It was very hard to find the right people to help us set up the solution. We hired a third party, but they were not as helpful as they could have been. After that, we got a higher level of support through Fortinet, and they engaged with us and worked out the final bit. The connectivity between Microsoft Office and the authenticator is very tricky when it comes to certificates and you need more expertise for that, so if you don't have the experience, you need a higher level person to help with it.

I would like to see more support from Fortinet with tech support people who have as much expertise on the authenticator as they do on their firewalls. They don't have enough people with that expertise.

Once you get comfortable, you want to ask questions like "Okay, what if I do this, what is the impact?" You don't know what changes you can apply until they happen. It's better to have somebody who knows what they're doing, and knows what changes you apply are going to make a difference. Once I was able to talk to the second level Fortinet person I said, "Well, what does this do? What does that do?" Then he helped me and I said, "Okay." That makes a difference, because it's new and you don't know what you're supposed to do.

I recently was involved in an integration process involving Fortinet FortiAuthenticator, so I can't discuss whether the dashboard requires improvement. I know that I am not looking for a tool to offer the latest firmware or dashboard.

I can mention other products apart from Fortinet FortiAuthenticator that need improvement. There is always scope for improvement.

The customization capabilities of Fortinet FortiAuthenticator is an area of concern addressed by many of our company's clients who use the product, as they find it difficult to customize the product and include their logo and other areas that they require in the solution. The customization capability of Fortinet FortiAuthenticator is not very flexible. Some of the users of the product want to include the name of their institution in the product so that they can make it look more personalized, for which customization capabilities are required.

The product must provide full support for third-party FIDO security keys. It must also provide full support for YubiKeys authentication keys.

The security space is changing. The product must provide passwordless and seamless connectivity. If a particular user is identified automatically, they should not be authenticated repeatedly with tokens. It should be seamless. It could be a physical device, hardware, or some digital identity. Once the user logs in, they must be able to connect seamlessly. The integration with third-party tools must be better.

We are more focused on SSO applications. The vendor must provide a comprehensive solution for applications, security devices, and VPNs. The product must provide 2FA for applications.

I'd like to see the interface become more like other FortiGate products. It seems a little bit of an orphaned one. The user interface and clustering are areas with shortcomings that need improvement.

Scalability has room for improvement since it's not really a cluster. It'd be nice with cluster data. There are things where you have to go to each FortiGate to change. So, there needs to be a cluster.

Fortinet FortiAuthenticator's initial setup process could be easier.

There are some minor things that could enhance the overall experience. Maybe enhancing user integration with other solution tools to implement multifactor authentication using virtual authentication. 

Another area of improvement is stability and support.

Documentation is an area where Fortinet is constantly trying to improve.

For improvement, Fortinet needs to ensure that they provide quick support to users. Once a ticket gets created by our company with the support team, we have to wait for SLA, which can go up to four or sometimes six hours. Fortinet sometimes needs to respond to users facing issues within an hour. Fortinet needs to improve the part of engineering SLAs.

Automation is a feature I would like to see in the solution since Fortinet has included automation features only in FortiGate. It would be better to see automation features, like backup, interfaces, or statuses, in FortiAuthenticator.

The GUI has some shortcomings and can be made better. The GUI is not great.

For the next release, the thing that will be most useful is to integrate with other MFA providers.

The user interface can be improved.

I would like to see integration and customization capabilities with the end-user portal to solve authentication issues with diverse implementation scenarios. Specifically, with web applications, enterprise networks, and VPN.

Improvements in the product could start from the dashboard, overall customization, and configuration. FortiAgent, installed on an end user's computer, provides two-factor authentication but lacks centralized management. This particular area needs improvement. 

They could expand FortiAuthenticator's capabilities to accommodate a broader range of environments. It needs a user-friendly interface and intuitive console for those needing in-house solutions. Additionally, there should be a mobile-centric approach for remote control capabilities while proceeding.

The only issue I encounter is that when not using FortiAuthenticator for an extended period, it's typical to encounter some obstacles in the configuration process that you need to address. It's not a consistent problem, and I can't recall all the specifics. This issue is something I face with the entire product. While it's normal for products to require ongoing attention, this can be a challenge when checking the system.

It would be helpful to receive a code by yourself for authentication instead of it registered to a phone.

The integration with other products, for example, some SAML authentications, would make it more flexible.

I would like to see more security features in reference to identity login or identity identification. I would like to see a troubleshooting option. For troubleshooting or viewing the lock of the device set or separate the locks from the connected device. Maybe with any device connected to the Fortinet FortiAuthenticator. And then I need the parsing device and type of locks of this device.

There are some issues with integration. We also have a problem that the cost of the solution is linked to the dollar and that can result in significant unexpected price rises. 

They need to have some kind of write-up and solution document that people can access very easily. All of the Cisco documentation is available on their website and in other places. They should make it available to the public. 

The more people know about this product, the better. That will make it easier for them to position FortiAuthenticator to their customers or use the product in production.

Other features that would improve the product are a single sign-on where people can use their Gmail ID to log-in, etc. This feature we wanted and now they are rethinking it. At this stage, I can't give any other suggestions for improvement other than this.

A single sign-on is used to create a user ID and password for the user to get onto the network. You can ask them to use their LinkedIn credentials or maybe Gmail, some of the social networking credentials to gain access.  

This is useful when you are onboarding any guest users for internet access. This is something that is a very good feature which they could have integrated already.

Fortinet FortiAuthenticator provides only authentication. It should also enable authorization services. There could be a central management point for both the services similar to Cisco and Clear Pass.

There is a room for improvement. The log is a bit difficult to access, and searching the log codes is also a bit difficult. So it would be much better if, when we open a log, it could provide detailed information about errors, reasons for failure, and such.

FortiAuthenticator's interface could be better.

We had issues trying to integrate the keys properly during the initial setup.

The price of the solution could improve, it is expensive.

It was initially difficult to sync our high availability, load-balancing slave (LBS) to our master unit. There were some initial issues connecting it and syncing with our master FortiAuthenticator unit. After reaching out to Fortinet support, it turned out that the unit needed a software update.

I would like to see the following:

• Creating an easier implementation of software patches.
• Designing the admin profiles to sync across, instead of having to recreate them. (I see how this could be problematic with security measures.)

There are some protocols, such as SHA and SHA-2, that are not supported. This is something that Fortinet is working on.

I would like to see some email options for Fortinet FortiAuthenticator.

For my use of this solution, not much needs to change. I do not mind the way it works currently. However, I would recommend a more fluid integration with FortiGate.

You don't get a free version to automate alerts and access all features. For additional features, you will need to buy or sync it with other solutions.

There aren't any major features that I think should be improved. I like this product. As a multifactor authentication, we have the SAML function. If you compare it with RSA or Gemalto, it does a good job. I'm able to perform multifactor authentication in different ways via emails, SMS, it's a great product. For someone concerned with multifactor authentication, I'm satisfied with the product.

There aren't any major additional features they could include in the next release but the one thing they used to include was the SMS gateway from the ISP. Fortinet used to sell that but they don't anymore and I think it would be helpful for end-users if they brought it back. I would recommend that. People are asking for it because they don't like having to rent it from their mobile provider. 

I'd like to see a simplified two-factor authentication process and some additional security around the function of geolocation. If you can't authenticate to protect transactions, and the security is weak, it's a problem. 

There is nothing that really stands out as something that needs desperately to be added or improved. We are using Fortinet all the time, we know their GUIs, so we can manage well with FortiAuthenticator also. 

The main problem now is not exactly with the product itself. We are using FortiAnalyzers. But when we use that product with FortiAuthenicators, we can not use SQL language to access data from the FortiAnalyzers database. When we use it with FortiGate, we can query the FortiAnalyzers database, but it is not possible to do it directly with the FortiAuthenicators. This integration should be better. 

The speed of deployment on the cloud could be improved. It took a few days when it should have been just two days.

In the next release, I would like to see compatibility with non-Android and non-Apple platforms.

If you want some other FortiAuthenticator from one site to another site, you should have requirements, but really if you have authentication and directory or another solution, you should change the password of the authenticator between the solution and the directory and other things. So the transfer of data and other information should be simpler.

In the future, I think h02.exe is very important to authenticate users internally. To economically move the person from vnom to vnom. Also, the ESO to ensure the authentication of users should be a bit more automated.

The interface is a bit misleading in areas. Finding some settings can be a bit confusing and difficult. I would also like to see a few more real world examples given in the setup section.

The GUI is on the older side but I'm sure that it will be upgraded soon. It works, but it looks a little dated.

The only way the solution could be improved is if it were cheaper.

So far there hasn't been any major feature that we wished for and didn't find, but I would say in regards to bugs, sometimes we face unexpected issues that delay the implementation a little. However, I believe Fortinet will sort this out soon. Hopefully the solution will be more stable overall.

In terms of what additional features we would like to see in the next release, we would to see support for more of the common operating systems. They already support Windows OS, with the use of an agent installed on the windows machine.

However, we would like to see support for Linux-based operating systems for example. This is a shortcoming that I have faced a few times already.
Also a nice addition would be agents for End-user Machines especially Windows OS & MAC OS. 

I'd say that the integration with some other enterprise applications could be improved. For instance, ADFS. FortiAuthenticator does not work natively with ADFS and the company is not looking in that direction. It's one of our in-house applications and it was a challenge integrating with FortiAuthenticator. We had to write a separate, customized adapter for ADFS before we could make it work. We tried to get Fortinet to work on it but I don't think their development team is interested. It's not in their plan. The other challenge was when I integrated with I think VMware - there was an issue between the radio adapter and FortiAuthenticator. Both parties were not ready to work together and the implementation was buggy. 

I believe this solution can be adapted to so many things, depending on the technical side and the implementation engineers. I'd like to see some additional use cases that can be infused into the solution, such as ADFS.

Although two-factor authentication has come a long way, there are a lot of companies that are going further. The reason for this is because people are finding ways to compromise traditional, web-based solutions. I would like to see more ways to authenticate, such as adding facial recognition to the two-factor, where you log into your phone or another device. That would be great.

A better integration with other vendors. The device is rich in features but there are a lot of functionalities I have still not experienced with.

The GUI is not fancy enough and some of the settings are difficult to access.

Part of the configuration has to be done by CLI, which is not friendly for security administrators.

Integration with other firewalls may not be as good as expected.

There are multiple areas that are in need of improvement. It is not a mature product.

It is difficult to successfully configure.

For us, the solution works quite well. I can't think of an area where improvements are needed. I haven't worked with it too extensively yet, so it's hard to gauge what's lacking.

The solution could be more automated. It should be able to let me automate a lot of things so that what normally is done as a matter of manual processes can be handled quicker. Slow integrations can be taken up/out if there was more automation.

It does the job I paid for, but the graphical interface could be improved. If we take FortiGate or Fortinet, the graphical user interface is better designed. I think they can work on this.

It would be good to remove the FortiAuthenticator or to combine FortiAuthenticator and Fortinet. That would provide a single platform that can manage network access and user management. It doesn't make sense for me to sell FortiAuthenticator to a customer and then sell them Fortinet as well. I think they should just combine them into one solution.

I don't have any issues with this solution, but it may need a better, more user-friendly interface or better design of the platform.

I would like to see support for more credential authentication protocols.

1- Integration with different vendor firewalls (I tested only with Cisco using Cisco ASDM 6.3 (5) but i am not sure if it works with other vendor solutions)

2- A lot of configurations are available only from CLI

3- Documentation/videos for different implementation scenarios

I've only been using the solution for one month, so I haven't come across any glaring issues so far.

The hardware aspect of the solution could be improved. We are not really able to understand the hardware capabilities of the device.

We have issues with HA (high availability). These should be addressed in future releases.