We performed a comparison between CyberArk Privileged Access Manager and Fortinet FortiToken based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."It is a single tool that isolates possible kinds of malware. You get lateral movement blocking and auditing information, e.g., you know who is doing what. You are getting protections from the service as well as a useful environment. All your admins can easily go in and out of your company while accessing your servers in a secure way, even if they are working abroad."
"We know when passwords will be expiring so we can force users to change their passwords, as well as requiring specific password requirements for length, complexity, etc."
"CyberArk has the ability to change the credentials on every platform."
"I found it valuable that CyberArk Privileged Access Manager can be integrated with PTA (privileged threat analytics), and this means that it will tell you if there's a risk to the logins and signs of risk and if risky behavior is observed. It's a good feature. Another good feature is the CPM (central password manager) because it helps you rotate the passwords automatically without involving the admins. It can go and update the scheduled tasks and the services. At the same time, if there's an application where it cannot do all of these, CPM will trigger an automatic email to the application owners, telling them that they should go ahead and change the password. This allows you to manage the account password that CyberArk cannot manage, which helps mitigate the risk of old passwords, where the password gets compromised, and also allows you to manage the security of the domain."
"Its' quite stable."
"On the customer accounts side, our account managers are responsive. If you ask them, they will get you whomever you need."
"The users have the ability to rotate passwords on a daily basis with a Reconcile Account. Or, if they want to do one-time password checkouts, we can manage those, check in, check out. I like the flexibility of the changing of the password, specifically."
"CyberArk is a very stable product and it's a stable product because it has a simple design and a simple architecture that allows you to leverage the economies of scale across the base of your infrastructure that you already have implemented. It doesn't really introduce any new complex pieces of infrastructure that would make it that much more difficult to scale."
"Its ease of use is most valuable. It is simple to use and can be deployed out-of-the-box. It is quite a mature product with all the required features."
"Stability-wise, I rate the solution a ten out of ten."
"Its ease of installation is most valuable. It took me five minutes, and it was up and running. It didn't take me that long. The installation on the cell phones is pretty simple."
"Fortinet FortiToken is used for double factor authentication."
"The token-based authentication is good and modern aspect."
"I love the push-button authentication on FortiToken Mobile. It's also great that the soft token automatically reloads the OTP at intervals, so I always have a fresh code to enter."
"We like the mobile FortiToken."
"Bangladesh is a price-sensitive market, and FortiToken is popular because it's more affordable than the Palo Alto and Cisco authentication solutions. Fortinet has a local director for Bangladesh, so they can deliver solutions to customers quickly."
"it manages creds based on Organizational Units. That is, a "safe" is limited to specific OUs. That makes for very elaborate OU structure, or you risk exposing too many devices by putting most of them in fewer OUs."
"The documentation is rather basic and it is missing many use cases."
"We found a lot of errors during the initial setup. They should work to improve the implementation experience and to remove errors from the process."
"They can do a better job in the PSM space."
"It should be easy to use for non-technical people. Its interface can be a bit difficult. Some parts of its interface are not very intuitive. Some of the controls are hidden, and instead of having a screen with all the controls for that account on it, you have to use menus and other similar things."
"I would like to see improvement in the custom connector for integration with different devices."
"It should be easier to install. It is a comprehensive product, which makes it difficult to install. You need to have their consulting services in order to get it all installed and set up correctly because there is so much going on. It would be nice if there were an easier way to do the installation without professional services. I suspect they get a fair amount of their money from professional services. So, there is not a huge incentive."
"The initial setup of CyberArk is a challenge if you do not have prior experience with it."
"Fortinet FortiToken should improve its push notifications."
"We can only use the tool with the FortiToken Mobile app."
"Fortinet support has some room for improvement. It has taken a long time to resolve some issues or find a workaround."
"I would like to see complete OAuth support. Also, if they can support it from a SaaS (Software as a Service) or cloud platform, that would be great."
"The app could be improved so that you don't have to actually type in the code. It would be great if you can just do a prompt or push similar to the way Duo does."
"It needs a lot of coupling with their other Fortinet products. To implement FortiToken, I most probably need to couple it with FortiAuthenticator for full implementation. An RSA token can be used with many devices, whereas Fortinet FortiToken is always linked to only one FortiGate device. If I want to reuse the token across five or six FortiGates, I would have to get the FortiAuthenticator product. I can't use one token to connect to different FortiGates, and I need to get another product to enable this functionality. They should also improve the support for their mobile client. There should be a more detailed roadmap for the operating systems being supported. Some of our users were using an old iOS iPhone, and they were forced to get a newer phone because FortiToken didn't support that version of iOS. Similarly, there may be a version of Android that is not supported, so the users need to change the phone. This was one of the reasons why our deployment took longer."
"The problem is that our customers create budgets annually based on the figures at the beginning of the fiscal year. Our customers get annoyed when the price is adjusted in the middle of the year. I understand that it's a difficult time, and price increases make sense for hardware devices. However, FortiToken is a software product, so it shouldn't be affected by factors like chip shortages or supply chain issues. Software solutions should have more transparent and predictable pricing."
"Configuration can be confusing due to the lack of community and context-sensitive help. We've had to rely on technical support, which slows down the setup process."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while Fortinet FortiToken is ranked 4th in Authentication Systems with 20 reviews. CyberArk Privileged Access Manager is rated 8.8, while Fortinet FortiToken is rated 8.2. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Fortinet FortiToken writes "A stable and scalable solution that provides an affordable and perpetual license". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas Fortinet FortiToken is most compared with Fortinet FortiAuthenticator, Microsoft Entra ID, Cisco Duo, Yubico YubiKey and Keeper.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
