be greatly improved. OAuth, SAML, and other protocols that are more geared toward cloud-based applications, in my opinion.

    I would like to see complete OAuth support. Also, if they can support it from a SaaS (Software as a Service) or cloud platform, that would be great. 

    For how long have I used the solution?

    I have been working with Fortinet FortiToken for four or five years.

    There are two kinds of customers. There are clients for whom we only implement and clients for whom we manage. Where we have a managed service with the client, we keep them on the most recent version, which is N-1.

    Buyer's Guide
    Fortinet FortiToken
    November 2022
    Learn what your peers think about Fortinet FortiToken. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
    654,658 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    Fortinet FortiToken is very durable and stable.

    What do I think about the scalability of the solution?

    If you don't use the VM solution, it's not very scalable because, from a hardware point of view, you almost have to buy hardware and do a full replacement. From that perspective, I wouldn't say it's scalable. But, again, if you're using your VM  you would have to rebuild your VM.

    I wouldn't go so far as to say it's not scalable. However, when it comes to the number of users, it is very scalable in terms of being able to cater to a small environment of five users versus 100,000. But, in my opinion, when you have to migrate as your environment grows, it's not very scalable. It is, but it is difficult to import and export through it.

    The number of users we have is probably in the region of 20 or 25.

    It would be on a daily basis because you have to log on all the time, especially now that you're remote. And MFA is required by the majority of our company or clients.

    How are customer service and support?

    I work with Fortinet support on a regular basis.

    In terms of support, Fortinet is one of the better vendors. However, they face significant challenges when it comes to getting a response. When you log a support call, getting the response you want is always a problem. It's almost as if you're being passed from one engineer to the next, and it's extremely difficult to articulate the problem and get a response.

    Which solution did I use previously and why did I switch?

    I don't use them myself, we are integrators. A few clients use Fortinet FortiAuthenticator, Fortinet FortiToken, McAfee Total Protection for Data Loss Prevention, Trend Micro Integrated Data Loss Prevention, and GTB Technologies Inspector, but they use FortiToken specifically. I believe I added RSA Authentication Manager, followed by Cisco, Jira.

    How was the initial setup?

    The initial setup is extremely simple. The FortiAuthenticator and FortiToken are unquestionably the simplest multi-factor authentication solution to implement.

    It takes two to three hours to get it up and running. But, the biggest challenge is always the user element, where you have to get users to install the application and communicate with them. That can take you a lot of time depending on the size of your organization and the level of technological sophistication of your end users.

    That would require a significant amount of time. But the initial setup, which is to set up the FortiAuthenticator, import the tokens and integrate that with, the FortiGates, is very simple and doesn't take long.

    What other advice do I have?

    Yes, absolutely, I would recommend this solution, especially for clients performing standard RADIUS authentications, because I believe they're quite solid. I believe where it becomes more difficult is with open authentication protocols such as SAML and OAuth. Fortinet has a long way to go in this area.

    I would rate Fortinet FortiToken an eight out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Director at a comms service provider with 51-200 employees
    Real User
    Top 20
    Mature, stable, and easy to use and deploy
    Pros and Cons
    • "Its ease of use is most valuable. It is simple to use and can be deployed out-of-the-box. It is quite a mature product with all the required features."
    • "It needs a lot of coupling with their other Fortinet products. To implement FortiToken, I most probably need to couple it with FortiAuthenticator for full implementation. An RSA token can be used with many devices, whereas Fortinet FortiToken is always linked to only one FortiGate device. If I want to reuse the token across five or six FortiGates, I would have to get the FortiAuthenticator product. I can't use one token to connect to different FortiGates, and I need to get another product to enable this functionality. They should also improve the support for their mobile client. There should be a more detailed roadmap for the operating systems being supported. Some of our users were using an old iOS iPhone, and they were forced to get a newer phone because FortiToken didn't support that version of iOS. Similarly, there may be a version of Android that is not supported, so the users need to change the phone. This was one of the reasons why our deployment took longer."

    What is most valuable?

    Its ease of use is most valuable. It is simple to use and can be deployed out-of-the-box. It is quite a mature product with all the required features.

    What needs improvement?

    It needs a lot of coupling with their other Fortinet products. To implement FortiToken, I most probably need to couple it with FortiAuthenticator for full implementation. An RSA token can be used with many devices, whereas Fortinet FortiToken is always linked to only one FortiGate device. If I want to reuse the token across five or six FortiGates, I would have to get the FortiAuthenticator product. I can't use one token to connect to different FortiGates, and I need to get another product to enable this functionality.

    They should also improve the support for their mobile client. There should be a more detailed roadmap for the operating systems being supported. Some of our users were using an old iOS iPhone, and they were forced to get a newer phone because FortiToken didn't support that version of iOS. Similarly, there may be a version of Android that is not supported, so the users need to change the phone. This was one of the reasons why our deployment took longer.

    For how long have I used the solution?

    I have been using this solution for three years.

    What do I think about the stability of the solution?

    It is stable.

    What do I think about the scalability of the solution?

    It is not scalable because it is attached to one device.

    How are customer service and technical support?

    Their technical support is quite good. The product itself is quite simple to use, and there have been very few times when I had to call the support. Basically, in the past three years, we didn't log any tickets for support.

    Which solution did I use previously and why did I switch?

    We have used RSA tokens. Fortinet FortiToken is much easier to use than RSA tokens. In terms of our experience with day-to-day management, it is very good as compared to RSA.

    How was the initial setup?

    It was quite straightforward. We deployed it for about 500 users, and it took about a month. The deployment is quite fast. You can just get it done within two weeks, but it took time in getting feedback on whether the phones and the OS versions that were being used by our users were supported. It took us longer to iron out all such issues and to get the phones that were supported with this solution.

    What other advice do I have?

    I would recommend this solution to others, but they need to know what it is used for. Because this is a 2FA, where you implement it will actually matter. If you want to deploy it globally and you have many FortiGates, you would need additional products, such as FortiAuthenticator. If you're deploying it to only a single site and everybody is connecting to that site and using it as a 2FA, it is the right solution. 

    I would rate Fortinet FortiToken an eight out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Buyer's Guide
    Fortinet FortiToken
    November 2022
    Learn what your peers think about Fortinet FortiToken. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
    654,658 professionals have used our research since 2012.
    Business Delivery Technology Services Leader at a financial services firm with 10,001+ employees
    MSP
    Top 20
    The cost of ownership is lower than most solutions, but support could resolve issues faster
    Pros and Cons
    • "FortiToken is available in a soft or hard token factor, so there's some flexibility in that. Beyond that, I would say it is a stable solution that has worked for us."
    • "Fortinet support has some room for improvement. It has taken a long time to resolve some issues or find a workaround."

    What is our primary use case?

    FortiToken is a second-factor authentication solution mapped to the on-prem firewall. Any user who connects to the firewall for VPN uses the token for authentication. Our client is the end-user, and we manage it for them. We acquired FortiToken five years ago and additional tokens every year since then. The token is just a piece of hardware, so there's nothing to be refreshed over there.

    How has it helped my organization?

    FortiToken helps us meet compliance requirements where applications or any authentication needs to use two factors. In addition to a password, there has to be a second factor for authentication. 

    What is most valuable?

    FortiToken is available in a soft or hard token factor, so there's some flexibility in that. Beyond that, I would say it is a stable solution that has worked for us.

    What needs improvement?

    Usually, there are operational issues for tokens, but problems have been minimal. 

    For how long have I used the solution?

    We have been using FortiToken for at least five years.

    What do I think about the stability of the solution?

    FortiToken is a stable problem. We haven't had any issues.

    What do I think about the scalability of the solution?

    If you are able to predict your scale, you can buy a box that will scale up to your projected requirement. Of course, it is not endless. If you're growing beyond what you had forecasted, you'll need to buy a bigger box or change solutions. Right now, we have at least 6,000 users.

    How are customer service and support?

    Fortinet support has some room for improvement. It has taken a long time to resolve some issues or find a workaround.

    How was the initial setup?

    We didn't see any major issues setting up FortiToken. It doesn't take more than two or three weeks. A lot of that was logistics because the initial deployment was done with 5,000 tokens distributed across a wide geographical range. We don't have a dedicated team for FortiToken. The team handling all the firewalls also manages this solution.

    What about the implementation team?

    There was a Fortinet partner which was involved in setting it up.

    What's my experience with pricing, setup cost, and licensing?

    FortiToken's price is optimal for us, but India is a price-sensitive market, so a lower price would definitely help. Overall, it's cheaper than other solutions. Of course, we evaluated it five years back, and I haven't checked to see its current market position, but one reason we adopted FortiToken is its lower cost of ownership relative to other solutions we evaluated.

    What other advice do I have?

    I rate Fortinet FortiToken seven out of 10. I recommend it depending on the use case. It's a good option if you need a stable product that can. It meets all the requirements for scalability, security, and reliability.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer:
    PeerSpot user
    Ehab.Fawzy Mohamed - PeerSpot reviewer
    Chief Engineer at Hilton Worldwide
    Real User
    Top 5
    Reliable, affordable, and secure
    Pros and Cons
    • "The deployment is quick and simple."
    • "The solution works well. We have nothing to complain about."

    What is our primary use case?

    All users who can log in on Fortinet have Token. We have 15 FortiTokens for the managers who are connected to the VPN and also for those who are connected to the software. It is mobile, not a hard token. That said, I have the hardware token, which is related to the administrator, me, and my assistant. It's used on software and hardware. We use it at an administrator level and at a user level. 

    What is most valuable?

    The solution is great for security. It's for two-factor identification.

    It is easy to implement. The deployment is quick and simple. 

    It is stable and reliable. 

    The cost isn't too high.

    What needs improvement?

    The solution works well. We have nothing to complain about. 

    For how long have I used the solution?

    I've been using the solution for five years. 

    What do I think about the stability of the solution?

    The stability is ecellent. I would rate it five out of five. It is reliable, and the performance is good. We do not have any issues at all. 

    What do I think about the scalability of the solution?

    We have 15 FortiTokens.

    Which solution did I use previously and why did I switch?

    We did not previously use a different solution. This was the first solution we selected. 

    How was the initial setup?

    It is an easy product to implement. From the software or the hardware itself, from the options, we can apply FortiToken for the user and just add the hot token serial number and go.

    We only need one person to deploy the solution. I tend to manage it myself. 

    The deployment takes about 45 minutes for the software. It might take about ten days for the hardware to arrive from Fortigate. After that, I just install the serial key, and everything is done. 

    What was our ROI?

    We have not noted an ROI.

    What's my experience with pricing, setup cost, and licensing?

    We deal with a subcontractor in Saudi Arabia to pay everything in one bill yearly. Everything is a separate license fee, and we use different Fortinet solutions. However, we pay for everything yearly, all at once.

    Generally, it is an affordable product. We do not find it to be overly expensive. 

    I'd rate it a five out of five in terms of affordability. 

    Which other solutions did I evaluate?

    We did not explore other options. We chose the first option we looked at, FortiToken.

    What other advice do I have?

    We are not partners. We use it internally in the company. We are end-users. We use a lot of Fortinet products. 

    Nothing has to be done from the end-user perspective; they just add the username and password, and a code appears on the Fortitoken software or hardware. 

    I'd rate the solution ten out of ten. 

    I'd recommend the solution to other users and companies. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Electronics Engineering Lab Technician(R&D) at a engineering company with 11-50 employees
    Real User
    The integrated Fortinet security with the app for easy two-factor authentication is valuable, but instead of typing the code, there should be a push
    Pros and Cons
    • "The integrated Fortinet security with the app that allows you to easily do the two-factor authentication is most valuable."
    • "The app could be improved so that you don't have to actually type in the code. It would be great if you can just do a prompt or push similar to the way Duo does."

    What is our primary use case?

    We are using this solution for administrator access to firewalls. We have its latest version.

    How has it helped my organization?

    FortiToken is just there to do the administration of the firewalls. For two-factor authentication, we like Duo more.

    What is most valuable?

    The integrated Fortinet security with the app that allows you to easily do the two-factor authentication is most valuable.

    What needs improvement?

    The app could be improved so that you don't have to actually type in the code. It would be great if you can just do a prompt or push similar to the way Duo does.

    For how long have I used the solution?

    We have been using it for three years in our organization.

    What do I think about the stability of the solution?

    It is stable.

    What do I think about the scalability of the solution?

    It is good. We have a very small use case for it. If I want to roll it out for a larger use case, I don't think it would have any issues. We currently have got only got four firewall administrators who use this solution.

    How are customer service and technical support?

    I have not interacted with them for FortiToken.

    How was the initial setup?

    It was straightforward.

    What about the implementation team?

    I just did it myself.

    What was our ROI?

    Overall, it has provided an ROI. It is included as part of our firewall license.

    What's my experience with pricing, setup cost, and licensing?

    It is included as part of our firewall license. 

    What other advice do I have?

    I would advise others to make sure that they have cellular phones that are company-owned or they have employees who are willing to use their own in order to use it.

    I would rate Fortinet FortiToken a six out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Team Lead Network IP and Systems at a comms service provider with 1-10 employees
    Real User
    Top 10
    Fast and easy installation, stable, and doesn't require much maintenance
    Pros and Cons
    • "Its ease of installation is most valuable. It took me five minutes, and it was up and running. It didn't take me that long. The installation on the cell phones is pretty simple."
    • "Its reporting should be better. The reporting feature is missing. I don't have any reporting of who has done what, what has failed, and what didn't work."

    What is our primary use case?

    We are using it for VPN. We have its latest version.

    How has it helped my organization?

    It has improved the way our organization functions.

    What is most valuable?

    Its ease of installation is most valuable. It took me five minutes, and it was up and running. It didn't take me that long. The installation on the cell phones is pretty simple.

    What needs improvement?

    Its reporting should be better. The reporting feature is missing. I don't have any reporting of who has done what, what has failed, and what didn't work. 

    For how long have I used the solution?

    I have been using this solution for about a year.

    What do I think about the stability of the solution?

    It is stable. There are no stability issues.

    What do I think about the scalability of the solution?

    Its scalability is pretty good. We only have 100 to 150 FortiTokens. We're not that big. All people in our organization are using it. It goes from CFO, CEO to the basic call center.

    How are customer service and technical support?

    We didn't need to use it so far.

    Which solution did I use previously and why did I switch?

    We do use Cisco Duo for another 2FA solution. We don't really use any other solution now. It is pretty much FortiToken.

    How was the initial setup?

    It was easy. It took me five minutes, and it was up and running.

    What other advice do I have?

    If you're looking for a fast installation, easy deployment, and not much maintenance, this is the solution to go for, but the only thing is that it is good for Fortinet. It is not good for anything else.

    I would rate Fortinet FortiToken an eight out of ten.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Download our free Fortinet FortiToken Report and get advice and tips from experienced pros sharing their opinions.
    Updated: November 2022
    Product Categories
    Authentication Systems
    Buyer's Guide
    Download our free Fortinet FortiToken Report and get advice and tips from experienced pros sharing their opinions.