We changed our name from IT Central Station: Here's why

Juniper vSRX vs Palo Alto Networks VM-Series comparison

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Juniper vSRX vs. Palo Alto Networks VM-Series and other solutions. Updated: January 2022.
564,643 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"There are no issues that we are aware of. It does its job silently in the background.""The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate.""Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening.""The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy.""It's got the capabilities of amassing a lot of throughput with remote access and VPNs.""I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection.""The most valuable features of this solution are the integrations and IPS throughput.""The implementation is pretty straightforward."

More Cisco Firepower NGFW Firewall Pros →

"The dashboard, customization, API, and pricing are good.""It is deployed on the customer site, and we manage the firewalls on this side.""I'm told the solution is the fastest, and, so far, I do find that to be the case.""The most valuable features are application filtering, content filtering, the intrusion prevention system (IPS), and definitely the application firewall.""The initial setup is pretty simple.""It's a very powerful solution and the firewalls offer high performance""Juniper is more flexible with the commit check and the commit confirmed command. The design of the forwarding and contract plan in the operating system is very important for the performance when we have very big traffic."

More Juniper vSRX Pros →

"The feature that I have found the most useful is that it meets all our requirements technically.""The interface with Panorama makes it very easy to use.""The most valuable feature is the Posture Assessment.""The most valuable feature is that you can control your traffic flowing out and coming it, allowing you to apply malware and threat protection, as well as vulnerability checks.""In Palo Alto the most important feature is the App-ID.""Using Palo Alto Networks Panorama, we were able to deploy a single point of management and visualization of the firewall infrastructure in cloud, on-premise and integrated with Azure to automate scale up. Its security features, i.e. anti-malware, threat prevention, URL Filtering, VPN, and antivirus are the most valuable. The ID-User integrated with AD and 2FA features are also very useful to provide secure access to servers and some users in the company. ""What I like about the VM-Series is that you can launch them in a very short time.""It has excellent scalability."

More Palo Alto Networks VM-Series Pros →

Cons
"Its interface is sometimes is a little bit slow, and it can be improved. When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode. In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment.""Implementations require the use of a console. It would help if the console was embedded.""The product line does not address the SMB market as it is supposed to do. Cisco already has an on-premises sandbox solution.""Cisco makes horrible UIs, so the interface is something that should be improved.""The price and SD-WAN capabilities are the areas that need improvement.""The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs.""On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it.""The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."

More Cisco Firepower NGFW Firewall Cons →

"The reporting can be improved.""We worked with Cisco's support and Juniper's support and there are some differences, to be honest, Cisco is more available and is more competent at addressing our cases.""Some people complain that the solution tends to have a steep learning curve. It could be because most people have basic familiarity with Cisco or other similar products and maybe have never worked closely with Juniper products.""It could use more tutorials.""We experienced some technical issues during implementation""I would like to see an activity sensor for malicious content or sensor for viruses and malware.""VPN access is an area that needs improvement."

More Juniper vSRX Cons →

"Palo Alto is that it is really bad when it comes to technical support.""It'll help if Palo Alto Networks provided better documentation.""In the next release, I would like to see better integration between the endpoints and the firewalls.""Integrative capabilities with other solutions should be addressed.""Its web interface is a bit outdated, and it needs to be updated. They can also improve the NAT functionality. We have had issues with the NAT setup.""It would be good if the common features work consistently in physical and virtual environments. There was an integration issue in the virtual deployment where it didn't report the interface counters, and we had to upgrade to the latest version, whereas the same thing has been working in the physical deployment for ages now. It seems that it was because of Azure. We were using VMware before, and we didn't have any such issues. We do see such small issues where we expect things to work, but they don't because of some incompatibilities. There also seems to be a limitation on how to do high availability in a virtualized environment. All features should be consistently available in physical and virtual environments. It is not always easy to integrate Palo Alto in the network management system. We would like to be able to compare two network management systems. They can maybe allow monitoring an interface through the GUI to create a reference or do a baseline check about whether your network monitoring system is actually giving you the correct traffic figures. You need traffic figures to be able to recognize the trends and plan the capacity.""The disadvantage with Palo Alto is that they don't have a cloud-based solution that includes a secure web gateway.""The user interface could use some improvement."

More Palo Alto Networks VM-Series Cons →

Pricing and Cost Advice
  • "Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
  • "There are additional implementation and validation costs."
  • "Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
  • "This product requires licenses for advanced features including Snort, IPS, and malware detection."
  • "This product is expensive."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The price of Firepower is not bad compared to other products."
  • "The solution was chosen because of its price compared to other similar solutions."
  • More Cisco Firepower NGFW Firewall Pricing and Cost Advice →

  • "As a customer, the pricing is good for us."
  • "The pricing is reasonable."
  • More Juniper vSRX Pricing and Cost Advice →

  • "The price of this solution is very high for some parts of Africa, which makes it a challenge."
  • "Palo Alto can be as much as two times the price of competing products that have twice the capabilities."
  • "The cost of this product varies from customer to customer and the relationship with IBM, including how many offerings from IBM are already being used."
  • "Because I work for a university and the URL is for the institution, it's a free license for us."
  • "It is not the cheapest on the market. The total cost for two firewall instances is $75,000. This includes licenses, deployment fees, and support for two years."
  • "The VM series is licensed annually."
  • "Palo Alto definitely needs to be more competitive compared to other products. The problem that I have faced is that the price of licensing is very high and not very competitive."
  • More Palo Alto Networks VM-Series Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    564,643 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer: 
    The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
    Top Answer: 
    It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer: 
    It is deployed on the customer site, and we manage the firewalls on this side.
    Top Answer: 
    I think the virtual solution is a good price. But of course, it depends on other features, solutions, and licenses.
    Top Answer: 
    I would like to see an activity sensor for malicious content or sensor for viruses and malware.
    Top Answer: 
    In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it… more »
    Top Answer: 
    Both products are very stable and easily scalable. The setup of Azure Firewall is easy and very user-friendly and the… more »
    Top Answer: 
    With the improved visibility we now have, the traffic is being properly monitored, which means that we are better able… more »
    Comparisons
    Also Known As
    Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
    Learn More
    Overview

    Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
    small/branch offices to high performance data centers and service providers. Available in a wide
    range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
    defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
    Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
    features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
    volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
    for increased performance, high availability configurations, and more.
    Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
    deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
    the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
    can deliver micro-segmentation to protect east-west network traffic.
    Cisco firewalls provide consistent security policies, enforcement, and protection across all your
    environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
    delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
    SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
    greater simplicity, visibility, and efficiency.
    Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

    The vSRX offers the same features as physical SRX Series firewalls but in a virtualized form factor for delivering security services that scale to match network demand. It offers the same features as the SRX appliance, including core firewall, robust networking, full next-gen capabilities, and automated life-cycle management. It handles speed up to 100 Gbps. It supports Juniper Contrail, OpenContrail, and third-party software-defined networking (SDN) solutions and integrates with cloud orchestration tools. Deployed in your private cloud, vSRX protects against the lateral spread of advanced threats between virtual machines within your network borders. It provides scalable application security for dynamic workloads and protects mission-critical applications from known and unknown threats. Also the vSRX virtual firewall helps you seamlessly extend your private cloud into public cloud environments, securely moving data and workloads with ease. As a VPN gateway, the vSRX provides remote users with safe access to their workloads. As a segmentation gateway, the vSRX protects public-cloud workloads by blocking lateral threats using application policies that help maintain security and compliance.

    The VM-Series is a virtualized form factor of our next-generation firewall that can be deployed in a range of private and public cloud computing environments based on technologies from VMware, Amazon Web Services, Microsoft, Citrix and KVM.

    The VM-Series natively analyzes all traffic in a single pass to determine the application identity, the content within, and the user identity. These core elements of your business can then be used as integral components of your security policy, enabling you to improve your security efficacy through a positive control model and reduce your incident response time though complete visibility into applications across all ports.

    In both private and public cloud environments, the VM-Series can be deployed as a perimeter gateway, an IPsec VPN termination point, and a segmentation gateway, protecting your workloads with application enablement and threat prevention policies.

    Offer
    Learn more about Cisco Firepower NGFW Firewall
    Learn more about Juniper vSRX
    Learn more about Palo Alto Networks VM-Series
    Sample Customers
    Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
    Expedient Data Centers
    Warren Rogers Associates
    Top Industries
    REVIEWERS
    Comms Service Provider22%
    Financial Services Firm16%
    Manufacturing Company8%
    Non Profit8%
    VISITORS READING REVIEWS
    Comms Service Provider33%
    Computer Software Company21%
    Government7%
    Manufacturing Company4%
    REVIEWERS
    Comms Service Provider50%
    University25%
    Financial Services Firm13%
    Computer Software Company13%
    VISITORS READING REVIEWS
    Computer Software Company32%
    Comms Service Provider27%
    Government6%
    Insurance Company5%
    REVIEWERS
    Financial Services Firm23%
    Manufacturing Company15%
    Government15%
    University8%
    VISITORS READING REVIEWS
    Computer Software Company29%
    Comms Service Provider20%
    Financial Services Firm5%
    Government5%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise28%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise65%
    REVIEWERS
    Small Business52%
    Midsize Enterprise14%
    Large Enterprise33%
    REVIEWERS
    Small Business38%
    Midsize Enterprise31%
    Large Enterprise31%
    VISITORS READING REVIEWS
    Small Business29%
    Midsize Enterprise10%
    Large Enterprise62%
    Find out what your peers are saying about Juniper vSRX vs. Palo Alto Networks VM-Series and other solutions. Updated: January 2022.
    564,643 professionals have used our research since 2012.

    Juniper vSRX is ranked 22nd in Firewalls with 7 reviews while Palo Alto Networks VM-Series is ranked 10th in Firewalls with 16 reviews. Juniper vSRX is rated 8.6, while Palo Alto Networks VM-Series is rated 8.6. The top reviewer of Juniper vSRX writes "Fast with good usability and fairly scalable". On the other hand, the top reviewer of Palo Alto Networks VM-Series writes "An excellent solution for the right situations and businesses". Juniper vSRX is most compared with Juniper SRX, pfSense, Fortinet FortiGate-VM, Azure Firewall and Barracuda CloudGen Firewall, whereas Palo Alto Networks VM-Series is most compared with Azure Firewall, Fortinet FortiGate, Cisco ASA Firewall and Juniper SRX. See our Juniper vSRX vs. Palo Alto Networks VM-Series report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.