We performed a comparison between Cisco Secure Firewall vs Juniper SRX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. Each of them have a good set of features, and the solution you choose will ultimately be dependent on your company’s specific preferences and requirements.
"We purchased Fortinet because of the pricing, its functionality, because it met our requirements, and the total cost of ownership over five years was quite reasonable. In the market, Fortinet is rated quite well."
"The features that we have found most valuable are the SSL VPN and the User Portal."
"The solution is very user-friendly."
"The most valuable features are that it is very simple to configure and to manage."
"It is quite easy to handle."
"The integration with Active Directory is one of the good features. Most of the customers are now looking for the Single Sign-on feature. So, being able to integrate Active Directory with the firewall is useful. It is also easy."
"The security features that they have are quite good. On top of that, their licensing model is quite nice where they don't charge you anything for the SD-WAN functionality for the firewall."
"Consolidated our network environment at all locations, but mainly at our datacenter."
"The web interface was easy for me. The configuration is logical, so it's easy to use and easy to understand how to protect, how to open a port, how to manage and how to route a device. That's why I prefer Cisco. It's robust and I never have issues with the hardware. That's why I choose Cisco and not another vendor."
"For companies prioritizing security, the optimal choice is one that offers a range of feeds to cater to diverse needs. This is particularly crucial for organizations implementing DDoS mitigation. The preferred solutions typically align with the top server vendors, with Cisco, Forti, and Barracuda consistently ranking among the top three vendors we collaborate with."
"The most valuable feature is IPS. It's a feature that's very interesting for tackling the most current attacks."
"This solution helped us to identify the key areas where we need to focus to block traffic that is malicious to our organization."
"Cisco ASA NGFW significantly improves our bank. It protects any high-value products that we use from hackers, viruses, malware, and script-bots. It gives us metrics on network traffic as well as what kind of attacks we are getting from the outside."
"It provides security for our company and users."
"Malicious URLs are being blocked."
"For our very specific use case, for remote access for VPN, ASAs are very good."
"Most of our clients use it as a traditional firewall, blocking Layer 3 and Layer 4, blocking by transport."
"Juniper SRX is a very powerful firewall and sometimes can be used as a router."
"CLI: Junos CLI is very easy to use, and it is also very easy to find back items in the configuration and to change them."
"We mostly use the Layer 4 firewall functions: Access rules, NAT, and site-to-site IPsec VPN."
"The CLI works perfectly."
"On a scale from one to ten, one being the worst and ten being the best I'd give Juniper SRX an overall rating of eight because of its' competitive price."
"The solution is stable, inexpensive, and works well for medium size companies."
"The reason that we picked Juniper SRX is for the scalability, the fit for purpose, the tools that are available, the ongoing support and the ability to monitor, but particularly for the virtual routers in our data centers so that we can quickly upscale them when needed, when we need more throughput."
"Bandwidth usage in reporting could be improved for Fortinet FortiGate."
"The support from Fortinet FortiGate could improve. They are not easily accessible when we need them. They could improve their response time."
"The cloud management and automation capability could be improved."
"One of the problems I was having was with user mapping, and it is an issue for which I have escalated tickets with Fortinet support."
"The integration with third-party tools may be something that they should work on."
"In terms of what could be improved, the SD-WAN is quite difficult, because if you install the new box, 15 is okay, but if you change from an old configuration, if there is already configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface."
"The pricing could be a bit better, especially when you consider how they have the most basic offering priced."
"For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial."
"The operation of the ASA is good but the problem is that whenever you require an upgrade, there are multiple pieces of software that you have to upgrade. Extensive planning is required, because if you upgrade one piece of the software it has to be compatible with the others as well. You always need to check the compatibility metrics."
"An area of improvement for this solution is the console visualization."
"Licensing is complex, and I'd like it to be simplified. This is an area for improvement."
"We wanted to integrate Firepower with our solution, but it didn't have the capability to accommodate our bandwidth since they only had two 10 gig interfaces on the box. We run way more than that through our network because we are a service provider, providing Internet to our customers."
"It is a good firewall, though not NextGen."
"I needed to be well-versed with all the command lines for Cisco ASA in order to fully utilize it. I missed this info and wasted some operational costs."
"It is my understanding that they are in the process of discontinuing this device."
"For the new line of FTDs, the performance could be improved. We sometimes have issues with the 41 series, depending what we activate. If we activate too many intrusion policies, it affects the CPU."
"It could be more secure."
"The CPU switch could be improved for a better overall performance of traffic flow."
"The solution's configurations and syntax are specific and more complicated than other platforms."
"It could improve areas which need high performance."
"Third-party support for Juniper is a lot less than Cisco. This is no surprise, but a definite consideration if you are expecting to use a lot of third party support. In my guesstimate, for every 100 Cisco shops, you will find one Juniper shop."
"J-Web, Juniper Web, is sometimes not working great when users are increasing their internet use. Additionally, they need to improve the GUI, graphical user interface, and the firewall management needs to improve. Their CLI is good, but sometimes the GUI is very slow."
"Juniper SRX is stable, but it could improve. FortiGate has better stability than Juniper SRX."
"It was very difficult to deal with and required a lot of support, and the UI is very poor."
Cisco Secure Firewall is ranked 4th in Firewalls with 112 reviews while Juniper SRX Series Firewall is ranked 19th in Firewalls with 18 reviews. Cisco Secure Firewall is rated 8.2, while Juniper SRX Series Firewall is rated 7.8. The top reviewer of Cisco Secure Firewall writes "Includes multiple tools that help manage and troubleshoot, but needs SD-WAN for load balancing". On the other hand, the top reviewer of Juniper SRX Series Firewall writes "Useful telecom industry functionality, simple deployment, but lacking features". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Juniper SRX Series Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Check Point NGFW, Palo Alto Networks NG Firewalls and Meraki MX. See our Cisco Secure Firewall vs. Juniper SRX Series Firewall report.
See our list of best Firewalls vendors and best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.