I would like to see the product improvements in dynamic VLAN pooling. Specifically, when users are assigned different VLANs based on their SSID, ensuring no unintended lateral traffic between users would enhance security and efficiency.
Project Manager at Saudi Arabian Military Industries (SAMI)
Real User
Top 20
2024-06-27T13:56:32Z
Jun 27, 2024
The Fortinet FortiToken server doesn't have centralized integration with other Fortinet tools and third-party tools. We also have FortiManager, but FortiToken doesn't integrate with FortiManager. It would be good if we could have centralized monitoring enabled from FortiToken to FortiManager. In a single view, we can get a better view of authentication, such as who the users are and how many authentications have failed.
The management configuration seems a bit complex and could benefit from user guides or better support resources. It could be improved in terms of user-friendliness. Not like the other FortiGate products. Maybe not many people have a real community for this. The lack of community support is a major concern. Context-sensitive online support instead of just a general user manual would be very helpful. Currently, clicking "help" on any topic simply directs you to the entire manual.
The problem comes when we have to migrate tokens to new phones. There's no backup option or import/export feature, so you have to redo the entire process manually, adding tokens one by one, which is quite tedious. The migration process is definitely a major area for improvement. Imagine losing your phone and having to set everything up again from scratch and add everything individually. In future releases, push notifications would be good! Instead of opening the app and entering the token manually, what if we received an approval or denial prompt directly on the phone as a notification? Just a tap to log in, that would be nice.
Senior IT Engineer at NMA Technologies Services Ltd
Real User
Top 5
2023-10-24T10:35:11Z
Oct 24, 2023
You need your mobile just to enroll the tokens, and sometimes, it's difficult to use for someone who is not knowledgeable. Clients don't like the fact that they have to download the application to use Fortinet FortiToken. Having it directly on an SMS is a better option for the clients.
I would like to see if FortiToken can integrate with Office 365 mail to support the same two-factor authentication experience that I have with ESET. With ESET, when a user logs in, they are easily directed to the ESET authentication page, where they are prompted to enter their OTP after supplying their username and password. I understand from support that FortiToken cannot do this with email integration. That's why I opted for ESET. In future releases, it would be great to see Fortinet add this support in the future.
It could be integrated better if you could have your FortiToken, and the license would allow you to work across multiple FortiGate solutions. So, that'd be an improvement.
Assistant Manager - Information Security & Infrastructure at lankatiles
Real User
Top 10
2023-02-24T08:41:00Z
Feb 24, 2023
The solution comes with two firewalls as a bundle. In that bundle, most of the individual users can be assigned to mobile users. However, in cases of technical difficulties, users may accidentally remove the mobile application. In normal scenarios, we get back to the activation key and assign it again. In one instance, we had to call back Fortinet service providers to reactivate the token and access the system. If they could provide a managed portal for the token, then reassigning tokens can be easy. I would also like to see some mobile-level application update. It would be easy for our team if we can have all the features in one place.
Director at a comms service provider with 51-200 employees
Real User
2021-03-30T10:03:42Z
Mar 30, 2021
It needs a lot of coupling with their other Fortinet products. To implement FortiToken, I most probably need to couple it with FortiAuthenticator for full implementation. An RSA token can be used with many devices, whereas Fortinet FortiToken is always linked to only one FortiGate device. If I want to reuse the token across five or six FortiGates, I would have to get the FortiAuthenticator product. I can't use one token to connect to different FortiGates, and I need to get another product to enable this functionality. They should also improve the support for their mobile client. There should be a more detailed roadmap for the operating systems being supported. Some of our users were using an old iOS iPhone, and they were forced to get a newer phone because FortiToken didn't support that version of iOS. Similarly, there may be a version of Android that is not supported, so the users need to change the phone. This was one of the reasons why our deployment took longer.
Team Lead Network IP and Systems at a comms service provider with 1-10 employees
Real User
2021-03-09T21:48:01Z
Mar 9, 2021
Its reporting should be better. The reporting feature is missing. I don't have any reporting of who has done what, what has failed, and what didn't work.
As we've seen, passwords alone don't keep unwanted guests out of your network. Password-only authentication has led to security breaches, malware infections, and policy violations. With two-factor authentication, a password is used along with a security token and authentication server to provide far better security. Authorized employees can remotely access company resources safely using a variety of devices, ranging from lpatops to mobile phones.
I would like to see the product improvements in dynamic VLAN pooling. Specifically, when users are assigned different VLANs based on their SSID, ensuring no unintended lateral traffic between users would enhance security and efficiency.
The Fortinet FortiToken server doesn't have centralized integration with other Fortinet tools and third-party tools. We also have FortiManager, but FortiToken doesn't integrate with FortiManager. It would be good if we could have centralized monitoring enabled from FortiToken to FortiManager. In a single view, we can get a better view of authentication, such as who the users are and how many authentications have failed.
The solution could be more user-friendly.
They could enhance synchronization with mobile applications, and addressing minor issues with authentication could further improve user experience.
Fortinet FortiToken should improve its push notifications.
The management configuration seems a bit complex and could benefit from user guides or better support resources. It could be improved in terms of user-friendliness. Not like the other FortiGate products. Maybe not many people have a real community for this. The lack of community support is a major concern. Context-sensitive online support instead of just a general user manual would be very helpful. Currently, clicking "help" on any topic simply directs you to the entire manual.
Fortinet FortiToken could be lower for some markets.
The problem comes when we have to migrate tokens to new phones. There's no backup option or import/export feature, so you have to redo the entire process manually, adding tokens one by one, which is quite tedious. The migration process is definitely a major area for improvement. Imagine losing your phone and having to set everything up again from scratch and add everything individually. In future releases, push notifications would be good! Instead of opening the app and entering the token manually, what if we received an approval or denial prompt directly on the phone as a notification? Just a tap to log in, that would be nice.
You need your mobile just to enroll the tokens, and sometimes, it's difficult to use for someone who is not knowledgeable. Clients don't like the fact that they have to download the application to use Fortinet FortiToken. Having it directly on an SMS is a better option for the clients.
I would like to see if FortiToken can integrate with Office 365 mail to support the same two-factor authentication experience that I have with ESET. With ESET, when a user logs in, they are easily directed to the ESET authentication page, where they are prompted to enter their OTP after supplying their username and password. I understand from support that FortiToken cannot do this with email integration. That's why I opted for ESET. In future releases, it would be great to see Fortinet add this support in the future.
Maybe the price could be improved, and the integration could be better. But the integration is different from the authenticator side.
It could be integrated better if you could have your FortiToken, and the license would allow you to work across multiple FortiGate solutions. So, that'd be an improvement.
The solution comes with two firewalls as a bundle. In that bundle, most of the individual users can be assigned to mobile users. However, in cases of technical difficulties, users may accidentally remove the mobile application. In normal scenarios, we get back to the activation key and assign it again. In one instance, we had to call back Fortinet service providers to reactivate the token and access the system. If they could provide a managed portal for the token, then reassigning tokens can be easy. I would also like to see some mobile-level application update. It would be easy for our team if we can have all the features in one place.
The solution works well. We have nothing to complain about.
Usually, there are operational issues for tokens, but problems have been minimal.
It needs a lot of coupling with their other Fortinet products. To implement FortiToken, I most probably need to couple it with FortiAuthenticator for full implementation. An RSA token can be used with many devices, whereas Fortinet FortiToken is always linked to only one FortiGate device. If I want to reuse the token across five or six FortiGates, I would have to get the FortiAuthenticator product. I can't use one token to connect to different FortiGates, and I need to get another product to enable this functionality. They should also improve the support for their mobile client. There should be a more detailed roadmap for the operating systems being supported. Some of our users were using an old iOS iPhone, and they were forced to get a newer phone because FortiToken didn't support that version of iOS. Similarly, there may be a version of Android that is not supported, so the users need to change the phone. This was one of the reasons why our deployment took longer.
Its reporting should be better. The reporting feature is missing. I don't have any reporting of who has done what, what has failed, and what didn't work.