We just raised a $30M Series A: Read our story

Compare Juniper vSRX vs. Palo Alto Networks VM-Series

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Juniper vSRX vs. Palo Alto Networks VM-Series and other solutions. Updated: November 2021.
553,954 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"The most valuable features of this solution are advanced malware protection, IPS, and IDS.""The implementation is pretty straightforward.""The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic.""One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses.""The solution offers very easy configurations.""Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening.""Provides good integrations and reporting.""There are no issues that we are aware of. It does its job silently in the background."

More Cisco Firepower NGFW Firewall Pros »

"The dashboard, customization, API, and pricing are good.""Juniper is more flexible with the commit check and the commit confirmed command. The design of the forwarding and contract plan in the operating system is very important for the performance when we have very big traffic.""It's a very powerful solution and the firewalls offer high performance""I'm told the solution is the fastest, and, so far, I do find that to be the case.""The initial setup is pretty simple.""It is deployed on the customer site, and we manage the firewalls on this side."

More Juniper vSRX Pros »

"The most valuable features are web control and IPS/IDS.""The most valuable feature is that you can launch it in a very short time. You don't have to wait for the hardware to arrive and get it staged and installed. From that perspective, it is easy to launch. It is also scalable.""Palo Alto Networks VM-Series is very easy to use.""The most valuable features are the User ID, URL filtering, and application filtering.""The most valuable feature is the Posture Assessment.""What I like about the VM-Series is that you can launch them in a very short time.""In Palo Alto the most important feature is the App-ID.""The Palo Alto VM-Series is nice because I can move the firewalls easily."

More Palo Alto Networks VM-Series Pros »

Cons
"Cisco Firepower NGFW Firewall can be more secure.""The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore.""Its interface is sometimes is a little bit slow, and it can be improved. When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode. In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment.""This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI).""It would be great if some of the load times were faster.""When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance.""There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility.""Deploying configurations takes longer than it should."

More Cisco Firepower NGFW Firewall Cons »

"VPN access is an area that needs improvement.""It could use more tutorials.""Some people complain that the solution tends to have a steep learning curve. It could be because most people have basic familiarity with Cisco or other similar products and maybe have never worked closely with Juniper products.""I would like to see an activity sensor for malicious content or sensor for viruses and malware.""We worked with Cisco's support and Juniper's support and there are some differences, to be honest, Cisco is more available and is more competent at addressing our cases.""We experienced some technical issues during implementation"

More Juniper vSRX Cons »

"The disadvantage with Palo Alto is that they don't have a cloud-based solution that includes a secure web gateway.""Palo Alto is that it is really bad when it comes to technical support.""At the beginning of the implementation, we had some difficulties with the scripts, but Palo Alto Networks support together with a local partner finally fixed it.""It would be good if the common features work consistently in physical and virtual environments. There was an integration issue in the virtual deployment where it didn't report the interface counters, and we had to upgrade to the latest version, whereas the same thing has been working in the physical deployment for ages now. It seems that it was because of Azure. We were using VMware before, and we didn't have any such issues. We do see such small issues where we expect things to work, but they don't because of some incompatibilities. There also seems to be a limitation on how to do high availability in a virtualized environment. All features should be consistently available in physical and virtual environments. It is not always easy to integrate Palo Alto in the network management system. We would like to be able to compare two network management systems. They can maybe allow monitoring an interface through the GUI to create a reference or do a baseline check about whether your network monitoring system is actually giving you the correct traffic figures. You need traffic figures to be able to recognize the trends and plan the capacity.""The solution needs to have more easily searchable details or documentation about it online, so it's easier to Google if you have queries.""Integrative capabilities with other solutions should be addressed.""They made only a halfhearted attempt to put in DLP (Data Loss Prevention).""The user interface could use some improvement."

More Palo Alto Networks VM-Series Cons »

Pricing and Cost Advice
"It definitely competes with the other vendors in the market.""The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case.""Its price is in the middle range. Both Firepower and FortiGate are not cheap. Palo Alto and Check Point are the cheapest ones. I don't remember any costs in addition to the standard licensing fees.""When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today.""For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive.""Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed.""This solution is expensive and other solutions, such as FortiGate, are cheaper.""Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."

More Cisco Firepower NGFW Firewall Pricing and Cost Advice »

"The pricing is reasonable.""As a customer, the pricing is good for us."

More Juniper vSRX Pricing and Cost Advice »

"It is not the cheapest on the market. The total cost for two firewall instances is $75,000. This includes licenses, deployment fees, and support for two years.""Palo Alto can be as much as two times the price of competing products that have twice the capabilities.""The cost of this product varies from customer to customer and the relationship with IBM, including how many offerings from IBM are already being used.""The price of this solution is very high for some parts of Africa, which makes it a challenge.""Because I work for a university and the URL is for the institution, it's a free license for us.""The VM series is licensed annually."

More Palo Alto Networks VM-Series Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
553,954 professionals have used our research since 2012.
Questions from the Community
Top Answer:  When you compare these firewalls you can identify them with different features, advantages, practices and… more »
Top Answer:  The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
Top Answer: It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
Top Answer: It is deployed on the customer site, and we manage the firewalls on this side.
Top Answer: I think the virtual solution is a good price. But of course, it depends on other features, solutions, and licenses.
Top Answer: I would like to see an activity sensor for malicious content or sensor for viruses and malware.
Top Answer: In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it… more »
Top Answer: Both products are very stable and easily scalable. The setup of Azure Firewall is easy and very user-friendly and the… more »
Top Answer: The initial setup was straightforward.
Comparisons
Also Known As
Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
Learn More
Overview

Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

The vSRX offers the same features as physical SRX Series firewalls but in a virtualized form factor for delivering security services that scale to match network demand. It offers the same features as the SRX appliance, including core firewall, robust networking, full next-gen capabilities, and automated life-cycle management. It handles speed up to 100 Gbps. It supports Juniper Contrail, OpenContrail, and third-party software-defined networking (SDN) solutions and integrates with cloud orchestration tools. Deployed in your private cloud, vSRX protects against the lateral spread of advanced threats between virtual machines within your network borders. It provides scalable application security for dynamic workloads and protects mission-critical applications from known and unknown threats. Also the vSRX virtual firewall helps you seamlessly extend your private cloud into public cloud environments, securely moving data and workloads with ease. As a VPN gateway, the vSRX provides remote users with safe access to their workloads. As a segmentation gateway, the vSRX protects public-cloud workloads by blocking lateral threats using application policies that help maintain security and compliance.

The VM-Series is a virtualized form factor of our next-generation firewall that can be deployed in a range of private and public cloud computing environments based on technologies from VMware, Amazon Web Services, Microsoft, Citrix and KVM.

The VM-Series natively analyzes all traffic in a single pass to determine the application identity, the content within, and the user identity. These core elements of your business can then be used as integral components of your security policy, enabling you to improve your security efficacy through a positive control model and reduce your incident response time though complete visibility into applications across all ports.

In both private and public cloud environments, the VM-Series can be deployed as a perimeter gateway, an IPsec VPN termination point, and a segmentation gateway, protecting your workloads with application enablement and threat prevention policies.

Offer
Learn more about Cisco Firepower NGFW Firewall
Learn more about Juniper vSRX
Learn more about Palo Alto Networks VM-Series
Sample Customers
Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
Expedient Data Centers
Warren Rogers Associates
Top Industries
REVIEWERS
Comms Service Provider22%
Financial Services Firm16%
Manufacturing Company8%
Non Profit8%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company21%
Government7%
Manufacturing Company4%
REVIEWERS
Comms Service Provider50%
University25%
Financial Services Firm13%
Computer Software Company13%
VISITORS READING REVIEWS
Computer Software Company33%
Comms Service Provider27%
Government5%
Insurance Company5%
REVIEWERS
Financial Services Firm23%
Manufacturing Company15%
Government15%
University8%
VISITORS READING REVIEWS
Computer Software Company30%
Comms Service Provider19%
Financial Services Firm5%
Government5%
Company Size
REVIEWERS
Small Business43%
Midsize Enterprise28%
Large Enterprise29%
VISITORS READING REVIEWS
Small Business21%
Midsize Enterprise13%
Large Enterprise66%
REVIEWERS
Small Business50%
Midsize Enterprise15%
Large Enterprise35%
REVIEWERS
Small Business38%
Midsize Enterprise31%
Large Enterprise31%
Find out what your peers are saying about Juniper vSRX vs. Palo Alto Networks VM-Series and other solutions. Updated: November 2021.
553,954 professionals have used our research since 2012.

Juniper vSRX is ranked 22nd in Firewalls with 6 reviews while Palo Alto Networks VM-Series is ranked 11th in Firewalls with 16 reviews. Juniper vSRX is rated 8.2, while Palo Alto Networks VM-Series is rated 8.6. The top reviewer of Juniper vSRX writes "Fast with good usability and fairly scalable". On the other hand, the top reviewer of Palo Alto Networks VM-Series writes "An excellent solution for the right situations and businesses". Juniper vSRX is most compared with Juniper SRX, pfSense, Fortinet FortiGate-VM, Azure Firewall and Barracuda CloudGen Firewall, whereas Palo Alto Networks VM-Series is most compared with Azure Firewall, Fortinet FortiGate, Cisco ASA Firewall and Juniper SRX. See our Juniper vSRX vs. Palo Alto Networks VM-Series report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.