• Home
  • Fortinet FortiAuthenticator vs. One Identity Safeguard

Fortinet FortiAuthenticator vs One Identity Safeguard comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo

Fortinet FortiAuthenticator

Read 52 Fortinet FortiAuthenticator reviews
5,581 views|3,851 comparisons
92% willing to recommend
One Identity Logo

One Identity Safeguard

Read 38 One Identity Safeguard reviews
3,663 views|1,572 comparisons
90% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Single Sign-On (SSO)
April 2024
Executive Summary

We performed a comparison between Fortinet FortiAuthenticator and One Identity Safeguard based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Cisco, Auth0 and others in Single Sign-On (SSO).
To learn more, read our detailed Single Sign-On (SSO) Report (Updated: April 2024).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Anonymous User
Priced high, but reliable and simple implementation
Fortinet FortiAuthenticator has improved our organization because we are able to can create identity-based policies. For example, who are you and... Read more →
Shashank Rawat
Bulk import with templates is helpful, but some competitors' products are better
So far, I haven't seen any type of improvement from using this solution when compared with other products in the identity and access management... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The ease of use is really nice. Using Authenticator, I've been able to actually work better on my authentication due to the fact that I have a single fabric to authenticate control from my firewall and on my access points. Authentication takes place from this area.""The initial setup is so easy and there is no problem in the implementation.""The product is stable and reliable.""The solution's most valuable aspect is that it easy to install. The user experience is very good.""We have a perpetual license for 2FA.""The first valuable feature is being able to see everything on one platform. This includes logs and authentication failure.""Fulfilled our requirement at a good price.""The product's initial setup phase was easy. It is also easy to deploy."

More Fortinet FortiAuthenticator Pros →

"There are numerous valuable data protection features, including the content and information that offer us more scalable protection as needed.""It is easy to manage. There is a very logical, clear user interface. Also, the integration of scripts is thoughtfully implemented. Overall, it's a nice product to manage.""All the features are promising, but we love the reporting feature because we can get each and every report. That's a major compliance requirement. Its reporting is really amazing, and it has made life a lot easier.""We don't need to use VPN for remote access.""The first feature I like about One Identity Safeguard is the live contact point for the VPNs. This has been working very well for us, as it's both highly available and reliable.""Safeguard can define and update processes and procedures into the security framework of a company, including mobile. It allows us to change the policies and configurations on a mass scale in regards to security.""It offers high availability and enables end users to deploy the solution with 99.999 percent uptime, which is crucial in an enterprise environment with a large number of endpoints.""The solution transparently integrates into the infrastructure and users do not notice it. I would give this feature the highest rating."

More One Identity Safeguard Pros →

Cons
"The solution could be more automated. It should be able to let me automate a lot of things so that what normally is done as a matter of manual processes can be handled quicker. Slow integrations can be taken up/out if there was more automation.""The only issue I encounter is that when not using FortiAuthenticator for an extended period, it's typical to encounter some obstacles in the configuration process that you need to address.""A better integration with other vendors.""There is room for improvement in stability and support.""For improvement, Fortinet needs to ensure that they provide quick support to users...Fortinet sometimes needs to respond to users facing issues within an hour.""Integration with FortiGate could be more fluid.""No SMS gateway from the ISP""They could expand FortiAuthenticator's capabilities to accommodate a broader range of environments."

More Fortinet FortiAuthenticator Cons →

"We've had issues managing accounts and access to some data saved on the servers. Accounts are granted a new working certificate daily. We have an account to do it on APIs online and sync it with that. If the path changes at some point or someone changes the password, I don't know if it's from the Active Directory or what.""I just received a question from a customer in regards to a connection with Oracle OID. I tried to integrate Safeguard with the Oracle YAML as well as something else to manage the groups and users from a different system, like AD or LDAP. This one feature could be better. At this moment, the platform system can only use the integration with LDAP or AD. The software for research and development to create a connector to a YAML platform can be very complicated.""On a scale of one to ten, the stability is an eight.""Cost-wise, it is a little bit expensive, which makes it difficult to get management approval. Its price should be reduced.""The GUI has room for improvement because it is confusing and cumbersome.""It needs more marketing.""The main thing that needs improvement is the slowness. Apart from that, the change password check-in feature also needs improvement because it is not working perfectly accurately.""When we compare One Identity Safeguard with Cyberark, we know CyberArk has other tools or other features that are more complex and more useful for the customers. For example, I have one customer that wants to elevate the permission that is available in CyberArk."

More One Identity Safeguard Cons →

Pricing and Cost Advice
  • "I would start off with a VM including the base license and scale according to the number of users you need to authenticate."
  • "You can pay as you go with them. You purchase a base license and add to it as needed."
  • "The product could be more competitively priced."
  • "It costs more to license the high-availability option."
  • "The licensing structure is cost-effective for us compared to some of the other solutions that have recurring monthly costs."
  • "FAC is an affordable solution for Middle Range (200E/400E) and also needs a package of mobility agents (2,000) perpetual."
  • "The cost of the license could be less expensive. The license is paid on a yearly basis."
  • "We pay for licensing on a yearly basis."

    • More Fortinet FortiAuthenticator Pricing and Cost Advice →

  • "Setup cost, pricing and licensing are all very expensive."
  • "Our licensing costs are on a yearly basis."
  • "It was definitely cheaper than the other two products that we evaluated."
  • "They offer a fair price for a robust solution."
  • "The full license is expensive but if you plan to use it in a big organization then it is the best option because it is more flexible."
  • "It is a bit on the pricey side, but you get what you pay for. You don't want to get anything too cheap because then you get cheap stuff and cheap support. That really never helps anybody."
  • "The pricing is about $80,000 per 100 servers. There are few elective costs."
  • "We have a yearly license. The cost depends on how much a company wants to invest in technology. In our organization, we believe in modern digitization and automation processes so we found it affordable. One Identity was not that much less than other solutions and it is not a cheap solution. There were number of cheaper solutions. However, it's the most effective, according to our evaluation."

    • More One Identity Safeguard Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Single Sign-On (SSO) solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Fortinet FortiAuthenticator?
    Top Answer:The product enables SSO.
    Read all 31 answers   →
    What is your experience regarding pricing and costs for Fortinet FortiAut...
    Top Answer:The price is fine. I rate the pricing an eight and a half out of ten.
    Read all 27 answers   →
    What needs improvement with Fortinet FortiAuthenticator?
    Top Answer:The security space is changing. The product must provide passwordless and seamless connectivity. If a particular user is identified automatically, they should not be authenticated repeatedly with… more »
    Read all 31 answers   →
    What do you like most about One Identity Safeguard?
    Top Answer:The identity discovery is good, and the performance is pretty good value.
    Read all 31 answers   →
    What is your experience regarding pricing and costs for One Identity Safe...
    Top Answer:They have comparable pricing. All identity products are essentially priced in a similar way. It's a per-user base. Usually, they start at one price, and when you start pricing the competition, you… more »
    Read all 18 answers   →
    What needs improvement with One Identity Safeguard?
    Top Answer:Something for One Identity to look at is having integration guidelines for how to logically group accounts. This is always something you need people to do. It would be especially helpful when you have… more »
    Read all 29 answers   →
    Ranking
    5th
    out of 52 in Single Sign-On (SSO)
    Views
    5,581
    Comparisons
    3,851
    Reviews
    24
    Average Words per Review
    427
    Rating
    8.2
    5th
    out of 48 in Privileged Access Management (PAM)
    Views
    3,663
    Comparisons
    1,572
    Reviews
    14
    Average Words per Review
    950
    Rating
    7.7
    Comparisons
    Also Known As
    FortiAuthenticator
    Learn More
    Fortinet
    One Identity
    Overview

    Fortinet FortiAuthenticator is the primary secure point of approved access into the Fortinet network, authorizing users, reviewing access permissions, and relaying the information to all Fortigate devices for comparison with identity-based protocols. Fortinet FortiAuthenticator is a top-ranked authorization and SSO solution.

    Appropriate secure access is fundamental to every role in an enterprise ecosystem. It is an integral function of every organization to ensure that every access and privilege is secure and to mitigate any possible risk to an organization. Approved users should only have access to the necessary information when they need it, from the appropriate location(s) to safeguard an organization's security at all times.

    Fortinet FortiAuthenticator is available as an appliance, virtual machine, or in the cloud.

    Fortinet FortiAuthenticator Methods

    • FSSO: FortiAuthenticator Single sign-on user will easily identify users and assign role or group access based on preset identity-based protocols. FortiAuthenticator integrates well with third-party LDAP or active directories, is very flexible, and combines these methods to provide effective security.

    • Active Directory Polling: Active directory access is securely identified by consistent polling of domain controllers. As users log in, username, IP address, and other details are logged into the database and can be shared across devices as directed by FortiAuthenticator protocols.

    • FortiAuthenticator Portal and Widgets: If a user system does not support AP polling, or for other reasons it is not feasible, FortiAuthenticator offers a unique secure authentication portal. Users can be manually authenticated and, to diminish the effect of numerous logins, an intuitive set of widgets is available to integrate into an organization's ecosystem that will automatically grant access to users when they access the organization's intranet homepage.

    • RADIUS Accounting Login: For organizations that use RADIUS authentication, RADIUS Accounting is available for user identification. This process will prompt user access information (IP and group, etc.) and eliminate the need for multiple levels of authentication.

    Reviews from Real Users

    Ernesto C., Presales Engineer at a comms service provider, shares,

    ”Key Features and Benefits

    1. Two-factor/OTP Authentication with FortiToken: Enforce user-based policies. Fortitoken is available in soft and hard versions for flexible usage. Most Valuable in Mobile Phones App for OTP.
    2. Integration with LDAP and AD: This solution integrates with existing enterprise systems and technologies from diverse vendors of user information management systems.
    3. LPAD/AD/RADIUS/SYSLOG/KERBEROS/REST API/FSSO and Web Portals: There is flexible integration with these services.
    4. It is usable in network, WAN, wireless, and VPN Scenarios.
    5. The domain and guest-users support are good.”

    Ibrahim M., Senior Network & Security Engineer at a tech services company, relates, "The initial setup is a valuable point on Fortinet products. Most of the time, putting the theory into practice on the devices is quite friendly and straightforward. As long as you can read English you can find your way around the solution and make it work. This is a high value point on Fortinet - the way everything is laid out in the web UI is user-friendly and quite straightforward. The UI is quite simple."




    One Identity Safeguard is an integrated system that combines a secure, toughened password safe and a session management and monitoring solution with threat detection and analytics into one integrated solution. It stores, manages, records, and analyzes privileged access in a secure manner.

    One Identity Safeguard Features

    One Identity Safeguard has many valuable key features. Some of the most useful ones include:

    • Policy-based release control: Seek access and approve privileged passwords and sessions using a secure online browser that supports mobile devices. Depending on your organization's policies, requests can be authorized immediately or require dual/multiple approvals. You can set One Identity Safeguard to match your personalized needs, whether your policies consider the requestor's identity and level of access, the time and day of the request attempt, and/or the specific resource requested. You can also enter reason codes and/or connect to ticketing systems.

    • Vault for personal passwords: In a free personal password vault, every one of your employees can keep and generate random passwords for non-federated business accounts. This allows your company to use a sanctioned tool to securely share and retrieve passwords, giving you much-needed security and visibility into your company's accounts.

    • Auditing, recording, and replaying entire sessions: All session activity is collected, indexed, and kept in tamper-proof audit trails that can be viewed like a video and searched like a database, down to the keystrokes, mouse movements, and windows viewed. Security teams can search across sessions for certain events and play the recording from the exact point where the search criterion happened. For forensics and compliance purposes, audit trails are encrypted, time-stamped, and cryptographically signed.

    • Approval in any location: Approve or refuse requests from anywhere, using One Identity Starling Two-Factor Authentication, without having to connect to a VPN.
    • Instantly on: Safeguard for Privileged Sessions can be implemented in a transparent manner, with no changes to user workflows required. Safeguard, when acting as a proxy gateway, can act as a network router, unseen to both the user and the server. Admins can continue to use their normal client programs and access target servers and systems without disrupting their everyday routine.

    • Biometrics of user behavior: Even when performing identical operations like typing or moving a mouse, each person has his or her own unique pattern of behavior. These behavioral characteristics are examined by the Safeguard algorithms. Keystroke dynamics and mouse movement analysis aid in the detection of security breaches while also acting as a continuous biometric authentication system.

    • Favorites: Right from the login screen, quickly access the passwords you use the most. You can combine many password requests into a single favorite, allowing you to log into all of your accounts with a single click.

    • Discovery options: With host, directory, and network-discovery options, you can quickly find privileged accounts or systems on your network.

    Reviews from Real Users

    One Identity Safeguard stands out among its competitors for a number of reasons. Two major ones are its stability and its connection control. PeerSpot users take note of the advantages of these features in their reviews:

    One PeerSpot reviewer, a Software Solutions Architect at a computer software company, writes, “I have found the most useful feature of One Identity Safeguard to be Privileged Sessions. One Identity Safeguard is a stable solution.” He adds, “I rate One Identity Safeguard a nine out of ten.”

    Walid S., Networking and Security Engineer at a tech services company, mentions of the solution, “We deployed it into our company for controlling a client's behavior in our data center. It is very useful to control their connections, such as RDP.”

    Sample Customers
    Black Gold Regional Schools, Amadeus Hospitality, Jefferson County, Chunghwa Telecom, City of Boroondara, Dimension Data
    Cavium
    Top Industries
    REVIEWERS
    Computer Software Company28%
    Comms Service Provider16%
    Healthcare Company8%
    Security Firm4%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Comms Service Provider10%
    Government8%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm40%
    Healthcare Company15%
    Manufacturing Company10%
    University5%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm12%
    Manufacturing Company7%
    Government7%
    Company Size
    REVIEWERS
    Small Business57%
    Midsize Enterprise26%
    Large Enterprise17%
    VISITORS READING REVIEWS
    Small Business31%
    Midsize Enterprise19%
    Large Enterprise50%
    REVIEWERS
    Small Business36%
    Midsize Enterprise24%
    Large Enterprise40%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise19%
    Large Enterprise56%
    Buyer's Guide
    Single Sign-On (SSO)
    April 2024
    Download Free Report
    Find out what your peers are saying about Microsoft, Cisco, Auth0 and others in Single Sign-On (SSO). Updated: April 2024.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    Fortinet FortiAuthenticator is ranked 5th in Single Sign-On (SSO) with 52 reviews while One Identity Safeguard is ranked 5th in Privileged Access Management (PAM) with 38 reviews. Fortinet FortiAuthenticator is rated 8.0, while One Identity Safeguard is rated 8.2. The top reviewer of Fortinet FortiAuthenticator writes "A reasonably priced solution that can be scaled toward different functionalities and offers flexible SMS messaging". On the other hand, the top reviewer of One Identity Safeguard writes "Provides us with centralized storage of secrets and credentials, and visibility into the use of privileged access". Fortinet FortiAuthenticator is most compared with Cisco ISE (Identity Services Engine), Fortinet FortiToken, Fortinet FortiNAC, Microsoft Entra ID and Cisco Duo, whereas One Identity Safeguard is most compared with CyberArk Privileged Access Manager, WALLIX Bastion, Delinea Secret Server, BeyondTrust Privileged Remote Access and Cisco ISE (Identity Services Engine).

    We monitor all Single Sign-On (SSO) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.