What is our primary use case?
We primarily use Fortinet FortiAuthenticator to centralize the management of user identity information in Security Architectures, enforce Role-Based authentication, and allow Two Factor authentication with Softclient support.
This is a must-have technology in Fortinet implementations with several gateways and distributed environments.
It is easy to set up and will reduce Network administrators' efforts to integrate diverse identification methods. Must evaluate Single Sing On Mobility Agents to full integration of users position on the network and complete the solution.
How has it helped my organization?
Using this product strengthens enterprise security. It offers role-based security policies and User Identity Management with different methods.
This product provides automatization. There is a self-service user portal for registry and support for domain and non-domain guest users, with diverse channels vía hardware tokens, software tokens, e-mail, and SMS.
This solution brings user satisfaction. It reduces the need for network administrator intervention by allowing the user to perform their own registration and resolve their own password problems and issues.
What is most valuable?
Key Features and Benefits
- Two-factor/OTP Authentication with FortiToken: Enforce user-based policies. Fortitoken is available in soft and hard versions for flexible usage. Most Valuable in Mobile Phones App for OTP.
- Integration with LDAP and AD: This solution integrates with existing enterprise systems and technologies from diverse vendors of user information management systems.
- LPAD/AD/RADIUS/SYSLOG/KERBEROS/REST API/FSSO and Web Portals: There is flexible integration with these services.
- It is usable in network WAN, wireless, and VPN Scenarios.
- The domain and guest-users support are good.
What needs improvement?
I would like to see integration and customization capabilities with the end-user portal to solve authentication issues with diverse implementation scenarios. Specifically, with web applications, enterprise networks, and VPN.
For how long have I used the solution?
We have been using Fortinet FortiAuthenticator for three years.
What do I think about the stability of the solution?
This is a stable, set-and-forget product. Logical operations run in the Gateways.
What do I think about the scalability of the solution?
FAC 200E/400E will support environments for hundreds of users, based on Physical Appliances. If future needs are in the scope then I suggest implementing virtual deployments.
How are customer service and technical support?
Technical support is not needed in any sense. We have three years running without hardware appliance incidents or major issues.
Which solution did I use previously and why did I switch?
This is the first authentication platform that I have worked with.
How was the initial setup?
The initial setup process will vary from simple to complex and depends on your existing User Identity Systems, integrations, and scale of the network
What about the implementation team?
In-house engineers, properly trained, are responsible for deployment and maintenance.
What was our ROI?
Our ROI was reached in less than a year. This solution is good in terms of financial returns.
What's my experience with pricing, setup cost, and licensing?
FAC is an affordable solution for Middle Range (200E/400E) and also needs a package of mobility agents (2,000) perpetual.
There is nothing to buy in the gateways (FG) and it is fully integrated.
Which other solutions did I evaluate?
As a Fortinet customer, the logical evaluation was FAC from the same vendor.
What other advice do I have?
This is a must-have technology in Fortinet deployments with distributed environments.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?