Fortinet FortiAuthenticator Reviews

We use Fortinet FortiAuthenticator, mostly where wireless or wired authentication needs to be integrated between multiple identity stores.

The most valuable feature of the solution is RADIUS service and the social network integration feature.

The GUI has some shortcomings and can be made better. The GUI is not great.

For the next release, the thing that will be most useful is to integrate with other MFA providers.

I have been using Fortinet FortiAuthenticator for four years. My company has a partnership with Fortinet. We are also resellers.

Stability-wise, I rate the solution a nine out of ten. I have only ever known one stability problem.

Scalability-wise, I rate the solution an eight out of ten.

I think that commercially it is not valid for a very small number of users. It doesn't scale down all the way. I think that although it can be scaled up to thousands of users, it wouldn't be suitable for, like, a mobile network scale if you have got 50,000 or 1,00,000 users.

At the entry point, we have more than 100 users.

I have directly contacted the solution's support. They are very helpful. They do require a lot of supporting information, but they are very effective for what they do. I rate the technical support a nine out of ten.

Positive

Regarding setup, I would say that it is straightforward but not simple. It's not a job for the novice, but it is straightforward for an experienced engineer. Also, my clients normally ask for help.

The solution gets deployed on physical, virtual, and SaaS.

On a scale of one to ten, where one is a high price and ten is a low price, I rate the pricing a seven.

Price-wise, it is competitive, but they still charge.

For comparing or evaluating Fortinet FortiAuthenticator, the competitors I would normally expect to see would be RSA Security with their SecurID product. Also possibly, I would say that you would compare it against Duo or Okta.

Fortinet FortiAuthenticator is better since it is very much use-case dependent. I think a Fortinet-heavy environment where the customer already has a lot of investment into Fortinet makes it easier since it integrates more closely with their network equipment, like their firewalls. Also, it does not always require an on-premise component to provide services like RADIUS.

People who are looking to implement the product should pay attention to scaling and plan deployment thoroughly before starting, as for many things, once the decision is made, some things are difficult to change.

I rate the overall solution an eight out of ten.

My environment is multi-cloud. I have a production workload in Nigeria. I have some data centers in Continental Europe and in the East US in multiple regions. We operate both on-premises and on two different public clouds: AWS and Azure. At the time, because of how Fortinet worked, we connected to our customers via remote access VPN.

Because of the nature of Amazon Infiniti, it had a very big impact in Africa and on how we implemented our SA as the most effective authentication service for our VPN. 

Originally, when people tried to connect, they had to put in their original credentials and send a request back. The issue here started before software tools were being used, and hardware tools had to be used for privacy. We had to have five firewalls and five different token devices. It was very clumsy and not efficient.

We decided to go with FortiAuthenticator because it provides us with a single point of authentication, instead of having an authenticator on each one of the firewalls. Only five to twelve hours are connected on the back and then Citrix will send us an email or a text message. We can then easily and seamlessly use the solution.  

The first valuable feature is being able to see everything on one platform. This includes logs and authentication failure.

The second valuable feature is that the delivery and delivery methodology is toll-free. This includes email configuration, using the mobile app, and text message delivery. There is no need to buy any extra hardware, it is free.

The third valuable feature is that the chip that is applied is free.

We save a lot of money on consolidating tool teams. We have multiple different tool teams. This solution provides us with a single point of authentication for all of the files in all of the teams' environments.

The user interface can be improved.

The technical support team is bad. 

Neutral

The cloud deployment felt limited, but there was valuable information on the Internet. A lot of testing needs to be done, and the deployment is easier for those who understand how to do it on the cloud. We needed support here and the support team could not figure out the issue. Eventually, one of the support team members helped, but there was still an information gap.

It is usually cheap. Without a license, you can use some basic features. You can buy a 20-year license and implement the solution once.

I rate the overall solution a nine out of ten, due to support issues.

We primarily use Fortinet FortiAuthenticator to centralize the management of user identity information in Security Architectures, enforce Role-Based authentication, and allow Two Factor authentication with Softclient support.

This is a must-have technology in Fortinet implementations with several gateways and distributed environments.

It is easy to set up and will reduce Network administrators' efforts to integrate diverse identification methods. Must evaluate Single Sing On Mobility Agents to full integration of users position on the network and complete the solution.

Using this product strengthens enterprise security. It offers role-based security policies and User Identity Management with different methods.

This product provides automatization. There is a self-service user portal for registry and support for domain and non-domain guest users, with diverse channels vía hardware tokens, software tokens, e-mail, and SMS.

This solution brings user satisfaction. It reduces the need for network administrator intervention by allowing the user to perform their own registration and resolve their own password problems and issues.

Key Features and Benefits

1. Two-factor/OTP Authentication with FortiToken: Enforce user-based policies. Fortitoken is available in soft and hard versions for flexible usage.  Most Valuable in Mobile Phones App for OTP.
2. Integration with LDAP and AD: This solution integrates with existing enterprise systems and technologies from diverse vendors of user information management systems.
3. LPAD/AD/RADIUS/SYSLOG/KERBEROS/REST API/FSSO and Web Portals: There is flexible integration with these services.
   
4. It is usable in network WAN, wireless, and VPN Scenarios.
5. The domain and guest-users support are good.

I would like to see integration and customization capabilities with the end-user portal to solve authentication issues with diverse implementation scenarios. Specifically, with web applications, enterprise networks, and VPN.

We have been using Fortinet FortiAuthenticator for three years.

This is a stable, set-and-forget product. Logical operations run in the Gateways.

FAC 200E/400E will support environments for hundreds of users, based on Physical Appliances. If future needs are in the scope then I suggest implementing virtual deployments.

Technical support is not needed in any sense. We have three years running without hardware appliance incidents or major issues.

This is the first authentication platform that I have worked with.

The initial setup process will vary from simple to complex and depends on your existing User Identity Systems, integrations, and scale of the network

In-house engineers, properly trained, are responsible for deployment and maintenance.

Our ROI was reached in less than a year. This solution is good in terms of financial returns.

FAC is an affordable solution for Middle Range (200E/400E) and also needs a package of mobility agents (2,000) perpetual.

There is nothing to buy in the gateways (FG) and it is fully integrated.

As a Fortinet customer, the logical evaluation was FAC from the same vendor.

This is a must-have technology in Fortinet deployments with distributed environments.

The basic use we have for FortiAuthenticator is multi-pack authentication.

FortiAuthenticator has helped a lot of our customers in the way that they do the business when they onboard their clients to the data center. It has drastically changed what they used to do earlier after the installation.

It is cost-effective. The users can be securely managed by adopting it.

They need to have some kind of write-up and solution document that people can access very easily. All of the Cisco documentation is available on their website and in other places. They should make it available to the public. 

The more people know about this product, the better. That will make it easier for them to position FortiAuthenticator to their customers or use the product in production.

Other features that would improve the product are a single sign-on where people can use their Gmail ID to log-in, etc. This feature we wanted and now they are rethinking it. At this stage, I can't give any other suggestions for improvement other than this.

A single sign-on is used to create a user ID and password for the user to get onto the network. You can ask them to use their LinkedIn credentials or maybe Gmail, some of the social networking credentials to gain access.  

This is useful when you are onboarding any guest users for internet access. This is something that is a very good feature which they could have integrated already.

It's very stable when compared to other products.

For scalability, you need to size FortiAuthenticator properly. You should plan it initially, then make the implementation. 

It's is not 100%, maybe 80% on the scalable side. There are some places where we use it for 800 to 1000 users. With the proper deployment, we can support close to 2000 users.

You need certified people to understand this product like dedicated engineers. You need a person that knows the product and how it works. 

Otherwise, if any new person comes to FortiAuthenticator, it will be very difficult for them to understand. Over time, you'll be able to get to know the layout and how the product works.

Technical support is quite good, There is something called the 8x5 and 24x7 technical support for the solutions. If you have 24x7, they will respond immediately. 

If you have 8x5, and they will respond next business day depending on how soon the TAC engineer picks your request for your deployment or ongoing support issues.

We used a different method as a solution, primarily SafeNet, but there are others. It all depends on a customer-to-customer and case-to-case basis. It depends on the budget and what the customer asks for in the contract. 

At the end of the day, it all revolves around the money, i.e. how many dollars you pay for the solution.

The initial setup is straightforward. It's not that complex. If you know about the product, you will be able to do the setup. 

It takes generally, one to two weeks for the full-fledged deployment. We have a demo unit. We just used that for showcasing the capability of the device to all of our customers. 

Once they start using it, they would advise on the deployment.

There is an economic investment on this product that compares to other products from Cisco. There is a ROI on this product.

You buy the pack for 100 to 200 users. Once it goes over, you have to renew it on a yearly basis. It may be on a term where you license for one business. Officially, the authentication license has a third-party involved. Then you need to take your action. 

I don't see any additional license costs from FortiAuthenticator, but for the add-on features like MS Gateway, etc., you need to buy them.

FortiAuthenticator is a very good solution. It is all jury-based. FortiAuthenticator is very easy for anyone to understand how it works and be able to take action.

I would rate FortiAuthenticator with an eight to nine.

We are currently using FortiAuthenticator for VPN access.

For security access, it is good.

The Fortinet security area is authenticated; they use it to access that is the main purpose.

FortiAuthenticator should integrate with other applications. I currently use Google Authenticator and Office Authenticator, and it would be better if FortiAuthenticator could be added to other applications.

As a user, I have been working with FortiAuthenticator for about three years now.

The solution is stable, and I would rate it ten out of ten.

The response from Fortinet is very fast. We use them for integration with the Mitel solution, and they are supportive and helpful.

Positive

My colleague did the setup, and I didn't feel that he struggled much. It seemed straightforward and not too difficult.

The pricing is about three on a scale where ten is low. Pricing should be more flexible.

I recommend it to other users who are using FortiGate to go for Fortinet.

I'd rate the solution ten out of ten.

In my recent job, I worked in tandem with Fortinet to enable 802.1X authentication for the Wi-Fi environment.

The web feature is quite versatile. It serves as the sole server authenticator and is valuable not only with FortiGate products but also within the entire Forti system, making it highly useful for me. However, from my experience, I find the visual data to be less practical. While some features might be more respected than others, it's valuable that, for instance, when a customer has a new lead cluster, I can authenticate or leverage alternative solutions to achieve the desired outcome.

The only issue I encounter is that when not using FortiAuthenticator for an extended period, it's typical to encounter some obstacles in the configuration process that you need to address. It's not a consistent problem, and I can't recall all the specifics. This issue is something I face with the entire product. While it's normal for products to require ongoing attention, this can be a challenge when checking the system.

I have experience with Fortinet FortiAuthenticator.

I recollect instances when customers didn't approach me about their issues, instead opting to submit tickets. From a personal perspective, customer mobility played a role, and sometimes I wasn't fully aware of the problem until later. However, I can't recall many details about these cases.

It's scalable. If the need arises, you can easily set up a cluster with two or more units. Additionally, if you require more licenses or features, you can expand.

It works well for me. I can review the initial check, explain it thoroughly, outline the subsequent steps, and attempt to address the problem. This often involves quickly escalating to technical levels two or three. In situations where I open a general ticket, it's standard to begin with a level one tech who collects information to understand and resolve the issue. The more detailed and accurate the data is, the easier it becomes to find a resolution.

Positive

It is deployed on-premises. One or two days for initial deployment is insufficient. It typically takes a few more days to set up the specific configurations. The standard device configuration is exceptionally fast.

Based on my experience it's been very good. I don't have much knowledge, for instance, about how it compares to Gartner's system and its current position in the market, or whether there are other systems that might have a better position. I've noticed that Fortinet lacks certain features that other solutions have implemented. This leads me to explore and understand other solutions, looking for differences. I've observed that some solutions offer features that Fortinet may excel in, while others may have strengths in different areas. I would rate it an eight out of ten overall. 

We're using Fortinet FortiAuthenticator to bypass identity to the Fortinet FortiGate. We do not use FortiAuthenticator too much because it is middleware.

Fortinet FortiAuthenticator has improved our organization because we are able to can create identity-based policies. For example, who are you and where are you. We are shifting from the IP-based to the identity-based.

The price of the solution could improve, it is expensive.

I have been using Fortinet FortiAuthenticator for approximately five years.

We have not had issues with Fortinet FortiAuthenticator. It is stable.

Fortinet FortiAuthenticator is scalable.

We have approximately two people that are using the solution.

We needed to use Fortinet FortiAuthenticator because we wanted to use the identity-based policy so that FortiAuthenticator can help us to pass the identity to the Fortinet FortiGate.

The initial setup of Fortinet FortiAuthenticator was straightforward. The implementation process took three to four days with multiple sites.

I rate the initial setup of Fortinet FortiAuthenticator four out of five.

We did the implementation of Fortinet FortiAuthenticator in-house and we have two people for the maintenance.

We typically purchase licenses for five years and when new projects come we reassess the situation and renew or switch solutions. 

There are no additional costs to the standard licensing fees.

I rate the price of Fortinet FortiAuthenticator a three out of five.

We did not evaluate other solutions before choosing Fortinet FortiAuthenticator.

I rate Fortinet FortiAuthenticator a five out of ten.

I am using Fortinet FortiAuthenticator for SSL and logins.

The most valuable features of Fortinet FortiAuthenticator are easy to configure, secure, and the application has good performance.

It would be helpful to receive a code by yourself for authentication instead of it registered to a phone.

I have been using Fortinet FortiAuthenticator for approximately two years.

I rate the stability of Fortinet FortiAuthenticator a nine out of ten.

Some additional features would be helpful.

Our customers are enterprise-sized companies.

I rate the scalability of Fortinet FortiAuthenticator an eight out of ten.

The support is responsive and the support is in our local language.

I rate the support from Fortinet FortiAuthenticator a nine out of ten.

Positive

The initial setup is simple compared to other solutions. 

I price of the solution is expensive.

I rotate the price of Fortinet FortiAuthenticator a seven out of ten.

We have one person for 100 users of the solution.

I rate Fortinet FortiAuthenticator a nine out of ten.