We changed our name from IT Central Station: Here's why

Azure Firewall vs Juniper SRX comparison

Cancel
You must select at least 2 products to compare!
Azure Firewall Logo
18,716 views|15,809 comparisons
Juniper SRX Logo
19,893 views|16,276 comparisons
Featured Review
Find out what your peers are saying about Azure Firewall vs. Juniper SRX and other solutions. Updated: January 2022.
564,643 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be.""You do not have to do everything through a command line which makes it a lot easier to apply rules.""The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands.""Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch.""It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS.""Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports.""Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality.""The customer service/technical support is very good with this solution."

More Cisco Firepower NGFW Firewall Pros →

"I like its order management feature. It doesn't have the kind of threat intelligence that Palo Alto has, but the order management makes it much simpler to know the difference.""The solution has many useful features. For example, the solution allows users to create virtual IP addresses.""Network filtering is valuable. The scalability capability from the cloud-native service helps us a lot because it simplifies our day-to-day maintenance activity.""I can easily configure it.""It's auto-scalable, which is a great feature.""Among the most valuable features are the DDoS protection that protects your virtual machines, the threat intelligence, and traffic filtering.""The solution can autoscale.""Great security and connectivity."

More Azure Firewall Pros →

"It's fine, and it's good. It's very stable.""Technical support has been quite helpful.""The scalability is fine.""It is very fast and very easy to maintain. Another nice part of it is that you can easily extract the logs and move them over to a security operations center.""The CLI works perfectly.""I like the Junos OS, which has been very good for me. It's very clever.""The Juniper SRX series is easy to use.""The solution has been good for fulfilling our basic needs."

More Juniper SRX Pros →

Cons
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here.""FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively.""My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement.""The price and SD-WAN capabilities are the areas that need improvement.""One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box.""The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second.""The solution could offer better control that would allow the ability to restrictions certain features from a website.""The initial setup could be simplified, as it can be complex for new users."

More Cisco Firepower NGFW Firewall Cons →

"The solution lacks artificial intelligence and machine learning. It might be in the roadmap. However, currently, it's not available.""There are a number of things that need to be simplified, but it's mostly costs. It needs to be simplified because it's pretty expensive.""The reporting, logging, and monitoring features, as well as the flexibility of the policies, need to be improved.""They can improve the pricing of Azure Firewall.""It has fewer features than you can get from other firewalls, like anti-spam and anti-phishing. Those kinds of things are not included. It only includes IDS and IDB.""The product could be made more customizable.""It would be much easier if the on-premises, firewall rules, had some kind of export-import possibility in place, which is not the case right now.""For larger enterprises, they need to adjust the scalability."

More Azure Firewall Cons →

"The reporting is lacking.""It must be 5G ready. The 5G network is rolling out soon in India, and Juniper must upgrade their firewall slot to the 5G network, or they must manufacture a 5G dongle card for the Juniper firewall. I want Juniper to upgrade their dongle from 4G to 5G. Presently, they have an expansion slot in the SRX 322 series and higher firewalls. In that expansion slot, they can put a 4G mobility SIM card so that whenever our primary link is down, it will automatically connect through this GSM network and form a tunnel.""The capacity can be limiting. We have outgrown its capacity. You can only scale up to a certain extent, depending on the device purchased.""It should be easier to escalate support tickets.""It could be more secure.""It was very difficult to deal with and required a lot of support, and the UI is very poor.""The setup process should be improved.""J-Web, Juniper Web, is sometimes not working great when users are increasing their internet use. Additionally, they need to improve the GUI, graphical user interface, and the firewall management needs to improve. Their CLI is good, but sometimes the GUI is very slow."

More Juniper SRX Cons →

Pricing and Cost Advice
  • "Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
  • "There are additional implementation and validation costs."
  • "Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
  • "This product requires licenses for advanced features including Snort, IPS, and malware detection."
  • "This product is expensive."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The price of Firepower is not bad compared to other products."
  • "The solution was chosen because of its price compared to other similar solutions."
  • More Cisco Firepower NGFW Firewall Pricing and Cost Advice →

  • "Azure Firewall is more expensive. If Microsoft can make Azure Firewall cheaper, I can see that all clients will think of using it. One client used FortiGate because it is much cheaper. Some clients ask me for Cisco, but in the cloud estimate, I found its cost is the same as Azure Firewall."
  • "Azure Firewall is quite an expensive product."
  • "The licensing module is good."
  • "The total cost of ownership is much less than Palo Alto, Cisco, or any other brand."
  • "It is pay-as-you-go. So, you pay based on the usage. If I remember it well, there is a basic fee, and there is a traffic fee. It is not per month. It is per hour or something like that. It is not so expensive."
  • "Azure Firewalls operate on a pay-as-you-go model, similar to cloud services."
  • More Azure Firewall Pricing and Cost Advice →

  • "Compared to other vendors, the pricing of this solution is good."
  • "The product itself is costly and the price of migration is very high."
  • "This is an expensive product."
  • "The price is reasonable."
  • "The price could improve, it is a bit expensive."
  • "Its price is reasonable. In India, most of the products have a similar price. There is only a 5% to 10% variation in the price of different brands."
  • "There is a licensing fee."
  • "In general, their price definitely couldn't be cheaper."
  • More Juniper SRX Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    564,643 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer: 
    The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
    Top Answer: 
    It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer: 
    Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure… more »
    Top Answer: 
    Both products are very stable and easily scalable. The setup of Azure Firewall is easy and very user-friendly and the… more »
    Top Answer: 
    Both of these solutions are excellent options that provide flexible scalability and solid security. Fortinet Fortigate… more »
    Top Answer: 
    Full-fledged routing and switching alongside NGFW functions. No need to invest in another router for advanced/dynamic… more »
    Top Answer: 
    I'm not sure we are satisfied fully with the pricetag of Juniper SRX, but we understand why the dealer prices it this… more »
    Top Answer: 
    Its logging is very good, but we would like to have an easier way of creating more reports. We would like to be able to… more »
    Comparisons
    Also Known As
    Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
    SRX
    Learn More
    Overview

    Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
    small/branch offices to high performance data centers and service providers. Available in a wide
    range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
    defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
    Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
    features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
    volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
    for increased performance, high availability configurations, and more.
    Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
    deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
    the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
    can deliver micro-segmentation to protect east-west network traffic.
    Cisco firewalls provide consistent security policies, enforcement, and protection across all your
    environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
    delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
    SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
    greater simplicity, visibility, and efficiency.
    Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

    Azure Firewall is a user-friendly, intuitive, cloud-native firewall security solution that provides top-of-the-industry threat protection for all your Azure Virtual Network resources. Azure Firewall is constantly and thoroughly analyzing all traffic and data packets, making it a very valuable and secure fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. Azure Firewall allows users to create virtual IP addresses and provides for secure DDoS protection for the virtual machines on your network. It also provides fast and efficient east-west and north-south traffic security.

    Azure Firewall is a managed, cloud-based network security service built to protect your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.

    Azure Firewall has two significant offerings, Standard and Premium.

    Azure Firewall Standard works directly with Microsoft Cyber Security and supplies excellent L3-L7 filtering and threat awareness. The proactive real-time threat awareness will quickly alert you and immediately deny all traffic to and from any known problematic or suspicious domains or IP addresses. Microsoft Cyber Security is updated continually to protect against all new and known potential threats at all times. To learn more about Azure Firewall Standard, click here.

    Azure Firewall Premium provides everything the standard version does, and additionally adds extra levels of data encryption, network intrusion detection, extended URL filtering, and Web category filters. To learn more about the added features of Azure Firewall Premium, click here.

    Key Benefits and Features of Azure Firewall:

    • High availability - You do not need load balancers with Azure Firewall; it's already built in and ready to go.
    • Self-scalability - Azure Firewall is intuitive and will auto-scale as needed based on traffic flow to be ready for peak traffic times.
    • Threat awareness - Using Microsoft Cyber Security to filter traffic, Azure Firewall will deny any known problematic threats to keep your network safe.
    • Additional IP addresses - You can securely add up to 250 public IP addresses with Azure Firewall
    • Improved web category filtering - You can set up specific protocols to allow or deny categories within websites that are deemed inappropriate for use within your network. You have the ability to organize categories based on a defined set of descriptions.

    What our real users have to say:

    Many IT CEntral Station (soon to be Peerspot) users found Azure Firewall to be very user-friendly and easy to use. They liked that it offers seamless integration to the cloud and were especially pleased with the threat filtering options.

    Regarding integration and threat intelligence, our users wrote:

    “The most valuable feature is the integration into the overall cloud platform.”

    The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats.”

    I think that one of the best features is definitely the premium version, along with the IDPs in terms of the intrusion detection and prevention system.”



    High-performance security with advanced, integrated threat intelligence, delivered on the industry's most scalable and resilient platform. SRX Series gateways set new benchmarks with 100GbE interfaces and feature Express Path technology, which enables up to 1 Tbps performance for the data center.
    Offer
    Learn more about Cisco Firepower NGFW Firewall
    Learn more about Azure Firewall
    Learn more about Juniper SRX
    Sample Customers
    Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
    Information Not Available
    7-Eleven, AARNet Pty Ltd, Allegro Networks, alltours GmbH, Apollo Hotel Papendrecht, Armstrong Atlantic State University, Atlantech Online, Availity, Bajaj Capital, Baloise Insurance, BancABC, BAS Group, Black Lotus, Blue Box, Borealis, Carilion Clinic, Catholic Health System, CATV, Champlain College, Chinas Ministry of Railways, China University of Mining and Technology (CUMT), Cloud Dynamics, CloudSeeds, Cloudwatt, CODONiS, Colt Technology Services, Cork Internet Exchange, CSS Versicherung AG, CyrusOne, Danish Crown, Deloitte Belgium, Department of Energy, Divona Telecom, DQE Communications, DreamHost, European Government Agency, Expedient, Financial Market Information Services Provider, Fluidata, Fonality, Fox Sports, Global Financial Institution, Global Investment Bank, Global Investment Company, Energy Sciences Network (ESnet), Goethe University, HEAnet, High Performance Networks Inc., Hillenbrand
    Top Industries
    REVIEWERS
    Comms Service Provider22%
    Financial Services Firm16%
    Non Profit8%
    Government8%
    VISITORS READING REVIEWS
    Comms Service Provider33%
    Computer Software Company21%
    Government7%
    Manufacturing Company4%
    REVIEWERS
    Computer Software Company23%
    Financial Services Firm23%
    Government15%
    Manufacturing Company15%
    VISITORS READING REVIEWS
    Computer Software Company30%
    Comms Service Provider22%
    Government6%
    Financial Services Firm5%
    REVIEWERS
    Comms Service Provider43%
    Financial Services Firm17%
    Energy/Utilities Company6%
    Computer Software Company6%
    VISITORS READING REVIEWS
    Comms Service Provider37%
    Computer Software Company23%
    Government6%
    Financial Services Firm3%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise28%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise65%
    REVIEWERS
    Small Business23%
    Midsize Enterprise18%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise13%
    Large Enterprise69%
    REVIEWERS
    Small Business41%
    Midsize Enterprise22%
    Large Enterprise37%
    VISITORS READING REVIEWS
    Small Business32%
    Midsize Enterprise23%
    Large Enterprise45%
    Find out what your peers are saying about Azure Firewall vs. Juniper SRX and other solutions. Updated: January 2022.
    564,643 professionals have used our research since 2012.

    Azure Firewall is ranked 19th in Firewalls with 20 reviews while Juniper SRX is ranked 14th in Firewalls with 35 reviews. Azure Firewall is rated 7.2, while Juniper SRX is rated 7.8. The top reviewer of Azure Firewall writes "Good value for your money, good URL filtering, supports intrusion prevention, and is stable". On the other hand, the top reviewer of Juniper SRX writes "This best in class Next-Gen firewall is elegant in its ease-of-use and architecture". Azure Firewall is most compared with Palo Alto Networks NG Firewalls, Palo Alto Networks VM-Series, Fortinet FortiGate-VM, Check Point NGFW and Cisco ASA Firewall, whereas Juniper SRX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, pfSense and OPNsense. See our Azure Firewall vs. Juniper SRX report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.