Fortinet FortiAuthenticator Reviews

Integrated RADIUS server with 802.1x functionality and access control. Single Sign On and AD integration. It integrates very tightly with the rest of the Fortinet ecosystem.

It integrated with the existing Cisco wireless infrastructure to solidify the way people authenticate onto the network. It permitted having a centralized area to authenticate all users and enabled SSOimplementation.

A better integration with other vendors. The device is rich in features but there are a lot of functionalities I have still not experienced with.

Two and a half years.

Overall not really, a few hiccups with the syncing with AD but nothing major.

Not in my experience. The device can scale on a VM with an additional license. And there are boxes that can support thousands of users (which I have still not met).

Very good. In our area we get support both in French and English and the response times are usually pretty decent.

We are a Fortinet reseller and integrator so there were no "switches" per say.

The setup process can be tedious.

I would start off with a VM including the base license and scale according to the number of users you need to authenticate.

ClearPass by Aruba and ISE by Cisco are the two main competitors in this space. To me ClearPass seams to be the most feature-rich solution for the price and vendor neutral as is FortiAuthenticator.

I strongly recommend someone accompany you in the initial deployment of the product to view all the functionalities that the platform is capable of doing.

One of the most valuable features is the simple FSSO (Fortinet Single Sign-On) configuration that helps to manage user-based security rules.

It is a cool security product. It's easy to use, implement and maintain, but there is room for improvement.

When we came across access management, we required several technical features to help manage user access to critical systems and remote access. That’s why we always go for a SSO two-factor authentication server. FortiAuthenticator is a bundle of these features. It has its own hardware and software token for two-factor authentication. It supports single sign-on and seamless integration with user-based web filtering, without any prior authentication. It can act as a Radius server to support other systems for Radius authentication. One of the common practices is using FortiAuthenticator with Dot1.X network access control.

The GUI is not fancy enough and some of the settings are difficult to access.

Part of the configuration has to be done by CLI, which is not friendly for security administrators.

Integration with other firewalls may not be as good as expected.

I have used it for two years, mostly implementation for clients.

No stability issues so far, as long as the number of users is not too large.

No issues for scalability: It is easy to add new resources as we deploy virtual machines.

FortiCare can provide prompt replies. They have basic knowledge on every single product in the Fortinet family. They have a standard protocol to response to support cases which is great. They are willing to accept RMA for technical difficulties that cannot be solved in a short period of time.

I have tried Cisco ISE as a NAC solution. Cisco ISE is the "Terminator" of NAC solutions, which has numerous features to prevent unauthorized access. However, its integration with FortiGate firewall is not great. When I use the SSLVPN service from FortiGate, it fails to authenticate with two-factor authentication. For this, using FortiAnthenticator would be a good choice for its genuine integration.

It is quite straightforward to set up the FortiAuthenticator. We mainly deploy as a virtual machine. An OVF file is provided by Fortinet and you just simply compile the file in the VMware environment. Upon simple configuration, such as IP address and default gateway, you can access the web GUI and do any configuration, as you like.

Licensing is straightforward, as Fortinet provides stackable licenses for FortiAuthenicator. Count the number of users and select sufficient licenses. Pricing is acceptable; much cheaper than Cisco ISE.

I have tried Cisco ISE. For state-of-the-art features, I would recommend Cisco ISE because of its brilliant features. But I would recommend FortiAuthenticator, if you are currently using FortiGate firewall and you seek a well-suited, complimentary NAC solution.

The need for a NAC solution depends on your infrastructure. If you are a Fortinet user, FortiAuthenticator would be a nice choice to enhance security on VPN and web access. However, there are many other choices, such as ForeScout, which is vendor-neutral, to support different systems from different vendors.

The primary use case is internal authentication.

There are multiple areas that are in need of improvement. It is not a mature product.

It is difficult to successfully configure.

I have been using Fortinet FortiAuthenticator for one year.

The is not a very stable product.

This is a scalable product. However, due to multiple challenges in the implementation, I will not be expanding its usage. Rather, I will be changing products.

The support team is pathetic and does not properly understand the solution.

This was the first of this type of solution that we implemented.

The initial setup is not straightforward. Our deployment took almost two months to complete.

We had a system integrator to assist us with the implementation and deployment. The implementation partner does not have sufficient expertise.

One or two engineers can implement it.

We have not seen ROI for this solution.

We pay for licensing on a yearly basis. There are no costs in addition to the standard licensing fees.

Due to problems that I've been having with the implementation, after perhaps two years I will be changing to another product.

This is not a product that I would recommend to others. There are different industry standards that require different expertise, and this product does not much help.

I would rate this solution a three out of ten.

The most valuable aspect of the solution is the security. It's great. 

The ease of use is really nice. Using Authenticator, I've been able to actually work better on my authentication due to the fact that I have a single fabric to authenticate control from my firewall and on my access points. Authentication takes place from this area. 

It's easy to use for us due to the fact that, for each and every user, even a Mac user, we're able to easily retrieve them and add them. The authenticator syncs to my system and brings all the users to me under my firewall. 

For us, the solution works quite well. I can't think of an area where improvements are needed. I haven't worked with it too extensively yet, so it's hard to gauge what's lacking.

The solution could be more automated. It should be able to let me automate a lot of things so that what normally is done as a matter of manual processes can be handled quicker. Slow integrations can be taken up/out if there was more automation.

I've only worked with the solution for five or six months at this point. I haven't worked with it extensively, although I do have an understanding of how it works and what to do, as well as how to configure it.

It's a stable product that integrates well with other products (such as FortiNAC). It's reliable. It doesn't give us any problems. We don't have to worry about bugs or glitches of the system crashing.

The solution is scalable. While we have plans to grow it out and integrate it a bit more with other solutions, we're not at that stage yet.

We are a company of about 200 people. The whole organization uses it at this point. All authentication happens through FortiAuthenticator.

I'm really happy with the technical support. They are responsive and knowledgable.

Before using FortiAuthenticator we were not using anything else. We just were controlling everything from our Fortinet firewall. That was the only equipment which we had at that point in time. Now, we have got FortiAuthenticator.

Going forward we might go for FortiNAC. That might be in the cards for us. However, we're not immediately going to make the switch as it offers access control.

The initial setup wasn't a problem at all. It was handled by certified Fortinet engineers. For that reason, it wasn't complex or difficult.

We had certified Fortinet engineers assist us with the initial implementation. They handled the setup and configurations as well.

We're just end users. We don't have a special relationship with the company.

We're using the latest version of the solution. It might be something around version six.

I would recommend FortiAuthenticator to other organizations.

It is really a good product. Somebody looking for a good security product should go with FortiGate products. New users should explore all the features and see how they can maximize usage.

Overall, I'd rate the solution eight out of ten.

We use this product for SSL two-factor authentication and FortiToken management.

It does the job I paid for, but the graphical interface could be improved. If we take FortiGate or Fortinet, the graphical user interface is better designed. I think they can work on this.

It would be good to remove the FortiAuthenticator or to combine FortiAuthenticator and Fortinet. That would provide a single platform that can manage network access and user management. It doesn't make sense for me to sell FortiAuthenticator to a customer and then sell them Fortinet as well. I think they should just combine them into one solution.

The solution is stable. I installed it two years ago, but we rarely check the internet for changes. It's really stable. We don't have problems.

I think it's scalable. There are two kinds of appliances: virtual and physical. If you do a good sizing, the physical one can remain with the customer for a long time. The virtual one can be increased as you need. You can pay as you go with them. You purchase a base license and add to it as needed.

I have done an installation at an operator with over 200 users. That is the biggest one I've done.

I don't usually have problems with this solution so I rarely test the support features. I cannot evaluate the support team.

It was straightforward to implement and took one day to deploy.

I would rate this solution as seven out of ten. I know there are other solutions that have a more modern graphical interface and provide better user management functionality. We need to tell the customer to get two solutions instead of doing the job with just one. I think I could give eight or nine to another solution, but FortiAuthenticator should be a seven.

FortiAuthenticator can be useful for network security, resource security, and server security. It is a cloud-based solution.

The most valuable features are the performance and ease of use.

The only way the solution could be improved is if it were cheaper.

I have been using Fortinet Fortiauthenticator for five years. We have 200 users in our organization who use FortiAuthenticator.

The solution is stable.

Fortinet FortiAuthenticator is scalable.

Technical and customer support is okay.

We haven't used a different solution.

Installation was very straightforward and took three days.

We used a team of three people for deployment and maintenance.

The cost of the license could be less expensive. The license is paid on a yearly basis.

I would rate this solution an 8 out of 10. I would recommend Fortinet FortiAuthenticator for those who want to start using it.

The feature I value the most is the one-time passwords because it helps to authenticate users so you know the timing of their usage.

I don't have any issues with this solution, but it may need a better, more user-friendly interface or better design of the platform.

I have found that the solution is very stable. I am officially conducting at FortiGate and I found that it was so easy to conduct my environment and control my environment with this solution. 

We have seven users licensed on this solution. With FortiAuthenticator it is so easy to manage our users and it is scalable to all the users at our university or in our environment.  

I am really impressed by the technical support because they were very helpful. Once we logged our complaint, we received an answer from them in no time, and they quickly fixed our issue. 

The initial setup is very easy.

I will recommend this solution to others who are considering to use it. I give it a ten out of ten rating.

• User management with many credential sources: LDAPs, RADIUS, Social login, SAML, tokens, and local
• Captive portal server: Used to configure several portals for each service
• User friendly GUI with many features
• Very powerful

We are now enjoying social login in public Wi-Fi environments with very easy deployment and a maximum level of security.

I would like to see support for more credential authentication protocols.

I have used the product for six months.

I did not encounter any stability issues.

I did not encounter any scalability issues.

I would give technical support a rating of 10/10.

We used FreeRADIUS. It had limited authentication protocols (only RADIUS), no GUI, and very complicated management.

We enjoyed an easy deployment. There are many documents with guides and best practices.

This solution comes with a low price for the features, power, and ease of licensing.

We looked at FreeRADIUS and Ciso ISE.

This is a perfect solution for authentication services.