Fortinet FortiAuthenticator Reviews

Fortinet FortiAuthenticator is primarily used for authenticating admin users, including remote admin use cases. Remote admin use cases utilize Fortinet FortiAuthenticator to securely authenticate admins for making policy decisions and other administrative functions.

Multi-factor authentication is implemented in several cases, particularly for VPN and VPN admin use cases where multi-factor logins are provided to users. This approach enhances security because even if one factor is compromised, the other factor remains secure, since both factors being compromised simultaneously is not a typical occurrence. The main benefit is that security is enhanced through this multi-layered approach.

The most important feature is the security capability because it provides a substantial amount of security for admin-related activities. Fortinet FortiAuthenticator can be used from anywhere in the world, and the authenticator services function globally. This global accessibility is one of the critical advantages, particularly since admin features are critical and security is a real concern. With Fortinet FortiAuthenticator, secure usage of firewall services and related functions is achieved.

A complete log of all users who access the authenticator setup is maintained. Monthly logs are reviewed to check for any unnoticed activities. Each authenticated user's complete activity history is recorded. This logging capability allows for providing access to more admin users while ensuring security is not compromised and all users can be monitored.

Fortinet FortiAuthenticator could benefit from some artificial intelligence functionality and resolution of some glitches that may exist.

Fortinet FortiAuthenticator has been in use for approximately five years.

Fortinet FortiAuthenticator is scalable and can support expansion without any issues.

The technical support team is proficient and has all necessary resources to support all types of requirements. The quality of technical support staff is high. Compared with other vendors, Fortinet FortiAuthenticator has a good technical support team.

Positive

Many products are used in the industry, including SonicWall and Check Point. However, Fortinet FortiAuthenticator has a better setup for authenticating compared to these alternatives, making it the preferred choice.

The setup process was simple.

The pricing is rated at eight out of ten.

Fortinet FortiAuthenticator has been very helpful. The product functions mostly as intended but not completely. The overall review rating for this product is ten out of ten.

I am utilizing two-factor authentication on Fortinet FortiAuthenticator, and some of the other features are also useful. For example, you can have the domain user authenticated on his machine, but for that part, we need to install Fortinet FortiAuthenticator installer on that machine separately. That part is also useful, but mostly, two-factor authentication is being utilized via Fortinet FortiAuthenticator on-premise solution, so most of the users go with that part.

In my opinion, the main benefits that end users receive from Fortinet FortiAuthenticator include more security for their applications, for their systems, and for all their network devices that they are logging into. In the IT department, every IT user will get the two-factor authentication part, plus the normal users will get two-factor authentication by signing into their internal products. Most of the time, it is the benefit of two-factor authentication, which will benefit users in the security scenario.

Fortinet can make Fortinet FortiAuthenticator better by having a cloud version of it. Currently, Fortinet FortiAuthenticator is only available for on-premises, and it is an on-premises solution. It should be on the cloud, as some other solutions are. For example, Cisco Duo is on the cloud, so we cannot compete with that part if a user requires a cloud-based two-factor authentication solution.

I would rate the stability of Fortinet FortiAuthenticator an eight.

For scalability, I would rate it a nine.

Regarding Fortinet technical support, I would say a six. Most of the time, the engineer will take time, such as 24 hours or 48 hours, maybe even more, because most of the time, they appear, gather the logs, and then disappear.

The main competitor on the market for Fortinet FortiAuthenticator would be Cisco Duo. However, if a user requires a security perspective on-premises solution, then I do not think any competitor would beat Fortinet FortiAuthenticator.

For real-time reporting from Fortinet FortiAuthenticator, I do not have experience. We did not utilize that part because most of the time, two-factor authentication is sufficient for that part in authentication.

For tracking user activities, I do not know what Fortinet FortiAuthenticator offers because, in my case, the solution would be an internet access gateway in a Fortinet product, which is FortiProxy. That is used for user activity to track that user activity part.

Regarding the authentication protocol I have mostly worked with on Fortinet FortiAuthenticator, we go with the default ones. We call RADIUS on that FortiGate part and we choose the default. I think PAP will be utilized, or maybe MS-CHAP.

For the workflow part, I do not know if Fortinet FortiAuthenticator helps clients automate workflows. It may have that feature, but I did not use that feature. Workflow automation, because two-factor authentication is sufficient for that for most clients.

For the pricing of Fortinet FortiAuthenticator, I have no experience with pricing. I worked on the deployment side and the pre-selling side most of the time. I did not spend time bargaining or comparing products that have low cost or high cost.

I would rate this review an eight overall.

We use Fortinet FortiAuthenticator for two-factor authentication and multi-factor authentication. We utilize it as a token for access authentication, including both soft tokens and hard tokens.

The biggest advantages of Fortinet FortiAuthenticator are that it's easy to deploy, easy to manage, and the GUI is a very strong interface. The integration with the system is very straightforward.

Fortinet FortiAuthenticator saves time and money for me and my clients because they have solutions for every device, depending on what the customer wants.

There is room for improvement in the support for Fortinet FortiAuthenticator. The support team could be enhanced when we face issues.

Their technical staff needs improvement because they take too much time to resolve issues. When we call them, they have many untrained people and not enough trained staff, which leads to lengthy resolution times.

From a technical standpoint, I don't think there's any issue with Fortinet FortiAuthenticator. We haven't faced any issues recently. In the early days, there were some issues, but now it's a very stable and mature product.

Three to four years ago, there were many issues, but now Fortinet FortiAuthenticator is very stable.

Fortinet FortiAuthenticator should be sufficiently scalable. I have used the 1,000 license for 1,000 tokens, but I am not aware of the maximum license capacity for tokens.

The installation and deployment process is straightforward. The GUI setup involves simple next steps without much technical complexity.

When comparing Fortinet with Palo Alto, it varies by market. In Saudi Arabia, we suggest Palo Alto for medium to large enterprises, while Fortinet FortiAuthenticator is preferred for small to medium enterprises. Organizations tend not to prefer it in high-end environments or bigger organizations.

Regarding compliance features in Fortinet FortiAuthenticator, there is an option to disable or enable compliance, and I enabled that option as a baseline configuration. I have not tried any other compliance features.

Fortinet FortiAuthenticator is affordable compared to competitors such as Palo Alto.

I cannot specify how much it can save in terms of money and time.

Currently, I don't think there are any features that I would want to see included in Fortinet FortiAuthenticator in the future.

On a scale of 1-10, I rate Fortinet FortiAuthenticator an 8.

We deployed the solution for a client, and the license supports 100 people. It is leveraged for user authentication when accessing Cisco devices by integrating with Fortinet FortiAuthenticator.

The integration capabilities of Fortinet FortiAuthenticator are very interesting, as it can be integrated with third-party devices easily and is straightforward to configure. The integration with FortiToken is outstanding, adding a layer of security for authentication. In addition, it can be used by integrating with zero trust single access, enhancing overall security measures.

Initially, we deployed Fortinet FortiAuthenticator on VMware and faced challenges when migrating to an OpenStack environment, which required reconfiguration. I recommend Fortinet make its images migratable between environments.

I have been using Fortinet FortiAuthenticator for one year.

I would rate the stability of Fortinet FortiAuthenticator at eight out of ten. It remains stable even when the number of concurrent users increases.

I find Fortinet FortiAuthenticator to be highly scalable, and I would rate it an eight out of ten for scalability.

Customer service and support are excellent. I find them to be extremely responsive and effective.

Neutral

The initial setup took two days, including integration. We ensured the virtual environment was ready, deployed the VM, integrated it with Active Directory, onboarded the endpoint devices, and provided FortiToken authentication for the 100 users via email.

The implementation was carried out by me and my colleague, with assistance from the client's team on configuring the endpoint devices.

Investing in Fortinet FortiAuthenticator has had a positive impact on overall security costs. It enhances security by ensuring only the right person can access systems, even if their login credentials are compromised.

Fortinet FortiAuthenticator is not overly expensive compared to other Fortinet subscriptions. However, it would be beneficial if the licensing allowed for more flexibility to cover additional users.

I would recommend Fortinet FortiAuthenticator to other users because of its excellent integration capabilities and security features. The overall rating I would give is a seven. Improvements in migration capabilities are necessary, especially as clients often change environments.

We are using Fortinet FortiAuthenticator to implement token-based authentication for wireless network access. It is used for SSO, single sign-on, and as a captive portal. We primarily use it for token implementation for wireless network access.

There have been numerous support tickets sent to Fortinet since this does not appear to be a mature product. It does not consider customer requirements. For example, authentication for wireless users expires after 24 hours, requiring re-authentication daily. Additionally, the product is considered cumbersome and not user-friendly.

I've been working with FortiAuthenticator for nearly a year.

The solution is not stable as it triggers problems like token authentication being cumbersome and not user-friendly.

One scalability issue is that when we upload a bulk list of users, the group settings for existing users disappear, which requires us to manually reassign group settings.

When we send a ticket to Fortinet, they go into research mode as if they are hearing the problem for the first time. Their support has not fully enabled us to fix the problems.

Neutral

We are considering Duo as a replacement for FortiAuthenticator.

It's expensive, however, we've not been able to compare it to another product.

We are thinking of Duo as a replacement.

I would not recommend FortiAuthenticator to other people at the moment.

I'd rate the solution five out of ten.

I use FortiAuthenticator for authentication systems and identity management within my company. I am involved in deploying the solution for our customers as well, and it integrates with other security products.

FortiAuthenticator allows my company to move customers from using other products like Cisco to Fortinet solutions. Up to now, our customers have not had complete IDS systems, but we are planning for advanced implementations.

The most valuable feature I find in FortiAuthenticator is web filtering.

I would like to see more integration and inclusion of features for ransomware protection directly within the FortiAuthenticator without requiring additional devices.

I have been using FortiAuthenticator for about nine or ten years.

FortiAuthenticator is quite stable. I would rate its stability a nine on a scale of one to ten.

The scalability of FortiAuthenticator is good, and I would rate it an eight on a scale of one to ten.

The technical support for FortiAuthenticator is excellent. I would rate it between nine and ten on a scale of one to ten.

Positive

I previously used Cisco firewall products. My company is transitioning from products like Cisco to Fortinet.

The initial setup of FortiAuthenticator was straightforward. It was easier than setting up other similar products. I handled the installation myself but reached out to the technical support team when needed.

I work directly with the technology and support team for the initial integration and maintenance.

Currently, it's hard to speak about the financial benefit as I am still transitioning our customers to Fortinet products.

The cost of FortiAuthenticator is rated high due to market conditions. Nevertheless, I rated its cost an eight on a scale of one to ten.

I evaluated other solutions like Cisco before adopting FortiAuthenticator.

Up to now, I would not recommend FortiAuthenticator to others yet as I have ongoing transitions and evaluations.

I'd rate the solution eight out of ten.

A typical use case for Fortinet FortiAuthenticator is that it suits their infrastructure because they have the products.

One of the best features of Fortinet FortiAuthenticator is integration to the FortiGates.

The area for improvement in Fortinet FortiAuthenticator is its price.

I have been working with Fortinet FortiAuthenticator for a couple of years, approximately two years.

The scalability of Fortinet FortiAuthenticator rates as high, achieving a perfect score of 10.

Technical support from Fortinet deserves a rating of 10. Their service is excellent.

Positive

The initial setup of Fortinet FortiAuthenticator was straightforward, working effectively out of the box.

As a consultant, I have been installing Fortinet FortiAuthenticator at customer sites. I work for a reseller that sells Fortinet products.

My relationship with Fortinet is as a reseller and implementer.

I have not directly observed a return on investment from Fortinet FortiAuthenticator. Being in a technical rather than sales role, this aspect is typically handled by the sales team.

I have not been working with Fortinet FortiAuthenticator's AI capabilities.

I would recommend Fortinet FortiAuthenticator to others because of its quality and my positive experience with the solution.

On a scale of 1-10, I rate Fortinet FortiAuthenticator an 8 overall.

We use FortiAuthenticator for two-factor authentication. It's working well.

Once you configure it properly, it runs fine. There's not much potential for misconfiguration if you understand where you're placing the authenticator and its purpose. 

One thing I dislike is that if you have the software authenticator on a mobile device and that device is lost, it's difficult to remove. 

If you have the FortiAuthenticator client installed on your mobile phone, and then you lose your phone, or the person leaves the company without uninstalling it, transferring that authenticator to another person is a bit tough. 

It takes a long time, it is not immediate. Sometimes more than three days, because they say it's not a priority. That's one thing I think they need to improve.

We've been using it for almost five years. But nowadays, it's becoming more and more common because of compliance requirements. Companies are forced to use two-factor authentication, which is a must for compliance. Fortinet is leading in this area. Before, we were using VASCO. 

I would rate the stability an eight out of ten. Overall, it is quite stable. 

For us, it's not much, maybe 200 users use it currently. I would rate the scalability an eight out of ten. 

Customer service and support are helpful, but in the last few years, I've found that the first-level support isn't able to understand the issue. They escalate to the tier-two level, who are able to resolve it. 

On the first level, it takes time. Maybe they have grown too big and aren't able to give each network the unique attention it deserves. We customize some implementations, and at that time, they're not able to help because the people supporting are new and not from the field. The training seems fine, but in practice, it's different. Their support is not that great anymore. A little arrogance is there. 

It doesn't qualify them very well if there's arrogance in their communication. They do not understand the issue. That's why you're coming back to support. 

For example, one issue I'm facing is when a person leaves the organization without handing over details. They'll send an email to that person, but that person is not available. How are you going to access this email? These are a few instances where we are finding it difficult, and they take more than a week or two to resolve some issues. Their support used to be very good, but now that they're on top, they're not as responsive at the first-level support.

Neutral

I used alternatives a long time ago, but not recently. I worked with all kinds of solutions when I was in the enterprise segment before coming to the SME segment. The enterprise segment is more demanding than the SME segment.

We are a solution-based company, not product-based. We discuss with clients to understand their requirements and then find the right product within their budget.

We do a lot of research to find the right product line that meets the client's needs without compromising performance. We offer cost-effective solutions for the SMB segment and provide first-level support, and then back-end support accordingly.

I've mainly been working with Fortinet, leading the solutions development. I've also worked with SonicWall and, before it was taken over by Fortinet, Cyberroam. Before that, I used to work with almost all product lines. I was one of the first Check Point-certified engineers, about 25 years ago. The first firewall was in '96.

However, we haven't started using FortiGate Cloud yet. I've been using the FortiGate appliance for quite a long time, almost 20 years now. The main problem we are facing in the UAE is the lack of upload speed. We get a one-to-ten ratio; for a 100 Mbps connection, we only get 10 Mbps upload speed. That is where we are getting stuck with FortiGate Cloud. It isn't working out well for us.

It is easy. If you know the technology, it is easy to implement. If you don't, then it will be difficult.

• Deployment time: 

With testing and everything, it's a one-day job. Quite fast compared to other solutions.

You have to know where to click, what to install, and what to do. If you know the steps, it is easy. If you don't, then it will take maybe weeks or so.

• Integration Capabilities:

Once integrated with the firewall, it supports SSL VPN and the firewall itself. If integrated with the FortiAnalyzer, it supports Active Directory. The extent to which you deploy FortiAuthenticator depends on your specific needs.

Our organization are a solution provider and system integrator. 

Implementation strategy:

We don't go to the client without first preparing in our lab. We prepare everything in the lab, ensuring we understand the product line. If possible, we try to implement it in the lab. We take the device, configure it, give training, and then return. We never take the product to the client site and test it there. We do our testing and study the capabilities in the lab.

Like all products, we never take any product to the client directly from ordering and then open it there. We test it and understand how it functions. Once we understand its capabilities and what is not possible, we are very clear on that. This way, our implementation time is very short and sweet. Since we are thorough, our service calls after sales are much lesser.

The return on investment for FortiAuthenticator is difficult to measure. It's a security tool that companies use because they're looking for security, and some are forced to because of compliance. It's not something that every company is implementing yet. But, in the future, it may become a compulsory feature on every device.

It's not a cost savings; it's an expense. However, on the security side, breaches can be reduced because of two-factor authentication. It's not a cost-saving measure, but it's a necessity for security and to prevent unauthorized access. For the SME segment, unless they're forced into it, they want to have protection to prevent unauthorized access. That's the thing.

The price seems okay. It's not that expensive compared to other authenticators. Especially the clients, like Fortinet VPN clients, it is free. Unless you take the full feature of the FortiClient, then they're charging. The SSL VPN client is free; it already comes with the appliance. That's one of the reasons why this product picked up so much during the pandemic. Others were not able to support that, but they had good spring and high sales during that time.

But now Fortinet've become arrogant. After the pandemic, they've become very expensive, increasing the price two or three times every year. We're getting information that the prices are increasing again. 

The problem is that we give a budget price to the client for Fortinet next year, and then when we purchase it, we're paying a higher price. Then, clients ask why we're charging higher.

It's a one-time price per device. It's approximately $50 or $60 per user device. it's around that price. It is tied to the device, but now they have a new policy saying that we can transfer it. 

Before,  Fortinet did not allow us to transfer. That means once the hardware became obsolete, your license became obsolete, and you weren't able to transfer it. But now, with the new Fortinet policy from January or February, they allow us to transfer the authentication license from the old device to the new device used for authentication.

The pricing is not cheap. It's not very expensive compared to other services. I would rate the pricing a seven out of ten. 

If you're keen about security and want to prevent hacking, two-factor authentication is a must.

I would recommend it to other users because it is a stable solution. Stability-wise, it is good. The only worry is the support. We try to figure out the issue ourselves, but if we can't find a solution, we have to open a ticket and wait for Fortinet to reply.

Overall, I would rate it an eight out of ten. 

We are using Fortinet FortiAuthenticator for Single Sign-On (SSO) logins and Active Directory (AD) credentials with Fortinet tools. For accessing the cloud environments and on-premises, we use SSO.

The integration into tools, including CI/CD pipelines, is easy and handy.

We use multi-factor authentication for enhancing security. Also, Fortinet FortiAuthenticator helps with password enhancements.

The technical support could be improved as some staff lacks the necessary knowledge to assist effectively.

We have been using the Fortinet tool for the last two years.

The stability of Fortinet FortiAuthenticator is rated as six out of ten, indicating some instability issues.

Scalability is good, rated as eight out of ten.

Technical support is mixed. Sometimes, technical support is very good, however, at times, some technical staff lack knowledge, which delays issue resolution.

Neutral

Currently, we are not using Veracode. We are working on different tools, and since the client does not require Veracode, we are stopping its use.

I have not been involved in the deployment or configuration process.

I am not part of the deployment or configuration teams. Other teams handle these tasks.

I'd rate the solution six out of ten.

Our use case for the solution involves managing and optimizing our organization's network traffic across multiple sites. 

The platform has significantly improved our organization's network performance and security. It has simplified network management, reduced operational costs, and ensured seamless connectivity across all our sites.

The product's most valuable feature is its no-license requirement for SD-WAN functionality, significantly reducing operational costs. The ease of use, interactive GUI, and comprehensive security features are also beneficial.

The solution's command line interface could be improved to provide better support for low-level debugging and advanced configurations. 

Additionally, features that streamline user management and integration with other Fortinet products would be advantageous.

I have been using Fortinet's SD-WAN solution for about three years.

The product is stable. I rate the stability a nine out of ten. 

The solution is highly scalable, allowing seamless expansion as the organization grows. Adding new devices and managing them through FortiGate's centralized interface is straightforward.

The technical support services are good as long as the license is active. Without an active license, it becomes difficult to contact them. 

I have used Meraki SD-WAN before. However, I prefer Fortinet's SD-WAN due to its cost-effectiveness and security features.

The initial setup was relatively straightforward, especially for basic SD-WAN functionalities. More complex configurations may require additional time and expertise.

We implemented the product with the help of our in-house team. 

The platform is cost-effective as it does not require a separate license for SD-WAN functionality.

I evaluated other options, including Cisco and Aruba, but found Fortinet's SD-WAN superior for ease of use and integration with other Fortinet products.

I rate Fortinet FortiAuthenticator a nine out of ten.