We just raised a $30M Series A: Read our story

Fortinet FortiAuthenticator OverviewUNIXBusinessApplication

Fortinet FortiAuthenticator is the #1 ranked solution in our list of top Authentication Systems. It is most often compared to Cisco ISE (Identity Services Engine): Fortinet FortiAuthenticator vs Cisco ISE (Identity Services Engine)

What is Fortinet FortiAuthenticator?

FortiAuthenticator user identity management appliances strengthen enterprise security by simplifying and centralizing the management and storage of user identity information.

Fortinet FortiAuthenticator is also known as FortiAuthenticator.

Fortinet FortiAuthenticator Buyer's Guide

Download the Fortinet FortiAuthenticator Buyer's Guide including reviews and more. Updated: October 2021

Fortinet FortiAuthenticator Customers

Black Gold Regional Schools, Amadeus Hospitality, Jefferson County, Chunghwa Telecom, City of Boroondara, Dimension Data

Fortinet FortiAuthenticator Video

Archived Fortinet FortiAuthenticator Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
MH
Senior Security Engineer at a tech services company with 201-500 employees
Real User
Top 20
A solution that offers easy integration capabilities, a simple setup, and good stability

What is our primary use case?

We primarily use the solution for FortiToken multi-factor authentication and as a VPN for login devices, among other cases.

What is most valuable?

The solution is easy to learn and makes it easy for our users to add FortiToken. It's very easy to integrate if you have other Fortinet devices. 

What needs improvement?

We have issues with HA (high availability). These should be addressed in future releases.

For how long have I used the solution?

I've been using the solution for two years.

What do I think about the stability of the solution?

The solution is very stable. I'd say it's about 97% stable. We haven't experienced any crashes or anything of that nature.

What do I think about the scalability of the solution?

We haven't really tested…

What is our primary use case?

We primarily use the solution for FortiToken multi-factor authentication and as a VPN for login devices, among other cases.

What is most valuable?

The solution is easy to learn and makes it easy for our users to add FortiToken. It's very easy to integrate if you have other Fortinet devices. 

What needs improvement?

We have issues with HA (high availability). These should be addressed in future releases.

For how long have I used the solution?

I've been using the solution for two years.

What do I think about the stability of the solution?

The solution is very stable. I'd say it's about 97% stable. We haven't experienced any crashes or anything of that nature.

What do I think about the scalability of the solution?

We haven't really tested scalability that much. We have about 200 users and we don't plan to increase usage any time soon.

How are customer service and technical support?

Technical support used to be much better. Fortinet seems to be downgrading, so everything takes longer to get a response in comparison to the past. When you make a ticket it may take as much as three days before it gets assigned.

How was the initial setup?

The initial setup was very easy.

What about the implementation team?

We handled the implementation ourselves.

What's my experience with pricing, setup cost, and licensing?

The cost is okay. It's moderate to inexpensive.

What other advice do I have?

We use the on-premises deployment model. We're both customers and partners with Fortinet.

I'd rate the solution eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
FrancescoBaraldi
CEO at Blockness
Real User
A quite stable solution with decent pricing and easy installation

Pros and Cons

  • "The solution's most valuable aspect is that it easy to install. The user experience is very good."
  • "The hardware aspect of the solution could be improved. We are not really able to understand the hardware capabilities of the device."

What is our primary use case?

We primarily use the solution to get users.

What is most valuable?

The solution's most valuable aspect is that it easy to install. The user experience is very good.

What needs improvement?

I've only been using the solution for one month, so I haven't come across any glaring issues so far.

The hardware aspect of the solution could be improved. We are not really able to understand the hardware capabilities of the device.

For how long have I used the solution?

I've been using the solution for one month.

What do I think about the stability of the solution?

The solution is quite stable. They also send out upgrades quite often.

How are customer service and technical support?

Technical support is okay. There are some people that are quite experienced while others are less so. However, they always give me an answer. If you don't have local support at the regional level you may have to rely on Google a bit. In my experience, however, it's been fine. They are very quick.

Which solution did I use previously and why did I switch?

I've previously used WatchGuard. Fortinet is better for what is there, even though their prices are quite similar.

What's my experience with pricing, setup cost, and licensing?

The pricing is okay. It could always be less expensive, however.

What other advice do I have?

We use the on-premises deployment model.

I'd rate the solution eight out of ten. We have to compromise between price and functionality. If we had the money, we'd probably go with Palo Alto. However, it's much more expensive. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about Fortinet FortiAuthenticator. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
542,721 professionals have used our research since 2012.
MS
Network and Security Manager at a tech services company with 51-200 employees
Real User
Ensures double authentication for the user

Pros and Cons

  • "The initial setup is so easy and there is no problem in the implementation."
  • "If you want some other FortiAuthenticator from one site to another site, you should have requirements, but really if you have authentication and directory or another solution, you should change the password of the authenticator between the solution and the directory and other things. So transfer of data and other information should be simpler."

What is most valuable?

The solution is really important to ensure double authentication for the user. For example, if you have an internal messenger and you want to ensure the access externally for users, you can implement the two-factor authentication. Also, for the VPN, you can implement two-factor authentication to avoid any kind of hacks.

What needs improvement?

If you want some other FortiAuthenticator from one site to another site, you should have requirements, but really if you have authentication and directory or another solution, you should change the password of the authenticator between the solution and the directory and other things. So the transfer of data and other information should be simpler.

In the future, I think h02.exe is very important to authenticate users internally. To economically move the person from vnom to vnom. Also, the ESO to ensure the authentication of users should be a bit more automated.

For how long have I used the solution?

I've been using the solution for one year.

What do I think about the stability of the solution?

In my opinion and my experience, I didn't have any problem with the solution, just the requirements for other solutions that we should integrate with it. I think the solution is easily implemented, and, in my opinion, there is no problem with this solution. Just a bit of correction is needed, and that's it.

What do I think about the scalability of the solution?

My impression is that the solution is good and I like it and I would work with it for another project and increase my skill on the solution.

How are customer service and technical support?

I have worked with them, so I like the technical support of Fortinet. I would give them a good mark.

How was the initial setup?

The initial setup is so easy and there is no problem in the implementation. We can implement it easily in a different kind of infrastructure.

What other advice do I have?

I started working on FortiAuthenticator from last year. I have had a chance to deploy many, many projects on FortiAuthenticator. I deploy 10 next-gen projects on FortiAuthenticator. I deploy many defensive scenarios. Also, I have good experience with large products.

You should make sure to implement the requirements via experts like me, so you can implement the product carefully. In that way, you can use it clearly in a simplified manner.

For FortiAuthentication, it's a good price in comparison to any other competitor. Other products are so expensive, and the features are the same. There might be a bit of difference between the two products, but if you want just double authentication and some other features, I think I recommend the FortiAuthenticator, and it is low cost and has other defenses.

In my opinion, I recommend the solution. You can also use it for other things like h02.exe for authentication of users. Also for ESO. There are five things you can use it for, so I recommend the product. The low cost is very important for any customer.

I would rate this solution eight out of 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
AH
Datacenter Engineer at a university with 501-1,000 employees
Real User
Top 5Leaderboard
One-time passwords help to authenticate users so we know the timing of their usage

What is most valuable?

The feature I value the most is the one-time passwords because it helps to authenticate users so you know the timing of their usage.

What needs improvement?

I don't have any issues with this solution, but it may need a better, more user-friendly interface or better design of the platform.

For how long have I used the solution?

I've been using FortiAuthenticator ( /products/fortiauthenticator-reviews ) for three years now.

What do I think about the stability of the solution?

I have found that the solution is very stable. I am officially conducting at FortiGate and I found that it was so easy to conduct my environment and control my environment with this solution. 

What do I think about the scalability of the solution?

We have seven users licensed on…

What is most valuable?

The feature I value the most is the one-time passwords because it helps to authenticate users so you know the timing of their usage.

What needs improvement?

I don't have any issues with this solution, but it may need a better, more user-friendly interface or better design of the platform.

For how long have I used the solution?

I've been using FortiAuthenticator ( /products/fortiauthenticator-reviews ) for three years now.

What do I think about the stability of the solution?

I have found that the solution is very stable. I am officially conducting at FortiGate and I found that it was so easy to conduct my environment and control my environment with this solution. 

What do I think about the scalability of the solution?

We have seven users licensed on this solution. With FortiAuthenticator it is so easy to manage our users and it is scalable to all the users at our university or in our environment.  

How are customer service and technical support?

I am really impressed by the technical support because they were very helpful. Once we logged our complaint, we received an answer from them in no time, and they quickly fixed our issue. 

How was the initial setup?

The initial setup is very easy.

What other advice do I have?

I will recommend this solution to others who are considering to use it. I give it a ten out of ten rating.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
RAMACHANDRAR
Director - Global Solutions & Customer Service at Bits and Byte IT Consulting
Real User
Cost-effective and users can be securely managed by adopting it

Pros and Cons

  • "FortiAuthenticator is a very good solution. It is all jury-based. FortiAuthenticator is very easy for anyone to understand how it works and be able to take action."
  • "Other features that would improve the product are a single sign-on where people can use their Gmail ID to log-in, etc."

What is our primary use case?

The basic use we have for FortiAuthenticator is multi-pack authentication.

How has it helped my organization?

FortiAuthenticator has helped a lot of our customers in the way that they do the business when they onboard their clients to the data center. It has drastically changed what they used to do earlier after the installation.

What is most valuable?

It is cost-effective. The users can be securely managed by adopting it.

What needs improvement?

They need to have some kind of write-up and solution document that people can access very easily. All of the Cisco documentation is available on their website and in other places. They should make it available to the public. 

The more people know about this product, the better. That will make it easier for them to position FortiAuthenticator to their customers or use the product in production.

Other features that would improve the product are a single sign-on where people can use their Gmail ID to log-in, etc. This feature we wanted and now they are rethinking it. At this stage, I can't give any other suggestions for improvement other than this.

A single sign-on is used to create a user ID and password for the user to get onto the network. You can ask them to use their LinkedIn credentials or maybe Gmail, some of the social networking credentials to gain access.  

This is useful when you are onboarding any guest users for internet access. This is something that is a very good feature which they could have integrated already.

For how long have I used the solution?

I have been using the solution a year.

What do I think about the stability of the solution?

It's very stable when compared to other products.

What do I think about the scalability of the solution?

For scalability, you need to size FortiAuthenticator properly. You should plan it initially, then make the implementation. 

It's is not 100%, maybe 80% on the scalable side. There are some places where we use it for 800 to 1000 users. With the proper deployment, we can support close to 2000 users.

You need certified people to understand this product like dedicated engineers. You need a person that knows the product and how it works. 

Otherwise, if any new person comes to FortiAuthenticator, it will be very difficult for them to understand. Over time, you'll be able to get to know the layout and how the product works.

How are customer service and technical support?

Technical support is quite good, There is something called the 8x5 and 24x7 technical support for the solutions. If you have 24x7, they will respond immediately. 

If you have 8x5, and they will respond next business day depending on how soon the TAC engineer picks your request for your deployment or ongoing support issues.

Which solution did I use previously and why did I switch?

We used a different method as a solution, primarily SafeNet, but there are others. It all depends on a customer-to-customer and case-to-case basis. It depends on the budget and what the customer asks for in the contract. 

At the end of the day, it all revolves around the money, i.e. how many dollars you pay for the solution.

How was the initial setup?

The initial setup is straightforward. It's not that complex. If you know about the product, you will be able to do the setup. 

It takes generally, one to two weeks for the full-fledged deployment. We have a demo unit. We just used that for showcasing the capability of the device to all of our customers. 

Once they start using it, they would advise on the deployment.

What was our ROI?

There is an economic investment on this product that compares to other products from Cisco. There is a ROI on this product.

What's my experience with pricing, setup cost, and licensing?

You buy the pack for 100 to 200 users. Once it goes over, you have to renew it on a yearly basis. It may be on a term where you license for one business. Officially, the authentication license has a third-party involved. Then you need to take your action. 

I don't see any additional license costs from FortiAuthenticator, but for the add-on features like MS Gateway, etc., you need to buy them.

What other advice do I have?

FortiAuthenticator is a very good solution. It is all jury-based. FortiAuthenticator is very easy for anyone to understand how it works and be able to take action.

I would rate FortiAuthenticator with an eight to nine.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
EM
Network Security Engineer at a tech services company with 51-200 employees
Real User
It keeps track of users and their IPs no matter where they are in the network

What is our primary use case?

We implement FortiAuthenticator in situations where there are multiple Active Directory domains. Other use cases include: When we need to use FortiClient to keep track of users as they move around different locations where normal FSSO would have issues When we need to use one FortiToken for multiple Fortigates When we want to use it as a domain controller. The FortiAuthenticator can do many things.

How has it helped my organization?

It keeps track of users and their IPs no matter where they are in the network. When users roam, we don't have to worry about not mapping them to an IP.

What is most valuable?

Valuable features include the robust SSO features, when you have more complicated authentication within an organization. We can mix AD, Radius,…

What is our primary use case?

We implement FortiAuthenticator in situations where there are multiple Active Directory domains. Other use cases include:

  • When we need to use FortiClient to keep track of users as they move around different locations where normal FSSO would have issues
  • When we need to use one FortiToken for multiple Fortigates
  • When we want to use it as a domain controller.

The FortiAuthenticator can do many things.

How has it helped my organization?

It keeps track of users and their IPs no matter where they are in the network. When users roam, we don't have to worry about not mapping them to an IP.

What is most valuable?

Valuable features include the robust SSO features, when you have more complicated authentication within an organization. We can mix AD, Radius, Portal, SSO Portals (Google, etc.), and build our own environment. It is very flexible.

What needs improvement?

The GUI is on the older side but I'm sure that it will be upgraded soon. It works, but it looks a little dated.

For how long have I used the solution?

One to three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Dennis Seyersdahl
IT System Manager at RPM INNOVATIONS, INC.
Real User
Top 20
Facilitates easy integration, allowing for 2FA with our VPN. This solution enables the addition and removal of access to the VPN

What is our primary use case?

This solution is used for 2FA for Desktop and VPN access. Each computer, server and VPN access has to have a 2FA and the solution allowed us to accomplish this with a fob or phone app. We use the fob as phones are not owned by the company.

How has it helped my organization?

This was a regulation we needed to fill and it worked at a good price. It provided a solution that allowed us to fulfill the requirement.

What is most valuable?

Easy integration with FortiGate to allow for 2FA with our VPN. Addition and removal of access as needed for the VPN.

What needs improvement?

For my use of this solution, not much needs to change. I do not mind the way it works currently. However, I would recommend a more fluid integration with FortiGate.

For how

What is our primary use case?

This solution is used for 2FA for Desktop and VPN access. Each computer, server and VPN access has to have a 2FA and the solution allowed us to accomplish this with a fob or phone app. We use the fob as phones are not owned by the company.

How has it helped my organization?

This was a regulation we needed to fill and it worked at a good price. It provided a solution that allowed us to fulfill the requirement.

What is most valuable?

  • Easy integration with FortiGate to allow for 2FA with our VPN.
  • Addition and removal of access as needed for the VPN.

What needs improvement?

For my use of this solution, not much needs to change. I do not mind the way it works currently. However, I would recommend a more fluid integration with FortiGate.

For how long have I used the solution?

One to three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
IT Infrastructure Engineer at a tech company with 11-50 employees
Real User
It centralizes the management and storage of user identity information, thereby increasing the efficiency of administration and increasing the control over who accesses the network.

What is most valuable?

Standards-based secure authentication

FortiAuthenticator centralizes the management and storage of user identity information, thereby increasing the efficiency of administration and increasing the control over who accesses the network.

• Two-factor authentication using tokens

1- OATH-compatible time-based tokens (Hardware tokens FortiToken200/FortiToken220)
2- USB certificate-based tokens FortiToken-300)
3- FortiToken Mobile for Android, iOS, and Windows Mobile
4- SMS and email tokens

• Wired/Wireless authentication using the 802. 1X standard
• Certificate management
• Captive portal guest management
• Fortinet Single Sign-On

How has it helped my organization?

Central management of user Identities and access

FortiAuthenticator extends two-factor authentication to multiple FortiGate appliances and to third-party solutions that support RADIUS or LDAP authentication

FortiAuthenticator can create, sign, and revoke X.509 certificates.

FortiAuthenticator can sign user certificate signing requests (CSRs) and distribute certificate revocation lists (CRLs) and CA certificates.

FortiAuthenticator verifies the identity of the external LDAP server by using a trusted CA certificate

FortiAuthenticator has expanded the capabilities of captive portal from credential authentication to include social WiFi authentication and MAC address authentication.

Social WiFi authentication allows FortiAuthenticator to utilize third-party user identity methods to authenticate users into a wireless guest network. Supported authentication methods include:Google+, Facebook, LinkedIn, Twitter which include SMS- and email-based authentication

Fortinet Single Sign-on (FSSO) enables FortiAuthenticator to leverage the existing network authentication systems for firewall authentication. (Windows Active Directory (AD) or Novell eDirectory)

What needs improvement?

1- Integration with different vendor firewalls (I tested only with Cisco using Cisco ASDM 6.3 (5) but i am not sure if it works with other vendor solutions)

2- A lot of configurations are available only from CLI

3- Documentation/videos for different implementation scenarios

For how long have I used the solution?

1 year

What do I think about the stability of the solution?

It is very stable.

What do I think about the scalability of the solution?

VM platfroms are scalable based on the business needs.

How are customer service and technical support?

Customer Service:

10/10

Technical Support:

9/10

Which solution did I use previously and why did I switch?

We used FortiGate to manage tokens and user identities but FortiAuthenticater includes more features.

How was the initial setup?

All Fortinet solutions are easy to implement.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user685362
Pre-sales, Telecommunications & Security Specialist at a tech services company with 201-500 employees
Real User
It integrates very tightly with the rest of the Fortinet ecosystem. ​

Pros and Cons

  • "It integrates very tightly with the rest of the Fortinet ecosystem."
  • "A better integration with other vendors."

What is most valuable?

Integrated RADIUS server with 802.1x functionality and access control. Single Sign On and AD integration. It integrates very tightly with the rest of the Fortinet ecosystem.

How has it helped my organization?

It integrated with the existing Cisco wireless infrastructure to solidify the way people authenticate onto the network. It permitted having a centralized area to authenticate all users and enabled SSOimplementation.

What needs improvement?

A better integration with other vendors. The device is rich in features but there are a lot of functionalities I have still not experienced with.

For how long have I used the solution?

Two and a half years.

What do I think about the stability of the solution?

Overall not really, a few hiccups with the syncing with AD but nothing major.

What do I think about the scalability of the solution?

Not in my experience. The device can scale on a VM with an additional license. And there are boxes that can support thousands of users (which I have still not met).

How are customer service and technical support?

Very good. In our area we get support both in French and English and the response times are usually pretty decent.

Which solution did I use previously and why did I switch?

We are a Fortinet reseller and integrator so there were no "switches" per say.

How was the initial setup?

The setup process can be tedious.

What's my experience with pricing, setup cost, and licensing?

I would start off with a VM including the base license and scale according to the number of users you need to authenticate.

Which other solutions did I evaluate?

ClearPass by Aruba and ISE by Cisco are the two main competitors in this space. To me ClearPass seams to be the most feature-rich solution for the price and vendor neutral as is FortiAuthenticator.

What other advice do I have?

I strongly recommend someone accompany you in the initial deployment of the product to view all the functionalities that the platform is capable of doing.

Disclosure: My company has a business relationship with this vendor other than being a customer:
it_user660642
Pre-Sales Engineer at a tech services company with 11-50 employees
Consultant
Some of the valuable features are user management and captive portal server.

What is most valuable?

  • User management with many credential sources: LDAPs, RADIUS, Social login, SAML, tokens, and local
  • Captive portal server: Used to configure several portals for each service
  • User friendly GUI with many features
  • Very powerful

How has it helped my organization?

We are now enjoying social login in public Wi-Fi environments with very easy deployment and a maximum level of security.

What needs improvement?

I would like to see support for more credential authentication protocols.

For how long have I used the solution?

I have used the product for six months.

What do I think about the stability of the solution?

I did not encounter any stability issues.

What do I think about the scalability of the solution?

I did not encounter any scalability issues.

How are customer service and technical support?

I would give technical support a rating of 10/10.

Which solution did I use previously and why did I switch?

We used FreeRADIUS. It had limited authentication protocols (only RADIUS), no GUI, and very complicated management.

How was the initial setup?

We enjoyed an easy deployment. There are many documents with guides and best practices.

What's my experience with pricing, setup cost, and licensing?

This solution comes with a low price for the features, power, and ease of licensing.

Which other solutions did I evaluate?

We looked at FreeRADIUS and Ciso ISE.

What other advice do I have?

This is a perfect solution for authentication services.

Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor of the product.
it_user607383
Network Security Engineer at a healthcare company with 501-1,000 employees
Vendor
Helps us control security settings. Allows us to add and monitor users.

What is most valuable?

The valuable features are the granularity of the security settings and the relative ease of adding users. It also makes it really nice and easy to remove access from users that have left us or who are doing things they shouldn’t be doing.

How has it helped my organization?

It made things much easier for dealing with users BYOD for our secured wireless networks. We also use this in conjunction with an MDM solution. It makes a nice package that is easy for our end-users and is very secure.

What needs improvement?

The interface is a bit misleading in areas. Finding some settings can be a bit confusing and difficult. I would also like to see a few more real world examples given in the setup section.

For how long have I used the solution?

We have used this solution for one and a half years.

What do I think about the stability of the solution?

We did not have any stability issues. This runs on our VMware environment and we have never had an issue with stability.

What do I think about the scalability of the solution?

As this is a virtual device, we had no scalability issues. If we need more users, we just add more licenses. This makes it nice as there is no physical appliance to outgrow.

How was the initial setup?

Configuration of the virtual device was very straightforward.

The configuration of the settings in the authenticator was a bit more confusing. We did have to contact support a few times to work through some configuration issues. They also helped us set up some configurations for the active directory and our local certificate servers.

What's my experience with pricing, setup cost, and licensing?

The price was very reasonable given what it can do.  Licensing was also very reasonable.

Just make sure you do an accurate count of what you will need for licenses. If you run out of licenses, no additional users will be able to authenticate through this device.

What other advice do I have?

Planning is the key to a successful implementation. Know what you want to accomplish out of the gate before you get started. Make sure you test before rolling out to end users. Due to really tight timelines, we missed a couple of key settings and configurations.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user589359
Senior Consultant at a tech company with 1,001-5,000 employees
MSP
It has its own hardware and software token for two-factor authentication. Some of the settings are difficult to access.

What is most valuable?

One of the most valuable features is the simple FSSO (Fortinet Single Sign-On) configuration that helps to manage user-based security rules.

It is a cool security product. It's easy to use, implement and maintain, but there is room for improvement.

How has it helped my organization?

When we came across access management, we required several technical features to help manage user access to critical systems and remote access. That’s why we always go for a SSO two-factor authentication server. FortiAuthenticator is a bundle of these features. It has its own hardware and software token for two-factor authentication. It supports single sign-on and seamless integration with user-based web filtering, without any prior authentication. It can act as a Radius server to support other systems for Radius authentication. One of the common practices is using FortiAuthenticator with Dot1.X network access control.

What needs improvement?

The GUI is not fancy enough and some of the settings are difficult to access.

Part of the configuration has to be done by CLI, which is not friendly for security administrators.

Integration with other firewalls may not be as good as expected.

For how long have I used the solution?

I have used it for two years, mostly implementation for clients.

What do I think about the stability of the solution?

No stability issues so far, as long as the number of users is not too large.

What do I think about the scalability of the solution?

No issues for scalability: It is easy to add new resources as we deploy virtual machines.

How are customer service and technical support?

FortiCare can provide prompt replies. They have basic knowledge on every single product in the Fortinet family. They have a standard protocol to response to support cases which is great. They are willing to accept RMA for technical difficulties that cannot be solved in a short period of time.

Which solution did I use previously and why did I switch?

I have tried Cisco ISE as a NAC solution. Cisco ISE is the "Terminator" of NAC solutions, which has numerous features to prevent unauthorized access. However, its integration with FortiGate firewall is not great. When I use the SSLVPN service from FortiGate, it fails to authenticate with two-factor authentication. For this, using FortiAnthenticator would be a good choice for its genuine integration.

What about the implementation team?

It is quite straightforward to set up the FortiAuthenticator. We mainly deploy as a virtual machine. An OVF file is provided by Fortinet and you just simply compile the file in the VMware environment. Upon simple configuration, such as IP address and default gateway, you can access the web GUI and do any configuration, as you like.

What's my experience with pricing, setup cost, and licensing?

Licensing is straightforward, as Fortinet provides stackable licenses for FortiAuthenicator. Count the number of users and select sufficient licenses. Pricing is acceptable; much cheaper than Cisco ISE.

Which other solutions did I evaluate?

I have tried Cisco ISE. For state-of-the-art features, I would recommend Cisco ISE because of its brilliant features. But I would recommend FortiAuthenticator, if you are currently using FortiGate firewall and you seek a well-suited, complimentary NAC solution.

What other advice do I have?

The need for a NAC solution depends on your infrastructure. If you are a Fortinet user, FortiAuthenticator would be a nice choice to enhance security on VPN and web access. However, there are many other choices, such as ForeScout, which is vendor-neutral, to support different systems from different vendors.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Senior IT Support Engineer at a marketing services firm with 501-1,000 employees
Vendor
Provides two-factor authentication and integration with our other FortiGates.

What is most valuable?

The valuable features are:

  • Two-factor authentication
  • User ID with our LDAP service
  • Integration with our other FortiGates

How has it helped my organization?

By using one of our units as a load-balancing slave, we were able to roll out location-based VPNs that created quicker connections to local servers for our end users. Furthermore, incorporating a LBS unit has provided preventative measures and ensured that our remote users can still connect if a failure occurs on our master authentication unit.

What needs improvement?

It was initially difficult to sync our high availability, load-balancing slave (LBS) to our master unit. There were some initial issues connecting it and syncing with our master FortiAuthenticator unit. After reaching out to Fortinet support, it turned out that the unit needed a software update.

I would like to see the following:

  • Creating an easier implementation of software patches.
  • Designing the admin profiles to sync across, instead of having to recreate them. (I see how this could be problematic with security measures.)

For how long have I used the solution?

We've been using our master unit for about a year and our LBS for about six months.

What do I think about the stability of the solution?

We had some stability issues. Our first LBS unit wouldn't work properly the first time and that wasted a lot of time. Eventually, it died and we had to RMA the unit.

What do I think about the scalability of the solution?

We didn't have any issues with scalability.

How are customer service and technical support?

The technical support we received from Fortinet was responsive. When we experienced problems, they were able to fix our issues.

Which solution did I use previously and why did I switch?

Before implementing our FortiAuthenticators, we used our main FortiGate as a way to push out two-factor codes to our users. After a while, this option was not working. As we continued to grow, we needed something more substantial and manageable.

How was the initial setup?

The initial setup was somewhat difficult in syncing our LDAP service to our main FortiGate.

Which other solutions did I evaluate?

Before using the FortiAuthenticator, we pushed out tokens via our main FortiGate.

What other advice do I have?

If you want a more efficient way to manage two-factor authentication for your users, or implement the unit as a cluster member role, the FortiAuthenticator can be incorporated very well into your environment.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Fortinet FortiAuthenticator Report and get advice and tips from experienced pros sharing their opinions.
Quick Links