We performed a comparison between CyberArk Privileged Access Manager and Fortinet FortiToken based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."It allows users to self-provision access to the accounts that they need."
"All access to our servers by both staff and vendors is monitored and recorded."
"We like it for the ability to automatically change passwords. At least for my group, that's the best thing."
"It has a centralized page where you can manage everything. This makes work easier. You don't have to remember different module URLs or browser applications. It is very easy to get all the secure identities of other environments into a single page, which is very important for us as it helps a lot in terms of operations, e.g., reduces management time. This is a single page where you can manage all accounts and onboard them to the CyberArk. You can then secure and see passwords from everywhere. So, there is a single pane of glass where you can manage all the identities across environments as well as across different types of identities."
"We also use CyberArk’s Secrets Manager. Because AWS is the biggest area for us, we have accounts in AWS that are being rotated by CyberArk. We also have a manual process for the most sensitive of our AWS accounts, like root accounts. We've used Secrets Manager on those and that has resulted in a significant risk reduction, as well."
"We are able to rotate credentials and have privileged account access."
"The flexibility of integrating with other technologies is important because of a lot of applications - a lot of COTS products - are not supported when we are bringing the application IDs. The CyberArk platform provides a lot of opportunities to do customization."
"The password vault and session monitoring are useful."
"Stability-wise, I rate the solution a ten out of ten."
"Its ease of installation is most valuable. It took me five minutes, and it was up and running. It didn't take me that long. The installation on the cell phones is pretty simple."
"I believe FortiToken is the simplest to implement."
"We like the mobile FortiToken."
"The solution is pretty solid."
"Fortinet FortiToken is used for double factor authentication."
"The solution is simple and similar to Google Authenticator. It follows time-based authentication. We use it for hardware and software in one environment. The tool offers simple and fast authentication for SSL."
"The product provides secure access to our internal server."
"We'd like to see the creation of some kind of memo field for each device account, which could be used, in our network at least, to leave a note about the device for either the security or network engineering team members."
"There is some stuff that we still have not fully integrated, which is our AIM solution. We are having all types of issues with it. I have been working with Level 3 support on it, but otherwise, from a functionality perspective, everything has been working except for the AIM solution."
"The greatest area of improvement is with the user interface of the Password Vault Web Access component."
"One of the main things that could be improved would be filtering accounts on the main page and increasing the functionality of the filters. There are some filters on the side which are very specific, but I feel there could be more."
"We would like to expand the usage of the auto discovery accounts feed, then on our end, tie in the REST API for automation."
"I don't know if "failed authentication" is a glitch or if that was an update... However, since we are the CyberArk support within our organization, we need to know that the password is suspended and we won't know that unless we have the ITA log up. So when a user calls and says, "Hey, I'm locked out of CyberArk, I can't get into CyberArk," we have to go through all of these other troubleshooting steps because the first thing we don't think of right now is, "The account is suspended." It doesn't say that anymore."
"It needs better documentation with more examples for the configuration files and API/REST integration"
"Initially, there was a lot of hiccups, because there were a lot of transitions due to manual installations."
"Fortinet FortiToken should improve its push notifications."
"It could be integrated better if you could have your FortiToken, and the license would allow you to work across multiple FortiGate solutions."
"Fortinet support has some room for improvement. It has taken a long time to resolve some issues or find a workaround."
"Maybe the price could be improved, and the integration could be better. But the integration is different from the authenticator side."
"We can only use the tool with the FortiToken Mobile app."
"The solution works well. We have nothing to complain about."
"The tool could be a little cheaper."
"You need your mobile just to enroll the tokens, and sometimes, it's difficult to use for someone who is not knowledgeable"
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while Fortinet FortiToken is ranked 4th in Authentication Systems with 20 reviews. CyberArk Privileged Access Manager is rated 8.8, while Fortinet FortiToken is rated 8.2. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Fortinet FortiToken writes "A stable and scalable solution that provides an affordable and perpetual license". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas Fortinet FortiToken is most compared with Fortinet FortiAuthenticator, Microsoft Entra ID, Cisco Duo, Yubico YubiKey and Keeper.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
