CyberArk Privileged Access Manager vs Fortinet FortiAuthenticator comparison

The compared CyberArk and Fortinet solutions aren't in the same category. CyberArk is ranked #1 in PAM , with an average rating of 8.9, and holds a 21.2% mindshare in the category. Fortinet is ranked #6 in SSO , with an average rating of 8.4, and holds a 11.3% mindshare. Additionally, 94% of CyberArk users are willing to recommend the solution, compared to 90% of Fortinet users who would recommend it.

CyberArk Privileged Access ...

Read 193 CyberArk Privileged Access Manager reviews

10,753 Views
6,455 Comparison Views

94% willing to recommend

Fortinet FortiAuthenticator

Read 57 Fortinet FortiAuthenticator reviews

3,973 Views
2,789 Comparison Views

90% willing to recommend

CyberArk Privileged Access ...

Fortinet FortiAuthenticator

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between CyberArk Privileged Access Manager and Fortinet FortiAuthenticator based on real PeerSpot user reviews.

Find out what your peers are saying about CyberArk, Delinea, One Identity and others in Privileged Access Management (PAM).

To learn more, read our detailed Privileged Access Management (PAM) Report (Updated: November 2024).

Buyer's Guide

Privileged Access Management (PAM)

November 2024

Download the complete report

Helped 815,854 peers since 2012

Categories and Ranking

CyberArk Privileged Access ...

Average Rating

8.6

Number of Reviews

193

Ranking in other categories

User Activity Monitoring (1st), Enterprise Password Managers (2nd), Privileged Access Management (PAM) (1st), Mainframe Security (3rd), Operational Technology (OT) Security (3rd)

Fortinet FortiAuthenticator

Average Rating

8.0

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Single Sign-On (SSO) (6th), Authentication Systems (3rd), Identity Management (IM) (7th), Multi-Factor Authentication (MFA) (3rd)

Mindshare comparison

While both are Identity and Access Management solutions, they serve different purposes. CyberArk Privileged Access Manager is designed for Privileged Access Management (PAM) and holds a mindshare of 21.2%, down 24.0% compared to last year.
Fortinet FortiAuthenticator, on the other hand, focuses on Single Sign-On (SSO), holds 11.3% mindshare, up 11.4% since last year.

Privileged Access Management (PAM)

Single Sign-On (SSO)

Featured Reviews

SatishIyer

Assistant Vice President at a financial services firm with 10,001+ employees

Jun 21, 2022

Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK

When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time. PTA is essentially the monitoring interface of the broker (e.g. Privileged Access Management, the Vault, CPM, PSM, etc.), and it's where you can capture your broker bypass and perform related actions. For this reason, we thought that this kind of mapping would be required, but CyberArk informed us that they did not have the capability we had in mind with regard to MITRE ATT&CK. I am not sure what the situation is now, but it would definitely help to have that kind of alignment with one of the more well-known frameworks like MITRE. For CyberArk as a vendor, it would also help them to clearly spell out in which areas they have full functionality and in which ares they have partial or none. Of course, it also greatly benefits the customers when they're evaluating the product.

Read full review

Rias_Majeed

CTO at Exceed NetSec Computer Trd LLC

Jun 4, 2024

Once configured properly, it runs smoothly with minimal potential for misconfiguration and enhances security by providing two-factor authentication

Customer service and support are helpful, but in the last few years, I've found that the first-level support isn't able to understand the issue. They escalate to the tier-two level, who are able to resolve it. On the first level, it takes time. Maybe they have grown too big and aren't able to give each network the unique attention it deserves. We customize some implementations, and at that time, they're not able to help because the people supporting are new and not from the field. The training seems fine, but in practice, it's different. Their support is not that great anymore. A little arrogance is there. It doesn't qualify them very well if there's arrogance in their communication. They do not understand the issue. That's why you're coming back to support. For example, one issue I'm facing is when a person leaves the organization without handing over details. They'll send an email to that person, but that person is not available. How are you going to access this email? These are a few instances where we are finding it difficult, and they take more than a week or two to resolve some issues. Their support used to be very good, but now that they're on top, they're not as responsive at the first-level support.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It has a centralized page where you can manage everything. This makes work easier. You don't have to remember different module URLs or browser applications. It is very easy to get all the secure identities of other environments into a single page, which is very important for us as it helps a lot in terms of operations, e.g., reduces management time. This is a single page where you can manage all accounts and onboard them to the CyberArk. You can then secure and see passwords from everywhere. So, there is a single pane of glass where you can manage all the identities across environments as well as across different types of identities."

"It is very simple to use."

"Password rotation, session recording & isolation and on-demand privileges."

"CyberArk makes our environment more secure and prevents possible attacks by compromised accounts."

"The most valuable feature is Special Monitoring."

"The risk of lost password and forbidden access to resources has been drastically reduced which increased the security level for the entire company,"

"On the customer accounts side, our account managers are responsive. If you ask them, they will get you whomever you need."

"Because we now have the ability to grant access to management utilities like DNS Manager, Sequel Studio, and MMC, in a secure fashion, without system admins being required to continually reenter various passwords that are stored who knows where, it has really made the system admin's job much easier. It has made the PSM's job much easier. It has made the auditor's job and the security team's job and the access manager's job significantly easier, because we're able to move much more quickly toward a role-based access management system, and that is really streamlining the whole onboarding/offboarding management process."

More CyberArk Privileged Access Manager pros

"The product enables SSO."

"The product is good, cost-effective, and functionally efficient."

"We use multi-factor authentication for enhancing security."

"The integration into tools, including CI/CD pipelines, is easy and handy."

"The tool's most valuable features are push notifications and integration with the FortiGate firewall. Push notifications provide an instant acceptance mechanism. When customers try to access SSL VPN, the solution sends a push notification to their mobile phone, and they can easily approve the access. The integration with FortiGate firewall is very easy if our customers use FortiGate for their firewall."

"The response from Fortinet is very fast."

"We have a perpetual license for 2FA."

"Fulfilled our requirement at a good price."

More Fortinet FortiAuthenticator pros

Cons

"There were a lot of manual steps in the initial setup which could have been automated. I read the 10.4 release that was sent out about a month or two ago, and I saw the steps required for upgrade have been reduced by about 90%. That was a big thing for me, but I still haven't seen that yet because we have not upgrade past 9.9.5."

"The current interface is not very intuitive."

"CyberArk has two disadvantages; the first is that it's insanely expensive and the other is it's very complex."

"More additional features as far as the REST is concerned, because we have something which was the predecessor to REST. A lot of the features which were in the predecessor have not necessarily been ported over to REST yet."

"It's a big program. To scale excessively, locally, on an on-prem application, takes a lot of servers."

"I'd like it to be a little more granular. I want a little bit more control over exactly what we do. I know if you do that, you add more knobs and dials to deal with, but that's just my personal approach: granular access."

"I would like to see better automation in granting access, better tools, more efficient tools, to be able to customize the solution that CyberArk provides."

"PAM could be more user-friendly and CyberArk could update the documentation to include more real-world examples. You have to learn it yourself through trial and error. In particular, the online documentation should have more information about troubleshooting."

More CyberArk Privileged Access Manager cons

"The technical support team is bad."

"The product must provide full support for third-party FIDO security keys."

"We've had some issues with integration."

"The technical support could be improved as some staff lacks the necessary knowledge to assist effectively."

"The only issue I encounter is that when not using FortiAuthenticator for an extended period, it's typical to encounter some obstacles in the configuration process that you need to address."

"The GUI is on the older side but I'm sure that it will be upgraded soon. It works, but it looks a little dated."

"We would like to see Linux-based operating systems be able to integrate with FortiAuthenticator to get two-factor authentication running on them. as well. This is a shortcoming that I have faced a few times already."

"If you want some other FortiAuthenticator from one site to another site, you should have requirements, but really if you have authentication and directory or another solution, you should change the password of the authenticator between the solution and the directory and other things. So transfer of data and other information should be simpler."

More Fortinet FortiAuthenticator cons

Pricing and Cost Advice

"I would rate CyberArk's pricing a nine out of ten, with one being cheap and ten being expensive. It's one of the most expensive solutions in the market, but it's worth it."

"CyberArk is one of the best PAM solutions and one of the most expensive, but it works better than the others, so the pricing is fair."

"I haven't seen the numbers. I know it is not cheap, but I don't know what it is. I would rate it a six out of ten in terms of pricing. It is definitely more expensive than the other product, but it also provides more functionality, and it is modular too. So, we pay for the functionality we're actually going to use, and that's nice."

"Licensing fees are paid on a yearly basis."

"There are additional features added to our CyberArk Privileged Access Manager license. For example, features that allow us to integrate into various kinds of platforms."

"Our risk is definitely significantly lower. Also, our resources are low."

"This solution is considered to be more expensive than others out there on the market today."

"The solution is cost-effective for the features."

More CyberArk Privileged Access Manager pricing and cost advice

"I would start off with a VM including the base license and scale according to the number of users you need to authenticate."

"We pay for licensing on a yearly basis."

"The price seems okay. It's not that expensive compared to other authenticators."

"It's not expensive."

"The product could be more competitively priced."

"The licensing structure is cost-effective for us compared to some of the other solutions that have recurring monthly costs."

"The product has affordable pricing compared to other vendors."

"The platform provides a user-based pricing model rather than a subscription pricing model."

More Fortinet FortiAuthenticator pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.

See recommendations

815,854 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

31%

Financial Services Firm

13%

Computer Software Company

11%

Manufacturing Company

Computer Software Company

19%

Government

Financial Services Firm

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

How does Sailpoint IdentityIQ compare with CyberArk PAM?

We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...

See all answers

What do you like most about CyberArk Privileged Access Manager?

The most valuable features of the solution are control and analytics.

See all answers

What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?

CyberArk Privileged Access Manager comes at a high cost. But the solution is worth its price.

See all answers

What do you like most about Fortinet FortiAuthenticator?

The product enables SSO.

See all answers

What is your experience regarding pricing and costs for Fortinet FortiAuthenticator?

The pricing is about three on a scale where ten is low. Pricing should be more flexible.

See all answers

What needs improvement with Fortinet FortiAuthenticator?

FortiAuthenticator should integrate with other applications. I currently use Google Authenticator and Office Authenticator, and it would be better if FortiAuthenticator could be added to other appl...

See all answers

Comparisons

Microsoft Entra ID vs CyberArk Privileged Access Manager

Compared 10% of the time

Delinea Secret Server vs CyberArk Privileged Access Manager

Compared 8% of the time

Cisco Identity Services Engine (ISE) vs CyberArk Privileged Access Manager

Compared 8% of the time

WALLIX Bastion vs CyberArk Privileged Access Manager

Compared 6% of the time

Bitwarden vs CyberArk Privileged Access Manager

Compared 3% of the time

More CyberArk Privileged Access Manager Competitors

Fortinet FortiNAC vs Fortinet FortiAuthenticator

Compared 15% of the time

Fortinet FortiToken vs Fortinet FortiAuthenticator

Compared 12% of the time

Cisco Identity Services Engine (ISE) vs Fortinet FortiAuthenticator

Compared 11% of the time

Cisco Duo vs Fortinet FortiAuthenticator

Compared 11% of the time

Google Authenticator vs Fortinet FortiAuthenticator

Compared 4% of the time

More Fortinet FortiAuthenticator Competitors

Product Reports

Buyer's Guide

CyberArk Privileged Access Manager

November 2024

CyberArk Privileged Access Manager report

Download CyberArk Privileged Access Manager product report

Buyer's Guide

Fortinet FortiAuthenticator

November 2024

Download Fortinet FortiAuthenticator product report

Also Known As

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault

FortiAuthenticator

Learn More

CyberArk

Fortinet

Overview

CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

Benefits of CyberArk Privileged Access Manager

Some of CyberArk Privileged Access Manager’s benefits include:

The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

Reviews from Real Users

CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

Fortinet FortiAuthenticator is the primary secure point of approved access into the Fortinet network, authorizing users, reviewing access permissions, and relaying the information to all Fortigate devices for comparison with identity-based protocols. Fortinet FortiAuthenticator is a top-ranked authorization and SSO solution.

Appropriate secure access is fundamental to every role in an enterprise ecosystem. It is an integral function of every organization to ensure that every access and privilege is secure and to mitigate any possible risk to an organization. Approved users should only have access to the necessary information when they need it, from the appropriate location(s) to safeguard an organization's security at all times.

Fortinet FortiAuthenticator is available as an appliance, virtual machine, or in the cloud.

Fortinet FortiAuthenticator Methods

FSSO: FortiAuthenticator Single sign-on user will easily identify users and assign role or group access based on preset identity-based protocols. FortiAuthenticator integrates well with third-party LDAP or active directories, is very flexible, and combines these methods to provide effective security.
Active Directory Polling: Active directory access is securely identified by consistent polling of domain controllers. As users log in, username, IP address, and other details are logged into the database and can be shared across devices as directed by FortiAuthenticator protocols.
FortiAuthenticator Portal and Widgets: If a user system does not support AP polling, or for other reasons it is not feasible, FortiAuthenticator offers a unique secure authentication portal. Users can be manually authenticated and, to diminish the effect of numerous logins, an intuitive set of widgets is available to integrate into an organization's ecosystem that will automatically grant access to users when they access the organization's intranet homepage.
RADIUS Accounting Login: For organizations that use RADIUS authentication, RADIUS Accounting is available for user identification. This process will prompt user access information (IP and group, etc.) and eliminate the need for multiple levels of authentication.

Reviews from Real Users

Ernesto C., Presales Engineer at a comms service provider, shares,

”Key Features and Benefits

Two-factor/OTP Authentication with FortiToken: Enforce user-based policies. Fortitoken is available in soft and hard versions for flexible usage. Most Valuable in Mobile Phones App for OTP.
Integration with LDAP and AD: This solution integrates with existing enterprise systems and technologies from diverse vendors of user information management systems.
LPAD/AD/RADIUS/SYSLOG/KERBEROS/REST API/FSSO and Web Portals: There is flexible integration with these services.
It is usable in network, WAN, wireless, and VPN Scenarios.
The domain and guest-users support are good.”

Ibrahim M., Senior Network & Security Engineer at a tech services company, relates, "The initial setup is a valuable point on Fortinet products. Most of the time, putting the theory into practice on the devices is quite friendly and straightforward. As long as you can read English you can find your way around the solution and make it work. This is a high value point on Fortinet - the way everything is laid out in the web UI is user-friendly and quite straightforward. The UI is quite simple."

Sample Customers

Rockwell Automation

Black Gold Regional Schools, Amadeus Hospitality, Jefferson County, Chunghwa Telecom, City of Boroondara, Dimension Data

Buyer's Guide

Privileged Access Management (PAM)

November 2024

Download Free Report

Find out what your peers are saying about CyberArk, Delinea, One Identity and others in Privileged Access Management (PAM). Updated: November 2024.

DOWNLOAD NOW

815,854 professionals have used our research since 2012.

We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.