We performed a comparison between CyberArk Privileged Access Manager and Fortinet FortiToken based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."The automatic password management is the most important feature. The second most important feature is the ability to enforce dual control on the release of those passwords. The combination of these two features is the most important thing for us because we can show that we're in control of who uses any non-personal account, and when they do so."
"The users have the ability to rotate passwords on a daily basis with a Reconcile Account. Or, if they want to do one-time password checkouts, we can manage those, check in, check out. I like the flexibility of the changing of the password, specifically."
"It has helped from an auditing perspective identify who has access to privileged accounts."
"CyberArk Privileged Access Manager is stable."
"We can make a policy that affects everybody instantly."
"We like it for the ability to automatically change passwords. At least for my group, that's the best thing."
"The Vault offers great capabilities for structuring and accessing data."
"It has helped us with our adoption with other teams, and it has also helped us to integrate it at the ground level."
"Bangladesh is a price-sensitive market, and FortiToken is popular because it's more affordable than the Palo Alto and Cisco authentication solutions. Fortinet has a local director for Bangladesh, so they can deliver solutions to customers quickly."
"The solution is simple and similar to Google Authenticator. It follows time-based authentication. We use it for hardware and software in one environment. The tool offers simple and fast authentication for SSL."
"Fortinet FortiToken provides security and authenticates that the right external people are working with a company's system."
"The integrated Fortinet security with the app that allows you to easily do the two-factor authentication is most valuable."
"FortiToken is available in a soft or hard token factor, so there's some flexibility in that. Beyond that, I would say it is a stable solution that has worked for us."
"I believe FortiToken is the simplest to implement."
"The initial setup is easy. You receive a QR code via email, scan it, and add it. No complicated procedures involved."
"Fortinet FortiToken is used for double factor authentication."
"I'm not a fan of technical support with CyberArk. It's like jumping through red tape and hoops. Quite frankly, it's almost like when you call CyberArk you get the Help Desk or the level-one. I'm a level-one. I got the CCD, I know how to do the initial troubleshooting. When I call CyberArk it's because I can't figure the problem out. So I need a level-two, three, four. I don't need you to tell me, "Hey, open a ticket and then give me logs.""
"Tech support staff can be more proactive."
"We'd like to see the creation of some kind of memo field for each device account, which could be used, in our network at least, to leave a note about the device for either the security or network engineering team members."
"There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries."
"This product needs professional consulting services to onboard accounts effectively based user profiles."
"We would like to expand the usage of the auto discovery accounts feed, then on our end, tie in the REST API for automation."
"If there is an area that has room for improvement, it's probably working with their support and getting people on the phone. That is hard to do with most products in general, but that seems to be the difficult area. The product is fantastic, but sometimes we want somebody on the phone."
"There was a functionality of the solution that was missing. I had noticed it in Beyond Trust, but not in this solution. But, recently they have incorporated something similar."
"The problem is that our customers create budgets annually based on the figures at the beginning of the fiscal year. Our customers get annoyed when the price is adjusted in the middle of the year. I understand that it's a difficult time, and price increases make sense for hardware devices. However, FortiToken is a software product, so it shouldn't be affected by factors like chip shortages or supply chain issues. Software solutions should have more transparent and predictable pricing."
"The solution comes with two firewalls as a bundle. In that bundle, most of the individual users can be assigned to mobile users. However, in cases of technical difficulties, users may accidentally remove the mobile application. In normal scenarios, we get back to the activation key and assign it again."
"Fortinet FortiToken should improve its push notifications."
"It needs a lot of coupling with their other Fortinet products. To implement FortiToken, I most probably need to couple it with FortiAuthenticator for full implementation. An RSA token can be used with many devices, whereas Fortinet FortiToken is always linked to only one FortiGate device. If I want to reuse the token across five or six FortiGates, I would have to get the FortiAuthenticator product. I can't use one token to connect to different FortiGates, and I need to get another product to enable this functionality. They should also improve the support for their mobile client. There should be a more detailed roadmap for the operating systems being supported. Some of our users were using an old iOS iPhone, and they were forced to get a newer phone because FortiToken didn't support that version of iOS. Similarly, there may be a version of Android that is not supported, so the users need to change the phone. This was one of the reasons why our deployment took longer."
"The solution could introduce a mobile application instead of a physical product."
"Its reporting should be better. The reporting feature is missing. I don't have any reporting of who has done what, what has failed, and what didn't work."
"I would like to see if FortiToken can integrate with Office 365 mail to support the same two-factor authentication experience that I have with ESET. With ESET, when a user logs in, they are easily directed to the ESET authentication page, where they are prompted to enter their OTP after supplying their username and password. I understand from support that FortiToken cannot do this with email integration. That's why I opted for ESET."
"Configuration can be confusing due to the lack of community and context-sensitive help. We've had to rely on technical support, which slows down the setup process."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while Fortinet FortiToken is ranked 4th in Authentication Systems with 20 reviews. CyberArk Privileged Access Manager is rated 8.8, while Fortinet FortiToken is rated 8.2. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Fortinet FortiToken writes "A stable and scalable solution that provides an affordable and perpetual license". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas Fortinet FortiToken is most compared with Fortinet FortiAuthenticator, Microsoft Entra ID, Cisco Duo, Yubico YubiKey and Keeper.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.