We changed our name from IT Central Station: Here's why

Cisco ASA Firewall vs Juniper SRX comparison

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Cisco ASA Firewall vs. Juniper SRX and other solutions. Updated: January 2022.
563,148 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports.""The customer service/technical support is very good with this solution.""I like the firewall features, Snort, and the Intrusion Prevention System (IPS).""It's got the capabilities of amassing a lot of throughput with remote access and VPNs.""Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality.""I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable.""If configured, Firepower provides us with application visibility and control.""We have not had to deal with stability issues."

More Cisco Firepower NGFW Firewall Pros →

"The remote VPN and IPsec VPN or site-to-site VPN features are valuable. The clustering feature is also valuable. We have two ISP links. Whenever there is a failover, users don't even get to know. The transition is very smooth, and the users don't notice any latency. So, remote VPN, site-to-site VPN, and failover are three very powerful features of Cisco ASA.""The remote access, VPN, and ACL features are valuable. We are using role-based access for individuals.""The management aspect of the product is very straightforward.""If you have a solution that is creating a script and you need to deploy many implementations, you can create a script in the device and it will be the same for all. After that, you just have to do the fine tuning.""The user interface, the UI, is excellent on the solution.""The solution is excellent for enterprise-level networks.""The most valuable feature is the ability to block almost all of the ports.""Cisco has the best documentation. You can easily find multiple documents by searching the web. Even a child can go online and find the required information."

More Cisco ASA Firewall Pros →

"It is very fast and very easy to maintain. Another nice part of it is that you can easily extract the logs and move them over to a security operations center.""What I like the most about Juniper is that they have the same CLI on all routers, switches, and firewalls. If you have worked with any Juniper device, such as a Juniper router, you will be able to work with an SRX, which is really cool. It is a nice experience to work with every device of Juniper, not only firewalls.""The CLI works perfectly.""The solution has been good for fulfilling our basic needs.""Technical support is perfect.""I have used technical support quite a bit, and they are really good.""Technical support is good. They quickly respond, and they even have local help here. They can actually give you an answer very quickly.""The features that I have found valuable are the ones for the main purpose we are using Juniper - its firewall to protect our network for our internet access."

More Juniper SRX Pros →

Cons
"The solution could offer better control that would allow the ability to restrictions certain features from a website.""On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it.""The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved.""It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience.""The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs.""Cisco makes horrible UIs, so the interface is something that should be improved.""FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it.""The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."

More Cisco Firepower NGFW Firewall Cons →

"Cisco should work on ASDM. One of the biggest drawbacks of Cisco ASA is ASDM GUI. Cisco should improve the ASDM GUI. The configuration through ASDM is really difficult as compared to CLI. Sometimes when you are doing the configuration in ASDM, it suddenly crashes. It also crashes while pushing a policy. Cisco should really work on this.""I think the ASA layer is thin. It's always Layer 3 or Layer 4 source controller and doesn't control the Layer 7 traffic. It's important, and you'll need an additional firewall.""I don't have to see all the object groups that have been created on that firewall. That's just something that I would really appreciate on the CLA, even though it already exists on the GUI.""When comparing the graphical interface of this solution to other vendors it is more difficult to configure. There is a higher learning curve for administrators in this solution.""Its configuration through GUI as well as CLI can be improved and made easier.""It is expensive.""I would say that in inexperienced hands, the interface can be kind of overwhelming. There are just a lot of options. Too much, if you don't know what you are looking for or trying to do.""The configuration is an area that needs improvement."

More Cisco ASA Firewall Cons →

"It was very difficult to deal with and required a lot of support, and the UI is very poor.""It could have features that other products support like blade options and stand-alone endpoint security.""As a networking person, I don't really have any major issues with this device. Based on my experience of using it in a cluster, it could be more stable. I had an incident when one of the SRXs in a cluster couldn't learn ARP. It is a good solution, but firewalls don't seem to be an area of development for Juniper. They are focusing on data centers, routers, and switches, not firewalls.""Its logging is very good, but we would like to have an easier way of creating more reports. We would like to be able to manipulate the reports or manage the way the reports are coming out.""The reporting is lacking.""The user interface is something that Juniper needs to improve.""The training videos that are available need to be improved, and made more educative.""Sometimes committing configurations takes a lot of time in Juniper because of the connections, and it could be a little bit faster."

More Juniper SRX Cons →

Pricing and Cost Advice
  • "Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
  • "There are additional implementation and validation costs."
  • "Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
  • "This product requires licenses for advanced features including Snort, IPS, and malware detection."
  • "This product is expensive."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The price of Firepower is not bad compared to other products."
  • "The solution was chosen because of its price compared to other similar solutions."
  • More Cisco Firepower NGFW Firewall Pricing and Cost Advice →

  • "In terms of costs, other solutions are more expensive than Cisco. Palo Alto is more expensive than Cisco."
  • "There is room for improvement in the pricing when compared to the market. Although, when you compare the benefits of support from Cisco, you can adjust the value and it becomes comparable, because you usually need very good support. So you gain value there with this device."
  • "When it comes to Cisco, the price of everything is higher. Cisco firewalls are expensive, but we get support from Cisco, and that support is very active."
  • "Cisco is expensive, but you do get benefits for the price."
  • "It's a brilliant firewall, and the fact that it comes with a perpetual license really does go far in terms of helping the organization in not having to deal with those costs on an annual basis. That is a pain point when it comes to services like the ones we have on Fortigate. That's where we really give Cisco firewalls the thumbs up."
  • "The licensing is a bit off because the physical firewall is cheaper than the virtual one. We only have the physical ones as they are cheaper than the virtual ones. We only use the physical firewalls because of the price difference."
  • "Always consider what you might need to reduce your wasted time and invest it in other solutions."
  • "Cisco is considered to be an expensive solution."
  • More Cisco ASA Firewall Pricing and Cost Advice →

  • "Compared to other vendors, the pricing of this solution is good."
  • "The product itself is costly and the price of migration is very high."
  • "This is an expensive product."
  • "The price is reasonable."
  • "The price could improve, it is a bit expensive."
  • "Its price is reasonable. In India, most of the products have a similar price. There is only a 5% to 10% variation in the price of different brands."
  • "There is a licensing fee."
  • "In general, their price definitely couldn't be cheaper."
  • More Juniper SRX Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    563,148 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer: 
    The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
    Top Answer: 
    It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer: 
    One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
    Top Answer: 
    Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports… more »
    Top Answer: 
    When looking to change our ASA Firewall, we looked into Palo Alto’s WildFire. It works especially in preventing advanced… more »
    Top Answer: 
    I'm not sure we are satisfied fully with the pricetag of Juniper SRX, but we understand why the dealer prices it this… more »
    Top Answer: 
    Its logging is very good, but we would like to have an easier way of creating more reports. We would like to be able to… more »
    Comparisons
    Also Known As
    Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
    Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv
    SRX
    Learn More
    Overview

    Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
    small/branch offices to high performance data centers and service providers. Available in a wide
    range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
    defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
    Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
    features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
    volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
    for increased performance, high availability configurations, and more.
    Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
    deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
    the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
    can deliver micro-segmentation to protect east-west network traffic.
    Cisco firewalls provide consistent security policies, enforcement, and protection across all your
    environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
    delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
    SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
    greater simplicity, visibility, and efficiency.
    Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

    Cisco ASA firewalls deliver enterprise-class firewall functionality with highly scalable and flexible VPN capabilities to meet diverse needs, from small/branch offices to high performance data centers and service providers. Available in a wide range of models, Cisco ASA can be deployed as a physical or virtual appliance. Flexible VPN capabilities include support for remote access, site-to-site, and clientless VPN. Also, select appliances support clustering for increased performance, VPN load balancing to optimize available resources, advanced high availability configurations, and more.

    Cisco ASAv is the virtualized version of the Cisco ASA firewall. Widely deployed in leading private and public clouds, Cisco ASAv is ideal for remote worker and multi-tenant environments. The solution scales up/down to meet performance requirements and high availability provides resilience. Also, Cisco ASAv can deliver micro-segmentation to protect east-west network traffic.

    Cisco firewalls provide consistent security policies, enforcement, and protection across all your environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables greater simplicity, visibility, and efficiency.

    Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

    High-performance security with advanced, integrated threat intelligence, delivered on the industry's most scalable and resilient platform. SRX Series gateways set new benchmarks with 100GbE interfaces and feature Express Path technology, which enables up to 1 Tbps performance for the data center.
    Offer
    Learn more about Cisco Firepower NGFW Firewall
    Learn more about Cisco ASA Firewall
    Learn more about Juniper SRX
    Sample Customers
    Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
    There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
    7-Eleven, AARNet Pty Ltd, Allegro Networks, alltours GmbH, Apollo Hotel Papendrecht, Armstrong Atlantic State University, Atlantech Online, Availity, Bajaj Capital, Baloise Insurance, BancABC, BAS Group, Black Lotus, Blue Box, Borealis, Carilion Clinic, Catholic Health System, CATV, Champlain College, Chinas Ministry of Railways, China University of Mining and Technology (CUMT), Cloud Dynamics, CloudSeeds, Cloudwatt, CODONiS, Colt Technology Services, Cork Internet Exchange, CSS Versicherung AG, CyrusOne, Danish Crown, Deloitte Belgium, Department of Energy, Divona Telecom, DQE Communications, DreamHost, European Government Agency, Expedient, Financial Market Information Services Provider, Fluidata, Fonality, Fox Sports, Global Financial Institution, Global Investment Bank, Global Investment Company, Energy Sciences Network (ESnet), Goethe University, HEAnet, High Performance Networks Inc., Hillenbrand
    Top Industries
    REVIEWERS
    Comms Service Provider22%
    Financial Services Firm16%
    Manufacturing Company8%
    Non Profit8%
    VISITORS READING REVIEWS
    Comms Service Provider33%
    Computer Software Company21%
    Government7%
    Manufacturing Company4%
    REVIEWERS
    Financial Services Firm17%
    Comms Service Provider13%
    Manufacturing Company10%
    Computer Software Company7%
    VISITORS READING REVIEWS
    Comms Service Provider35%
    Computer Software Company21%
    Government5%
    Educational Organization4%
    REVIEWERS
    Comms Service Provider43%
    Financial Services Firm17%
    Energy/Utilities Company6%
    Computer Software Company6%
    VISITORS READING REVIEWS
    Comms Service Provider37%
    Computer Software Company23%
    Government6%
    Financial Services Firm3%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise28%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise66%
    REVIEWERS
    Small Business35%
    Midsize Enterprise26%
    Large Enterprise39%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise16%
    Large Enterprise56%
    REVIEWERS
    Small Business41%
    Midsize Enterprise22%
    Large Enterprise37%
    VISITORS READING REVIEWS
    Small Business32%
    Midsize Enterprise23%
    Large Enterprise45%
    Find out what your peers are saying about Cisco ASA Firewall vs. Juniper SRX and other solutions. Updated: January 2022.
    563,148 professionals have used our research since 2012.

    Cisco ASA Firewall is ranked 6th in Firewalls with 62 reviews while Juniper SRX is ranked 14th in Firewalls with 35 reviews. Cisco ASA Firewall is rated 8.0, while Juniper SRX is rated 7.8. The top reviewer of Cisco ASA Firewall writes "Robust solution that integrates well with both Cisco products and products from other vendors". On the other hand, the top reviewer of Juniper SRX writes "This best in class Next-Gen firewall is elegant in its ease-of-use and architecture". Cisco ASA Firewall is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, Meraki MX, pfSense and SonicWall TZ, whereas Juniper SRX is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, pfSense, Meraki MX and Palo Alto Networks VM-Series. See our Cisco ASA Firewall vs. Juniper SRX report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.