Fortinet FortiToken Reviews

The use case for Fortinet FortiToken involves restrictions on token movement. From two or three months ago, Fortinet has not approved moving FortiToken between devices. Users are not allowed to replace tokens from FortiGate to FortiGate or Authenticator to Authenticator. This situation has caused frustration for both customers and service providers.

I love to work with Fortinet FortiToken because it's easy to configure with any user and with FortiAuthenticator. We uploaded it and use it for any authentication with any user, with integration with any device. With FortiAuthenticator, we integrated it with any server, such as Active Directory, and use the token for VPN and other purposes. In the future, we ask customers to use it with FortiAuthenticator, not just the token, as it provides better integration capabilities. When we buy a specific Fortinet FortiToken, we use it on FortiGate only.

Fortinet FortiToken provides very important security benefits because it is used to manage FortiGate from outside, exclusively with Fortinet FortiToken. Without Fortinet FortiToken, administrators cannot use or add admin privileges or manage it from outside, as this could lead to attacks or malicious activity.

Fortinet FortiToken could be improved with flexibility to move it from device to device. With a license, replacement is not possible because Fortinet removed this option. Any Fortinet FortiToken cannot be removed; if a box expires or loses support, it cannot be removed, and customers must purchase it from scratch. This replacement option was removed two or three months ago, preventing movement between devices.

I have been working with Fortinet FortiToken for three to four years or more.

I would rate stability for Fortinet FortiToken as the best solution. It's very stable with every customer installation I perform. No customers have reported issues with Fortinet FortiToken, and if they need assistance with installation, I help them configure it.

I would rate scalability for Fortinet FortiToken as nine and a half or ten.

We make calls with Fortinet support, and in one year, I may call them two to three times or up to 10 times based on the need because we have experience troubleshooting or researching issues. I am satisfied with their service.

Positive

I do not have experience with competitors of Fortinet FortiToken as all my work is focused on Fortinet or other vendors, but primarily I work on multi-factor authentication with Fortinet only. Customers prefer Fortinet FortiToken because of its pricing, stability, and flexibility, including Fortinet's features such as FortiGate's analysis and FortiManager for configuration updates.

Fortinet FortiToken initial setup is very simple. If firewalls have mail for Fortinet, it works best. Mail customization is available when needed. With a Fortinet account in the firewall, users can upload the license for Fortinet FortiToken and use it for any user by enabling multi-factor authentication.

I use Fortinet FortiToken mobile application on my mobile now, and it functions similarly to OTP, bank OTP, or any software token multi-factor authentication. I have multiple OTP software solutions on my mobile, including Token, OTP Bank, and OTP for various applications.

Regarding multi-factor authentication strategy, Fortinet FortiToken works excellently for time-based one-time passwords. As a partner, I recommend it to customers along with FortiZTNA and ZTNA, using authentication with certificates or user authentication with multi-factor authentication.

I am not totally satisfied with Fortinet FortiToken functionality, but as software, it is the best solution. With hardware, if someone steals it, it becomes unusable. However, with Fortinet FortiToken, if users have email access, they can use it from another mobile device. Fortinet FortiToken software is the optimal solution, similar to other software OTP tokens.

Fortinet FortiToken pricing is very competitive.

As an expert partner in Egypt with professional service and EBSP certificates from Fortinet, I rate Fortinet FortiToken at nine out of ten. The only drawback is the inability to replace the box, which causes customer dissatisfaction. This feature needs to be allowed in the future to address customer concerns.

Overall Rating: 9/10

On-premises

Other

We only use FortiToken for authentication purposes, like logging into SSL VPN or plugging into firewalls.

I like how easy it is to configure and assign tokens. It's readily available through our application-based system.

The problem comes when we have to migrate tokens to new phones. There's no backup option or import/export feature, so you have to redo the entire process manually, adding tokens one by one, which is quite tedious.

The migration process is definitely a major area for improvement. Imagine losing your phone and having to set everything up again from scratch and add everything individually.  

In future releases, push notifications would be good! Instead of opening the app and entering the token manually, what if we received an approval or denial prompt directly on the phone as a notification? Just a tap to log in, that would be nice.

I have been using it for three years now. 

I would rate the stability a nine out of ten. It's been very reliable for my customers. 

I would rate the scalability a seven out of ten. The migration issue definitely brings it down a bit.

Moreover, if FortiToken could improve that, maybe introduce push notifications or even eliminate the need for manually entering token keys, it could easily reach a ten out of ten.

Replacing the token key entry with a simple notification and selection option to accept/deny would be very handy and useful. Now, we have to scroll down and search for the correct FortiToken by name. 

I recommend FortiToken for all companies, especially when they connect to sensitive servers. That's why I suggest them to use it.

There haven't been any emergencies, but the response times and everything were good when I needed help.

Positive

Before FortiToken, I used Okta for authentication. For firewalls and network devices specifically, I recommend FortiToken.

The initial setup is easy. You receive a QR code via email, scan it, and add it. No complicated procedures involved.

The deployment model depends on the customers. We have different customer setups, but most are on-premises, device-based deployments.

We typically require our assistance with deployment. We manage their hardware and infrastructure, so deployment falls under our responsibility.

The pricing is not very high, so I'd rate it around six out of ten, where one is high and ten is low.

I can compare it with Microsoft's 365 authentication or other Microsoft authentication solutions, but they have different features.

Overall, I would rate the solution an eight out of ten. I recommend FortiToken to all our clients who purchase Fortinet devices, especially within banking and payment systems. 

We're using a third-party tool for second-level authentication. So, basically, we integrated our Office 365 to Active Directory for additional service, and our users need to provide the SSH people to log in. So we wanted to use that ticket, which is not scalable. So that's why it should be what we basically use FortiToken for now is to ensure that administrators who log into the box have to provide additional proof at the DCB app.

I love the push-button authentication on FortiToken Mobile. It's also great that the soft token automatically reloads the OTP at intervals, so I always have a fresh code to enter. 

I also appreciate that you need to specify the token to gain access to the box, even from the command line. So I love it also because of the fact that people can no longer log in to my box without knowing who the users are. At least, anytime we log in to the admin, which has the tool enabled on my account. So it helps me to basically keep track of who and who are trying to access my box.

I would like to see if FortiToken can integrate with Office 365 mail to support the same two-factor authentication experience that I have with ESET. With ESET, when a user logs in, they are easily directed to the ESET authentication page, where they are prompted to enter their OTP after supplying their username and password. I understand from support that FortiToken cannot do this with email integration. That's why I opted for ESET. 

In future releases,  it would be great to see Fortinet add this support in the future.

I have been using this solution for quite some while. We use the mobile version. 

It is a stable product. 

We easily move from the prem to the cloud and vice versa. So, it is a scalable solution. We have around three end users using this solution. 

The setup is straightforward. I had a problem setting up FortiToken on ESET for Active Directory users because most of my users are integrated into Active Directory. There was a problem setting up FortiToken on the accounts that are not locally stored on the FortiGate, but I was able to fix the issue with the help of support. Overall, I'm happy with the setup process.

The deployment was straightforward. If you're using Fortinet cloud or FortiToken phone mobile, once you enable that on the account, it sends you a link to download the application for the clients of FortiToken. It's something that can be done in less than a minute really.

I only had to use support when I couldn't get my users on the ED to install and set up a two-step authentication (2SA) on the account. That's because the way it was set up was it was looking for a particular filter, which was not on the ETA back on. The support was able to identify the feature to use, and I was able to resolve that. Otherwise, it's something you can do within thirty minutes or less than that.

Two admins are enough for the maintenance of the solution.

For the two licenses, I have a return on investment.

We have not added in for the commercial. What I used for my test was the two licenses that come with the FortiGate. At the point where I wanted to ask for commercial support, it didn't support what I needed it for. So that's why I didn't confirm my price with anything because I didn't need that at that point.

I only have the two free licenses, except maybe when I increase the number of local users I have that need to be able to use VPN and all that, then I would have to pay for those licenses. But for now, because the third-party tool I have supports both my VPN and my email, so I really don't need to use FortiToken now.

Overall, I would rate the solution a nine out of ten. For someone who just needs basic availability for users, I would recommend what they could use for that.

On-premises

We use the solution for two-factor authentication. If anybody we have set up on FortiAuthenticator needs two-factor authentication to log in, we use FortiToken.

Fortinet FortiToken’s licenses are perpetual. We do not have to pay monthly for multi-factor authentications like Duo or Okta. We can buy them once we pay for the license, and it's good for however long Fortinet wants to allow it to be good for. We can really save a lot of money buying a perpetual license versus paying monthly for a service like that. The solution is pretty solid. I never had to contact the technical support team.

We can only use the tool with the FortiToken Mobile app. If we could use it with other authenticator apps, it would definitely be an improvement.

I have been using the solution for about four years.

I rate the product’s stability a nine out of ten.

The tool is very scalable. We can just buy more tokens. It is very easy to scale. I rate the scalability a nine out of ten.

The initial deployment was straightforward.

I see an ROI on the product.

The solution’s price is good. I really like the price.

If someone doesn’t already have a method in place for two-factor authentication and if they use other Fortinet products, I would recommend the product to them. Overall, I rate the tool a nine out of ten.

Hybrid Cloud

I have used the solution for VPN access.

I like that the solution integrates with FortiAuthenticator well enough.

They're just the token. So, they perform like any other token. It's a very simple thing, and it just works like any other token. There's nothing that stands out. It's just another token.

It could be integrated better if you could have your FortiToken, and the license would allow you to work across multiple FortiGate solutions. So, that'd be an improvement.

I have been using Fortinet FortiToken for six or seven years. I have a lot of customers for the solution. I have no idea what version I'm using. I just have it on my phone, and I suppose it just updates automatically with other applications that update on my phone.

I haven't had any breaks, even when I use FortiToken application on Android or iPhones

Stability-wise, I rate the solution a ten out of ten.

Scalability-wise, I rate the solution a ten out of ten.

We have customers that have 2,500 people using the solution. Also, the company that we serve has around 1,000 users.

The initial setup was straightforward.

For deployment, load the CSV of all the tokens, and then with the license, we just deploy as required for users using Fortinet's indicators, usually.

The time taken for deployment depends on how long it takes to deploy the FortiAuthenticator. We usually deploy them together. With FortiAuthenticator, or the FortinetToken or add-ons, you're looking at maybe a couple of hours to edit.

The customers need to pay for licenses. On a scale of one to ten, where one is the cheapest, and ten is the highest, I rate the pricing an eight.

It's not as expensive as some other tools, and also it's cheaper than some solutions. The fact it integrates means there are not a lot of other costs. If you're a user of FortiGate or FortiAuthenticator, it's a good price.

To make it really work, you need FortiAuthenticator, so that's an additional cost. So it is your additional cost. Relative to other solutions, it is too cheap. We won't make any money if we make it cheaper.

If you have FortiGate, I would recommend using FortiToken. But if you have Office 365 and you have the MFA, then I'd suggest you use that.

Overall, I rate the solution a nine out of ten.

On-premises

All users who can log in on Fortinet have Token. We have 15 FortiTokens for the managers who are connected to the VPN and also for those who are connected to the software. It is mobile, not a hard token. That said, I have the hardware token, which is related to the administrator, me, and my assistant. It's used on software and hardware. We use it at an administrator level and at a user level. 

The solution is great for security. It's for two-factor identification.

It is easy to implement. The deployment is quick and simple. 

It is stable and reliable. 

The cost isn't too high.

The solution works well. We have nothing to complain about. 

I've been using the solution for five years. 

The stability is ecellent. I would rate it five out of five. It is reliable, and the performance is good. We do not have any issues at all. 

We have 15 FortiTokens.

We did not previously use a different solution. This was the first solution we selected. 

It is an easy product to implement. From the software or the hardware itself, from the options, we can apply FortiToken for the user and just add the hot token serial number and go.

We only need one person to deploy the solution. I tend to manage it myself. 

The deployment takes about 45 minutes for the software. It might take about ten days for the hardware to arrive from Fortigate. After that, I just install the serial key, and everything is done. 

We have not noted an ROI.

We deal with a subcontractor in Saudi Arabia to pay everything in one bill yearly. Everything is a separate license fee, and we use different Fortinet solutions. However, we pay for everything yearly, all at once.

Generally, it is an affordable product. We do not find it to be overly expensive. 

I'd rate it a five out of five in terms of affordability. 

We did not explore other options. We chose the first option we looked at, FortiToken.

We are not partners. We use it internally in the company. We are end-users. We use a lot of Fortinet products. 

Nothing has to be done from the end-user perspective; they just add the username and password, and a code appears on the Fortitoken software or hardware. 

I'd rate the solution ten out of ten. 

I'd recommend the solution to other users and companies. 

The primary use cases of Fortinet FortiToken for my customers typically involve adding multi-factor authentication (MFA) for remote access. This is often required for remote workers or external providers. For instance, in industrial environments where external companies provide services, this solution helps manage secure access. Another common use case includes providing an external captive portal and self-registration.

The most valuable feature of the solution is its mobile application. It is particularly beneficial as it eliminates the need for hardware management. Users do not have to worry about managing or replacing physical tokens, which can be advantageous if the token is lost or damaged.

I would like to see the product improvements in dynamic VLAN pooling. Specifically, when users are assigned different VLANs based on their SSID, ensuring no unintended lateral traffic between users would enhance security and efficiency.

Sometimes, SMS messages do not reach recipients correctly due to country-specific limits on SMS character length. 

I rate the stability a seven. 

The platform easily scales from a few users to thousands by adjusting the licensing and configuration. I rate the scalability an eight. 

The support team is generally responsive and helpful, but resolution times can vary.

The initial setup requires understanding the platform's approach, licensing, and the correct version selection based on the customer's context.

The deployment time depends on the functionality required by the customer. I would rate the process as a seven.

Although the platform is relatively expensive, it offers significant value. I rate the pricing a nine out of ten. 

The critical feature for ensuring secure access is the solution's comprehensive functionality, which secures the user identity of those attempting to connect. The integration of all features collectively ensures high security.

The integration process is relatively straightforward, which is beneficial when deploying the platform. It is often integrated with third-party tools. For example, it can be combined with a management system that handles tokens and supports external keys such as YubiKey for additional multi-factor authentication.

I rate it an eight out of ten. 

Fortinet FortiToken is used for double factor authentication.

You need your mobile just to enroll the tokens, and sometimes, it's difficult to use for someone who is not knowledgeable. Clients don't like the fact that they have to download the application to use Fortinet FortiToken. Having it directly on an SMS is a better option for the clients.

I have been working with Fortinet FortiToken for seven to eight months.

Fortinet FortiToken is stable, but it's a bit slow.

I rate Fortinet FortiToken seven and a half out of ten for stability.

I rate Fortinet FortiToken seven and a half out of ten for scalability.

Fortinet FortiToken's initial setup is a bit complex. I rate Fortinet FortiToken a seven out of ten for the ease of its initial setup.

Fortinet FortiToken can be deployed in three hours.

Fortinet FortiToken is not an expensive solution. One license costs around 50 USD.

Overall, I rate Fortinet FortiToken a seven out of ten.

On-premises