Fortinet FortiAuthenticator Reviews

We are a solution provider and we work with Fornet products, including FortiAuthenticator. I have installed it for a bank and their users authenticate their access through it.

Our implementation involved the creation of local users for the VPN, and they are authenticated using this product. This is the main purpose of it, and what had been requested by the client.

The most valuable feature is the authentication tokens.

There are some protocols, such as SHA and SHA-2, that are not supported. This is something that Fortinet is working on.

I have been working with Fortinet FortiAuthenticator for one year.

One of our clients has faced a lot of issues with FortiAuthenticator. For example, one of the devices restarted by itself, and the database was corrupted. To remedy this, we reinstalled the image and did the installation from scratch.

This is a scalable product.

The technical support by Fortinet is okay.

I work a lot with Fortinet products and I call the support often. They are very quick to respond and the support is very good.

I have worked on most of the Fortinet products, as well as with products from Palo Alto. At this time, the only single sign-on product that we use is FortiAuthenticator.

The initial setup was very complex. The was one cluster and one load balancer that had to be configured.

We expect to do another installation, although this time it will be using the RADIUS server.

What our engineers say about FortiAuthenticator is that when compared with other vendors, it has not yet reached the same level.

I would rate this solution a six out of ten.

We primarily use Fortinet FortiAuthenticator to centralize the management of user identity information in Security Architectures, enforce Role-Based authentication, and allow Two Factor authentication with Softclient support.

This is a must-have technology in Fortinet implementations with several gateways and distributed environments.

It is easy to set up and will reduce Network administrators' efforts to integrate diverse identification methods. Must evaluate Single Sing On Mobility Agents to full integration of users position on the network and complete the solution.

Using this product strengthens enterprise security. It offers role-based security policies and User Identity Management with different methods.

This product provides automatization. There is a self-service user portal for registry and support for domain and non-domain guest users, with diverse channels vía hardware tokens, software tokens, e-mail, and SMS.

This solution brings user satisfaction. It reduces the need for network administrator intervention by allowing the user to perform their own registration and resolve their own password problems and issues.

Key Features and Benefits

1. Two-factor/OTP Authentication with FortiToken: Enforce user-based policies. Fortitoken is available in soft and hard versions for flexible usage.  Most Valuable in Mobile Phones App for OTP.
2. Integration with LDAP and AD: This solution integrates with existing enterprise systems and technologies from diverse vendors of user information management systems.
3. LPAD/AD/RADIUS/SYSLOG/KERBEROS/REST API/FSSO and Web Portals: There is flexible integration with these services.
   
4. It is usable in network WAN, wireless, and VPN Scenarios.
5. The domain and guest-users support are good.

I would like to see integration and customization capabilities with the end-user portal to solve authentication issues with diverse implementation scenarios. Specifically, with web applications, enterprise networks, and VPN.

We have been using Fortinet FortiAuthenticator for three years.

This is a stable, set-and-forget product. Logical operations run in the Gateways.

FAC 200E/400E will support environments for hundreds of users, based on Physical Appliances. If future needs are in the scope then I suggest implementing virtual deployments.

Technical support is not needed in any sense. We have three years running without hardware appliance incidents or major issues.

This is the first authentication platform that I have worked with.

The initial setup process will vary from simple to complex and depends on your existing User Identity Systems, integrations, and scale of the network

In-house engineers, properly trained, are responsible for deployment and maintenance.

Our ROI was reached in less than a year. This solution is good in terms of financial returns.

FAC is an affordable solution for Middle Range (200E/400E) and also needs a package of mobility agents (2,000) perpetual.

There is nothing to buy in the gateways (FG) and it is fully integrated.

As a Fortinet customer, the logical evaluation was FAC from the same vendor.

This is a must-have technology in Fortinet deployments with distributed environments.

We use this solution for two-factor authentication of most of our services. It includes VPN but also many other services that we have on our internet servers. We use the on-premise version because we also want it integrated into our in-house applications. We are customers of Fortinet and I'm a systems administrator. 

Security is such a big issue these days, a password alone is no longer enough for securing identity. In that sense, providing a second layer of authentication for users gives the company some level of comfort. 

I think the ease of deployment is a valuable feature. I like that the interface is intuitive and that natively and easily, it integrates with radios, ILDAP, fan mail, and with any applications supporting those protocols

I'd say that the integration with some other enterprise applications could be improved. For instance, ADFS. FortiAuthenticator does not work natively with ADFS and the company is not looking in that direction. It's one of our in-house applications and it was a challenge integrating with FortiAuthenticator. We had to write a separate, customized adapter for ADFS before we could make it work. We tried to get Fortinet to work on it but I don't think their development team is interested. It's not in their plan. The other challenge was when I integrated with I think VMware - there was an issue between the radio adapter and FortiAuthenticator. Both parties were not ready to work together and the implementation was buggy. 

I believe this solution can be adapted to so many things, depending on the technical side and the implementation engineers. I'd like to see some additional use cases that can be infused into the solution, such as ADFS.

I've been using this solution for two years. 

I haven't had any issues with stability. 

It's a very scalable solution. They now have the option of deployment as a VM, and then they have the hardware. I believe we use the 1000D for the hardware - it's able to support up to 10,000 users. You license the appliance based on the number of users and if you need to add more, you buy additional licenses. Almost everybody in the company uses it and I'd say we've had a total of around 4,000 users.

The technical support is mid-range It's not your wow kind of support but they do have levels of support. The support is in connectivity with their clients and it has to be renewed every year. You might do better if you go through their partners or something similar. They're not really there when it comes to support.

We used RSA SecurID before Fortinet. We switched because of the high costs associated with RSA. I believe that with RSA you need to pay a token license every three years but with Fortinet, once you buy it, you own it. Even if a token is lost, you can always reposition the token and that will not come at any extra cost. It's cost-effective for us. We also have several channels we can use for authentication with FortiAuthenticator. With RSA, users are stuck with either carrying the dongle, the hardware token, or maybe having the mobile application token on their phone. With Fortinet you can decide whether to use a hardware token, soft token, email token, push notification, or SMS. It gives us flexibility and comfort.

Initial setup was pretty straightforward. We were up and running within three days. I carried out the deployment. 

The license is a one-off payment. 

Every environment is obviously different so each user needs to know what they are looking for, and make a decision based on that. This is a cost effective and flexible solution. If a company is looking to use it on their server, it's important to look at the integration channels and your environment, the support. It's important to know that the channels are supported. 

I would rate this solution a seven out of 10. 

We are currently using FortiAuthenticator for VPN access.

For security access, it is good.

The Fortinet security area is authenticated; they use it to access that is the main purpose.

FortiAuthenticator should integrate with other applications. I currently use Google Authenticator and Office Authenticator, and it would be better if FortiAuthenticator could be added to other applications.

As a user, I have been working with FortiAuthenticator for about three years now.

The solution is stable, and I would rate it ten out of ten.

The response from Fortinet is very fast. We use them for integration with the Mitel solution, and they are supportive and helpful.

Positive

My colleague did the setup, and I didn't feel that he struggled much. It seemed straightforward and not too difficult.

The pricing is about three on a scale where ten is low. Pricing should be more flexible.

I recommend it to other users who are using FortiGate to go for Fortinet.

I'd rate the solution ten out of ten.

Our customers use Fortinet FortiAuthenticator for SSL VPN security. Our customers are from various industries including retail, finance, and manufacturing.

The tool's most valuable features are push notifications and integration with the FortiGate firewall. Push notifications provide an instant acceptance mechanism. When customers try to access SSL VPN, the solution sends a push notification to their mobile phone, and they can easily approve the access. The integration with FortiGate firewall is very easy if our customers use FortiGate for their firewall.

It also supports easy user management. You can easily manage user accounts and groups.In terms of benefits, the tool provides both cost savings and efficiency, but efficiency is more important for our customers. The main point of this solution is security, which is the most important thing. After that, maybe you can say time management - you can easily manage your access and permissions. Cost savings come third.

I think the tool could provide this solution on the cloud. It's currently an on-premises solution. A cloud-based version could make setup, installation, and management easier. With on-premises, you must pay capital expenses (CapEx) upfront. However, if the solution was cloud-based, it would be operational expenses (OpEx), which is often easier to manage. You can pay monthly instead of paying the total cost at once. In my opinion, OpEx is more easily manageable than CapEx.

I have been using the product for five years. 

I use Fortinet FortiAuthenticator to access VPN. Fortinet FortiAuthenticator is an easy-to-use solution.

I would like to see some email options for Fortinet FortiAuthenticator.

I have been using Fortinet FortiAuthenticator for one year.

I rate Fortinet FortiAuthenticator an eight out of ten for stability.

Around 200 users use Fortinet FortiAuthenticator.

I rate Fortinet FortiAuthenticator an eight out of ten for scalability.

Fortinet FortiAuthenticator’s initial setup is simple.

Overall, I rate Fortinet FortiAuthenticator an eight out of ten.

We are using FortiAuthenticator for authentication to connect to our network, either through some software or VPN or SSL or CyberArk, anything.

Samuel is good. We are using Samuel. Also, the good thing is that it's easy to use, and the logs are very precise.

There is a room for improvement. The log is a bit difficult to access, and searching the log codes is also a bit difficult. So it would be much better if, when we open a log, it could provide detailed information about errors, reasons for failure, and such.

We have been using this solution for approximately one and a half years.

It is very stable. We have never had any issues with this solution.

I would rate the scalability an eight out of ten. Some improvements, but it's on our end as well because we are still using the older variant. 

We have around five to seven end users using this solution.

The customer service and support are awesome for FortiAuthenticator.

I've been using Fortinet for the last eight or nine years. So, for other professional solutions from Fortinet, the support is not so good. You have to open a case as usual, and some technical contact will get in touch with you if they're available. If not, we have to call a toll-free number manually, and they will connect us to an available agent who will check our case and then escalate it. For normal issues with no business impact, it's okay to wait for two or three hours, no problem. But in critical situations, it's challenging to reach them.

Positive

The initial setup is simple. It's not that difficult. You have to know the functionality of FortiProtect, the requirements, and it depends on your network. It's not that difficult to implement.

We have VMs and devices. But mostly, we are moving to VMs.

We design and then, Fortinet team will implement.

I would rate the pricing a four out of ten, where one is cheap, and ten is expensive. It is not that costly. It is cheap, easy to manage, easy to install, and easy to configure. 

We evaluated Palo Alto. It's easy to use, offers a lot of features in one box, and it's cost-effective. And the support is very good.

Overall, I would rate the solution an eight out of ten. 

Our company is based in Latin America and we work mainly in areas relating to telecommunications in the banking, retail and public sectors. We are partners with Fortinet. 

The solution is simple to deploy, simple to use, and user-friendly. 

I'd like to see a simplified two-factor authentication process and some additional security around the function of geolocation. If you can't authenticate to protect transactions, and the security is weak, it's a problem. 

If you have the correct architecture, the solution is stable. If there are a large number of users, there are likely to be some stability problems. 

The solution is scalable. 

We're happy with the customer support. 

Positive

The initial setup was straightforward. The solution functions 24/7 so the admin, operation and maintenance need to be in good shape round the clock so we generally have four engineers involved in maintenance. 

I think this is a good solution although there are some things that need to be improved so I rate this product eight out of 10.