What is our primary use case?
The primary use case of this solution is as a firewall.
I have two Fortinet perimeter firewall boxes in my local data center. The two boxes also provide the SSL VPN functionalities, intended for authorized users only. Not everyone in my organization has access.
What is most valuable?
The most valuable features of FortiClient are that it can be integrated with Active Directory to the central authentication and that I can manage the permissions.
When the user gets authenticated, I can assign a different VPN or network to each user.
It's a good solution for the IT department to control the access permission. I find this quite useful.
What needs improvement?
I think that FortiClient can enhance the multifactor authentication. Currently, if you want to enable dynamic tokens with FortiClient authentication, you only have one option, which is supplied by Fortinet.
You cannot integrate FortiClient VPN with Google authenticator or Microsoft authenticator, it's impossible. I think that they can improve this module.
In the next release of this solution, if they could improve the MFA, it would be a perfect solution.
For how long have I used the solution?
I have been using this solution since March of 2018, almost two and a half years.
We are always using the latest version, as they regularly update their software.
Buyer's Guide
Fortinet FortiClient
April 2024
Learn what your peers think about Fortinet FortiClient. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
768,578 professionals have used our research since 2012.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
They say that it can support more than 1,000 concurrent users, so I would agree that it is scalable. We have 800 users.
Because we have only authorized certain people to use it, it is restricted to the IT department. This has less than ten people in other departments. There is a total of approximately 20 people who maintain this solution.
Which solution did I use previously and why did I switch?
I have used several solutions. Previously, I worked with Cisco AnyConnect Access VPN and also Pulse VPN, which is originated by Juniper.
We use these other solutions to access other organizations. It is not a decision to switch. These other solutions have been provided by previous employers.
How was the initial setup?
The initial setup is very easy and quite straightforward.
If you are an experienced network engineer then you can easily configure that to a VPN feature in less than half an hour.
What's my experience with pricing, setup cost, and licensing?
FortiClient is quite reasonably priced.
You can get the firewall box rather than just the SSL VPN box. When you purchase extra hardware, you are not restricted in the number of end users.
This compares favorably to other solutions such as Cisco AnyConnects or Pulse VPN, where you have to pay extra for the end-user license and it gets quite expensive.
What other advice do I have?
If you are thinking to adopt the Fortinet SSL VPN, you have to consider the security level, because, by default, FortiClients can only integrate with FortiToken with a very limited license that will give you two. You can purchase additional FortiToken licenses for the MFA, or you can change to another solution, or the final option is to have the security level compromised, where the users just have user passwords to get authenticated.
If users share their password with other users then the account is compromised. You cannot use multifactor authentication to prevent or to mitigate that risk. If you choose to use FortiClient you have to consider that feature.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.