FortiAuthenticator Review

Provides two-factor authentication and integration with our other FortiGates.

What is most valuable?

The valuable features are:

  • Two-factor authentication
  • User ID with our LDAP service
  • Integration with our other FortiGates

How has it helped my organization?

By using one of our units as a load-balancing slave, we were able to roll out location-based VPNs that created quicker connections to local servers for our end users. Furthermore, incorporating a LBS unit has provided preventative measures and ensured that our remote users can still connect if a failure occurs on our master authentication unit.

What needs improvement?

It was initially difficult to sync our high availability, load-balancing slave (LBS) to our master unit. There were some initial issues connecting it and syncing with our master FortiAuthenticator unit. After reaching out to Fortinet support, it turned out that the unit needed a software update.

I would like to see the following:

  • Creating an easier implementation of software patches.
  • Designing the admin profiles to sync across, instead of having to recreate them. (I see how this could be problematic with security measures.)

For how long have I used the solution?

We've been using our master unit for about a year and our LBS for about six months.

What do I think about the stability of the solution?

We had some stability issues. Our first LBS unit wouldn't work properly the first time and that wasted a lot of time. Eventually, it died and we had to RMA the unit.

What do I think about the scalability of the solution?

We didn't have any issues with scalability.

How are customer service and technical support?

The technical support we received from Fortinet was responsive. When we experienced problems, they were able to fix our issues.

Which solution did I use previously and why did I switch?

Before implementing our FortiAuthenticators, we used our main FortiGate as a way to push out two-factor codes to our users. After a while, this option was not working. As we continued to grow, we needed something more substantial and manageable.

How was the initial setup?

The initial setup was somewhat difficult in syncing our LDAP service to our main FortiGate.

Which other solutions did I evaluate?

Before using the FortiAuthenticator, we pushed out tokens via our main FortiGate.

What other advice do I have?

If you want a more efficient way to manage two-factor authentication for your users, or implement the unit as a cluster member role, the FortiAuthenticator can be incorporated very well into your environment.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Sign Up with Email