Please share with the community what you think needs improvement with FortiAuthenticator.
What are its weaknesses? What would you like to see changed in a future version?
It does the job I paid for, but the graphical interface could be improved. If we take FortiGate or Fortinet, the graphical user interface is better designed. I think they can work on this. It would be good to remove the FortiAuthenticator or to combine FortiAuthenticator and Fortinet. That would provide a single platform that can manage network access and user management. It doesn't make sense for me to sell FortiAuthenticator to a customer and then sell them Fortinet as well. I think they should just combine them into one solution.
There aren't any major features that I think should be improved. I like this product. As a multifactor authentication, we have the SAML function. If you compare it with RSA or Gemalto, it does a good job. I'm able to perform multifactor authentication in different ways via emails, SMS, it's a great product. For someone concerned with multifactor authentication, I'm satisfied with the product. There aren't any major additional features they could include in the next release but the one thing they used to include was the SMS gateway from the ISP. Fortinet used to sell that but they don't anymore and I think it would be helpful for end-users if they brought it back. I would recommend that. People are asking for it because they don't like having to rent it from their mobile provider.
We have issues with HA (high availability). These should be addressed in future releases.
I've only been using the solution for one month, so I haven't come across any glaring issues so far. The hardware aspect of the solution could be improved. We are not really able to understand the hardware capabilities of the device.
I don't have any issues with this solution, but it may need a better, more user-friendly interface or better design of the platform.
If you want some other FortiAuthenticator from one site to another site, you should have requirements, but really if you have authentication and directory or another solution, you should change the password of the authenticator between the solution and the directory and other things. So the transfer of data and other information should be simpler. In the future, I think h02.exe is very important to authenticate users internally. To economically move the person from vnom to vnom. Also, the ESO to ensure the authentication of users should be a bit more automated.
They need to have some kind of write-up and solution document that people can access very easily. All of the Cisco documentation is available on their website and in other places. They should make it available to the public. The more people know about this product, the better. That will make it easier for them to position FortiAuthenticator to their customers or use the product in production. Other features that would improve the product are a single sign-on where people can use their Gmail ID to log-in, etc. This feature we wanted and now they are rethinking it. At this stage, I can't give any other suggestions for improvement other than this. A single sign-on is used to create a user ID and password for the user to get onto the network. You can ask them to use their LinkedIn credentials or maybe Gmail, some of the social networking credentials to gain access. This is useful when you are onboarding any guest users for internet access. This is something that is a very good feature which they could have integrated already.
The GUI is on the older side but I'm sure that it will be upgraded soon. It works, but it looks a little dated.
For my use of this solution, not much needs to change. I do not mind the way it works currently. However, I would recommend a more fluid integration with FortiGate.
How do FortiAuthentucator and FortiNAC differ? I am also comparing it with ClearPass.