CyberArk Endpoint Privilege Manager vs Fortinet FortiAuthenticator comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between CyberArk Endpoint Privilege Manager and Fortinet FortiAuthenticator based on real PeerSpot user reviews.

Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM).
To learn more, read our detailed Privileged Access Management (PAM) Report (Updated: March 2024).
765,386 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The password rotation and the session recording are the most valuable features.""The feature called PTA, which stands for Privileged Threat Analytics keeps track of what admins are doing and works with Centimeters. If something fishy is going on with a user's credentials, it alerts the security team so they can act fast. Plus, it automates stuff like resetting credentials or blocking users. So, if there's a potential hack, CyberArk can change passwords and lock out users in a snap. It also gives you a heads-up if anything unusual is going on with server activities, like someone creating new users with uncontrolled credentials.""The solution allows me to give access and privileges to each user individually""The most valuable feature is that it does lifecycle management and that it will change to whatever the end target is.""CyberArk Endpoint Privilege Manager is very easy to manage, which I like. The solution also has a dashboard where you can see which software is suspicious, which I find valuable.""I like that you can remove the admin rights from the user's computer and have control over the environment. That means you can delete the local admins and grant them proper privileges with the console. So, they will get proper permissions for applications they need, but we don't have to do it. In the domain where we don't have control, the user can only do specified actions, but not all of them.""The most valuable feature of CyberArk Endpoint Privilege Manager is its ability to reset passwords every time that it is needed or periodically.""This is the number one product for privilege account security."

More CyberArk Endpoint Privilege Manager Pros →

"The initial setup is very easy.""Intuitive interface and easy to deploy.""Valuable features include the robust SSO features, when you have more complicated authentication within an organization. We can mix AD, Radius, Portal, SSO Portals (Google, etc.), and build our own environment. It is very flexible.""The most valuable features of Fortinet FortiAuthenticator are easy to configure, secure, and the application has good performance.""The web feature is quite versatile. It serves as the sole server authenticator and is valuable not only with FortiGate products but also within the entire Forti system, making it highly useful for me.""I appreciate its ability to provide multi-factor authentication, but it's primarily focused on this function.""We have a perpetual license for 2FA.""The solution is easy to learn and makes it easy for our users to add FortiToken. It's very easy to integrate if you have other Fortinet devices."

More Fortinet FortiAuthenticator Pros →

Cons
"CyberArk Endpoint Privilege Manager is not suitable for the current situation because when you compare it to OTP, OTP is the strongest password solution. You can use it as a one-time password, but you have to log into the password manager itself and if you don't change your password, it will be the weakest link in the security. In OTP, you don't have that weakest link.""Technical support is slow to respond when we run into issues.""Compared to other tools like Linux, this solution isn't as user-friendly.""It cannot be on-prem. It is only cloud-based. Sometimes, that's a restriction in terms of usage.""Can be improved by allowing computers to be excluded from policies.""CyberArk Endpoint Privilege Manager is a perfect solution, but CyberArk Endpoint Privilege Manager for Linux has many issues. Another area for improvement in CyberArk Endpoint Privilege Manager, specifically for Windows, is that there's no way for you to check credential theft from a text file, such as a notepad file.""For an experienced system implementer it will take approximately one day. However, for somebody who is inexperienced it may take up to five days.""CyberArk has some performance issues. For example, servers could not handle the solution when we first took CyberArk Endpoint Privilege Manager."

More CyberArk Endpoint Privilege Manager Cons →

"I don't have any issues with this solution, but it may need a better, more user-friendly interface or better design of the platform.""If you want some other FortiAuthenticator from one site to another site, you should have requirements, but really if you have authentication and directory or another solution, you should change the password of the authenticator between the solution and the directory and other things. So transfer of data and other information should be simpler.""Fortinet FortiAuthenticator's initial setup process could be easier.""I would like to see some email options for Fortinet FortiAuthenticator.""The product must provide full support for third-party FIDO security keys.""The product must provide 2FA for applications.""There is a room for improvement. The log is a bit difficult to access, and searching the log codes is also a bit difficult. So it would be much better if, when we open a log, it could provide detailed information about errors, reasons for failure, and such.""It can not use SQL to query FortiAnalyzer directly."

More Fortinet FortiAuthenticator Cons →

Pricing and Cost Advice
  • "licensing for this solution is based on the number of APV (privileged users), and the number of sessions that you want to record."
  • "I think that it was in the range of $200,000 that had to get approved."
  • "Pricing depends on how many devices you use. Right now, on-premise, it costs us a little, but it's worth it. It seems like the cloud solution is much more expensive. We got this solution one year ago, and it's like we bought the solution, and now they are not going to support it on-premise anymore. We are in the implementation phase, and we missed this, and we already paid for the licenses. This is wasted time from my perspective, and CyberArk should be more customer-friendly."
  • "The cost for CyberArk is very high."
  • "The price of CyberArk Endpoint Privilege Manager is expensive."
  • "The price of CyberArk Endpoint Privilege Manager is expensive. The solution is priced based on the number of accounts onboarded and the number of concurrent sessions. Everyone else is included in the price, such as support."
  • "We pay about $17 per user."
  • "CyberArk Endpoint Privilege Manager has a very high price, so it's a one out of ten for me in terms of pricing."
  • More CyberArk Endpoint Privilege Manager Pricing and Cost Advice →

  • "I would start off with a VM including the base license and scale according to the number of users you need to authenticate."
  • "You can pay as you go with them. You purchase a base license and add to it as needed."
  • "The product could be more competitively priced."
  • "It costs more to license the high-availability option."
  • "The licensing structure is cost-effective for us compared to some of the other solutions that have recurring monthly costs."
  • "FAC is an affordable solution for Middle Range (200E/400E) and also needs a package of mobility agents (2,000) perpetual."
  • "The cost of the license could be less expensive. The license is paid on a yearly basis."
  • "We pay for licensing on a yearly basis."
  • More Fortinet FortiAuthenticator Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
    765,386 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:This is an inside-out --- outside-in --- inside-in question, as an insider can be an outsider as well. There is no short answer other than a blend of a PAM tool with Behavioral Analytics and Endpoint… more »
    Top Answer:The feature called PTA, which stands for Privileged Threat Analytics keeps track of what admins are doing and works with Centimeters. If something fishy is going on with a user's credentials, it… more »
    Top Answer:It's not at the lower end of the market. I think the price is reasonable considering the quality it delivers. It is a top-notch solution at a fair price point.
    Top Answer:The product's on-premise version doesn't have recurring costs.
    Top Answer:We pay a yearly support cost for the solution. It is very small. The cost of FortiToken is high. I rate the pricing a five out of ten.
    Top Answer:Fortinet FortiAuthenticator's initial setup process could be easier.
    Ranking
    Views
    1,602
    Comparisons
    1,096
    Reviews
    13
    Average Words per Review
    632
    Rating
    7.9
    5th
    Views
    5,927
    Comparisons
    4,071
    Reviews
    24
    Average Words per Review
    427
    Rating
    8.2
    Comparisons
    Also Known As
    Viewfinity
    FortiAuthenticator
    Learn More
    Overview

    CyberArk Endpoint Privilege Manager, a critical and foundational endpoint control addresses the underlying weaknesses of endpoint defenses against a privileged attacker and helps enterprises defend against these attacks through removing local admin rights, enforcing least privilege, and implementing foundational endpoint security controls across all Windows, macOS and Linux endpoints from hybrid to cloud environments.

    Click here for a free 30 day trial: CyberArk Endpoint Privilege Manager free trial

    Fortinet FortiAuthenticator is the primary secure point of approved access into the Fortinet network, authorizing users, reviewing access permissions, and relaying the information to all Fortigate devices for comparison with identity-based protocols. Fortinet FortiAuthenticator is a top-ranked authorization and SSO solution.

    Appropriate secure access is fundamental to every role in an enterprise ecosystem. It is an integral function of every organization to ensure that every access and privilege is secure and to mitigate any possible risk to an organization. Approved users should only have access to the necessary information when they need it, from the appropriate location(s) to safeguard an organization's security at all times.

    Fortinet FortiAuthenticator is available as an appliance, virtual machine, or in the cloud.

    Fortinet FortiAuthenticator Methods

    • FSSO: FortiAuthenticator Single sign-on user will easily identify users and assign role or group access based on preset identity-based protocols. FortiAuthenticator integrates well with third-party LDAP or active directories, is very flexible, and combines these methods to provide effective security.

    • Active Directory Polling: Active directory access is securely identified by consistent polling of domain controllers. As users log in, username, IP address, and other details are logged into the database and can be shared across devices as directed by FortiAuthenticator protocols.

    • FortiAuthenticator Portal and Widgets: If a user system does not support AP polling, or for other reasons it is not feasible, FortiAuthenticator offers a unique secure authentication portal. Users can be manually authenticated and, to diminish the effect of numerous logins, an intuitive set of widgets is available to integrate into an organization's ecosystem that will automatically grant access to users when they access the organization's intranet homepage.

    • RADIUS Accounting Login: For organizations that use RADIUS authentication, RADIUS Accounting is available for user identification. This process will prompt user access information (IP and group, etc.) and eliminate the need for multiple levels of authentication.

    Reviews from Real Users

    Ernesto C., Presales Engineer at a comms service provider, shares,

    ”Key Features and Benefits

    1. Two-factor/OTP Authentication with FortiToken: Enforce user-based policies. Fortitoken is available in soft and hard versions for flexible usage. Most Valuable in Mobile Phones App for OTP.
    2. Integration with LDAP and AD: This solution integrates with existing enterprise systems and technologies from diverse vendors of user information management systems.
    3. LPAD/AD/RADIUS/SYSLOG/KERBEROS/REST API/FSSO and Web Portals: There is flexible integration with these services.
    4. It is usable in network, WAN, wireless, and VPN Scenarios.
    5. The domain and guest-users support are good.”

    Ibrahim M., Senior Network & Security Engineer at a tech services company, relates, "The initial setup is a valuable point on Fortinet products. Most of the time, putting the theory into practice on the devices is quite friendly and straightforward. As long as you can read English you can find your way around the solution and make it work. This is a high value point on Fortinet - the way everything is laid out in the web UI is user-friendly and quite straightforward. The UI is quite simple."




    Sample Customers
    Black Gold Regional Schools, Amadeus Hospitality, Jefferson County, Chunghwa Telecom, City of Boroondara, Dimension Data
    Top Industries
    REVIEWERS
    Computer Software Company40%
    Manufacturing Company20%
    Energy/Utilities Company10%
    Comms Service Provider10%
    VISITORS READING REVIEWS
    Computer Software Company14%
    Financial Services Firm14%
    Manufacturing Company10%
    Government8%
    REVIEWERS
    Computer Software Company29%
    Comms Service Provider13%
    Healthcare Company8%
    Computer Retailer4%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Comms Service Provider10%
    Government8%
    Financial Services Firm7%
    Company Size
    REVIEWERS
    Small Business40%
    Midsize Enterprise23%
    Large Enterprise37%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise12%
    Large Enterprise70%
    REVIEWERS
    Small Business56%
    Midsize Enterprise27%
    Large Enterprise17%
    VISITORS READING REVIEWS
    Small Business30%
    Midsize Enterprise19%
    Large Enterprise51%
    Buyer's Guide
    Privileged Access Management (PAM)
    March 2024
    Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM). Updated: March 2024.
    765,386 professionals have used our research since 2012.

    CyberArk Endpoint Privilege Manager is ranked 7th in Privileged Access Management (PAM) with 25 reviews while Fortinet FortiAuthenticator is ranked 5th in Single Sign-On (SSO) with 50 reviews. CyberArk Endpoint Privilege Manager is rated 8.0, while Fortinet FortiAuthenticator is rated 8.0. The top reviewer of CyberArk Endpoint Privilege Manager writes "Offers integrated solutions and expands its capabilities through strategic acquisitions". On the other hand, the top reviewer of Fortinet FortiAuthenticator writes "A reasonably priced solution that can be scaled toward different functionalities and offers flexible SMS messaging". CyberArk Endpoint Privilege Manager is most compared with Microsoft Defender for Endpoint, BeyondTrust Endpoint Privilege Management, CrowdStrike Falcon, CyberArk Privileged Access Manager and Tanium, whereas Fortinet FortiAuthenticator is most compared with Cisco ISE (Identity Services Engine), Fortinet FortiToken, Microsoft Entra ID, Fortinet FortiNAC and Cisco Duo.

    We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.