We just raised a $30M Series A: Read our story

Compare Check Point NGFW vs. Juniper SRX

Cancel
You must select at least 2 products to compare!
Check Point NGFW Logo
15,983 views|11,435 comparisons
Juniper SRX Logo
20,053 views|16,535 comparisons
Featured Review
Find out what your peers are saying about Check Point NGFW vs. Juniper SRX and other solutions. Updated: November 2021.
552,695 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses.""The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic.""Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches.""The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable.""The most valuable features of this solution are the integrations and IPS throughput.""The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy.""If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly.""Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."

More Cisco Firepower NGFW Firewall Pros »

"It has various features, like Threat Prevention and Antivirus. It is easier to use and have knowledge of a single device rather than multiple devices/technologies when doing an installation. It is also easy to use because of having Antivirus and Threat Prevention features within the same firewall.""The biggest thing is the central management. It is quite good and allows us to manage the different firewalls from it. We can implement and configure many firewalls and push our policies to them as well.""My customers cite performance and ease of configuration as two of the solution's most valuable features.""The Next Generation Firewalls, the 64000 and 44000 series, provide us with support for large data centers and telco environments. They're quite reliable and provide great performance.""One of the benefits that we have realized from using this product is that the user interface makes it easier to operate, compared to using the CLI.""I love the interface of R.80.30. The R.80 interface is very nicely thought out with everything in one place, which makes Check Point easier to use.""The failover from one device to the other has been seamless and we find that we do not lose ongoing SIP calls or Teams chats.""Even though Check Point NGFW provides a set of security features that enforce protection on the network, the most valuable aspect is also the most used feature: the plain and simple firewall component. This is the core of the product and works to a great extent without the need for all other available bells and whistles."

More Check Point NGFW Pros »

"I have used technical support quite a bit, and they are really good.""The Juniper SRX series is easy to use.""The firewall features and the routing capability are the most valuable.""The GUI is simple to use.""The EEE security controls allow us to make policy restrictions, so I can customize port numbers to allow or limit control.""When compared to Palo Alto, Juniper is a better choice when it comes to the enterprise network and connectivity.""Juniper supports their products very well.""The reason that we picked Juniper SRX is for the scalability, the fit for purpose, the tools that are available, the ongoing support and the ability to monitor, but particularly for the virtual routers in our data centers so that we can quickly upscale them when needed, when we need more throughput."

More Juniper SRX Pros »

Cons
"The performance should be improved.""The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore.""The product line does not address the SMB market as it is supposed to do. Cisco already has an on-premises sandbox solution.""They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me.""This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI).""The solution could offer better control that would allow the ability to restrictions certain features from a website.""It would be great if some of the load times were faster.""The initial setup could be simplified, as it can be complex for new users."

More Cisco Firepower NGFW Firewall Cons »

"The Check Point support needs a lot of improvement.""The equipment is complex, so you need guidance from specialized people or those who constantly work with Check Point. Better forums and information manuals could be provided so that users from different institutions can have more access to the information.""The virtual environment is not stable at all. We have some customers who are using the virtual environment feature, and sometimes it crashes. We have many tickets open and the response is not as good as expected. We have to wait months for a resolution.""There should be better integration with our current NAC solution to increase the granularity of policies that we implement.""Sometimes when they bring on new upgrades, they affect something else.""I would rate the technical support as a seven out of 10. Sometimes, it's difficult to get them to understand what the issue is. Sometimes, the issue is not resolved, then we solve it by ourselves with Check Point's documentation, which can be useful. When you open a case with Check Point, they can be a little slow. Sometimes, they don't solve things.""The biggest improvement they could make is having one software to install on all three levels of their products, so that the SMBs, the normal models, and the chassis would all run the same software. Now, while there is central management, everything that has to be configured on the gateway itself works differently on the three kinds of devices.""One of the main features that need improvement is the rule filter export."

More Check Point NGFW Cons »

"The interface could be more user-friendly.""It must be 5G ready. The 5G network is rolling out soon in India, and Juniper must upgrade their firewall slot to the 5G network, or they must manufacture a 5G dongle card for the Juniper firewall. I want Juniper to upgrade their dongle from 4G to 5G. Presently, they have an expansion slot in the SRX 322 series and higher firewalls. In that expansion slot, they can put a 4G mobility SIM card so that whenever our primary link is down, it will automatically connect through this GSM network and form a tunnel.""While the GUI is pretty good on the Juniper side, there can still be tweaks made to it that will make it even better.""In the future, I would like to see the UI more responsive""There are a lot of features that customers do not know about and I think that better documentation would help when it comes to learning how to use the product.""The user interface and the GUI need improvement.""The setup process should be improved.""The user interface is something that Juniper needs to improve."

More Juniper SRX Cons »

Pricing and Cost Advice
"This solution is expensive and other solutions, such as FortiGate, are cheaper.""Its pricing is good and competitive. There is a maintenance cost. It includes SecureX that makes it cost-effective as compared to the other solutions where you have to pay for XDR and SOAR capabilities.""Cisco pricing is premium. However, they gave us a 50 to 60 percent discount.""The price is comparable.""The price of Firepower is not bad compared to other products.""This product requires licenses for advanced features including Snort, IPS, and malware detection.""When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today.""This product is expensive."

More Cisco Firepower NGFW Firewall Pricing and Cost Advice »

"Check Point should provide some basic license for mobile access VPN by default, for at least five to ten users.""Cisco pushes clients to purchase their hardware, and this is not the case with Check Point. This helps to easily manage costs.""The price could be decreased, because the competitors of Check Point Firewall are giving lower prices in comparison.""The licensing is straightforward; there are only three types of licenses that include NGFW, NGTP, and SNBT, so the organization can choose its license according to their requirements.""This product is not cheap and there are additional costs that depend on what model or package that you buy.""You get licensing bundles, so depending on which features you want to activate, your license is going to be more expensive. Some things, like Threat Extraction and Threat Emulation, require subscriptions.""I have done licensing and contracts for multiple firewalls. The license and contract configuration is completely fine, but if it is possible to make them cost a bit less, then this would be better.""The pricing is a bit high, but obviously it gives you advanced features. If you want to buy the best thing on the market, you have to pay extra money."

More Check Point NGFW Pricing and Cost Advice »

"It is best suited to an enterprise-level, as the mid-range companies may find that the cost is not affordable.""The product itself is costly and the price of migration is very high.""Compared to other vendors, the pricing of this solution is good.""The price could improve, it is a bit expensive.""Its price is reasonable. In India, most of the products have a similar price. There is only a 5% to 10% variation in the price of different brands.""When you consider performance, price, and features, maybe Juniper is not so cost-effective compared to other solutions like MikroTik.""The price is reasonable.""In general, their price definitely couldn't be cheaper."

More Juniper SRX Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
552,695 professionals have used our research since 2012.
Questions from the Community
Top Answer:  When you compare these firewalls you can identify them with different features, advantages, practices and… more »
Top Answer:  The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
Top Answer: It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
Top Answer: I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such)… more »
Top Answer: Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall… more »
Top Answer: The central management console has helped with segregation, where planned interventions with management consoles do not… more »
Top Answer: I'm not sure we are satisfied fully with the pricetag of Juniper SRX, but we understand why the dealer prices it this… more »
Top Answer: Its logging is very good, but we would like to have an easier way of creating more reports. We would like to be able to… more »
Comparisons
Also Known As
Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
Check Point NG Firewall, Check Point Next Generation Firewall
SRX
Learn More
Overview

Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

Offered via the Check Point Infinity architecture, Check Point’s NGFW includes 23 Firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance. Learn More about Next Generation Firewall and What is Firewall?

High-performance security with advanced, integrated threat intelligence, delivered on the industry's most scalable and resilient platform. SRX Series gateways set new benchmarks with 100GbE interfaces and feature Express Path technology, which enables up to 1 Tbps performance for the data center.
Offer
Learn more about Cisco Firepower NGFW Firewall
Learn more about Check Point NGFW
Learn more about Juniper SRX
Sample Customers
Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
Control Southern, Optimal Media
7-Eleven, AARNet Pty Ltd, Allegro Networks, alltours GmbH, Apollo Hotel Papendrecht, Armstrong Atlantic State University, Atlantech Online, Availity, Bajaj Capital, Baloise Insurance, BancABC, BAS Group, Black Lotus, Blue Box, Borealis, Carilion Clinic, Catholic Health System, CATV, Champlain College, Chinas Ministry of Railways, China University of Mining and Technology (CUMT), Cloud Dynamics, CloudSeeds, Cloudwatt, CODONiS, Colt Technology Services, Cork Internet Exchange, CSS Versicherung AG, CyrusOne, Danish Crown, Deloitte Belgium, Department of Energy, Divona Telecom, DQE Communications, DreamHost, European Government Agency, Expedient, Financial Market Information Services Provider, Fluidata, Fonality, Fox Sports, Global Financial Institution, Global Investment Bank, Global Investment Company, Energy Sciences Network (ESnet), Goethe University, HEAnet, High Performance Networks Inc., Hillenbrand
Top Industries
REVIEWERS
Comms Service Provider22%
Financial Services Firm16%
Manufacturing Company8%
Non Profit8%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company21%
Government7%
Manufacturing Company4%
REVIEWERS
Financial Services Firm25%
Computer Software Company13%
Comms Service Provider8%
Retailer6%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company22%
Government6%
Financial Services Firm6%
REVIEWERS
Comms Service Provider44%
Financial Services Firm16%
Energy/Utilities Company6%
Leisure / Travel Company3%
VISITORS READING REVIEWS
Comms Service Provider36%
Computer Software Company23%
Government5%
Financial Services Firm3%
Company Size
REVIEWERS
Small Business43%
Midsize Enterprise28%
Large Enterprise29%
VISITORS READING REVIEWS
Small Business21%
Midsize Enterprise13%
Large Enterprise66%
REVIEWERS
Small Business23%
Midsize Enterprise20%
Large Enterprise57%
VISITORS READING REVIEWS
Small Business18%
Midsize Enterprise25%
Large Enterprise56%
REVIEWERS
Small Business43%
Midsize Enterprise23%
Large Enterprise34%
VISITORS READING REVIEWS
Small Business32%
Midsize Enterprise23%
Large Enterprise45%
Find out what your peers are saying about Check Point NGFW vs. Juniper SRX and other solutions. Updated: November 2021.
552,695 professionals have used our research since 2012.

Check Point NGFW is ranked 2nd in Firewalls with 149 reviews while Juniper SRX is ranked 13th in Firewalls with 32 reviews. Check Point NGFW is rated 8.8, while Juniper SRX is rated 7.8. The top reviewer of Check Point NGFW writes "Central architecture means we can see an end-to-end picture of attacks". On the other hand, the top reviewer of Juniper SRX writes "This best in class Next-Gen firewall is elegant in its ease-of-use and architecture". Check Point NGFW is most compared with Fortinet FortiGate, Azure Firewall, Palo Alto Networks NG Firewalls, Meraki MX and Cisco ASA Firewall, whereas Juniper SRX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, pfSense and Sophos XG. See our Check Point NGFW vs. Juniper SRX report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.