Juniper SRX Series Firewall Reviews

We use it as a firewall at our head office and branches. We use its IDS solution at the head office too.

It did not improve our safety because the IDS does not detect some attacks, but our anti-virus software did.

• Correct the bugs in the current version. 
• Help customers more with its configuration so they can feel safer.

We tried configuring the IDS for more than four months, but it did not work properly.

The Juniper SRX that we have is being used as a firewall. Somehow, it is performing.

The product is a normal router with basic firewall capacity. We don't have a dedicated firewall. Therefore, I don't have high expectations from Juniper. 

It helps us perform our daily jobs.

We are using it as a normal type of firewall.

I would like them to add a dashboard because it's difficult to operate.

The product only has basic features.

The stability is normal.

The scalability is normal.

I haven't used technical support, just local support.

The initial setup was complex.

It is not that expensive.

We are evaluating Palo Alto, Barracuda, and Sophos because we need a Next-Gen firewall.

It crashed, and we could not change it for some reason. I don't want to keep Juniper within my network anymore.

Most important criteria when selecting a vendor: 

• Dedicated support team
• Easy configuration.

I've found the security features, such as IDS and the VPN most valuable.

In terms of other features, I'd like to see a web filter, 10 point control, application control and DNA features in the next release.

We previously didn't use a different solution.

I would rate this solution a 7 out of 10.

• Form factor: It is small, very nimble, and can be deployed in very small environments which do not have wiring closets.
• Consolidation: It combines routing, switching, and firewall services in one device.
• Stable OS: There is a one Junos release training for all the Juniper products, thus minimizes the training needed and enhances interoperability.
• Open standards: The Juniper OS is based on the open standards and making it very interoperable in the mixed vendor environments.
• Superior performance: This can be achieved by true separation of control and data plane, hence data plane inefficiencies do not affect the control plane and vice versa.
• Cloud-enabled device: The SRX300 is cloud-ready and can be used to implement SDSN in micro-environments.

It has greatly reduced the network management functions by reducing the number of devices to manage (one vs three), and easy fault management using the new GUI.

Disaggregation (this is available in the box) should be improved to include software intelligence that is actionable.

I have used this solution for about four and a half years.

There were no stability issues. It is a very stable and reliable product. It can run for several years without a single glitch.

It is highly scalable for its target market.

The technical support team is very co-operative and gives quick responses for the logged cases. A hundred percent of the logged cases have been resolved within the SLA period.

We looked at MikroTik. However, more features such as the performance, scalability, and consolidation were available on the Juniper device.

The initial setup was simple and can be done 100% via the GUI.

The price per performance value is the best out there in the market. No licensing is needed for all the features apart from the security part, i.e., no licensing for extra services and VPN comes free in the base.

We evaluated the FortiGate 80 and 60 series and Cisco ASA 5500.

The Juniper SRX300 is a stable and very reliable product, packed with a lot of capabilities that are not available in the competing products of the same range. I would highly recommend this product to anyone interested in implementing it.

This box has it all and is more for the small-scale branch market. Packaged as an all-in-one routing, switching, and security solution, the SRX300 minimizes the need to deploy separate devices to perform these functions by leveraging on its consolidation, all coming with the carrier-grade capabilities.

The primary use case of this solution is as a high-capacity firewall.

It was very difficult to deal with and required a lot of support, and the UI is very poor. 

I didn't like this product at all.

We faced many issues with the power supply causing many outages with this SRX box.

We experienced outage issues when load-balancing between two availability architectures, which had an effect on the availability.

Once we started to deal with this solution, it was very difficult to troubleshoot. It was not straightforward at all when comparing to Cisco. 

We always had support tickets. More than 50 tickets per month exceeded the SLA by more than two weeks.

Better support is needed.

In the next release, this solution needs to be stable, offer better support, better pricing, and less expensive to migrate.

I have been using Juniper SRX for more than five years.

We are using the latest version but will be dismantling this product soon.

It is not stable at all. There are many outages.

We will not continue using this solution.

We did not have problems with scaling, as we have less than 500 users in our organization.

Technical support was not helpful.

The support was horrible. Once we started our investigation, we were faced with another support engineer calling to go over the first steps again. We needed to restart the investigation from the beginning of the week.

The installation was not straightforward.

It took more than one month to set it up.

We had a team of three technicians to implement this solution.

One of the main reasons for dismantling this solution is that were asked to migrate the old books to the new books using Juniper and to transfer the policies and firewalls by using licensing. 

It was very expensive to upgrade to their products. 

The product itself is costly and the price of migration is very high.

I do not recommend this product and instead, would recommend using FortiGate.

I would rate Juniper SRX a zero. I would not even give it a one out of ten.

The solution is primarily used in two ways: to protect our three data centers and servers. It works at protecting both areas from malicious attacks.

We have worked with the solution for a while and therefore have become quite versed in it. We're comfortable with its tech and have a good understanding of how best to use it. 

The initial setup was easy.

In terms of usability, there are good forums on offer and they've got a lot of technical documentation for everything. 

Technical support is good. They quickly respond, and they even have local help here. They can actually give you an answer very quickly.

The solution has been stable over the years.

The capacity can be limiting. We have outgrown its capacity. You can only scale up to a certain extent, depending on the device purchased. 

There are cheaper options on the market.

The reporting and alerts could be improved. If you had alerts, whereby you can have things like intrusion detection systems quickly alerting the security managers of a breach would be helpful. 

They need to work on the user interface. Most tasks are done by commands, and if you don't have experience using the command line, it's terrible. They should make it easier.

We've only been using the latest solution for a few days. It's quite new to us. It replaced a previous version, which we had for five years. 

The stability is quite good. It's very reliable as long as your power is okay. It's a good device and good software and is a great piece of equipment, however, if your power has any issues, then you are likely to lose it after power surges.

Scalability is limited and you need the right sizing. In our case, our device has reached the end of life, and there are no more plugins that we can actually use.

We're quite satisfied with technical support. They are very helpful and responsive and there is good documentation.

We've also used Cyberoam, which is now Sophos. 

The initial setup was very straightforward. It's an easy process and not very difficult or complex. 

The license we have now is perpetual, however, going forward, with a newer version, we're looking at annual or bi-annual licensing. 

The cost is not cheap or overly expensive. It's middle of the road. 

We are just a customer.

It's a good device overall. I'd recommend it to other users and companies. As long as a customer is buying something that is supported and has a good lifespan, they should be happy.

I'd rate the solution at an eight out of ten.

I used this solution in my previous organization. We used it to protect data centers and some private resources.

What I like the most about Juniper is that they have the same CLI on all routers, switches, and firewalls. If you have worked with any Juniper device, such as a Juniper router, you will be able to work with an SRX, which is really cool. It is a nice experience to work with every device of Juniper, not only firewalls.

As a networking person, I don't really have any major issues with this device. Based on my experience of using it in a cluster, it could be more stable. I had an incident when one of the SRXs in a cluster couldn't learn ARP.

It is a good solution, but firewalls don't seem to be an area of development for Juniper. They are focusing on data centers, routers, and switches, not firewalls.

Its stability isn't bad. In two years of supporting this device, I had only one issue. I had an incident when one of the SRXs in a cluster couldn't learn ARP, and the request didn't move between cluster units. I had to fix this manually, which wasn't really cool because I had to get up in the night because of this incident.

We weren't using it in a high load infrastructure.

I didn't really need their support. I only needed their support for the demo of their CSR product because it wasn't working as mentioned in their documents.

Its initial setup is straightforward. If you are a network engineer with some experience, you will be able to configure it easily. I have configured many Juniper firewalls, and it was really easy. Configuring the device isn't a problem. The main problem is preparing the environment and the infrastructure for your device.

It took more than one year to use this solution in production because I used a lot of features in my demo infrastructure, such as VSRX, to demonstrate this solution to potential and existing customers.

I like the SRX series. In fact, I like all products from Juniper. 

I would rate Juniper SRX an eight out of ten.

Our primary use is having a virtual appliance vSRX PoC in telco. We tested integration to their Vim, function and performance.

vSRX's performance is best with less resources, such as CPU and memory. It is easy to scale up by attaching more CPU and memory.

vSRX is easy to deploy to any virtual infrastructure, such as OpenStack, VMware, and even Docker (cSRX). It has already been tested with virtual acceleration, such as DPDK, SR-IOV, and PCI-Passthrough.

It could improve areas which need high performance. 

Small enterprises or telco have variant licenses, and this licensing model should be improved.