We changed our name from IT Central Station: Here's why

Juniper vSRX vs OPNsense comparison

Cancel
You must select at least 2 products to compare!
Juniper vSRX Logo
1,477 views|837 comparisons
OPNsense Logo
39,021 views|32,205 comparisons
Featured Review
Find out what your peers are saying about Juniper vSRX vs. OPNsense and other solutions. Updated: January 2022.
564,643 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful.""Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality.""I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection.""It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS.""The most valuable features of this solution are the integrations and IPS throughput.""The most valuable feature is stability.""Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be.""If configured, Firepower provides us with application visibility and control."

More Cisco Firepower NGFW Firewall Pros →

"Juniper is more flexible with the commit check and the commit confirmed command. The design of the forwarding and contract plan in the operating system is very important for the performance when we have very big traffic.""The dashboard, customization, API, and pricing are good.""It is deployed on the customer site, and we manage the firewalls on this side.""I'm told the solution is the fastest, and, so far, I do find that to be the case.""The most valuable features are application filtering, content filtering, the intrusion prevention system (IPS), and definitely the application firewall.""The initial setup is pretty simple.""It's a very powerful solution and the firewalls offer high performance"

More Juniper vSRX Pros →

"I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed.""The most valuable features in OPNsense are reporting and visibility.""The VPN server feature is the most valuable. It is integrated with Radius and AAA for doing accounting and authentication. Insight view is also an important feature for me at this time. It allows me to assess our network traffic. I also like the firewall feature. The BSD kernel has a packet filter. It is one of the most solid frameworks for firewalls. Its user interface is one of the best interfaces I have used.""The initial implementation process is simple.""The system in general is quite flexible.""The graphic user interface is very good and it is user-friendly which makes the product easy-to-use.""The solution is good for a basic firewall for a small business or for home use.""The interface and the dashboard are the most valuable features of this solution."

More OPNsense Pros →

Cons
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here.""Its interface is sometimes is a little bit slow, and it can be improved. When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode. In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment.""I would like it to have faster deployment times. A typical deployment could take two to three minutes. Sometimes, it depends on the situation. It is better than it was in the past, but it could always use improvement.""Report generation is an area that should be improved.""Cisco Firepower NGFW Firewall can be more secure.""There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility.""FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively.""The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."

More Cisco Firepower NGFW Firewall Cons →

"I would like to see an activity sensor for malicious content or sensor for viruses and malware.""Some people complain that the solution tends to have a steep learning curve. It could be because most people have basic familiarity with Cisco or other similar products and maybe have never worked closely with Juniper products.""The reporting can be improved.""We worked with Cisco's support and Juniper's support and there are some differences, to be honest, Cisco is more available and is more competent at addressing our cases.""We experienced some technical issues during implementation""VPN access is an area that needs improvement.""It could use more tutorials."

More Juniper vSRX Cons →

"The solution could be more secure.""There should be more technical documentation.""The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs.""The only thing that I would like to see improved is the Insight or the NetFlow analysis part. It would be good to have the possibility to dig down on the Insight platform. Right now, we can easily do only a few analyses. If this page becomes more powerful, it surely will be a well-adopted platform.""The solution would not be suitable for anything large-scale.""The interface needs to be simplified. It is not user-friendly.""The logging could improve in OPNsense.""There are issues with stability and reliability."

More OPNsense Cons →

Pricing and Cost Advice
  • "Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
  • "There are additional implementation and validation costs."
  • "Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
  • "This product requires licenses for advanced features including Snort, IPS, and malware detection."
  • "This product is expensive."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The price of Firepower is not bad compared to other products."
  • "The solution was chosen because of its price compared to other similar solutions."
  • More Cisco Firepower NGFW Firewall Pricing and Cost Advice →

  • "As a customer, the pricing is good for us."
  • "The pricing is reasonable."
  • More Juniper vSRX Pricing and Cost Advice →

  • "OPNsense is open source software so at this time it is free for us to use."
  • "OPNsense is a well known open-source tool."
  • "It is not an expensive product. Basically, I deployed it because it was the fastest solution to satisfy our needs in open source."
  • "OPNsense is an open-source solution and it is free to use."
  • "The solution is not expensive."
  • "As an appliance, it's in the medium price range."
  • More OPNsense Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    564,643 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer: 
    The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
    Top Answer: 
    It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer: 
    It is deployed on the customer site, and we manage the firewalls on this side.
    Top Answer: 
    I think the virtual solution is a good price. But of course, it depends on other features, solutions, and licenses.
    Top Answer: 
    I would like to see an activity sensor for malicious content or sensor for viruses and malware.
    Top Answer: 
    Two of the most common and well recognized firewalls, PfSense and OPNsense both support site-to-site IPsec VPN and… more »
    Top Answer: 
    The initial implementation process is simple.
    Top Answer: 
    We're a customer and an end-user. We are using the telemetry-free version of the solution. Overall, the solution is… more »
    Comparisons
    Also Known As
    Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
    Learn More
    OPNsense
    Video Not Available
    Overview

    Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
    small/branch offices to high performance data centers and service providers. Available in a wide
    range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
    defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
    Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
    features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
    volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
    for increased performance, high availability configurations, and more.
    Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
    deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
    the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
    can deliver micro-segmentation to protect east-west network traffic.
    Cisco firewalls provide consistent security policies, enforcement, and protection across all your
    environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
    delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
    SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
    greater simplicity, visibility, and efficiency.
    Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

    The vSRX offers the same features as physical SRX Series firewalls but in a virtualized form factor for delivering security services that scale to match network demand. It offers the same features as the SRX appliance, including core firewall, robust networking, full next-gen capabilities, and automated life-cycle management. It handles speed up to 100 Gbps. It supports Juniper Contrail, OpenContrail, and third-party software-defined networking (SDN) solutions and integrates with cloud orchestration tools. Deployed in your private cloud, vSRX protects against the lateral spread of advanced threats between virtual machines within your network borders. It provides scalable application security for dynamic workloads and protects mission-critical applications from known and unknown threats. Also the vSRX virtual firewall helps you seamlessly extend your private cloud into public cloud environments, securely moving data and workloads with ease. As a VPN gateway, the vSRX provides remote users with safe access to their workloads. As a segmentation gateway, the vSRX protects public-cloud workloads by blocking lateral threats using application policies that help maintain security and compliance.

    OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources.

    Offer
    Learn more about Cisco Firepower NGFW Firewall
    Learn more about Juniper vSRX
    Learn more about OPNsense
    Sample Customers
    Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
    Expedient Data Centers
    CompuNet Systems GmbH,
    Top Industries
    REVIEWERS
    Comms Service Provider22%
    Financial Services Firm16%
    Manufacturing Company8%
    Non Profit8%
    VISITORS READING REVIEWS
    Comms Service Provider33%
    Computer Software Company21%
    Government7%
    Manufacturing Company4%
    REVIEWERS
    Comms Service Provider50%
    University25%
    Financial Services Firm13%
    Computer Software Company13%
    VISITORS READING REVIEWS
    Computer Software Company32%
    Comms Service Provider27%
    Government6%
    Insurance Company5%
    VISITORS READING REVIEWS
    Comms Service Provider46%
    Computer Software Company16%
    Government7%
    Media Company4%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise28%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise65%
    REVIEWERS
    Small Business52%
    Midsize Enterprise14%
    Large Enterprise33%
    REVIEWERS
    Small Business69%
    Midsize Enterprise15%
    Large Enterprise15%
    Find out what your peers are saying about Juniper vSRX vs. OPNsense and other solutions. Updated: January 2022.
    564,643 professionals have used our research since 2012.

    Juniper vSRX is ranked 22nd in Firewalls with 7 reviews while OPNsense is ranked 13th in Firewalls with 11 reviews. Juniper vSRX is rated 8.6, while OPNsense is rated 8.0. The top reviewer of Juniper vSRX writes "Fast with good usability and fairly scalable". On the other hand, the top reviewer of OPNsense writes "A solution that detects and blocks malicious content with good reporting and visibility, but the reliability needs improvement". Juniper vSRX is most compared with Juniper SRX, pfSense, Fortinet FortiGate-VM and Palo Alto Networks VM-Series, whereas OPNsense is most compared with pfSense, Untangle NG Firewall, Sophos XG, Sophos UTM and Fortinet FortiGate. See our Juniper vSRX vs. OPNsense report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.