Fortinet FortiToken Reviews

We use Fortinet FortiToken when a client requires it.

The FortiToken from Fortinet is primarily used for VPN authentication. That is one of the most common use cases. VPN authentication as well as two-factor authentication on VPN. In addition, two-factor authentication is required for administration access to the FortiGates.

In the rare case where the FortiAuthenticator is separate, they use it as a directory for the enterprise. It can also be used for other applications such as Microsoft. External applications and, on occasion, customer applications that use RADIUS.

I believe FortiToken is the simplest to implement. However, there is no difference in terms of features other than multi-factor authentication. It's very basic.

Ease of administration, which is not always a feature, but the ease of administration, token importing, and exporting, is why FortiToken has been considered as a multi-factor authentication solution.

FortiToken could be made much more flexible. They're doing very well now. I think having two-factor authentication on their firewalls for administration, as well as being able to use them for VPN access for MFA, was a great idea. However, in terms of a broader base of support, I believe their support for SAML, for example, could be greatly improved. OAuth, SAML, and other protocols that are more geared toward cloud-based applications, in my opinion.

I would like to see complete OAuth support. Also, if they can support it from a SaaS (Software as a Service) or cloud platform, that would be great. 

I have been working with Fortinet FortiToken for four or five years.

There are two kinds of customers. There are clients for whom we only implement and clients for whom we manage. Where we have a managed service with the client, we keep them on the most recent version, which is N-1.

Fortinet FortiToken is very durable and stable.

If you don't use the VM solution, it's not very scalable because, from a hardware point of view, you almost have to buy hardware and do a full replacement. From that perspective, I wouldn't say it's scalable. But, again, if you're using your VM  you would have to rebuild your VM.

I wouldn't go so far as to say it's not scalable. However, when it comes to the number of users, it is very scalable in terms of being able to cater to a small environment of five users versus 100,000. But, in my opinion, when you have to migrate as your environment grows, it's not very scalable. It is, but it is difficult to import and export through it.

The number of users we have is probably in the region of 20 or 25.

It would be on a daily basis because you have to log on all the time, especially now that you're remote. And MFA is required by the majority of our company or clients.

I work with Fortinet support on a regular basis.

In terms of support, Fortinet is one of the better vendors. However, they face significant challenges when it comes to getting a response. When you log a support call, getting the response you want is always a problem. It's almost as if you're being passed from one engineer to the next, and it's extremely difficult to articulate the problem and get a response.

I don't use them myself, we are integrators. A few clients use Fortinet FortiAuthenticator, Fortinet FortiToken, McAfee Total Protection for Data Loss Prevention, Trend Micro Integrated Data Loss Prevention, and GTB Technologies Inspector, but they use FortiToken specifically. I believe I added RSA Authentication Manager, followed by Cisco, Jira.

The initial setup is extremely simple. The FortiAuthenticator and FortiToken are unquestionably the simplest multi-factor authentication solution to implement.

It takes two to three hours to get it up and running. But, the biggest challenge is always the user element, where you have to get users to install the application and communicate with them. That can take you a lot of time depending on the size of your organization and the level of technological sophistication of your end users.

That would require a significant amount of time. But the initial setup, which is to set up the FortiAuthenticator, import the tokens and integrate that with, the FortiGates, is very simple and doesn't take long.

Yes, absolutely, I would recommend this solution, especially for clients performing standard RADIUS authentications, because I believe they're quite solid. I believe where it becomes more difficult is with open authentication protocols such as SAML and OAuth. Fortinet has a long way to go in this area.

I would rate Fortinet FortiToken an eight out of ten.

Fortinet offers a comprehensive solution for network security, particularly with its very effective zero-trust network access approach.

The solution has many components, each with its own benefits and advantages. FortiToken is straightforward to use.

I have been using Fortinet FortiToken for six months.

More than 400 stores in Canada are using this solution.

The product itself is very good, and although I have extensive experience with Fortinet, I have not sought much support for it so far.

Positive

It's very simple: install the FortiToken app on your cell phone. When you receive the FortiToken invitation by email, open the email to view the QR code. Use your phone's camera to scan the QR code, automatically importing it into the FortiToken app. Once synchronized with the FortiToken server, you can use the app for future authentication.

It's convenient because you don't need to implement a separate FortiToken server. Traditionally, with systems like RSA, you needed a dedicated server, purchased token licenses, and assigned them individually to users. However, with Fortinet, you can use FortiGate as the FortiToken server itself. Each FortiGate license includes two free FortiTokens. If you need more tokens, you purchase additional licenses. The required tokens are automatically generated after importing the license into the FortiGate. You then assign these tokens to users and send an invitation email. The user receives the email, opens the attachment or QR code, and scans it with the FortiToken app on their phone.

If you don't have many users, the free FortiTokens included with FortiGate should be sufficient. The basic license covers up to twenty-five users. Alternatively, you can use Fortinet's FortiToken Cloud Service instead of FortiGate as the FortiToken server. This way, you don't need to have a FortiGate device.

Overall, I rate the solution a nine out of ten.

We use the product for multifactor authentication. 

The solution is simple and similar to Google Authenticator. It follows time-based authentication. We use it for hardware and software in one environment. The tool offers simple and fast authentication for SSL. 

Fortinet FortiToken should improve its push notifications. 

I have been using the product for three years. 

I rate the tool's stability a ten out of ten. 

I rate the tool's scalability a ten out of ten. My company has 50 users. 

My experience with Fortinet FortiToken's technical support is good. 

Positive

When I compare Fortinet FortiToken to similar products like Google Authenticator, I see differences, especially with Microsoft Authenticator, which also uses push notifications. Google Authenticator is free. 

Fortinet FortiToken's deployment is simple. 

I did the deployment myself. 

I rate the tool's pricing a five out of ten. 

I rate the overall solution a ten out of ten. 

Fortinet FortiToken is used for double factor authentication.

You need your mobile just to enroll the tokens, and sometimes, it's difficult to use for someone who is not knowledgeable. Clients don't like the fact that they have to download the application to use Fortinet FortiToken. Having it directly on an SMS is a better option for the clients.

I have been working with Fortinet FortiToken for seven to eight months.

Fortinet FortiToken is stable, but it's a bit slow.

I rate Fortinet FortiToken seven and a half out of ten for stability.

I rate Fortinet FortiToken seven and a half out of ten for scalability.

Fortinet FortiToken's initial setup is a bit complex. I rate Fortinet FortiToken a seven out of ten for the ease of its initial setup.

Fortinet FortiToken can be deployed in three hours.

Fortinet FortiToken is not an expensive solution. One license costs around 50 USD.

Overall, I rate Fortinet FortiToken a seven out of ten.

We use Fortinet FortiToken to do a double authentication for people who work out of the company.

The most valuable feature of Fortinet FortiToken is security. Some companies have people belonging to other companies working with their core software or main applications. Fortinet FortiToken provides security and authenticates that the right external people are working with a company's system. Since Fortinet FortiToken provides a second authentication mode, it's vital for cybersecurity.

The solution could introduce a mobile application instead of a physical product.

The solution’s initial setup is very easy.

On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a six out of ten.

Fortinet FortiToken has been very reliable for our daily authentication needs. Fortinet FortiToken is a very good product that improves a company's security. I think that every company that has people managing critical information should use the solution.

Overall, I rate Fortinet FortiToken ten out of ten.

We use FortiToken to authenticate many of the applications we and our clients use. We use, integrate, and resell the solution.

We like the mobile FortiToken. 

I have used FortiToken for four or five years.

FortiToken is stable.

I rate Fortinet support nine out of 10. We pay for a support contract that entitles us to dedicated resources for our problems. In fact, we are not using basic technical support. With standard support, it can take a while for the engineers to understand the problem. We don't ask frivolous questions. Typically, we have our information ready to make the process smoother. 

Positive

I rate FortiToken 10 out of 10 for ease of setup. The setup time depends on the number. FortiToken is sold in a box of at least five, and it usually takes half an hour or so.

The price isn't an issue for most clients, but they complain that it's increasing each quarter. At the same time, all companies are raising their prices because we're in a dynamic period. 

The problem is that our customers create budgets annually based on the figures at the beginning of the fiscal year. Our customers get annoyed when the price is adjusted in the middle of the year. I understand that it's a difficult time, and price increases make sense for hardware devices. However, FortiToken is a software product, so it shouldn't be affected by factors like chip shortages or supply chain issues. Software solutions should have more transparent and predictable pricing.

I rate FortiToken 10 out of 10. 

I am using it with FortiClient so that I can authenticate.

It provides me with the token so that I can do the Multi-Factor Authentication. I'm not sure if there's anything more to say about that.

I'm not sure if it's already available, however, I wonder if there's an option to have it sent to my email address instead of having it on the mobile app. Currently, I need to carry that single device that is already registered with a token. If I can receive it on email, it would be more flexible. 

I'm using other types of authenticators, and some of them provide a code to access the application. I'm not sure if that's already available, as I am not using it at the moment. If it's not there, it could be a nice feature to have optionally.

I have used the solution for four years, five years, something like that.

I don't know if scalability is applicable. It's only meant to be doing one thing, to be honest. I've already got, what, three or four tokens, four tokens. It's scalable enough for my purpose.

We get support through a partner, and we've had good support so far. However, it wasn't directly with Fortinet staff. 

Positive

The initial setup is simple.

I use Microsoft Authenticator as I can incorporate many functions there. With the FortiToken app, it's only compatible with its own tokens. So, I need to use one more app for what I need to do. Authenticator is for everything else, however, for Fortinet, I use only the FortiToken app.

The product is working fine for me after all these years.

Overall, I give the product a nine out of ten.

We are using it for VPN. We have its latest version.

It has improved the way our organization functions.

Its ease of installation is most valuable. It took me five minutes, and it was up and running. It didn't take me that long. The installation on the cell phones is pretty simple.

Its reporting should be better. The reporting feature is missing. I don't have any reporting of who has done what, what has failed, and what didn't work. 

I have been using this solution for about a year.

It is stable. There are no stability issues.

Its scalability is pretty good. We only have 100 to 150 FortiTokens. We're not that big. All people in our organization are using it. It goes from CFO, CEO to the basic call center.

We didn't need to use it so far.

We do use Cisco Duo for another 2FA solution. We don't really use any other solution now. It is pretty much FortiToken.

It was easy. It took me five minutes, and it was up and running.

If you're looking for a fast installation, easy deployment, and not much maintenance, this is the solution to go for, but the only thing is that it is good for Fortinet. It is not good for anything else.

I would rate Fortinet FortiToken an eight out of ten.