"The main thing that I love the most is its policy and objects. Whenever I try to give access to a user, I can create an object via group creation in the object fields. This way, I am not able to enter a user in the policy repeatedly."
"The most valuable feature is stability."
"Since the product is stable, we do not have to spend additional money to buy other firewalls. Once deployed, we can use the product for a long time. Thus, it is cost effective."
"One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now."
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"Firepower has reduced our firewall operational costs by about 25 percent."
"The content filtering is good."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"It is extremely stable I would say — at least after you deploy it."
"The most important feature is the VPN connection."
"The Inline Mode configuration works really well, and ASA works very impressively."
"I like them mostly because they don't break and they have great diagnostics."
"The initial setup is easy."
"The most valuable feature we have found to be the VPN because we use it often."
"The most valuable features are the provision of internet access, AnyConnect, and VPN capabilities."
"The fact that we can use Firepower Management Center gives us visibility. It allows us to see and manage the traffic that is going through the network."
"The solution has proven to be quite stable."
"The most powerful feature in Juniper SRX is definitely NCLS."
"When compared to Palo Alto, Juniper is a better choice when it comes to the enterprise network and connectivity."
"Technical support is perfect."
"The command line in Juniper SRX is extremely powerful, in my opinion. It's one of the best command lines I've used in networking products."
"The GUI is simple to use."
"The user interface is good."
"Great as an inter-segmentation firewall or border or arch-firewall."
"In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard."
"The ability to better integrate with other tools would be an improvement."
"Cisco Firepower NGFW Firewall can be more secure."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."
"One of my colleagues is using the firewall as an IPS, but he is worried about Firepower's performance... With the 10 Gb devices, when it gets to 5 Gbps, the CPU usage goes up a lot and he cannot manage the IPS."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"I would like the ability to drill down into certain reports because currently, that cannot be done."
"Lacks a good graphical user interface."
"The virtual firewalls don't work very well with Cisco AnyConnect."
"The solution needs to have better logging features."
"You need to have a little bit of knowledge to be able to configure it. Otherwise, it would be very difficult to configure because there is no GUI. The latest software available in the market has a GUI and probably zero-touch provisioning and auto-configuration. All these things are not available in our version. You need to manually go and configure everything in the switch. In terms of new features, we would definitely want to have URL-based filtering, traffic steering, and probably a little bit steering in the bandwidth based on the per-user level and per-user group. We will definitely need some of these features in the near future."
"I have used Fortinet, Palo Alto, and Check Point previously and I prefer the process of everything working together."
"One area that could be improved is its logging functionality. Your logs are usually displayed on the screen, but if you want to go back one or two days, then you need another solution in place because those logs are overwritten within minutes."
"When comparing the graphical interface of this solution to other vendors it is more difficult to configure. There is a higher learning curve for administrators in this solution."
"Their models for service providers could improve."
"Its logging is very good, but we would like to have an easier way of creating more reports. We would like to be able to manipulate the reports or manage the way the reports are coming out."
"J-Web, Juniper Web, is sometimes not working great when users are increasing their internet use. Additionally, they need to improve the GUI, graphical user interface, and the firewall management needs to improve. Their CLI is good, but sometimes the GUI is very slow."
"The solution is quite advanced. You need a lot of training to use it effectively."
"The setup process should be improved."
"The range of devices should be expanded to include those suitable for a small implementation. Juniper does not have any lower-priced SRX models, useful perhaps for a single ATM or a single bank branch."
"It could be more secure."
"To compare with Fortinet, Juniper needs to improve their security features."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
Cisco ASA Firewall is ranked 6th in Firewalls with 65 reviews while Juniper SRX is ranked 14th in Firewalls with 37 reviews. Cisco ASA Firewall is rated 8.0, while Juniper SRX is rated 7.8. The top reviewer of Cisco ASA Firewall writes "Packet inspection with ASDM works well, but upgrading requires notable planning and effort". On the other hand, the top reviewer of Juniper SRX writes "This best in class Next-Gen firewall is elegant in its ease-of-use and architecture". Cisco ASA Firewall is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, Meraki MX, pfSense and Sophos XG, whereas Juniper SRX is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, pfSense, Meraki MX and Check Point NGFW. See our Cisco ASA Firewall vs. Juniper SRX report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.