Fortinet FortiToken Reviews

The name of the authenticator is from the user's site. It's sufficient for that to provide you with a number when you need to access a protected resource, which is the site. This is two-factor authentication. You have two layers of authentication. The first layer is provided by the name and password, and the second layer is provided by the authenticator. 

So you have to be attentive to that when the app prompts you, or at least the app prompts you, which advises you about the directive that someone is attempting to access this technology. And you can confirm by saying yes. It's directly linked to the internal access attempt to the site.

I appreciate that it provides comprehensive security. It is tailored to this specific purpose, and it excels in fulfilling this purpose.

On the Fortinet side, it is already well integrated with Android devices, simple devices, and PCs.

Maybe the price could be improved, and the integration could be better. But the integration is different from the authenticator side.

I have been using this solution for more than three years. We use the latest version as it updates automatically. 

I would rate the stability a ten out of ten. I haven't encountered any issues with this solution's stability

It is very scalable. It can manage thousands of users. We plan to expand our customer base.

We have around 250 users. We all rely on it for our authentication needs. It's in active operation.

We used Fortinet FortiAuthenticator. 

From the customer's perspective, the setup is flexible. You have the liberty to configure it according to your preferences. It took minutes to set up. 

We can do it in-house. Simply load the installation and compute user, and then you can use it.

The technical personnel involved in deployment and maintenance are developers.

The ROI is quite high because the consistent part of it originates from any directive of credentials or end-user passwords. It's a solution that significantly improves the authentication phase. This makes it less likely that a malicious actor would be able to gain unauthorized access to the network and launch the attack.

FortiToken hardware itself does not require a license. However, the FortiAuthenticator software does require a license. The cost of the license depends on the number of users. We pay it on a yearly basis. But you can also find agreements with other options.

There are no additional costs. It is not too expensive.

Overall, I would rate the solution an eight out of ten. I would definitely recommend using the solution. There are not many functionalities. However, it is a great solution for multifactor authentication.

We are using Fortinet FortiToken for token-based mobile applications.

The solution comes with two firewalls as a bundle. In that bundle, most of the individual users can be assigned to mobile users. However, in cases of technical difficulties, users may accidentally remove the mobile application. In normal scenarios, we get back to the activation key and assign it again.

In one instance, we had to call back Fortinet service providers to reactivate the token and access the system. If they could provide a managed portal for the token, then reassigning tokens can be easy.

I would also like to see some mobile-level application update. It would be easy for our team if we can have all the features in one place.

I have been using the solution since 2019. We implemented the demo piece for the PED staff and internal staff team. We deployed the solution as a case of factorization since there was a high-risk claim. We needed the solution for our critical business cases.

I would give eight out of ten for the stability of the solution.

I would rate the scalability of the solution an eight out of ten. There are about 150 users for the mobile token application in our company.

I would rate the tech support a seven out of ten. I have contacted support only once since 2019– for an activation error message. They resolved the issue within two days.

Neutral

I have been using Google Authenticator and Microsoft Authenticator. I am happy with FortiToken because it makes it very easy to install and manage tokens.

The setup of Fortinet FortiToken was very easy because the license of the solution was assigned by the vendor. Once initiated, we were able to access the tokens and assign them to the required users.

I would rate the pricing as an eight out of ten. We purchased the solution at a reasonable price in 2019.

I would rate the overall solution an eight out of ten. The solution is a smart product that anyone can easily access and manage. The solution is a good product for multi-factor authentication and to secure remote authentication in the corporate environment.

Fortinet FortiToken could be lower for some markets. 

I have been using the product for two and a half years. 

I rate Fortinet FortiToken's stability a nine out of ten. 

I rate the tool's scalability a nine out of ten. 

The tool's support is the best. 

Fortinet FortiToken's deployment is simple. 

I rate the product a ten out of ten. 

We use FortiToken to authenticate many of the applications we and our clients use. We use, integrate, and resell the solution.

We like the mobile FortiToken. 

I have used FortiToken for four or five years.

FortiToken is stable.

I rate Fortinet support nine out of 10. We pay for a support contract that entitles us to dedicated resources for our problems. In fact, we are not using basic technical support. With standard support, it can take a while for the engineers to understand the problem. We don't ask frivolous questions. Typically, we have our information ready to make the process smoother. 

Positive

I rate FortiToken 10 out of 10 for ease of setup. The setup time depends on the number. FortiToken is sold in a box of at least five, and it usually takes half an hour or so.

The price isn't an issue for most clients, but they complain that it's increasing each quarter. At the same time, all companies are raising their prices because we're in a dynamic period. 

The problem is that our customers create budgets annually based on the figures at the beginning of the fiscal year. Our customers get annoyed when the price is adjusted in the middle of the year. I understand that it's a difficult time, and price increases make sense for hardware devices. However, FortiToken is a software product, so it shouldn't be affected by factors like chip shortages or supply chain issues. Software solutions should have more transparent and predictable pricing.

I rate FortiToken 10 out of 10. 

We use Fortinet FortiToken when a client requires it.

The FortiToken from Fortinet is primarily used for VPN authentication. That is one of the most common use cases. VPN authentication as well as two-factor authentication on VPN. In addition, two-factor authentication is required for administration access to the FortiGates.

In the rare case where the FortiAuthenticator is separate, they use it as a directory for the enterprise. It can also be used for other applications such as Microsoft. External applications and, on occasion, customer applications that use RADIUS.

I believe FortiToken is the simplest to implement. However, there is no difference in terms of features other than multi-factor authentication. It's very basic.

Ease of administration, which is not always a feature, but the ease of administration, token importing, and exporting, is why FortiToken has been considered as a multi-factor authentication solution.

FortiToken could be made much more flexible. They're doing very well now. I think having two-factor authentication on their firewalls for administration, as well as being able to use them for VPN access for MFA, was a great idea. However, in terms of a broader base of support, I believe their support for SAML, for example, could be greatly improved. OAuth, SAML, and other protocols that are more geared toward cloud-based applications, in my opinion.

I would like to see complete OAuth support. Also, if they can support it from a SaaS (Software as a Service) or cloud platform, that would be great. 

I have been working with Fortinet FortiToken for four or five years.

There are two kinds of customers. There are clients for whom we only implement and clients for whom we manage. Where we have a managed service with the client, we keep them on the most recent version, which is N-1.

Fortinet FortiToken is very durable and stable.

If you don't use the VM solution, it's not very scalable because, from a hardware point of view, you almost have to buy hardware and do a full replacement. From that perspective, I wouldn't say it's scalable. But, again, if you're using your VM  you would have to rebuild your VM.

I wouldn't go so far as to say it's not scalable. However, when it comes to the number of users, it is very scalable in terms of being able to cater to a small environment of five users versus 100,000. But, in my opinion, when you have to migrate as your environment grows, it's not very scalable. It is, but it is difficult to import and export through it.

The number of users we have is probably in the region of 20 or 25.

It would be on a daily basis because you have to log on all the time, especially now that you're remote. And MFA is required by the majority of our company or clients.

I work with Fortinet support on a regular basis.

In terms of support, Fortinet is one of the better vendors. However, they face significant challenges when it comes to getting a response. When you log a support call, getting the response you want is always a problem. It's almost as if you're being passed from one engineer to the next, and it's extremely difficult to articulate the problem and get a response.

I don't use them myself, we are integrators. A few clients use Fortinet FortiAuthenticator, Fortinet FortiToken, McAfee Total Protection for Data Loss Prevention, Trend Micro Integrated Data Loss Prevention, and GTB Technologies Inspector, but they use FortiToken specifically. I believe I added RSA Authentication Manager, followed by Cisco, Jira.

The initial setup is extremely simple. The FortiAuthenticator and FortiToken are unquestionably the simplest multi-factor authentication solution to implement.

It takes two to three hours to get it up and running. But, the biggest challenge is always the user element, where you have to get users to install the application and communicate with them. That can take you a lot of time depending on the size of your organization and the level of technological sophistication of your end users.

That would require a significant amount of time. But the initial setup, which is to set up the FortiAuthenticator, import the tokens and integrate that with, the FortiGates, is very simple and doesn't take long.

Yes, absolutely, I would recommend this solution, especially for clients performing standard RADIUS authentications, because I believe they're quite solid. I believe where it becomes more difficult is with open authentication protocols such as SAML and OAuth. Fortinet has a long way to go in this area.

I would rate Fortinet FortiToken an eight out of ten.

We are using this solution for administrator access to firewalls. We have its latest version.

FortiToken is just there to do the administration of the firewalls. For two-factor authentication, we like Duo more.

The integrated Fortinet security with the app that allows you to easily do the two-factor authentication is most valuable.

The app could be improved so that you don't have to actually type in the code. It would be great if you can just do a prompt or push similar to the way Duo does.

We have been using it for three years in our organization.

It is stable.

It is good. We have a very small use case for it. If I want to roll it out for a larger use case, I don't think it would have any issues. We currently have got only got four firewall administrators who use this solution.

I have not interacted with them for FortiToken.

It was straightforward.

I just did it myself.

Overall, it has provided an ROI. It is included as part of our firewall license.

It is included as part of our firewall license. 

I would advise others to make sure that they have cellular phones that are company-owned or they have employees who are willing to use their own in order to use it.

I would rate Fortinet FortiToken a six out of ten.

We use the product for multifactor authentication. 

The solution is simple and similar to Google Authenticator. It follows time-based authentication. We use it for hardware and software in one environment. The tool offers simple and fast authentication for SSL. 

Fortinet FortiToken should improve its push notifications. 

I have been using the product for three years. 

I rate the tool's stability a ten out of ten. 

I rate the tool's scalability a ten out of ten. My company has 50 users. 

My experience with Fortinet FortiToken's technical support is good. 

Positive

When I compare Fortinet FortiToken to similar products like Google Authenticator, I see differences, especially with Microsoft Authenticator, which also uses push notifications. Google Authenticator is free. 

Fortinet FortiToken's deployment is simple. 

I did the deployment myself. 

I rate the tool's pricing a five out of ten. 

I rate the overall solution a ten out of ten. 

I'm a solution provider who sells FortiToken and helps customers implement it. Most of my clients use Fortinet solutions like FortiClient VPN and FortiGate firewalls for remote work. They also use FortiToken for authentication. 

Bangladesh is a price-sensitive market, and FortiToken is popular because it's more affordable than the Palo Alto and Cisco authentication solutions. Fortinet has a local director for Bangladesh, so they can deliver solutions to customers quickly. 

I have sold FortiToken for three years.

I rate FortiToken seven out of 10 for stability.

I rate FortiToken eight out of 10 for scalability. It's suitable for mid-sized customers, not large enterprises. 

Support is a pain point in Bangladesh because there aren't many experienced Fortinet engineers in this country. It's easier to find one certified in Cisco, Palo Alto, or Juniper. 

Palo Alto is good compared to Fortinet. I like the dashboard better. 

The deployment process is straightforward. I've never had any issues. 

I rate FortiToken seven out of 10 for pricing. 

I rate FortiToken six out of 10. I recommend it for small and medium-sized companies. 

FortiToken is a second-factor authentication solution mapped to the on-prem firewall. Any user who connects to the firewall for VPN uses the token for authentication. Our client is the end-user, and we manage it for them. We acquired FortiToken five years ago and additional tokens every year since then. The token is just a piece of hardware, so there's nothing to be refreshed over there.

FortiToken helps us meet compliance requirements where applications or any authentication needs to use two factors. In addition to a password, there has to be a second factor for authentication. 

FortiToken is available in a soft or hard token factor, so there's some flexibility in that. Beyond that, I would say it is a stable solution that has worked for us.

Usually, there are operational issues for tokens, but problems have been minimal. 

We have been using FortiToken for at least five years.

FortiToken is a stable problem. We haven't had any issues.

If you are able to predict your scale, you can buy a box that will scale up to your projected requirement. Of course, it is not endless. If you're growing beyond what you had forecasted, you'll need to buy a bigger box or change solutions. Right now, we have at least 6,000 users.

Fortinet support has some room for improvement. It has taken a long time to resolve some issues or find a workaround.

We didn't see any major issues setting up FortiToken. It doesn't take more than two or three weeks. A lot of that was logistics because the initial deployment was done with 5,000 tokens distributed across a wide geographical range. We don't have a dedicated team for FortiToken. The team handling all the firewalls also manages this solution.

There was a Fortinet partner which was involved in setting it up.

FortiToken's price is optimal for us, but India is a price-sensitive market, so a lower price would definitely help. Overall, it's cheaper than other solutions. Of course, we evaluated it five years back, and I haven't checked to see its current market position, but one reason we adopted FortiToken is its lower cost of ownership relative to other solutions we evaluated.

I rate Fortinet FortiToken seven out of 10. I recommend it depending on the use case. It's a good option if you need a stable product that can. It meets all the requirements for scalability, security, and reliability.

Its ease of use is most valuable. It is simple to use and can be deployed out-of-the-box. It is quite a mature product with all the required features.

It needs a lot of coupling with their other Fortinet products. To implement FortiToken, I most probably need to couple it with FortiAuthenticator for full implementation. An RSA token can be used with many devices, whereas Fortinet FortiToken is always linked to only one FortiGate device. If I want to reuse the token across five or six FortiGates, I would have to get the FortiAuthenticator product. I can't use one token to connect to different FortiGates, and I need to get another product to enable this functionality.

They should also improve the support for their mobile client. There should be a more detailed roadmap for the operating systems being supported. Some of our users were using an old iOS iPhone, and they were forced to get a newer phone because FortiToken didn't support that version of iOS. Similarly, there may be a version of Android that is not supported, so the users need to change the phone. This was one of the reasons why our deployment took longer.

I have been using this solution for three years.

It is stable.

It is not scalable because it is attached to one device.

Their technical support is quite good. The product itself is quite simple to use, and there have been very few times when I had to call the support. Basically, in the past three years, we didn't log any tickets for support.

We have used RSA tokens. Fortinet FortiToken is much easier to use than RSA tokens. In terms of our experience with day-to-day management, it is very good as compared to RSA.

It was quite straightforward. We deployed it for about 500 users, and it took about a month. The deployment is quite fast. You can just get it done within two weeks, but it took time in getting feedback on whether the phones and the OS versions that were being used by our users were supported. It took us longer to iron out all such issues and to get the phones that were supported with this solution.

I would recommend this solution to others, but they need to know what it is used for. Because this is a 2FA, where you implement it will actually matter. If you want to deploy it globally and you have many FortiGates, you would need additional products, such as FortiAuthenticator. If you're deploying it to only a single site and everybody is connecting to that site and using it as a 2FA, it is the right solution. 

I would rate Fortinet FortiToken an eight out of ten.