Fortinet FortiToken Reviews

The platform's main use case is to facilitate authentication when connecting outside of the organization, particularly when using Fortinet VPN. It ensures secure access to our network resources, especially when working remotely.

The primary benefit of using FortiToken is its cost-effectiveness. It provides a reliable authentication solution without requiring significant financial investment.

One of the product's most valuable features is its ease of use. The soft token offering simplifies the authentication process, making it convenient for users. Additionally, its straightforward installation and configuration contribute to its value.

They could enhance synchronization with mobile applications, and addressing minor issues with authentication could further improve user experience.

I've been using FortiToken for about three years now.

I rate the product stability an eight out of ten. While it's generally reliable, there have been occasional instances where multiple authentication attempts were required.

Approximately 200 users are currently using FortiToken within our organization. It is scalable, and additional licenses can be easily acquired to accommodate more users as our organization grows.

The initial setup was straightforward. Onboarding and initial testing typically take about a day before the system is fully operational within our organization.

The platform's licensing cost is reasonable for our organization. We opted for a yearly subscription, which aligns well with our budgetary requirements.

FortiToken is integrated with our FortiFirewall and FortiWeb systems. This integration enhances security, especially when employees access organizational resources remotely, such as working from home.

I advise others to consider using the product to explore its token offering for simplified authentication.

I rate it a ten overall. It meets our authentication needs effectively and is a valuable asset to our organization's security infrastructure.

We only use FortiToken for authentication purposes, like logging into SSL VPN or plugging into firewalls.

I like how easy it is to configure and assign tokens. It's readily available through our application-based system.

The problem comes when we have to migrate tokens to new phones. There's no backup option or import/export feature, so you have to redo the entire process manually, adding tokens one by one, which is quite tedious.

The migration process is definitely a major area for improvement. Imagine losing your phone and having to set everything up again from scratch and add everything individually.  

In future releases, push notifications would be good! Instead of opening the app and entering the token manually, what if we received an approval or denial prompt directly on the phone as a notification? Just a tap to log in, that would be nice.

I have been using it for three years now. 

I would rate the stability a nine out of ten. It's been very reliable for my customers. 

I would rate the scalability a seven out of ten. The migration issue definitely brings it down a bit.

Moreover, if FortiToken could improve that, maybe introduce push notifications or even eliminate the need for manually entering token keys, it could easily reach a ten out of ten.

Replacing the token key entry with a simple notification and selection option to accept/deny would be very handy and useful. Now, we have to scroll down and search for the correct FortiToken by name. 

I recommend FortiToken for all companies, especially when they connect to sensitive servers. That's why I suggest them to use it.

There haven't been any emergencies, but the response times and everything were good when I needed help.

Positive

Before FortiToken, I used Okta for authentication. For firewalls and network devices specifically, I recommend FortiToken.

The initial setup is easy. You receive a QR code via email, scan it, and add it. No complicated procedures involved.

The deployment model depends on the customers. We have different customer setups, but most are on-premises, device-based deployments.

We typically require our assistance with deployment. We manage their hardware and infrastructure, so deployment falls under our responsibility.

The pricing is not very high, so I'd rate it around six out of ten, where one is high and ten is low.

I can compare it with Microsoft's 365 authentication or other Microsoft authentication solutions, but they have different features.

Overall, I would rate the solution an eight out of ten. I recommend FortiToken to all our clients who purchase Fortinet devices, especially within banking and payment systems. 

Fortinet offers a comprehensive solution for network security, particularly with its very effective zero-trust network access approach.

The solution has many components, each with its own benefits and advantages. FortiToken is straightforward to use.

I have been using Fortinet FortiToken for six months.

More than 400 stores in Canada are using this solution.

The product itself is very good, and although I have extensive experience with Fortinet, I have not sought much support for it so far.

Positive

It's very simple: install the FortiToken app on your cell phone. When you receive the FortiToken invitation by email, open the email to view the QR code. Use your phone's camera to scan the QR code, automatically importing it into the FortiToken app. Once synchronized with the FortiToken server, you can use the app for future authentication.

It's convenient because you don't need to implement a separate FortiToken server. Traditionally, with systems like RSA, you needed a dedicated server, purchased token licenses, and assigned them individually to users. However, with Fortinet, you can use FortiGate as the FortiToken server itself. Each FortiGate license includes two free FortiTokens. If you need more tokens, you purchase additional licenses. The required tokens are automatically generated after importing the license into the FortiGate. You then assign these tokens to users and send an invitation email. The user receives the email, opens the attachment or QR code, and scans it with the FortiToken app on their phone.

If you don't have many users, the free FortiTokens included with FortiGate should be sufficient. The basic license covers up to twenty-five users. Alternatively, you can use Fortinet's FortiToken Cloud Service instead of FortiGate as the FortiToken server. This way, you don't need to have a FortiGate device.

Overall, I rate the solution a nine out of ten.

All customers want a more secure VPN connection. Therefore, we use FortiToken as a multi-factor authentication solution to increase connectivity security for our customers.

The solution offers push notifications. When you try to connect to the VPN, FortiToken sends a push notification to our customer's device. The customer can then approve or deny the connection, making VPN security more straightforward and efficient.

The solution could be more user-friendly.

I have been using Fortinet FortiToken as reseller for three years.

I rate the solution’s stability a nine out of ten.

The solution can scale to any measure. Scalability is very easy because it doesn't have one client or 10,000 clients. It's the same configuration. You can distribute it anywhere with the client's token.

It is suitable for all kinds of business. We cater to the retail and finance sectors.

I rate the solution’s scalability a ten out of ten.

You can reach easily with the support team.

Positive

The initial setup is easy and takes one to two hours.

I rate the initial setup a ten out of ten, where one is difficult, and ten is easy.

The pricing is moderate. 

I rate the product’s pricing as seven out of ten, where one is cheap and ten is expensive.

You can track user login activity. You can send messages to your SysTrack servers and then monitor and report these activities.

Security is the top priority because it equates to saving time and money in the long run. Our customers' primary motivation is security. Without multi-factor authentication, like FortiToken, unauthorized individuals can use your credentials to access your data centers. Therefore, our customers prioritize security first, followed by financial considerations.

Every company and individual should prioritize using a multifactor authentication solution for their email, especially FortiToken. I highly recommend this solution for securing personal email accounts, online banking, and especially for company use. It ensures an added layer of security crucial in safeguarding sensitive information and preventing unauthorized access.

Overall, I rate the solution an eight out of ten.

Fortinet FortiToken is used for double factor authentication.

You need your mobile just to enroll the tokens, and sometimes, it's difficult to use for someone who is not knowledgeable. Clients don't like the fact that they have to download the application to use Fortinet FortiToken. Having it directly on an SMS is a better option for the clients.

I have been working with Fortinet FortiToken for seven to eight months.

Fortinet FortiToken is stable, but it's a bit slow.

I rate Fortinet FortiToken seven and a half out of ten for stability.

I rate Fortinet FortiToken seven and a half out of ten for scalability.

Fortinet FortiToken's initial setup is a bit complex. I rate Fortinet FortiToken a seven out of ten for the ease of its initial setup.

Fortinet FortiToken can be deployed in three hours.

Fortinet FortiToken is not an expensive solution. One license costs around 50 USD.

Overall, I rate Fortinet FortiToken a seven out of ten.

All users who can log in on Fortinet have Token. We have 15 FortiTokens for the managers who are connected to the VPN and also for those who are connected to the software. It is mobile, not a hard token. That said, I have the hardware token, which is related to the administrator, me, and my assistant. It's used on software and hardware. We use it at an administrator level and at a user level. 

The solution is great for security. It's for two-factor identification.

It is easy to implement. The deployment is quick and simple. 

It is stable and reliable. 

The cost isn't too high.

The solution works well. We have nothing to complain about. 

I've been using the solution for five years. 

The stability is ecellent. I would rate it five out of five. It is reliable, and the performance is good. We do not have any issues at all. 

We have 15 FortiTokens.

We did not previously use a different solution. This was the first solution we selected. 

It is an easy product to implement. From the software or the hardware itself, from the options, we can apply FortiToken for the user and just add the hot token serial number and go.

We only need one person to deploy the solution. I tend to manage it myself. 

The deployment takes about 45 minutes for the software. It might take about ten days for the hardware to arrive from Fortigate. After that, I just install the serial key, and everything is done. 

We have not noted an ROI.

We deal with a subcontractor in Saudi Arabia to pay everything in one bill yearly. Everything is a separate license fee, and we use different Fortinet solutions. However, we pay for everything yearly, all at once.

Generally, it is an affordable product. We do not find it to be overly expensive. 

I'd rate it a five out of five in terms of affordability. 

We did not explore other options. We chose the first option we looked at, FortiToken.

We are not partners. We use it internally in the company. We are end-users. We use a lot of Fortinet products. 

Nothing has to be done from the end-user perspective; they just add the username and password, and a code appears on the Fortitoken software or hardware. 

I'd rate the solution ten out of ten. 

I'd recommend the solution to other users and companies. 

We use Fortinet FortiToken when a client requires it.

The FortiToken from Fortinet is primarily used for VPN authentication. That is one of the most common use cases. VPN authentication as well as two-factor authentication on VPN. In addition, two-factor authentication is required for administration access to the FortiGates.

In the rare case where the FortiAuthenticator is separate, they use it as a directory for the enterprise. It can also be used for other applications such as Microsoft. External applications and, on occasion, customer applications that use RADIUS.

I believe FortiToken is the simplest to implement. However, there is no difference in terms of features other than multi-factor authentication. It's very basic.

Ease of administration, which is not always a feature, but the ease of administration, token importing, and exporting, is why FortiToken has been considered as a multi-factor authentication solution.

FortiToken could be made much more flexible. They're doing very well now. I think having two-factor authentication on their firewalls for administration, as well as being able to use them for VPN access for MFA, was a great idea. However, in terms of a broader base of support, I believe their support for SAML, for example, could be greatly improved. OAuth, SAML, and other protocols that are more geared toward cloud-based applications, in my opinion.

I would like to see complete OAuth support. Also, if they can support it from a SaaS (Software as a Service) or cloud platform, that would be great. 

I have been working with Fortinet FortiToken for four or five years.

There are two kinds of customers. There are clients for whom we only implement and clients for whom we manage. Where we have a managed service with the client, we keep them on the most recent version, which is N-1.

Fortinet FortiToken is very durable and stable.

If you don't use the VM solution, it's not very scalable because, from a hardware point of view, you almost have to buy hardware and do a full replacement. From that perspective, I wouldn't say it's scalable. But, again, if you're using your VM  you would have to rebuild your VM.

I wouldn't go so far as to say it's not scalable. However, when it comes to the number of users, it is very scalable in terms of being able to cater to a small environment of five users versus 100,000. But, in my opinion, when you have to migrate as your environment grows, it's not very scalable. It is, but it is difficult to import and export through it.

The number of users we have is probably in the region of 20 or 25.

It would be on a daily basis because you have to log on all the time, especially now that you're remote. And MFA is required by the majority of our company or clients.

I work with Fortinet support on a regular basis.

In terms of support, Fortinet is one of the better vendors. However, they face significant challenges when it comes to getting a response. When you log a support call, getting the response you want is always a problem. It's almost as if you're being passed from one engineer to the next, and it's extremely difficult to articulate the problem and get a response.

I don't use them myself, we are integrators. A few clients use Fortinet FortiAuthenticator, Fortinet FortiToken, McAfee Total Protection for Data Loss Prevention, Trend Micro Integrated Data Loss Prevention, and GTB Technologies Inspector, but they use FortiToken specifically. I believe I added RSA Authentication Manager, followed by Cisco, Jira.

The initial setup is extremely simple. The FortiAuthenticator and FortiToken are unquestionably the simplest multi-factor authentication solution to implement.

It takes two to three hours to get it up and running. But, the biggest challenge is always the user element, where you have to get users to install the application and communicate with them. That can take you a lot of time depending on the size of your organization and the level of technological sophistication of your end users.

That would require a significant amount of time. But the initial setup, which is to set up the FortiAuthenticator, import the tokens and integrate that with, the FortiGates, is very simple and doesn't take long.

Yes, absolutely, I would recommend this solution, especially for clients performing standard RADIUS authentications, because I believe they're quite solid. I believe where it becomes more difficult is with open authentication protocols such as SAML and OAuth. Fortinet has a long way to go in this area.

I would rate Fortinet FortiToken an eight out of ten.

Fortinet FortiToken could be lower for some markets. 

I have been using the product for two and a half years. 

I rate Fortinet FortiToken's stability a nine out of ten. 

I rate the tool's scalability a nine out of ten. 

The tool's support is the best. 

Fortinet FortiToken's deployment is simple. 

I rate the product a ten out of ten.