Fortinet FortiAuthenticator Reviews

The solution allows connectivity when switching between LAN and Wi-Fi primarily, and it also uses it for free tokens. So we can share tokens across multiple firewalls.

RADIUS server and integration, apart from the fact that it is a type of tool that can become a certificate server, are the valuable features for which I use it.

I'd like to see the interface become more like other FortiGate products. It seems a little bit of an orphaned one. The user interface and clustering are areas with shortcomings that need improvement.

Scalability has room for improvement since it's not really a cluster. It'd be nice with cluster data. There are things where you have to go to each FortiGate to change. So, there needs to be a cluster.

I have been using Fortinet FortiAuthenticator for five years.

The current version is stable. So, Fortinet FortiAuthenticator 6.3.3 is running.

Scalability-wise, it is a fine solution. Scalability-wise, I rate the solution a nine out of ten.

Around 20 customers are using the solution.

Regarding the support team, I would say that we have faced occasional setup issues for which the support was appropriate.

The initial setup is complicated. However, considering the complicated tasks it does, it is fine.

In general, you just spend about three days designing and implementing the solution.

The deployment is done in the customer's environment and as per what they require. So, configure the LDAP integration and SAML integration with the existing sources. Then I started to create the SAML services and RADIUS services for firewalls. I then copy to add the tokens before authenticating the users. Then, they can pull it down from the OTAP service.

The customers need to pay for licenses, and some pay on a yearly basis while others pay on a three-yearly or five-yearly basis. Also, it is not an expensive solution.

I would definitely recommend the solution to those planning to use it. However, I would suggest those planning to use it figure out what they want because you also have a FortiGate product, Fortinet product, and FortiAuthenticator, which can be a bit confusing. There are other products that FortiGate sells. So you have to figure out which solution you want.

I rate the overall solution a nine out of ten.

The basic use we have for FortiAuthenticator is multi-pack authentication.

FortiAuthenticator has helped a lot of our customers in the way that they do the business when they onboard their clients to the data center. It has drastically changed what they used to do earlier after the installation.

It is cost-effective. The users can be securely managed by adopting it.

They need to have some kind of write-up and solution document that people can access very easily. All of the Cisco documentation is available on their website and in other places. They should make it available to the public. 

The more people know about this product, the better. That will make it easier for them to position FortiAuthenticator to their customers or use the product in production.

Other features that would improve the product are a single sign-on where people can use their Gmail ID to log-in, etc. This feature we wanted and now they are rethinking it. At this stage, I can't give any other suggestions for improvement other than this.

A single sign-on is used to create a user ID and password for the user to get onto the network. You can ask them to use their LinkedIn credentials or maybe Gmail, some of the social networking credentials to gain access.  

This is useful when you are onboarding any guest users for internet access. This is something that is a very good feature which they could have integrated already.

It's very stable when compared to other products.

For scalability, you need to size FortiAuthenticator properly. You should plan it initially, then make the implementation. 

It's is not 100%, maybe 80% on the scalable side. There are some places where we use it for 800 to 1000 users. With the proper deployment, we can support close to 2000 users.

You need certified people to understand this product like dedicated engineers. You need a person that knows the product and how it works. 

Otherwise, if any new person comes to FortiAuthenticator, it will be very difficult for them to understand. Over time, you'll be able to get to know the layout and how the product works.

Technical support is quite good, There is something called the 8x5 and 24x7 technical support for the solutions. If you have 24x7, they will respond immediately. 

If you have 8x5, and they will respond next business day depending on how soon the TAC engineer picks your request for your deployment or ongoing support issues.

We used a different method as a solution, primarily SafeNet, but there are others. It all depends on a customer-to-customer and case-to-case basis. It depends on the budget and what the customer asks for in the contract. 

At the end of the day, it all revolves around the money, i.e. how many dollars you pay for the solution.

The initial setup is straightforward. It's not that complex. If you know about the product, you will be able to do the setup. 

It takes generally, one to two weeks for the full-fledged deployment. We have a demo unit. We just used that for showcasing the capability of the device to all of our customers. 

Once they start using it, they would advise on the deployment.

There is an economic investment on this product that compares to other products from Cisco. There is a ROI on this product.

You buy the pack for 100 to 200 users. Once it goes over, you have to renew it on a yearly basis. It may be on a term where you license for one business. Officially, the authentication license has a third-party involved. Then you need to take your action. 

I don't see any additional license costs from FortiAuthenticator, but for the add-on features like MS Gateway, etc., you need to buy them.

FortiAuthenticator is a very good solution. It is all jury-based. FortiAuthenticator is very easy for anyone to understand how it works and be able to take action.

I would rate FortiAuthenticator with an eight to nine.

Fortinet FortiAuthenticator is used as an IAM tool.

The most valuable feature of the solution stems from how the product allows users to use tokens.

I recently was involved in an integration process involving Fortinet FortiAuthenticator, so I can't discuss whether the dashboard requires improvement. I know that I am not looking for a tool to offer the latest firmware or dashboard.

I can mention other products apart from Fortinet FortiAuthenticator that need improvement. There is always scope for improvement.

The customization capabilities of Fortinet FortiAuthenticator is an area of concern addressed by many of our company's clients who use the product, as they find it difficult to customize the product and include their logo and other areas that they require in the solution. The customization capability of Fortinet FortiAuthenticator is not very flexible. Some of the users of the product want to include the name of their institution in the product so that they can make it look more personalized, for which customization capabilities are required.

I have been using Fortinet FortiAuthenticator for two to three years. I operate as a system integrator in my company.

Scalability-wise, I rate the solution an eight out of ten.

My company caters to the needs of around six customers who use Fortinet FortiAuthenticator.

Whether Fortinet's technical support is helpful depends on factors like the time zone from which the user contacts Fortinet's support team.

I rate the technical support a nine out of ten.

Positive

I use Sophos, along with Fortinet FortiAuthenticator, since most of our company's clients find it hard to find something in their price range that they want as they are price-conscious. Many of our company's clients go for Sophos since it is a cheap product compared to Fortinet FortiAuthenticator. Some of our company's clients go for Fortinet FortiAuthenticator as it provides value for money.

The product's initial setup phase was easy. It is also easy to deploy.

The solution is deployed on an on-premises model.

The time taken to deploy the solution depends on the familiarity of the user with the solution. If you are familiar with the product, deploying it takes about a minute.

The licensing cost of the product may vary, and I may be able to say that the licensing fees fall under a range between 1,600 USD and 2,500 USD for around 100 users. Fortinet products are generally expensive. I rate the product price as two or three on a one-to-ten scale, where one is expensive, and ten is cheap.

My company does not get involved in the maintenance of the solution.

I recommend the solution to those who plan to use it.

I rate the overall tool an eight out of ten.

Our use case for the solution involves managing and optimizing our organization's network traffic across multiple sites. 

The platform has significantly improved our organization's network performance and security. It has simplified network management, reduced operational costs, and ensured seamless connectivity across all our sites.

The product's most valuable feature is its no-license requirement for SD-WAN functionality, significantly reducing operational costs. The ease of use, interactive GUI, and comprehensive security features are also beneficial.

The solution's command line interface could be improved to provide better support for low-level debugging and advanced configurations. 

Additionally, features that streamline user management and integration with other Fortinet products would be advantageous.

I have been using Fortinet's SD-WAN solution for about three years.

The product is stable. I rate the stability a nine out of ten. 

The solution is highly scalable, allowing seamless expansion as the organization grows. Adding new devices and managing them through FortiGate's centralized interface is straightforward.

The technical support services are good as long as the license is active. Without an active license, it becomes difficult to contact them. 

I have used Meraki SD-WAN before. However, I prefer Fortinet's SD-WAN due to its cost-effectiveness and security features.

The initial setup was relatively straightforward, especially for basic SD-WAN functionalities. More complex configurations may require additional time and expertise.

We implemented the product with the help of our in-house team. 

The platform is cost-effective as it does not require a separate license for SD-WAN functionality.

I evaluated other options, including Cisco and Aruba, but found Fortinet's SD-WAN superior for ease of use and integration with other Fortinet products.

I rate Fortinet FortiAuthenticator a nine out of ten. 

We use Fortinet FortiAuthenticator, mostly where wireless or wired authentication needs to be integrated between multiple identity stores.

The most valuable feature of the solution is RADIUS service and the social network integration feature.

The GUI has some shortcomings and can be made better. The GUI is not great.

For the next release, the thing that will be most useful is to integrate with other MFA providers.

I have been using Fortinet FortiAuthenticator for four years. My company has a partnership with Fortinet. We are also resellers.

Stability-wise, I rate the solution a nine out of ten. I have only ever known one stability problem.

Scalability-wise, I rate the solution an eight out of ten.

I think that commercially it is not valid for a very small number of users. It doesn't scale down all the way. I think that although it can be scaled up to thousands of users, it wouldn't be suitable for, like, a mobile network scale if you have got 50,000 or 1,00,000 users.

At the entry point, we have more than 100 users.

I have directly contacted the solution's support. They are very helpful. They do require a lot of supporting information, but they are very effective for what they do. I rate the technical support a nine out of ten.

Positive

Regarding setup, I would say that it is straightforward but not simple. It's not a job for the novice, but it is straightforward for an experienced engineer. Also, my clients normally ask for help.

The solution gets deployed on physical, virtual, and SaaS.

On a scale of one to ten, where one is a high price and ten is a low price, I rate the pricing a seven.

Price-wise, it is competitive, but they still charge.

For comparing or evaluating Fortinet FortiAuthenticator, the competitors I would normally expect to see would be RSA Security with their SecurID product. Also possibly, I would say that you would compare it against Duo or Okta.

Fortinet FortiAuthenticator is better since it is very much use-case dependent. I think a Fortinet-heavy environment where the customer already has a lot of investment into Fortinet makes it easier since it integrates more closely with their network equipment, like their firewalls. Also, it does not always require an on-premise component to provide services like RADIUS.

People who are looking to implement the product should pay attention to scaling and plan deployment thoroughly before starting, as for many things, once the decision is made, some things are difficult to change.

I rate the overall solution an eight out of ten.

Our primary use case for the product is to enable two-factor authentication for our VPN solutions within FortiGate. Additionally, we utilize it to secure our FortiWeb tool security portal with two-factor authentication.

Improvements in the product could start from the dashboard, overall customization, and configuration. FortiAgent, installed on an end user's computer, provides two-factor authentication but lacks centralized management. This particular area needs improvement. 

We've been using Fortinet FortiAuthenticator for around five years, staying updated with the latest version.

I rate the platform's stability as four out of ten. When they release new software, we sometimes encounter issues utilizing the box, and it takes almost 30 days to resolve them.

In just our organization, where we are a partner, there are around 100 Fortinet FortiAuthenticatorusers. However, we have implemented the solution for customers with up to 10,000 users.

I rate the scalability a ten out of ten.

The technical support team is helpful.

Neutral

Our organization has a diverse portfolio of products, including Check Point and hardware such as switches, Xfinity Networks, Juniper, HP, and Dell.

We typically only need to perform installation updates or implement changes if infrastructure changes occur at the customer's end. This doesn't happen often, once or twice a year. When implemented correctly, it's not complicated to manage, so it isn't required. We have a team of five engineers responsible for deployment, maintenance, and all other operations related to the product.

The platform provides a user-based pricing model rather than a subscription pricing model. For instance, the virtual machine and license for 100 users amount to around $2000. Additionally, there may be additional expenses for features like FortiToken.

I rate the pricing an eight out of ten.

FortiAuthenticator enhances user authentication by integrating a database with user credentials, including logins and passwords. This integration enables the import of user data from various sources such as Active Directory, Microsoft, OpenLDAP, or RADIUS servers. Additionally, FortiAuthenticator supports adding a second factor for authentication, which can include options like Fortinet SMS, email tokens, or other methods.

The implementation has significantly improved access management within our organization. We have exposed certain portals like Avaya and Microsoft Exchange to the public internet by adding a two-factor authentication login process to these portals using the product.

The most critical feature in improving our security is the two-factor authentication feature. It also includes an agent that can be installed on a user's computer, adding another layer of security to the login process for computer access.

For these users, incorporating the second factor poses no problem. However, some less experienced users may need help adding and using the second factor during login. With assistance from our help desk and after a few attempts, these users find the process straightforward.

Integrating FortiAuthenticator with our existing infrastructure has been quite easy, especially considering our experience as a business partner of Fortinet. After several years of using and implementing the product for our customers, we've encountered no major issues. The process is simple, typically taking only a few implementations to become familiar with all the features.

I recommend it to others and rate it an eight out of ten.

FortiAuthenticator provides multi-factor authentication. After testing your username and password, it adds another layer of authentication where FortiAuthenticator challenges you with a number provided by the FortiToken app on your mobile phone.

I appreciate its ability to provide multi-factor authentication, but it's primarily focused on this function.  

There are some minor things that could enhance the overall experience. Maybe enhancing user integration with other solution tools to implement multifactor authentication using virtual authentication. 

Another area of improvement is stability and support.

We have been using this solution for two and a half years. We use the latest version, we usually update the solution for the upgraded version. 

It is quite stable. I would rate the stability a nine out of ten. There are other solutions that perform certain aspects better than FortiAuthenticator. It's a strong solution, but there's room for enhancement.

There are no problems with scalability. In our company, all the employees use it to access network resources through VPN. And around 60% of our customers also use this solution. 

Customer service and support are quite good. Fortinet provides quick and helpful responses, though occasionally, the answer might not directly address the issue.

We used Cisco SSO authentication system before switching to Fortinet FortiAuthenticator. It was mainly because of economic aspects. 

The setup depends on the integration requirements. Integrating FortiAuthenticator with other Fortinet products is relatively straightforward.

In terms of implementation, it performs quite well.

The deployment time is variable. Due to occasional weaknesses in the API, deployment time can vary. Sometimes it's easy, and sometimes not due to these factors.
We managed the deployment ourselves. In another business unit of my company, we're integrators for this tool. We handle the sale and implementation projects, so we have the required competencies.

For example, we need to set up the network and integrate it with the desired resolution for the deployment process. Then, deploy the client zone to the users' mobile phones, enabling them to use virtual authentication configurations.

The solution is deployed both on-prem and cloud. The staff needed includes engineers, developers, and sometimes even technical support for custom API creation and customer designations.

I have seen an ROI because the solution allows you to enhance security, leading to better rates in other security aspects.

It's not expensive. As we increase the number of users, we'll also be expanding the company workforce.

It's a yearly payment, but you can also find options for monthly payments. There are no additional costs to the standard license. 

I would rate the pricing a five out of ten, where one is the cheapest and ten is expensive. 

The advice is simply to use it. Overall, I would rate the solution an eight out of ten. 

We use the product for multi-factor authentication, single sign-on, and FIDO integration. We utilized it while logging into Windows and remote SSL VPN with MFA.

The product's on-premise version doesn't have recurring costs.

Fortinet FortiAuthenticator's initial setup process could be easier.

We have been using Fortinet FortiAuthenticator for two years.

It is a stable platform.

It is a scalable platform.

Fortinet provides excellent support services. A level-one engineer will attend your first call if you have a basic support contract. However, your call will be transferred to a specialist if you have an advanced-level support contract.

Neutral

We used Duo before. It is a cloud solution and has recurring costs. Thus, we switched to Fortinet FortiAuthenticator as it is an on-premise solution and comparatively inexpensive without recurring costs. They only charge a nominal fee for support.

The initial setup is complex. It would be helpful if customers get assistance from professional services. They can customize it depending on the architecture visibility. It is easy to design if they hire a knowledgeable architect. It takes less than a week to complete.

Our company provides professional software development services to different clients.

The product generates a lower ROI than other vendors.

I rate Fortinet FortiAuthenticator a nine out of ten. I advise others to have clarity on the visibility and scope of the design and then start with the deployment.