We just raised a $30M Series A: Read our story

Juniper SRX OverviewUNIXBusinessApplication

Juniper SRX is #4 ranked solution in top Unified Threat Management (UTM) tools and #13 ranked solution in best firewalls. IT Central Station users give Juniper SRX an average rating of 8 out of 10. Juniper SRX is most commonly compared to Fortinet FortiGate:Juniper SRX vs Fortinet FortiGate. Juniper SRX is popular among the large enterprise segment, accounting for 44% of users researching this solution on IT Central Station. The top industry researching this solution are professionals from a comms service provider, accounting for 36% of all views.
What is Juniper SRX?
High-performance security with advanced, integrated threat intelligence, delivered on the industry's most scalable and resilient platform. SRX Series gateways set new benchmarks with 100GbE interfaces and feature Express Path technology, which enables up to 1 Tbps performance for the data center.

Juniper SRX is also known as SRX.

Juniper SRX Buyer's Guide

Download the Juniper SRX Buyer's Guide including reviews and more. Updated: November 2021

Juniper SRX Customers
7-Eleven, AARNet Pty Ltd, Allegro Networks, alltours GmbH, Apollo Hotel Papendrecht, Armstrong Atlantic State University, Atlantech Online, Availity, Bajaj Capital, Baloise Insurance, BancABC, BAS Group, Black Lotus, Blue Box, Borealis, Carilion Clinic, Catholic Health System, CATV, Champlain College, Chinas Ministry of Railways, China University of Mining and Technology (CUMT), Cloud Dynamics, CloudSeeds, Cloudwatt, CODONiS, Colt Technology Services, Cork Internet Exchange, CSS Versicherung AG, CyrusOne, Danish Crown, Deloitte Belgium, Department of Energy, Divona Telecom, DQE Communications, DreamHost, European Government Agency, Expedient, Financial Market Information Services Provider, Fluidata, Fonality, Fox Sports, Global Financial Institution, Global Investment Bank, Global Investment Company, Energy Sciences Network (ESnet), Goethe University, HEAnet, High Performance Networks Inc., Hillenbrand
Juniper SRX Video

Archived Juniper SRX Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Amir Tofangsazi
CEO, Member of the Board at beh
Real User
Good stability, routing and firewall features

Pros and Cons

  • "I like the routing and firewall features."
  • "The workplace management console needs improvement. It should be a little bit more developed. Also, the interface needs a bit more improvement."

What is most valuable?

I like the routing and firewall features.

What needs improvement?

The workplace management console needs improvement. It should be a little bit more developed. Also, the interface needs a bit more improvement.

If the solution would have an intuitive interface would be much better because the work-based interface is not so perfectly developed and it's not ideal. It's not complete yet, and it makes it difficult for beginners and first-time users of this solution. As it is, for new users, it would make it very difficult for them to deploy this solution. Otherwise, the rest is fine. There's no other problem with it.

For how long have I used the solution?

I've been using the solution for four years.

What do I think about the stability of the solution?

In terms of stability, everything was okay except for one situation which happened about three years ago. There was an upgrade which was released. Once we got the upgrade on the software, it would crash and it wouldn't work as it had before, so we had to downgrade to the previous version. Once we started using that there was no problem.

How are customer service and technical support?

Due to sanctions, we haven't used the technical support of the original company so the maintenance and everything is done by us.

Which solution did I use previously and why did I switch?

We were using a different solution, a Microsoft solution. We were looking for a more affordable solution which would suit our needs.

How was the initial setup?

The initial setup was difficult the first time. It was a little bit complicated, but after it was done, we've been using it just fine and there's no problem with the use. It was the first time we were using a firewall, the initial setup procedure took about one month to define all the zones. 

What's my experience with pricing, setup cost, and licensing?

We extend the license yearly and the prices, because of the sanctions, are expensive and costs much more compared to other solutions. It's pricey compared to other locations where there are representatives and you can buy directly from them.

What other advice do I have?

At the moment the solution satisfies our needs. There are no extra features that we need at the moment.

I would rate this solution 8.5 out of 10 because it seems to satisfy our needs. Everything seems good and works fine.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
NM
Technology Services Director at a tech services company with 11-50 employees
Reseller
Excellent high-speed interfaces but throughput when using features can be improved

Pros and Cons

  • "The solution's stability is very good."
  • "The big thing is performance. With all the features turned on it slows down."

What is our primary use case?

We primarily use this solution for data center segregation.

What is most valuable?

The features that are most valuable are the high-speed interfaces and MPLS.

What needs improvement?

The throughput when using features can be improved.

100-gigabit interfaces should be added into the next release because we'd like to adopt them.

For how long have I used the solution?

I've been using the solution for approximately 6 years.

What do I think about the stability of the solution?

The solution's stability is very good.

What do I think about the scalability of the solution?

The scalability of the solution is limited.

Which solution did I use previously and why did I switch?

We did use a different solution. The old boxes were at end of life.

How was the initial setup?

The initial setup was complex because we have a complex network.

What other advice do I have?

I find that the interfaces are okay. The big thing is performance. With all the features turned on it slows down.

The advice I would give to everyone is to specify a larger box than you think you need.

Due to the performance indications, I'd rate this product as a 7 out of 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about Juniper SRX. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
552,136 professionals have used our research since 2012.
HY
User at UNACOOPEC
Real User
Good security features but is lacking a web filter

What is most valuable?

I've found the security features, such as IDS and the VPN most valuable.

What needs improvement?

In terms of other features, I'd like to see a web filter, 10 point control, application control and DNA features in the next release.

For how long have I used the solution?

I've been using the solution for 5 years.

Which solution did I use previously and why did I switch?

We previously didn't use a different solution.

What other advice do I have?

I would rate this solution a 7 out of 10.

What is most valuable?

I've found the security features, such as IDS and the VPN most valuable.

What needs improvement?

In terms of other features, I'd like to see a web filter, 10 point control, application control and DNA features in the next release.

For how long have I used the solution?

I've been using the solution for 5 years.

Which solution did I use previously and why did I switch?

We previously didn't use a different solution.

What other advice do I have?

I would rate this solution a 7 out of 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Muhammad Atif Jauhar
Professional Services (Security) at Business Management Company
Real User
Easy to implement and use, with better technical support than other solutions

Pros and Cons

  • "The deployment is quite easy and fast."
  • "The GUI needs improvement."

What is most valuable?

The most valuable features in this solution are AppSecure and the IPsec VPN.

What needs improvement?

The solution previously had a Clientless SSL VPN, but it has been removed and I would like access to it again.

The GUI needs improvement. I can work fine with the command line (CLI), but new people would like a better user interface.

I would like to see an SSH VPN in the next release.

For how long have I used the solution?

Almost ten years.

What do I think about the stability of the solution?

I am very satisfied with the stability of this solution.

What do I think about the scalability of the solution?

We have more than one hundred users for this solution. They range from non-technical, Level 1 users, up to administrators, technical support staff, and expert-level users.

How are customer service and technical support?

I am satisfied with their technical support. It is better than what I have experienced with some other solutions.

Which solution did I use previously and why did I switch?

This is the first solution that we implemented.

How was the initial setup?

I find the setup simple, given that I have been using it for ten years. The deployment is quite easy and fast.

What's my experience with pricing, setup cost, and licensing?

The price of this solution is more than other products, but it's stable, and the technical support is better than I have seen with others.

Which other solutions did I evaluate?

The solution was in place before I joined the company, so I am unaware if we evaluated other solutions.

What other advice do I have?

We have found this solution to be easy to implement and easy to use. It is a little more expensive than some products, but it is worth the investment.

I would rate this solution an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
LK
Risk Management and Security Governance at a comms service provider with 501-1,000 employees
Real User
Simple to implement and handles MBPN traffic well

Pros and Cons

  • "The most valuable feature is the virtualization because it can be used for customers who are using the mobile data network to request a private connection to a remote site."
  • "The Juniper product has to improve in terms of innovation."

What is our primary use case?

Our primary use case is for MPBN, where we provide a firewall for our mobile data customers. As an ISP, we protect the 2G, 3G, and 4G customers.

What is most valuable?

The most valuable feature is the virtualization because it can be used for customers who are using the mobile data network to request a private connection to a remote site.

There are also standard security features such as NTP groups and firewalling features and these are also good. 

What needs improvement?

The Juniper product has to improve in terms of innovation.

It only has standard reports, such as memory capacity and data traffic. By comparison, the Check Point solution comes with great reports. Check Point tracks the logs, then analyses the logs and can tell you when you are under attack. Then, you can prevent it. With Juniper today, what you have in terms of log analysis is not so good. I think that they have another solution for this, but it is not embedded, and you have to purchase it separately.

For how long have I used the solution?

Approximately four years.

What do I think about the stability of the solution?

Since we have deployed, there have been maybe two or three minor issues. Our local support helped us to clear these.

What do I think about the scalability of the solution?

I cannot really tell if it is scalable because we are managing twenty gigabytes of traffic on the node. They say that it can scale up to almost one terabyte, but we don't have the capacity so I can't really tell.

This solution is used for all of our mobile customers, which is approximately twelve million. All of our 4G customers use it. This includes standard users who want internet access on their phone, as well as those who want a VPN connected to a private server.

How are customer service and technical support?

I would rate their support seven out of ten.

The technical support directly from Juniper is too expensive, so we receive support from our local reseller instead. This can take between one and three hours, which at times is not up to our company standards.

While the Juniper support staff is skilled, is it too expensive, which is why I rate it seven.

Which solution did I use previously and why did I switch?

At one point we tried to move the mobile data firewall from our Juniper SRX56 to the Cisco ASA 5585. What we found out is that Cisco was not performing well at all. I was very disappointed by the Cisco solution. There were more issues for the same amount of traffic. With Juniper, you just have to upgrade to handle additional clients, but when we tried with Cisco, definitely the result was not good at all.

How was the initial setup?

The initial setup was straightforward, especially compared to that of Cisco. It was very simple with the help of our local provider.

From the design phase up to the implementation stage took approximately one month per site. This included the time to validate the design documents and then validate and approve the changes. We needed to slot a window of time for the change, consider whether there is any impact on the customer, and then monitor what happens during the change. For both of our sites, it took approximately three months.

For the design and clarification, we had one person for four nodes. In terms of operations, we have two engineers.

What about the implementation team?

Our local provider assisted us with the implementation of the final solution. In Cameroon, we had Erikson, and they knew what they had to do so it was really straightforward.

What's my experience with pricing, setup cost, and licensing?

While the price of support is expensive, the price of the solution, itself, is not.

The problem came about when we tried switching to Cisco and discontinued our support. In order to subscribe again later, we had to pay a reinstatement fee. We found out that if you have not used the product for a certain period of time, you have to pay for this period before paying for a new year of support. Say, for example, that you don't pay for support for one year. That year must be paid for, first, before getting support. That is why I am saying that support is expensive, in my opinion.

Which other solutions did I evaluate?

We did not evaluate vendors other than Juniper and Cisco because in the enterprise we have a set of approved vendors for each sector and these are two only two in this group.

What other advice do I have?

My advice is to make sure that you have local support because it is very important. Juniper does have some good options in terms of support.

This is not a perfect solution because I think that there is still room for improvement, but I think it is the best solution that I have tested for MBPN.

I would rate this solution an eight and a half out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Darcy Hiebert
Network Architect - Contractor at TEML
Real User
The operating system and the flexibility it provides is what really differentiates this solution

Pros and Cons

  • "There is a lot of flexibility in how you can commit, check, and back out of a configuration."
  • "It's a good stable firewall, but it's nowhere near what it needs to be for a next-generation type firewall."

What is our primary use case?

The primary use case is a combination of a firewall, router, and VPN termination device.

How has it helped my organization?

It allows us to do remote configuration changes, and if there is a problem, not losing connectivity to the device.

What is most valuable?

I really like the Juniper operating system. It is more of a UNIX based system, more than Cisco, and I really like it. There is a lot of flexibility in how you can commit, check, and back out of a configuration.

What needs improvement?

In terms of improvement, it could use more on the security side. It's a good stable firewall, but it's nowhere near what it needs to be for a next-generation type firewall. 

They also need to improve their documentation. With Cisco, you can find lots of examples, but with Juniper, it is not always the case. One area that needs more focus is instruction on how to interoperate with other vendor's products. I would like to see documentation on running IPsec tables between Fortinet and Juniper or Cisco and Juniper because the information is not there.

Their technical support also needs improvement, as they are lagging behind Cisco.

For how long have I used the solution?

Eight years.

What do I think about the stability of the solution?

This is a very, very stable solution. Again, their operating system is outstanding. Really, this is what differentiates it.

What do I think about the scalability of the solution?

In terms of scalability, it clusters nicely so you can put it into a stacked mode. The size that it is meant to serve, it does very well. It is not meant as a large enterprise-type firewall. Rather, it is meant for a small to medium sized customer.

We currently have about seventy-five users, and we don't plan to increase that number at this time.

How are customer service and technical support?

I would say that their technical support is ok, but it needs improvement. This is an area where they are not as good as Cisco.

Which solution did I use previously and why did I switch?

We migrated to this solution from a Cisco ASA (Adaptive Security Appliance).

How was the initial setup?

Transitioning from the Cisco ASA that we had running took about two hours of planning and another two hours of execution time.

In terms of the maintenance, myself and one other person take care of everything. We take on small contracts all over the place.

What about the implementation team?

I handled the implementation for this solution myself.

What's my experience with pricing, setup cost, and licensing?

The pricing is perhaps half to around forty percent of Cisco. 

Which other solutions did I evaluate?

Juniper is my favorite and I had used it so much that we did not evaluate any other products.

What other advice do I have?

This solution is really nice to use. It's very similar in terms of capabilities to a Cisco, but it's just that the operating system is so much nicer to use.

I would say that you need some time to get comfortable with the operating system if you've never used it before, but don't let that scare you. Buy it and put it on your desk for a week, then play with it. If you've got a live environment or if you've got some type of simulation you can set it up in, it won't take long and you can feel comfortable using it.  

I would rate this product an eight and a half out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
BB
Senior Network Security Engineer at Aplikas
Real User
A Competitively Priced Network and Cybersecurity Solution

Pros and Cons

  • "On a scale from one to ten, one being the worst and ten being the best I'd give Juniper SRX an overall rating of eight because of its' competitive price."
  • "Improvements can be made to the GUI. The GUI can be improved by creating policies to handle IPS requirements. The configuration should be a one-step process. This would make it easier to complete the setup to register the time of operation."

What is our primary use case?

Our primary use case is consultation and deployment of the solution. We operate as a Juniper Elite Partner. Our customers, large enterprises, want to prevent network failure and downtime.

What needs improvement?

Improvements can be made to the GUI. The GUI can be improved by creating policies to handle IPS requirements. The configuration should be a one-step process. This would make it easier to complete the setup to register the time of operation.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

Yes, it's very stable.

What do I think about the scalability of the solution?

It's scalable. Juniper Select has a solution to boot in high availability technology. We use the Juniper Select from low-end and high-end. In my position as a Senior Network Security Engineer, I handle the high-end suite of Juniper Select 5K.

Currently, the solution is being used every day. We have plans to increase usage in the future.

How are customer service and technical support?

Technical support is good. They seem to understand our customer's requirements. When they troubleshoot or support our customers, they seem to know what they are doing. They seem to be very helpful. But customers need support right away, and this has been an issue. It can take two to three days to get help some times just because of the volume of ticket request. 

Which solution did I use previously and why did I switch?

Previously we used a CISCO ASA solution. But in the last three years, we switched to the Juniper solution because Juniper has a competitive price per feature.

How was the initial setup?

The initial setup was complex. It took a group of five, engineers and architects, to get it up and running within 24-hours. And it takes a group of five, engineers and IT experts, to operate and maintain

What's my experience with pricing, setup cost, and licensing?

Licensing which covers maintenance is on an annual basis. Our customers are on one-year contracts. There are additional cost above and beyond the standard licensing fees.

Which other solutions did I evaluate?

Before choosing Juniper, we evaluated a Fortinet solution because Fortinet has a competitive price. It's also effortless for our engineers to operate and maintain. They can understand and complete tasks quickly. 

What other advice do I have?

Further advice regarding this solution is that anyone planning to implement this product should understand the Juniper suite. They should understand the firewall concept, Juniper configuration, and the command line. They need previous experience with Juniper products. 

On a scale from one to ten, one being the worst and ten being the best I'd give Juniper SRX an overall rating of eight because of its' competitive price. But it's a very complex product compared with other similar products.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Security Governance at a comms service provider with 1,001-5,000 employees
Real User
The virtualization feature is the most valuable feature, as sometimes customers request a private connection using mobile data

Pros and Cons

  • "The virtualization feature is the most valuable feature. Sometimes customers are requesting a private connection using mobile data when they are connecting to remote sites."
  • "The Juniper SRX product needs to improve in terms of innovation."

What is our primary use case?

We are using this solution mainly for the NPCs and the firewall of the mobile data customers. We are using it to protect the ISP of the mobile data customers: 2G, 3G, and 4G customers. 

What is most valuable?

In terms of features, we are using Source NAT. 

The virtualization feature: Sometimes customers are requesting a private connection using mobile data when they are connecting to remote sites. 

What needs improvement?

The Juniper SRX product needs to improve in terms of innovation. E.g., Checkpoint comes with a monitoring solution embedded in its product, as well as providing good reports. Checkpoint also does analysis by tracking the logs and letting you know when you are under attack. What Juniper has today in comparison is not so good.

Juniper only has limited reports, such as memory, capacity, data, and traffic.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

Since we have deployed the product, we have had two or three minor issues.

What do I think about the scalability of the solution?

We have something like 12 million customers (mobile data customers).

How are customer service and technical support?

Sometimes, it is difficult to contact the Juniper support because we did not purchase the support package, as it was too expensive. We are using a local reseller instead. Sometimes, when we have had issues, it can take one to three hours for resolution, which is not good at all based on our company standard. However, once we have the right thing connected on the device, then it's very fast.

I would rate the technical support as a seven out of ten. The support is skilled, but the cost is expensive.

Which solution did I use previously and why did I switch?

We previously used Cisco ASA. The results were not good.

How was the initial setup?

The initial setup is straightforward. We had the help of the local provider. So, it was very straightforward. 

Even now, when I compare the initial setup to Cisco, the implementation of Juniper SRX is very simple.

What about the implementation team?

To finish the implementation, we had the help of the local provider, Ericsson.

From the design phase up to the implementation phase, it took more than one month per site. The time to validate the design documents and change, then doing those changes, approve those changes and implementing them. Because we have two sites, it was somewhere around three months.

After the acquisition phase, we discussed the plan and the design document. We did the architecture and design document with the vendor. Before going into the implementation phase, we have to validate all our documents for the high-level and low-level designs. The operational teams are also validating these documents.

Once we have all those documents validated, we request the approval for change. We have a committee who analyzes the documentation. We analyze the work that we are planning to do and validate the changes for a specific time.

We need to look if there any impact on the customer side, do we need to present it to the customer before making the change, and what is the plan for monitoring after the change?

What's my experience with pricing, setup cost, and licensing?

The direct support with Juniper is expensive. When you stop using the solution and miss one year of payments, if you want the support back on a specific node, they ask you to pay for the year that you haven't used the node.

Which other solutions did I evaluate?

We tried to move our mobile data firewall from Juniper SRX to Cisco ASA. What we found was that Cisco did not performing well at all. We were very disappointed by the Cisco solution. With the Cisco solution, we had more memory issues with the same amount of traffic. With Juniper SRX, it just needs an upgrade to carry the traffic.

We have approved vendors in every industry. We cannot deviate and chose any vendor that we want. We can only select vendors from our approved list. The two vendors on that list for this industry include Cisco and Juniper, though recently Huawei was added.

What other advice do I have?

Make sure to have skilled local support.

We are planning to move to the bigger version of Juniper SRX later this year (SRX5800). We are also planning to move to IPv6.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
TM
Sr. Engineer at a comms service provider with 51-200 employees
Real User
Top 20
Good Layer 3 and Layer 4 protection, but the solution is not end-to-end

Pros and Cons

  • "Most of our clients use it as a traditional firewall, blocking Layer 3 and Layer 4, blocking by transport."
  • "it would be more powerful if Juniper brought out a security product other than the firewall, like anti-spam, endpoint protection, etc. Customers who want to deploy security solutions are not just thinking about firewalls... Juniper should have an end-to-end solution, from the endpoint to the network level."

What is our primary use case?

Juniper SRX is solely used as a firewall gateway. We use it only for interfacing with the internet and for server farms, as a data center firewall gateway.

What is most valuable?

Most of our clients use it as a traditional firewall, blocking Layer 3 and Layer 4, blocking by transport.

What needs improvement?

We also use firewalls from FortiGate and Palo Alto and they're built with technology to make them next-generation firewalls. Juniper utilizes a router OS and includes enhancements to make it a firewall. But FortiGate and Palo Alto are full-on firewalls because they are built from scratch with features which are specific to firewalls. 

Juniper needs to enhance the solution so that it is more powerful. They need to update the administrative tools to create an easier admin experience. An average administrator would find it easier to configure if they could use https rather than the command line interface to do so.

In addition, it would be more powerful if Juniper brought out a security product other than firewalls, like anti-spam, endpoint protection, etc. Customers who want to deploy security solutions are not just thinking about firewalls. They're thinking about security across their environment. If Juniper could give me a security solution, beyond the firewall, that integrates with the firewall, that would be helpful. Other products have built a security fabric. So if a customer already uses one of their solutions, like a firewall, they will be thinking about integrating with that vendor's other products. If there is more than just a firewall solution, they will use that same vendor's products throughout the security environment. A security fabric is more powerful than just blocking via network parameters.

Juniper should have an end-to-end solution, from the endpoint to the network level. It would provide a more powerful security solution to the customer. Customers are looking for a holistic security solution.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

For one to three years it's stable.

What do I think about the scalability of the solution?

If users want to scale up the firewall, they basically want the cheapest firewall that gives them powerful features. Most users choose FortiGate rather than Juniper. Technically, Juniper's scalability is good. But when customers look at the overall price, FortiGate will come out cheaper than Palo Alto or Juniper.

How are customer service and technical support?

The technical support is good. The engineers help support our customers day-to-day.

How was the initial setup?

The setup depends on the deployment, on what we have to configure. But from one firewall to another firewall, it's about the same. They're not really complex. We have experience using the command line and the user interface. If you ask me which one is easier to configure, I will answer that configuring through the user interface is easier.

The amount of time the deployment takes depends on the complexity of the solution. If the firewall is used as an L3 firewall or L4 firewall, for blocking by IP address and, it's going to be faster to deploy than deploying the firewall using Unified Threat Management. In that case, we need to carefully tune the VPN configuration.

What was our ROI?

The time for one of our customers to achieve ROI depends on the scalability of the product. It also depends on the type of organization. If it's a hospitality or government organization, it will take them more time to achieve ROI than an internet service provider, where using this product is in line with their business objectives.

What's my experience with pricing, setup cost, and licensing?

In terms of pricing, Juniper is in the middle. The most expensive firewall is Palo Alto. If a customer wants the cheapest price they should go for FortiGate. Juniper is in between these products.

Which other solutions did I evaluate?

From experience, we like to use firewalls from Palo Alto and FortiGate because the solution is easy to configure with a UI to execute the app. If we use Juniper firewalls, we don't really use the UI because it is not as easy as the command line interface for configuration.

The VPN is different between Juniper and Palo Alto. As far as I know, Juniper does packet inspection in their VPN. Functions like anti-spam and antivirus are running step-by-step. Once the anti-spam processing is done, it goes on to antivirus scanning. But with Palo Alto, the technology is different. It copies each packet to each function. For example, if we activate anti-spam, antivirus, and another check, Palo Alto makes three copies of each packet and inspects them in parallel. This makes the system faster, compared to Juniper. This is the biggest difference as far as I know.

What other advice do I have?

Juniper is good at the routing protocol. If you want a solution to protect your environment from the internet, I would propose a firewall gateway solution but ultimately it depends on what the customer needs.

We are partnered with Juniper, so if customers ask for a firewall solution, the first solution that we pick is generally a Juniper firewall. If a customer wants a firewall other than Juniper, we offer it. Usually, we will do a firewall like FortiGate or Palo Alto, if the customer has enough money, as Palo Alto is very expensive.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
ANanonymous
Consumer Engineer at a comms service provider with 1,001-5,000 employees
Real User
It protects from distributed denial-of-service attacks with Screen Options

Pros and Cons

  • "It protects from distributed denial-of-service attacks with Screen Options."
  • "The GUI needs to be easier and more helpful for users who don't have security experience."

What is our primary use case?

The primary use case is for protecting enterprise systems.

How has it helped my organization?

It allows users connecting from homes, who urgently need to log into the networks through a secure tunnel without using internet IP gateway, access using a SSL.

What is most valuable?

  • It is highly scalable, stable, and can be easily updated.
  • It protects from distributed denial-of-service attacks, DDoS attacks, with Screen Options.
  • When you design your networks, you can put SSL Inspection as a gateway to make the systems secured, like IT systems.

What needs improvement?

The GUI needs to be easier and more helpful for users who don't have security experience.

They need to add WAF management to the tool, as competitors already have it as part of their offerings. This feature is future of protecting enterprise solutions.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

It is very stable, but it needs an engineer on the system while it is running to monitor for attacks and when attacks are in process.

What do I think about the scalability of the solution?

It is easy to expand.

How are customer service and technical support?

The technical support is good, but there is a time delay between the support and attacks.

How was the initial setup?

The initial setup was straightforward, but has since become straightforward with experience.

For example, with MX (not SRX), it needs to be specific when you export or import the subnetting or addresses that you want to block or filter out of your networks. This is why it is a complex process the first time and becomes subsequently easier

What other advice do I have?

You have to be aware of Linux commands, which will make you able to use this device, like exporting file, saving file, monitoring your logs, and making a new script.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
MF
GCD Network Architecture Manager at Technicolor
Real User
It provides stability for our complex network

What is our primary use case?

Firewall for a lab environment.

How has it helped my organization?

Before, we were handling everything with a Vyatta server until our network became more complex.

What is most valuable?

Stability.

What needs improvement?

The device could be more user-friendly.

What is our primary use case?

Firewall for a lab environment.

How has it helped my organization?

Before, we were handling everything with a Vyatta server until our network became more complex.

What is most valuable?

Stability.

What needs improvement?

The device could be more user-friendly.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user958248
Chief Executive Officer with 51-200 employees
Real User
It is a good solution for firewall protection. It needs to be updated for "Next-Generation" needs.

What is our primary use case?

It is a basic firewall that we have been using for six years. It is a  good solution.

What is most valuable?

The most valuable feature is the brand itself. From a protection perspective, it provides a network perimeter security function for our company. 

What needs improvement?

We are finding that the UTM features which is required (like an antivirus or URL filtering) are not available.  We are now looking for the "Next Generation" of firewall protection. We need to be less vulnerable to attacks.  In addition, we would really like to see an automated policy feature added. 

For how long have I used the solution?

More than five years.

What is our primary use case?

It is a basic firewall that we have been using for six years. It is a  good solution.

What is most valuable?

The most valuable feature is the brand itself. From a protection perspective, it provides a network perimeter security function for our company. 

What needs improvement?

We are finding that the UTM features which is required (like an antivirus or URL filtering) are not available.  We are now looking for the "Next Generation" of firewall protection. We need to be less vulnerable to attacks. 

In addition, we would really like to see an automated policy feature added. 

For how long have I used the solution?

More than five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
MS
Principal Director of IT at Reanaud-bray
User
Tried configuring the IDS for more than four months, but it did not work properly

What is our primary use case?

We use it as a firewall at our head office and branches. We use its IDS solution at the head office too.

How has it helped my organization?

It did not improve our safety because the IDS does not detect some attacks, but our anti-virus software did.

What needs improvement?

Correct the bugs in the current version.  Help customers more with its configuration so they can feel safer. We tried configuring the IDS for more than four months, but it did not work properly.

For how long have I used the solution?

Less than one year.

What is our primary use case?

We use it as a firewall at our head office and branches. We use its IDS solution at the head office too.

How has it helped my organization?

It did not improve our safety because the IDS does not detect some attacks, but our anti-virus software did.

What needs improvement?

  • Correct the bugs in the current version. 
  • Help customers more with its configuration so they can feel safer.

We tried configuring the IDS for more than four months, but it did not work properly.

For how long have I used the solution?

Less than one year.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
FG
Senior Network Analyst with 1,001-5,000 employees
Real User
The throughput is fine but the CLI is verbose, especially when configuring

Pros and Cons

    • "The CLI is verbose. You have to say a lot to do a little. I don't like that part of it. Cisco's command syntax seems to be a good bit more concise. When you're trying to get something done, you don't want to have to type a bunch."

    What is our primary use case?

    Our primary use case is security. The performance has been okay. It's a bit of a change from the Ciscos in terms of the configuration syntax, from the CLI perspective. We use it just as a firewall. We don't use it for routing functionality.

    How has it helped my organization?

    The Juniper was a later model, later technology than we had, more horsepower than we had before. The performance is better, but it could have been any firewall in its peer group. The improvement was because our old firewalls were, well, old. So the performance has been an improvement. And the IDS, perhaps, is a little better than what the older firewalls had.

    What is most valuable?

    I'm not sure what the most valuable features are. I'm not really that impressed with the technical support. I'm not really that impressed with the product, to be honest with you. Throughput seems to be okay.

    What needs improvement?

    The CLI is verbose. You have to say a lot to do a little. I don't like that part of it. Cisco's command syntax seems to be a good bit more concise. When you're trying to get something done, you don't want to have to type a bunch. I wish there was a quicker way to configure through the CLI. I know all the tricks of hitting spacebar etc. to finish the command, and the context tricks of going further in. But it just reminds me of an older operating system, like VAX/VMS. It's just very verbose.

    Maybe this is where the Space Security Director product comes in, but we aren't quite using the Security Director in Space to its fullest yet.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    It seems stable. We haven't had too many failures. We have had some but, by and large, it's been pretty stable. It's not taxed, the way we're using it.

    What do I think about the scalability of the solution?

    The model we have is very scalable. It's a fairly large firewall.

    How is customer service and technical support?

    I have spoken with technical support 30 or 50 times. On a scale of one to 10, I would evaluate Juniper technical support at five. It's never resolved in one call. It's always a couple of calls. We're not being passed from one department to another, it's just that they don't seem to be answering the question you give them. It's very frustrating.

    How was the initial setup?

    I migrated it from an ASA to the Juniper. It was a fairly straightforward process. There are things that are required on the Juniper that weren't required on the Cisco, like the global address book. Things have to be on there before you can do a lot of net and the like.

    What other advice do I have?

    You need to know what your company's strategic vision is, and then map the security part of that. I don't just mean cost-related, but the strategy for profit-related future ventures. You need to know why you want a particular firewall. Don't ignore the functions and future growth and products on the horizon from each of the vendors.

    What you go with has to meet your current needs but, more importantly, is the company a going concern - meaning if they're going to get better - then how do they complement your particular industry's growth? Are they going to be there to make remote access and extranets and research easier to deliver? The product has to be configurable, with lots of options should you need to subscribe to those options.

    The most important criterion, for me, when selecting a vendor is that they have to rank high in industry ratings. Juniper has just not been there. I haven't seen the 2018 reports, but year after year Juniper is not only the least visionary but one of the least in terms of performance. I also don't like the fact that they spun off their VPN to Pulse Secure. I know that's a subsidiary, but I don't necessarily want to have a separate appliance for a light-duty VPN.

    I would rate Juniper at seven out of 10. It's a little harder to configure from a VPN perspective, VPN Tunnels. Their tech support is the big problem for me. I don't want to be bounced around. I don't want to get half an answer when I ask a whole question. I would take an inferior product with better tech support, without question. If I have a responsive engineering team that will fix problems when they come in, with firmware releases, etc., I'd clearly take an inferior product with that better support. It's all about function.

    I probably wouldn't have chosen the Juniper in this environment. We just don't need yet another knowledge base to learn. And it doesn't fold into some of our Cisco services. For example, the assets control doesn't integrate well with the Radius servers. Something like that could be downloadable ACLs, for instance.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Mark Edward
    Technical Support Engineer at a tech services company with 51-200 employees
    Real User
    It protects the data behind our switches

    Pros and Cons

    • "It integrates well with Fortinet and Palo Alto."
    • "It uses many applications, like antivirus blocking and web filtering."
    • "The high availability of the application is good."
    • "It protects the data behind our switches."
    • "Juniper needs to focus more on their perimeter firewalls."
    • "The GUI needs to be easier to handle."
    • "I would like to see endpoint control and endpoint testing security."

    What is our primary use case?

    We use it as a perimeter firewall, data center firewall, and as VPN concentrators for some companies. It protects the data behind our switches. Our company provides the switches, like the EX-Series. 

    We are an elite partners for Juniper. We use the firewall for data protection.

    How has it helped my organization?

    It has a high security implementation.

    What is most valuable?

    It integrates well with Fortinet and Palo Alto.

    It uses many applications, like antivirus blocking and web filtering. Also, defining routing on it is very easy along with netting. The high availability of the application is good. We use the IDS and IPsec VPN features.

    What needs improvement?

    I would like to see endpoint control and endpoint testing security.

    The GUI needs to be easier to handle.

    For how long have I used the solution?

    Less than one year.

    What do I think about the stability of the solution?

    The stability is good.

    What do I think about the scalability of the solution?

    The scalability is good.

    How are customer service and technical support?

    When we face problems, it is a firmware or software update. We call Juniper for support and they have a very good team for technical support. They help us a lot, then we will find the solution in the upgraded version of software of unit. 

    Which solution did I use previously and why did I switch?

    I think there was a problem before I came to the company with Cisco and their firewall, so they decided to switch to Juniper.

    How was the initial setup?

    It is more complex than other vendors, but we have gotten used to it. So, we find it easy to implement and deploy.

    What's my experience with pricing, setup cost, and licensing?

    It has a low price.

    Which other solutions did I evaluate?

    We are also using Fortinet and have a partnership with Palo Alto. In addition, we are looking into a partnership with Citrix.

    Cisco and FortiGate were on original shortlist.

    What other advice do I have?

    They can use the Juniper SRX as a data center firewall. Juniper needs to focus more on their perimeter firewalls.

    Our most important criteria is to look for 24-hour support, prices, partnerships, and what they offer to partners. Also, we want to know if the product can function with Juniper.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    TA
    Network Manager with 1-10 employees
    Real User
    They should add a dashboard because the product is difficult to operate. It is not that expensive.

    Pros and Cons

    • "It helps us perform our daily jobs."
    • "I would like them to add a dashboard because it's difficult to operate."
    • "The product only has basic features."

    What is our primary use case?

    The Juniper SRX that we have is being used as a firewall. Somehow, it is performing.

    The product is a normal router with basic firewall capacity. We don't have a dedicated firewall. Therefore, I don't have high expectations from Juniper. 

    How has it helped my organization?

    It helps us perform our daily jobs.

    What is most valuable?

    We are using it as a normal type of firewall.

    What needs improvement?

    I would like them to add a dashboard because it's difficult to operate.

    The product only has basic features.

    For how long have I used the solution?

    Less than one year.

    What do I think about the stability of the solution?

    The stability is normal.

    What do I think about the scalability of the solution?

    The scalability is normal.

    How are customer service and technical support?

    I haven't used technical support, just local support.

    How was the initial setup?

    The initial setup was complex.

    What's my experience with pricing, setup cost, and licensing?

    It is not that expensive.

    Which other solutions did I evaluate?

    We are evaluating Palo Alto, Barracuda, and Sophos because we need a Next-Gen firewall.

    What other advice do I have?

    It crashed, and we could not change it for some reason. I don't want to keep Juniper within my network anymore.

    Most important criteria when selecting a vendor: 

    • Dedicated support team
    • Easy configuration.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    SO
    Sr. Programmer at a tech vendor with 51-200 employees
    Real User
    We use the Layer 4 firewall functions: Access rules, NAT, and site-to-site IPsec VPN

    Pros and Cons

    • "We mostly use the Layer 4 firewall functions: Access rules, NAT, and site-to-site IPsec VPN."
    • "It needs better interoperability with Cisco gear."

    How has it helped my organization?

    Theere has been no change to our organization. We replaced an older Cisco ASA. We intended to use some of the UTM features, but we have not yet. In some cases, it is worse. We can’t do remote access IPsec VPNs for users like we could with the Cisco ASA. Instead, we set up OpenVPN. As the Cisco ASA is the de facto standard, doing a site-to-site IPsec VPN to other companies takes more time (e.g., IKEv2 will not work connecting to Cisco gear because traffic selectors are not supported for IKEv2).

    What is most valuable?

    We mostly use the Layer 4 firewall functions: Access rules, NAT, and site-to-site IPsec VPN. We liked that it had additional features and was more modern than the Cisco ASA line.

    What needs improvement?

    It needs better interoperability with Cisco gear.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    No stability issues.

    What do I think about the scalability of the solution?

    No issue. We are only a 40 person company and only have 50Mbps of internet bandwidth.

    How are customer service and technical support?

    Technical support is good, though we have not really used support much. Juniper has a decent knowledgebase.

    Which solution did I use previously and why did I switch?

    Previously, we had a Cisco ASA 5510. It was old and needed to be replaced. We switched because the Cisco ASA is underpowered. If you try to do too many functions, like IDS/IPS, UTM, virus scanning, and Smart Net, support is expensive.

    How was the initial setup?

    The initial setup is mostly straightforward. We are converting one of our site-to-site VPNs with another company where we have overlapping subnets. This took some doing because the Cisco ASA allowed us to do policy-based NAT and could NAT the same IP subnet two different ways depending on the destination address. We needed to exclude 10 IP addresses out of a 24 subnet from the static NAT rule which was needed to deal with the overlapping subnets and ended up having to do more than 240 individual 32 NAT rules on the Juniper SRX240H2.

    What about the implementation team?

    Work with a consultant who has good JunOS knowledge if you have a complex setup (we host more than 20 servers for internet access used by over a 1000 users).

    What's my experience with pricing, setup cost, and licensing?

    Pricing is good. Most of the costs are in the UTM (IDS/IPS, virus scanning, etc.) subscription. Palo Alto was nice, but much more expensive.

    Which other solutions did I evaluate?

    We looked at Juniper SRX vs FortiGate and Juniper SRX vs Palo Alto, as well as the newer Cisco ASAs.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    RogerBascom
    Sr. Network Engineer at Kitsap Credit Union
    Real User
    Lowered our operating costs by 25% over three years, mostly recovered from maintenance/support costs

    Pros and Cons

    • "Juniper has the "recovery safety feature", so if you perform a "commit confirmed" and the new configuration disconnects you. then there is no "confirmed" command with X mins (default = 10 mins). It automatically reverts (recovers) to the previous configuration. This is handy for when you do not want to make that trip down range just to reboot a router."
    • "Using a Juniper CLI, you configure a "candidate configuration", then "commit" it to bring it live. If you do not like it or messed up something, you just "rollback" to the previous configuration. It can all be done in a matter of minutes. This is super handy once you get use to it."
    • "Third-party support for Juniper is a lot less than Cisco. This is no surprise, but a definite consideration if you are expecting to use a lot of third party support. In my guesstimate, for every 100 Cisco shops, you will find one Juniper shop."
    • "JTAC (Juniper Networks Technical Assistance Center) is just okay for technical assistance. However, if you are used to Cisco TAC responsiveness, you will need to adjust your expectations with Juniper Networks TAC."

    What is our primary use case?

    During our last network refresh, we did a wholesale forklift upgrade from Cisco to an entire Juniper network infrastructure, including Juniper SRX router/firewall/IDP, EX Series switches, and QFX Series core switches. The entire process took over two years to complete, but once it was completed, we were extremely happy with the Juniper equipment in terms of costs, performance, maintenance, and the ability to function as we needed.

    How has it helped my organization?

    • Once our engineers got their heads wrapped around the nuances of Juniper's CLI (took them about six months) with training (mostly free) and were able to get settled into Junos OS, we never looked back.
    • SRX firewalls/IDP functions require similar technical knowledge level as Cisco ASA and are function on par with them. I recommend investing in Juniper Space if you have a significant amount of Juniper equipment to manage. We have three of the larger SRX550s, with one cluster configuration, for edge security devices (firewall/IDPs). We are very happy with them. 
    • Not specifically in SRX category, but the 40Gb/10Gb interfaces in the QFX gear are truly wired for speed on all available ports. The virtual EX switch chassis configuration, where up to 10 switching devices can be managed as a single network device, is a solid configuration for us. We use it in three locations and have zero issues with it.

    What is most valuable?

    • I am really hesitate to repeat the Juniper sales line of "One Juniper", simply because within different devices, there are differences in the CLI commands used. This has been due to functional and hardware differences. For the vast majority of the Juniper CLI commands, if you learn them for the SRX, they are the same for the EX and QFX series switches. There is little to no differences between the Junos OS versions
    • The "candidate configuration" and rollback features are real life savers. They are different from what Cisco does. At a Cisco CLI, when you hit enter, the command is live. Using a Juniper CLI, you configure a "candidate configuration", then "commit" it to bring it live. If you do not like it or messed up something, you just "rollback" to the previous configuration. It can all be done in a matter of minutes. This is super handy once you get use to it.
    • Juniper has the "recovery safety feature", so if you perform a "commit confirmed" and the new configuration disconnects you. then there is no "confirmed" command with X mins (default = 10 mins). It automatically reverts (recovers) to the previous configuration. This is handy for when you do not want to make that trip down range just to reboot a router.

    What needs improvement?

    Third-party support for Juniper is a lot less than Cisco. This is no surprise, but a definite consideration if you are expecting to use a lot of third party support. In my guesstimate, for every 100 Cisco shops, you will find one Juniper shop.

    For how long have I used the solution?

    Three to five years.

    How is customer service and technical support?

    JTAC (Juniper Networks Technical Assistance Center) is just okay for technical assistance.  However, if you are used to Cisco TAC responsiveness, you will need to adjust your expectations with Juniper Networks TAC.

    I could normally fix my issue with Cisco on the first or second call, speaking with the first Cisco TAC engineer (Tier 1) that I spoke with. Juniper Networks TAC is just as good, but in my experience, it takes about two to three times longer to get the same results. It is not unusual to require escalation before the issue is resolved. Juniper simply does not have the depth and number of Juniper experts as Cisco. 

    What was our ROI?

    We were able to lower our overall operating costs over a three year period by 25%, mostly recovered from maintenance/support costs.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    TK
    Engineer at icraft
    User
    Easy to scale up by attaching more CPU and memory

    What is our primary use case?

    Our primary use is having a virtual appliance vSRX PoC in telco. We tested integration to their Vim, function and performance.

    How has it helped my organization?

    vSRX's performance is best with less resources, such as CPU and memory. It is easy to scale up by attaching more CPU and memory.

    What is most valuable?

    vSRX is easy to deploy to any virtual infrastructure, such as OpenStack, VMware, and even Docker (cSRX). It has already been tested with virtual acceleration, such as DPDK, SR-IOV, and PCI-Passthrough.

    What needs improvement?

    It could improve areas which need high performance. 

    For how long have I used the solution?

    Still implementing.

    What's my experience with pricing, setup cost, and licensing?

    Small enterprises or telco have…

    What is our primary use case?

    Our primary use is having a virtual appliance vSRX PoC in telco. We tested integration to their Vim, function and performance.

    How has it helped my organization?

    vSRX's performance is best with less resources, such as CPU and memory. It is easy to scale up by attaching more CPU and memory.

    What is most valuable?

    vSRX is easy to deploy to any virtual infrastructure, such as OpenStack, VMware, and even Docker (cSRX). It has already been tested with virtual acceleration, such as DPDK, SR-IOV, and PCI-Passthrough.

    What needs improvement?

    It could improve areas which need high performance. 

    For how long have I used the solution?

    Still implementing.

    What's my experience with pricing, setup cost, and licensing?

    Small enterprises or telco have variant licenses, and this licensing model should be improved.

    Disclosure: My company has a business relationship with this vendor other than being a customer:
    it_user738864
    Senior Network Engineer at a tech services company with 51-200 employees
    Real User
    Zones make it easy to logically organize security polices

    Pros and Cons

    • "Security policies in combination with zones: It is very easy to organize the security polices in a logical structure."
    • "CLI: Junos CLI is very easy to use, and it is also very easy to find back items in the configuration and to change them."
    • "Commit: You can update the whole configuration without affecting the production. The new configuration will be loaded once the command "Commit" is submitted. You can also do a Commit confirmed to automatically roll back to the previous config after X minutes."
    • "The visibility/reporting could be better. To see something, you have to export the log to a syslog and then process with another product."

    How has it helped my organization?

    Thanks to the well-structured and organized security policies, we decreased operations time to create/update/delete our security policies.

    What is most valuable?

    Security policies in combination with zones: It is very easy to organize the security polices in a logical structure.

    CLI: Junos CLI is very easy to use, and it is also very easy to find back items in the configuration and to change them.

    Commit: You can update the whole configuration without affecting the production. The new configuration will be loaded once the command "Commit" is submitted. You can also do a Commit confirmed to automatically roll back to the previous config after X minutes. 

    What needs improvement?

    The visibility/reporting could be better. To see something, you have to export the log to a syslog and then process with another product.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    We have used it for years without any stability issues.

    What do I think about the scalability of the solution?

    We haven't encountered scalability issues.

    How are customer service and technical support?

    Technical support is pretty good. I would rate it eight out of 10.

    Which solution did I use previously and why did I switch?

    I previously used a Netscreen ISG1000 firewall. I switched because the ISG was end-of-life and Netscreen was bought by Juniper.

    How was the initial setup?

    Initial setup was complex because Junos is totally different than ScreenOS. But with some introductory courses and some googling it becomes much easier.

    What's my experience with pricing, setup cost, and licensing?

    I’m just the tech, I didn’t take part in the price negotiation. I would say about $20,000 for a SRX650 with IDP licence.

    Which other solutions did I evaluate?

    No, we didn't evaluate other options. This was a natural way for us to migrate from ISG to SRX.

    What other advice do I have?

    Be sure you know what you are looking for. The SRX650 is a perfect product for a small datacenter, not for a branch office where you need lots of visibility.

    Implement your structure (zones) first, on paper, before starting to configure it.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Tarek Menshawy
    Senior Network and Security Consultant, JNCIE-SEC#408 at a financial services firm with 501-1,000 employees
    Real User
    Improves our operational performance and stability; there are no outages

    Pros and Cons

    • "​It's a reliable firewall and very stable, for both the hardware and applications it is stable."
    • "It'sa very secure device, it has good attack prevention capabilities using UTM."

      How has it helped my organization?

      The greatest improvement we have seen is in operational performance and operational stability. There are no outages.

      What is most valuable?

      • It's a reliable firewall and very stable, for both the hardware and applications it is stable. 
      • It's very powerful. 
      • It's also a very secure device, it has good attack prevention capabilities using UTM.
      • It's user-friendly with a good UI.
      • It has powerful CLI.

      What needs improvement?

      It's not 100%, it's not a perfect product, some points need to be adjusted, need to be enhanced.

      For how long have I used the solution?

      More than five years.

      What do I think about the stability of the solution?

      There have been no issues with this product.

      What do I think about the scalability of the solution?

      It's a very scalable product.

      How are customer service and technical support?

      I think they have professional support. Support is really good, they are professional engineers.

      Customer support is very good.

      Which solution did I use previously and why did I switch?

      I used Cisco, and Palo Alto, and used McAfee. As a consultant, a systems integrator, if customers go to SRX it's because of its features and the stability of the product. It's the most stable product.

      How was the initial setup?

      It was very straightforward, very clear.

      Which other solutions did I evaluate?

      Other than Palo Alto, StrongSoft is very stable. Cisco Firepower is very unstable.

      What other advice do I have?

      I can say for, that for a datacenter, and for price, first I appreciate Palo Alto and then I appreciate Juniper, more than the others.

      Support for Juniper is best, better than Palo Alto, but Palo Alto is more powerful. And there is a big difference in pricing.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      Senior Network Analyst at a energy/utilities company with 10,001+ employees
      Real User
      Large total throughput, and we are able to change configurations without downtime

      Pros and Cons

      • "The rollback option and Commit Confirmed are great features. They give us the security to change configurations without downtime."
      • "It would be good if Junos had "unique commands" between all hierarchical levels, discarding the use of the "Run" command."

      How has it helped my organization?

      • Manipulation of rules
      • Flexibility in day-by-day use

      What is most valuable?

      Junos is the best OS for networks. It is very powerful and flexible.

      The rollback option and Commit Confirmed are great features. They give us the security to change configurations without downtime.

      What needs improvement?

      It would be good if Junos had "unique commands" between all hierarchical levels, discarding the use of the "Run" command.

      The robustness of Linux on top of Junos can be more effective after power down.

      For how long have I used the solution?

      Less than one year.

      What do I think about the stability of the solution?

      No stability issues.

      What do I think about the scalability of the solution?

      No scalability issues.

      How are customer service and technical support?

      High level of technical support.

      Which solution did I use previously and why did I switch?

      We used Fortinet, and changed to Juniper to use Junos.

      How was the initial setup?

      Easy.

      What's my experience with pricing, setup cost, and licensing?

      Pricing is very good, not expensive.

      What other advice do I have?

      We use the SRX1500 with Junos 15.1X49-D75.5. 

      I rate the product 10 out of 10. It is very strong and Junos is very powerful. The total throughput is very large.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      Ales Ciber
      ICT System Specialist at a comms service provider with 1,001-5,000 employees
      Real User
      Provides good routing and high performance of the data center

      Pros and Cons

      • "It provides good routing and high performance of the data center."
      • "The web interface on Juniper SRX is just a short conversion from Junos OS CLI; this is not very suitable for users with little expertise/"

      What is our primary use case?

      One solution is data center Firewall and also we use this solution for protection our service GI + Triple Play

      How has it helped my organization?

      It provides good routing and high performance of the data center. It solves protecting our datacenter, separate networks and protect data center with FW policies + DPI

      What is most valuable?

      The routing feature is most valuable, because SRX is the best enterprise router. SRX has complete MPLS service features with L3VPN, VPLS, EVPN. You can also combine Router and FW in one box, with selective packet filter to bypass flow engine and set traffic to packet mode.

      What needs improvement?

      Web management needs to improve. The web interface on Juniper SRX is just a short conversion from Junos OS CLI; this is not very suitable for users with little expertise.

      But Juniper has complete MGMT for managing SRX devices and other Juniper devices. it' s called Junos Space with APP security director for security devices. It's good, but there is space for improvment.


      What do I think about the stability of the solution?

      There were some stability issues.

      What do I think about the scalability of the solution?

      There are not many scalability issues experienced.

      How are customer service and technical support?

      I would give the technical support an eight out of 10 rating.

      Which solution did I use previously and why did I switch?

      Previously, we were using the old Juniper ScreenOS, we switched due to end-of-support. I have also expertise with Cisco ASA, Cisco Firepower, Checkpoint R80.10, Dell Sonicwall, Fortinet.

      How was the initial setup?

      The setup was very complex, e.g., if you are beginner.

      What about the implementation team?

      We implement is by our self with team in-house.

      What's my experience with pricing, setup cost, and licensing?

      The prices are very good as compared to other vendors.

      Which other solutions did I evaluate?

      We looked at Cisco, FortiGate, Palo Alto

      What other advice do I have?

      It is a very good router with firewall.

      Disclosure: My company has a business relationship with this vendor other than being a customer: We are partners.
      it_user701490
      Network | Firewall Engineer - Cloud Managed Services Delivery at a tech services company with 10,001+ employees
      Consultant
      Having this design has greatly simplified the network and improved operational efficiency of support staffs

      What is most valuable?

      Valuable features for us include:

      • Routing: When firewalls can also perform full routing functionality, it helps to save cost on dedicated routing hardware.
      • High Availability (clustering): This is important to ensure service availability in the event of a node failure. These firewalls in HA mode consist of a primary and backup node, and provide redundancy such that if one of the nodes fails, the other node will take over.
      • Deep packet inspection (DPI) capabilities: Juniper SRX firewalls inspect packets as they traverse the firewalls and it goes beyond the traditional five tuples (source IP, destination IP, protocol, source port, and destination port) packet inspection by using the App-ID engine to inspect the protocol to correctly identify applications. It further rate-limits traffic, using the AppQoS features, based on specific types of applications.
      • IPSec VPN: This is crucial because it provides secure site to site connectivity between the DC and remote locations. Traffic traversing the secure link is protected from the prying eyes of unauthorized intruders or the man-in-the-middle.

      These features are valuable because they allow smooth operation of the business from a technology standpoint. Again, this is relative.

      How has it helped my organization?

      There was a business need to provide service high availability and system redundancy in addition to routing and firewalling at the internet edge and the datacenter core.

      Having this design has greatly simplified the network and improved operational efficiency of support staffs.

      What needs improvement?

      The GUI needs improving.

      For how long have I used the solution?

      We have been using the solution for seven years, providing design, implementation, support, and optimization.

      What do I think about the stability of the solution?

      We had a stability issue. Just like any other vendor, there are code stability issues on some of the platforms. However, there is always a recommended code version for each platform.

      What do I think about the scalability of the solution?

      We did not encounter issues with scalability, but this depends on the environment. The DC class firewalls can scale vertically or horizontally.

      How are customer service and technical support?

      They provide an awesome technical support.

      Which solution did I use previously and why did I switch?

      We used Cisco and CheckPoint. Routing functionality and advanced security services were limited.

      How was the initial setup?

      The setup was straightforward and simple once you understand the building blocks of Junos and firewalls.

      What's my experience with pricing, setup cost, and licensing?

      Pricing and licensing are very reasonable.

      Which other solutions did I evaluate?

      We evaluated Palo Alto and Fortinet.

      What other advice do I have?

      This product will offer maximum performance and capacity.

      It is extremely reliable depending on the business need. It supports full routing functionality and advanced security services like Application Security, Unified Threat Management (UTM), IPS, and threat intelligence.

      Advanced security services require a license.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user700152
      NOKIA Lead Engineer at a comms service provider with 10,001+ employees
      Vendor
      We are satisfied with its stability , but we don’t advise others to implement a cluster design other than Active/Passive.

      What is most valuable?

      Stateful inspection , IPSEC and NAT as per our customers' design. The boxes are used as SecGW, Gi and SGi Firewall, those are the features usually needed in 3G/4G context.

      How has it helped my organization?

      It improved in term of security.

      What needs improvement?

      Clustering fab interface doesn't support bandwidth aggregation. This limitation caused a huge design change in our network.

      For how long have I used the solution?

      I've used the solution for eight years.

      What do I think about the stability of the solution?

      Yes, some bugs in module restart and cluster failover, but without outage.

      What do I think about the scalability of the solution?

      Yes, fab interface doesn't support bandwidth aggregation

      How are customer service and technical support?

      9 out of 10.

      Which solution did I use previously and why did I switch?

      No, we didn't.

      How was the initial setup?

      Not complex.

      What's my experience with pricing, setup cost, and licensing?

      We didn’t use any other solutions so I can’t compare this to others.

      Which other solutions did I evaluate?

      No.

      What other advice do I have?

      We are satisfied with its stability , but we don’t advise others to implement a cluster design other than Active/Passive.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user697011
      Systems Engineer with 1,001-5,000 employees
      MSP
      Consolidation combines routing, switching, and firewall services in one device

      What is most valuable?

      • Form factor: It is small, very nimble, and can be deployed in very small environments which do not have wiring closets.
      • Consolidation: It combines routing, switching, and firewall services in one device.
      • Stable OS: There is a one Junos release training for all the Juniper products, thus minimizes the training needed and enhances interoperability.
      • Open standards: The Juniper OS is based on the open standards and making it very interoperable in the mixed vendor environments.
      • Superior performance: This can be achieved by true separation of control and data plane, hence data plane inefficiencies do not affect the control plane and vice versa.
      • Cloud-enabled device: The SRX300 is cloud-ready and can be used to implement SDSN in micro-environments.

      How has it helped my organization?

      It has greatly reduced the network management functions by reducing the number of devices to manage (one vs three), and easy fault management using the new GUI.

      What needs improvement?

      Disaggregation (this is available in the box) should be improved to include software intelligence that is actionable.

      For how long have I used the solution?

      I have used this solution for about four and a half years.

      What do I think about the stability of the solution?

      There were no stability issues. It is a very stable and reliable product. It can run for several years without a single glitch.

      What do I think about the scalability of the solution?

      It is highly scalable for its target market.

      How are customer service and technical support?

      The technical support team is very co-operative and gives quick responses for the logged cases. A hundred percent of the logged cases have been resolved within the SLA period.

      Which solution did I use previously and why did I switch?

      We looked at MikroTik. However, more features such as the performance, scalability, and consolidation were available on the Juniper device.

      How was the initial setup?

      The initial setup was simple and can be done 100% via the GUI.

      What's my experience with pricing, setup cost, and licensing?

      The price per performance value is the best out there in the market. No licensing is needed for all the features apart from the security part, i.e., no licensing for extra services and VPN comes free in the base.

      Which other solutions did I evaluate?

      We evaluated the FortiGate 80 and 60 series and Cisco ASA 5500.

      What other advice do I have?

      The Juniper SRX300 is a stable and very reliable product, packed with a lot of capabilities that are not available in the competing products of the same range. I would highly recommend this product to anyone interested in implementing it.

      This box has it all and is more for the small-scale branch market. Packaged as an all-in-one routing, switching, and security solution, the SRX300 minimizes the need to deploy separate devices to perform these functions by leveraging on its consolidation, all coming with the carrier-grade capabilities.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user453054
      NCP Team Lead Secured Networks at a tech services company with 501-1,000 employees
      Consultant
      One valuable feature is the reliability of the Junos OS. There is not a global database of objects.

      What is most valuable?

      One valuable feature is the reliability of the Junos OS. However, we did not make full use of the UTM functionality.

      How has it helped my organization?

      We have experienced more dependability.

      What needs improvement?

      Management: Junos Space Security Director is not great and there is no global database of objects.

      For how long have I used the solution?

      We have been using the product for about six years.

      What do I think about the stability of the solution?

      We did not encounter any issues with stability.

      What do I think about the scalability of the solution?

      The clustering of a maximum of two nodes limited some architectural options.

      How are customer service and technical support?

      Support is what the end customer buys. Unfortunately, it's not always from Juniper.

      Which solution did I use previously and why did I switch?

      We migrated from Juniper Screen OS to Junos. We are leaving Juniper now as their focus on security seems to have dropped.

      How was the initial setup?

      The setup was no more difficult than switching to any other firewall implementation.

      What other advice do I have?

      Be wary of Juniper's stake in the security realm. If they are ramping up again and are again competing with Check Point, Palo Alto, and FortiGate, then they are worthy of consideration. It is also worth your consideration if your network is Juniper based and you have a secondary firewall vendor.

      Disclosure: My company has a business relationship with this vendor other than being a customer: We are a partner.
      Maroun Abboud
      Data Department Manager at BTC Networks
      Real User
      As a firewall in general, it is good.

      What is most valuable?

      As a firewall in general, it is good.

      How has it helped my organization?

      As we are a solution provider and not product oriented, we give the best solution for our customers, with a good price. We are the number one company in the region, BTC, and operate in Egypt, Iraq, Jordan, Lebanon, and Saudi Arabia.

      For how long have I used the solution?

      I've used Juniper products for over 10 years. Alongside SRX I also use Netscreen, SSG, and WXC. As a UTM, Juniper is 5/10.

      What was my experience with deployment of the solution?

      No issues encountered.

      What do I think about the scalability of the solution?

      No issues encountered.

      How are customer service and technical support?

      Customer Service:

      For me, the customer satisfaction, and awareness, is the most important thing. I usually train all my clients on their chosen system.

      Technical Support:

      10/10

      Which solution did I use previously and why did I switch?

      As we are a service provider, we offer various other products to our customer:

      • Astaro ASG
      • Avaya/Netscreen
      • Fortinet
      • HP Switches & WiFi
      • Juniper SSG
      • Juniper SRX 210 & 240
      • Juniper WXC
      • Sophos next generation SG, including RED, SG, and WiFi
      • Telindus Crocus E1

      How was the initial setup?

      For me, the installation and setup is simple. I work hard to do the simulation for the customer, and discuss all the requirements before implementation with the client.

      What other advice do I have?

      Give us 10 minutes of your time, and we will show you the differences. When I do presentations, I give potential clients demo access to the solution(s) I am presenting.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user231273
      IT Project Manager at a comms service provider with 51-200 employees
      Vendor
      There were no issues with the deployment but the GUI needs to be improved.

      What is most valuable?

      Unified OS - free BSD UNIX IDP

      How has it helped my organization?

      We’ve connected this product on a GSM core network for a 3G deployment project.

      What needs improvement?

      The GUI.

      For how long have I used the solution?

      I've used it for one year.

      What was my experience with deployment of the solution?

      No issues encountered.

      What do I think about the stability of the solution?

      No issues encountered.

      What do I think about the scalability of the solution?

      No issues encountered.

      How are customer service and technical support?

      Customer Service: It's good. Technical Support: It's good.

      Which solution did I use previously and why did I switch?

      Our customer decided to switch from Cisco to Juniper for their security deployment.

      What about

      What is most valuable?

      • Unified OS - free BSD UNIX
      • IDP

      How has it helped my organization?

      We’ve connected this product on a GSM core network for a 3G deployment project.

      What needs improvement?

      The GUI.

      For how long have I used the solution?

      I've used it for one year.

      What was my experience with deployment of the solution?

      No issues encountered.

      What do I think about the stability of the solution?

      No issues encountered.

      What do I think about the scalability of the solution?

      No issues encountered.

      How are customer service and technical support?

      Customer Service:

      It's good.

      Technical Support:

      It's good.

      Which solution did I use previously and why did I switch?

      Our customer decided to switch from Cisco to Juniper for their security deployment.

      What about the implementation team?

      It was an in-house implementation.

      Disclosure: My company has a business relationship with this vendor other than being a customer: We have a latinum partnership
      it_user222999
      Network Security Engineer at a tech services company with 51-200 employees
      Consultant
      Routing needs improving, however, it's a straightforward setup.

      Valuable Features

      Traceoptions Commit check Route/IPSEC VPN

      Improvements to My Organization

      It provides us with easy options for troubleshooting.

      Room for Improvement

      Switching Routing

      Use of Solution

      I've used them for two years.

      Deployment Issues

      No issues encountered.

      Stability Issues

      No issues encountered.

      Scalability Issues

      There were limited security zones with each model.

      Customer Service and Technical Support

      Customer Service: 10/10. Technical Support: 9/10.

      Initial Setup

      It's a straightforward setup for us as we have a configuration template.

      Other Solutions Considered

      It depends on our customers requirements.

      Other Advice

      Check the customer requirement first.

      Valuable Features

      • Traceoptions
      • Commit check
      • Route/IPSEC VPN

      Improvements to My Organization

      It provides us with easy options for troubleshooting.

      Room for Improvement

      • Switching
      • Routing

      Use of Solution

      I've used them for two years.

      Deployment Issues

      No issues encountered.

      Stability Issues

      No issues encountered.

      Scalability Issues

      There were limited security zones with each model.

      Customer Service and Technical Support

      Customer Service:

      10/10.

      Technical Support:

      9/10.

      Initial Setup

      It's a straightforward setup for us as we have a configuration template.

      Other Solutions Considered

      It depends on our customers requirements.

      Other Advice

      Check the customer requirement first.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user162552
      Head of section at a university with 1,001-5,000 employees
      Vendor
      Stability in a heavy Microsoft environment could be better, but fast packet mover is a valuable feature.

      What is most valuable?

      Fast packet mover, uptime.

      What needs improvement?

      Stability in a heavy Microsoft environment, RPC communication.

      For how long have I used the solution?

      5 years.

      What was my experience with deployment of the solution?

      Numerous deplyoment issues, very early product at the time.

      What do I think about the stability of the solution?

      Numerous deployment issues, very early product at the time.

      What do I think about the scalability of the solution?

      No scalability issues at all, very good for scalability.

      How are customer service and technical support?

      Customer Service: Very impressive, but you have to know the inner workings of JTAC. Technical Support: Very impressive, but you have to know the inner workings of JTAC. Juniper has a very effective…

      What is most valuable?

      Fast packet mover, uptime.

      What needs improvement?

      Stability in a heavy Microsoft environment, RPC communication.

      For how long have I used the solution?

      5 years.

      What was my experience with deployment of the solution?

      Numerous deplyoment issues, very early product at the time.

      What do I think about the stability of the solution?

      Numerous deployment issues, very early product at the time.

      What do I think about the scalability of the solution?

      No scalability issues at all, very good for scalability.

      How are customer service and technical support?

      Customer Service:

      Very impressive, but you have to know the inner workings of JTAC.

      Technical Support:

      Very impressive, but you have to know the inner workings of JTAC. Juniper has a very effective 24/7 Follow The Sun.

      Which solution did I use previously and why did I switch?

      Juniper SSG, switched because of capacity and change of focus from Juniper.

      What other advice do I have?

      Be aware if you need RPC. Out of 18 software versions only 2 has been without issues with RPC.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      Buyer's Guide
      Download our free Juniper SRX Report and get advice and tips from experienced pros sharing their opinions.