We changed our name from IT Central Station: Here's why
Get our free report covering Yubico, Microsoft, Ping Identity, and other competitors of RSA SecurID Access. Updated: January 2022.
564,322 professionals have used our research since 2012.

Read reviews of RSA SecurID Access alternatives and competitors

Ayokunmi Ogundapo
Systems Administrator at Interswitch
Real User
Top 5Leaderboard
Easy to deploy with intuitive interface; integration with certain enterprise applications lacking
Pros and Cons
  • "Intuitive interface and easy to deploy."
  • "Integration with some other enterprise applications could be improved."

What is our primary use case?

We use this solution for two-factor authentication of most of our services. It includes VPN but also many other services that we have on our internet servers. We use the on-premise version because we also want it integrated into our in-house applications. We are customers of Fortinet and I'm a systems administrator. 

How has it helped my organization?

Security is such a big issue these days, a password alone is no longer enough for securing identity. In that sense, providing a second layer of authentication for users gives the company some level of comfort. 

What is most valuable?

I think the ease of deployment is a valuable feature. I like that the interface is intuitive and that natively and easily, it integrates with radios, ILDAP, fan mail, and with any applications supporting those protocols

What needs improvement?

I'd say that the integration with some other enterprise applications could be improved. For instance, ADFS. FortiAuthenticator does not work natively with ADFS and the company is not looking in that direction. It's one of our in-house applications and it was a challenge integrating with FortiAuthenticator. We had to write a separate, customized adapter for ADFS before we could make it work. We tried to get Fortinet to work on it but I don't think their development team is interested. It's not in their plan. The other challenge was when I integrated with I think VMware - there was an issue between the radio adapter and FortiAuthenticator. Both parties were not ready to work together and the implementation was buggy. 

I believe this solution can be adapted to so many things, depending on the technical side and the implementation engineers. I'd like to see some additional use cases that can be infused into the solution, such as ADFS.

For how long have I used the solution?

I've been using this solution for two years. 

What do I think about the stability of the solution?

I haven't had any issues with stability. 

What do I think about the scalability of the solution?

It's a very scalable solution. They now have the option of deployment as a VM, and then they have the hardware. I believe we use the 1000D for the hardware - it's able to support up to 10,000 users. You license the appliance based on the number of users and if you need to add more, you buy additional licenses. Almost everybody in the company uses it and I'd say we've had a total of around 4,000 users.

How are customer service and technical support?

The technical support is mid-range It's not your wow kind of support but they do have levels of support. The support is in connectivity with their clients and it has to be renewed every year. You might do better if you go through their partners or something similar. They're not really there when it comes to support.

Which solution did I use previously and why did I switch?

We used RSA SecurID before Fortinet. We switched because of the high costs associated with RSA. I believe that with RSA you need to pay a token license every three years but with Fortinet, once you buy it, you own it. Even if a token is lost, you can always reposition the token and that will not come at any extra cost. It's cost-effective for us. We also have several channels we can use for authentication with FortiAuthenticator. With RSA, users are stuck with either carrying the dongle, the hardware token, or maybe having the mobile application token on their phone. With Fortinet you can decide whether to use a hardware token, soft token, email token, push notification, or SMS. It gives us flexibility and comfort.

How was the initial setup?

Initial setup was pretty straightforward. We were up and running within three days. I carried out the deployment. 

What's my experience with pricing, setup cost, and licensing?

The license is a one-off payment. 

What other advice do I have?

Every environment is obviously different so each user needs to know what they are looking for, and make a decision based on that. This is a cost effective and flexible solution. If a company is looking to use it on their server, it's important to look at the integration channels and your environment, the support. It's important to know that the channels are supported. 

I would rate this solution a seven out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Director at a comms service provider with 51-200 employees
Real User
Top 20
Mature, stable, and easy to use and deploy
Pros and Cons
  • "Its ease of use is most valuable. It is simple to use and can be deployed out-of-the-box. It is quite a mature product with all the required features."
  • "It needs a lot of coupling with their other Fortinet products. To implement FortiToken, I most probably need to couple it with FortiAuthenticator for full implementation. An RSA token can be used with many devices, whereas Fortinet FortiToken is always linked to only one FortiGate device. If I want to reuse the token across five or six FortiGates, I would have to get the FortiAuthenticator product. I can't use one token to connect to different FortiGates, and I need to get another product to enable this functionality. They should also improve the support for their mobile client. There should be a more detailed roadmap for the operating systems being supported. Some of our users were using an old iOS iPhone, and they were forced to get a newer phone because FortiToken didn't support that version of iOS. Similarly, there may be a version of Android that is not supported, so the users need to change the phone. This was one of the reasons why our deployment took longer."

What is most valuable?

Its ease of use is most valuable. It is simple to use and can be deployed out-of-the-box. It is quite a mature product with all the required features.

What needs improvement?

It needs a lot of coupling with their other Fortinet products. To implement FortiToken, I most probably need to couple it with FortiAuthenticator for full implementation. An RSA token can be used with many devices, whereas Fortinet FortiToken is always linked to only one FortiGate device. If I want to reuse the token across five or six FortiGates, I would have to get the FortiAuthenticator product. I can't use one token to connect to different FortiGates, and I need to get another product to enable this functionality.

They should also improve the support for their mobile client. There should be a more detailed roadmap for the operating systems being supported. Some of our users were using an old iOS iPhone, and they were forced to get a newer phone because FortiToken didn't support that version of iOS. Similarly, there may be a version of Android that is not supported, so the users need to change the phone. This was one of the reasons why our deployment took longer.

For how long have I used the solution?

I have been using this solution for three years.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

It is not scalable because it is attached to one device.

How are customer service and technical support?

Their technical support is quite good. The product itself is quite simple to use, and there have been very few times when I had to call the support. Basically, in the past three years, we didn't log any tickets for support.

Which solution did I use previously and why did I switch?

We have used RSA tokens. Fortinet FortiToken is much easier to use than RSA tokens. In terms of our experience with day-to-day management, it is very good as compared to RSA.

How was the initial setup?

It was quite straightforward. We deployed it for about 500 users, and it took about a month. The deployment is quite fast. You can just get it done within two weeks, but it took time in getting feedback on whether the phones and the OS versions that were being used by our users were supported. It took us longer to iron out all such issues and to get the phones that were supported with this solution.

What other advice do I have?

I would recommend this solution to others, but they need to know what it is used for. Because this is a 2FA, where you implement it will actually matter. If you want to deploy it globally and you have many FortiGates, you would need additional products, such as FortiAuthenticator. If you're deploying it to only a single site and everybody is connecting to that site and using it as a 2FA, it is the right solution. 

I would rate Fortinet FortiToken an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Get our free report covering Yubico, Microsoft, Ping Identity, and other competitors of RSA SecurID Access. Updated: January 2022.
564,322 professionals have used our research since 2012.