We just raised a $30M Series A: Read our story

Compare Cisco Firepower NGFW Firewall vs. Juniper SRX

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Cisco Firepower NGFW Firewall vs. Juniper SRX and other solutions. Updated: November 2021.
552,695 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS).""Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality.""The solution offers very easy configurations.""It's got the capabilities of amassing a lot of throughput with remote access and VPNs.""The implementation is pretty straightforward.""The most valuable features of this solution are the integrations and IPS throughput.""We have not had to deal with stability issues.""The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."

More Cisco Firepower NGFW Firewall Pros »

"What I like the most about Juniper is that they have the same CLI on all routers, switches, and firewalls. If you have worked with any Juniper device, such as a Juniper router, you will be able to work with an SRX, which is really cool. It is a nice experience to work with every device of Juniper, not only firewalls.""The GUI is simple to use.""Technical support is good. They quickly respond, and they even have local help here. They can actually give you an answer very quickly.""The EEE security controls allow us to make policy restrictions, so I can customize port numbers to allow or limit control.""One of Juniper SRX's most valuable features is the site-to-site VPN.""The firewall features and the routing capability are the most valuable.""Great as an inter-segmentation firewall or border or arch-firewall.""The user interface is good."

More Juniper SRX Pros »

Cons
"The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough.""FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively.""The solution could offer better control that would allow the ability to restrictions certain features from a website.""When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance.""An area of improvement for this solution is the console visualization.""The initial setup could be simplified, as it can be complex for new users.""The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved.""Cisco makes horrible UIs, so the interface is something that should be improved."

More Cisco Firepower NGFW Firewall Cons »

"It was very difficult to deal with and required a lot of support, and the UI is very poor.""Sometimes committing configurations takes a lot of time in Juniper because of the connections, and it could be a little bit faster.""The CPU switch could be improved for a better overall performance of traffic flow.""As a networking person, I don't really have any major issues with this device. Based on my experience of using it in a cluster, it could be more stable. I had an incident when one of the SRXs in a cluster couldn't learn ARP. It is a good solution, but firewalls don't seem to be an area of development for Juniper. They are focusing on data centers, routers, and switches, not firewalls.""The user interface and the GUI need improvement.""The solution isn't very granular or detailed.""In the next release, I would like to have a better web interface. It needs to be more user-friendly. Right now, you can only access many features through the console.""Juniper SRX is stable, but it could improve. FortiGate has better stability than Juniper SRX."

More Juniper SRX Cons »

Pricing and Cost Advice
"Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed.""There are additional implementation and validation costs.""For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive.""This product requires licenses for advanced features including Snort, IPS, and malware detection.""Cisco pricing is premium. However, they gave us a 50 to 60 percent discount.""I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way.""When we purchased the firewall, we had to take the security license for IPS, malware protection, and VPN. If we are using high availability, we have to take a license for that. We also have to pay for hardware support and technical support. Its licensing is on a yearly basis.""This solution is expensive and other solutions, such as FortiGate, are cheaper."

More Cisco Firepower NGFW Firewall Pricing and Cost Advice »

"The product itself is costly and the price of migration is very high.""Compared to other vendors, the pricing of this solution is good.""When you consider performance, price, and features, maybe Juniper is not so cost-effective compared to other solutions like MikroTik.""It is best suited to an enterprise-level, as the mid-range companies may find that the cost is not affordable.""The price could improve, it is a bit expensive.""Its price is reasonable. In India, most of the products have a similar price. There is only a 5% to 10% variation in the price of different brands.""In general, their price definitely couldn't be cheaper.""There is a licensing fee."

More Juniper SRX Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
552,695 professionals have used our research since 2012.
Questions from the Community
Top Answer:  When you compare these firewalls you can identify them with different features, advantages, practices and usage at large. In my opinion, Fortinet would be the best option and l use… more »
Top Answer:  The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers that fact, it is all the more impressive that the setup is a fairly… more »
Top Answer: It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco ecosystem, it is very simple to handle. This solution has traffic inspection and… more »
Top Answer: I'm not sure we are satisfied fully with the pricetag of Juniper SRX, but we understand why the dealer prices it this way. Still, we are not satisfied when we try to get prices for competitor… more »
Top Answer: Its logging is very good, but we would like to have an easier way of creating more reports. We would like to be able to manipulate the reports or manage the way the reports are coming out. In terms of… more »
Ranking
4th
out of 47 in Firewalls
Views
42,775
Comparisons
30,725
Reviews
43
Average Words per Review
1,164
Rating
8.4
13th
out of 47 in Firewalls
Views
20,053
Comparisons
16,535
Reviews
27
Average Words per Review
559
Rating
7.7
Comparisons
Also Known As
Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
SRX
Learn More
Overview

Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

High-performance security with advanced, integrated threat intelligence, delivered on the industry's most scalable and resilient platform. SRX Series gateways set new benchmarks with 100GbE interfaces and feature Express Path technology, which enables up to 1 Tbps performance for the data center.
Offer
Learn more about Cisco Firepower NGFW Firewall
Learn more about Juniper SRX
Sample Customers
Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
7-Eleven, AARNet Pty Ltd, Allegro Networks, alltours GmbH, Apollo Hotel Papendrecht, Armstrong Atlantic State University, Atlantech Online, Availity, Bajaj Capital, Baloise Insurance, BancABC, BAS Group, Black Lotus, Blue Box, Borealis, Carilion Clinic, Catholic Health System, CATV, Champlain College, Chinas Ministry of Railways, China University of Mining and Technology (CUMT), Cloud Dynamics, CloudSeeds, Cloudwatt, CODONiS, Colt Technology Services, Cork Internet Exchange, CSS Versicherung AG, CyrusOne, Danish Crown, Deloitte Belgium, Department of Energy, Divona Telecom, DQE Communications, DreamHost, European Government Agency, Expedient, Financial Market Information Services Provider, Fluidata, Fonality, Fox Sports, Global Financial Institution, Global Investment Bank, Global Investment Company, Energy Sciences Network (ESnet), Goethe University, HEAnet, High Performance Networks Inc., Hillenbrand
Top Industries
REVIEWERS
Comms Service Provider22%
Financial Services Firm16%
Manufacturing Company8%
Non Profit8%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company21%
Government7%
Manufacturing Company4%
REVIEWERS
Comms Service Provider44%
Financial Services Firm16%
Energy/Utilities Company6%
Retailer3%
VISITORS READING REVIEWS
Comms Service Provider36%
Computer Software Company23%
Government5%
Financial Services Firm3%
Company Size
REVIEWERS
Small Business43%
Midsize Enterprise28%
Large Enterprise29%
VISITORS READING REVIEWS
Small Business21%
Midsize Enterprise13%
Large Enterprise66%
REVIEWERS
Small Business43%
Midsize Enterprise23%
Large Enterprise34%
VISITORS READING REVIEWS
Small Business32%
Midsize Enterprise23%
Large Enterprise45%
Find out what your peers are saying about Cisco Firepower NGFW Firewall vs. Juniper SRX and other solutions. Updated: November 2021.
552,695 professionals have used our research since 2012.

Cisco Firepower NGFW Firewall is ranked 4th in Firewalls with 41 reviews while Juniper SRX is ranked 13th in Firewalls with 32 reviews. Cisco Firepower NGFW Firewall is rated 8.4, while Juniper SRX is rated 7.8. The top reviewer of Cisco Firepower NGFW Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". On the other hand, the top reviewer of Juniper SRX writes "This best in class Next-Gen firewall is elegant in its ease-of-use and architecture". Cisco Firepower NGFW Firewall is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, Meraki MX and SonicWall NSa, whereas Juniper SRX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, pfSense and Palo Alto Networks VM-Series. See our Cisco Firepower NGFW Firewall vs. Juniper SRX report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.