Juniper vSRX Room for Improvement

OB
Network Operations Support at EOS IT Management Solutions Ltd

Largely the solution seems fine to me.

It could use more tutorials.

I think there's a step missing or the use cases are missing information. I'm not sure why you have to connect from the descendant to another SRX. The why part, why would I do that and what's practical, is not really answered in any documentation I have access to. At my last job, we used to hook up a VPN to the data center, and then at each site we would have a device connecting to that data center. Now that project is not 100% right now, I'm still wondering if I were to go and do that project, how would I do it? Should I make it cloud-based?

If I want to use it virtually in the cloud as a hub, I want to see if that's possible, and, if it's possible, they should have documentation on that.

I looked at the config. I played around with the config and then I say, "Okay, I see what they're doing, with the actual Azure part, and yet, on AWS, I'm having the same problem." It's something to do with the public IP. It's only functioning on the management side, on the virtual firewall. I can't get the other side, the other network interface to connect out. I don't have a connection out technically. I could ping, but through management and that's not how it's supposed to work. It's just through the management. I'm not seeing the departments.

View full review »
MENACHEM NUSSEN - PeerSpot reviewer
Senior Network Specialist at EDGE COMMUNICATIONS SOLUTIONS LLC

Fortinet is more user friendly than Juniper. In terms of remote access, I actually prefer using Fortinet. It is much easier to configure. When someone uses Juniper for the first time, it can be very intimidating. At one time, Juniper had what was known as a MAG, which was meant for remote access for users on the SRX.

They sold MAG and now remote access on Juniper leaves a lot to be desired because they don't have their own client. You have to use Pulse Secure or another solution. When there's a bug, Juniper relies on Pulse Secure and in our experience, this took six months to fix.

View full review »
Le Ban - PeerSpot reviewer
IT Security Manager & Chief IT Engineer at JVPC

Juniper vSRX is expensive. 

View full review »
Buyer's Guide
Firewalls
March 2024
Find out what your peers are saying about Juniper, Microsoft, Netgate and others in Firewalls. Updated: March 2024.
765,386 professionals have used our research since 2012.
RL
Senior Network Administrator at Zetec, Inc.

Juniper has some really good ideas, but I think they have missed the boat with regard to execution.

The GUI really needs a lot of work, and it has got worse with successive version updates. There are some things that are just easier to look at in the GUI, and they've removed some features that were very helpful.

Even though the features are still available in the CLI, sometimes it's just easier to look at the rules in a hierarchical fashion in the GUI.

The hardware needs some serious work as well. In the four years we've had Juniper vSRX, we've had four RMAs. Each of the three physical devices that we have has been replaced at least once.

A better methodology of looking at how a proposed rule would act on the network would be good to have. For example, Cisco ASA had a tool where you could write a rule or a policy, and it would tell you whether it stopped specific traffic.

View full review »
AR
Network Engineer at Giga Tech Ltd

The solution could improve its technical support. It could also improve its performance and ticket handling.

View full review »
Owais Malik - PeerSpot reviewer
IT Administrator at Humane™

The solution can be improved by allowing automatic updates for the OS devices. For example, when we want to update our hardware device system, we have to download the OS package, attach the file with the hardware, and send a command to upgrade that package. However, with others, we can use the D-Link devices and click to check the online update and update it. In this case, we have to attach something from our local storage and then send a command to update Juniper.

View full review »
SRI GANESH  PHANIYAPPA - PeerSpot reviewer
Sub Divisional Engineer NOC Bangalore at a comms service provider with 10,001+ employees

They could provide support for cloud deployments. We are currently focused on on-premises deployments but see the potential for expanding into cloud environments. It would be beneficial to have a single dashboard or interface to differentiate between control and user plane functionalities, enhancing overall management and scalability. Additionally, we are interested in exploring options for scaling the Juniper vSRX firewall across different locations, including private cloud environments, and having the ability to centralize control and monitoring from a single point would be highly advantageous.

View full review »
Adnan Abushagur - PeerSpot reviewer
Network Security Engineer at Modern Systems and Technology

The GUI is complex. The security feature must be improved.

View full review »
Srihari Rao - PeerSpot reviewer
Analyst-infra at RAKBANK

The solution's GUI needs improvement. Whenever we do some modifications, the systems get restarted. Thus, I have to use the command line interface.

View full review »
Md. Al Imran Chowdhury - PeerSpot reviewer
Cyber Security Analyst at Link3 Technologies

The graphical unit is slow. Also, Juniper vendor shipping of UPM devices, support, Bandwidth shift, and other activities are very complex.

View full review »
Fathi Kharfi - PeerSpot reviewer
Head Of Network & Technical Support at Tadhamon International Islamic Bank

It is pretty complex to manage and could be easier.

View full review »
RH
Systems Analyst at a university with 10,001+ employees

The user interface could always be better. They could make it simpler and more intuitive. While it is pretty good now, they could always make improvements.

View full review »
AG
Cisco Systems at Omnia International

The tool's basic license does not cover everything. It needs to improve visibility and availability. 

View full review »
AsefHadiyana - PeerSpot reviewer
ICT Administrator at a energy/utilities company with 51-200 employees

Mine control is not an easy area to control in Juniper. There are also too many steps for configuration, like the IP address policy. There are too many types of licenses, which can be confusing. Simple licenses should be built in.

Processing is too slow between Juniper and Cisco. Palo Alto is faster. The database is not as complete as Cisco or Palo Alto.

View full review »
PK
Senior Network Planning Engineer at a comms service provider with 1,001-5,000 employees

The solution works quite well. I can't think of any features that are lacking. I don't know where it could be improved.

Some people complain that the solution tends to have a steep learning curve. It could be because most people have basic familiarity with Cisco or other similar products and maybe have never worked closely with Juniper products. I don't find that it's a problem, however, I have heard this mentioned as an issue for some people.

View full review »
SL
IT Manager at Alpha Group

The solution should consider improving its licensing policies. It would be better if we could make a one-time payment for the hardware.

View full review »
RF
Senior Solutions Architect at a computer software company with 51-200 employees

VPN access is an area that needs improvement.

View full review »
SH
Senior Information Security Engineer at SOCIALEYEZ

The syndication or domain controllers, quick policies, and user rules - like being able to see the IP source and destination could be improved. This feature already exists in Palo Alto.

They really need to improve the GUI.

View full review »
it_user685407 - PeerSpot reviewer
Firewall Engineer at a tech services company with 10,001+ employees

While the OS supports a pretty full UTM option, we found in testing that the hardware was not powerful enough to run with all the bells and whistles turned on for the amount of traffic we process. So we use other hardware for those services meaning it’s not a deal breaker for us.

View full review »
AH
Network Security Engineer at a tech services company with 51-200 employees

The support can be improved. 

The GUI needs to be improved, as Cisco is more advanced with their ASDM platform.

In the next release, I would like to see improvements made to the GUI because it isn't very good.

I would like them to discard some of the existing commands because we have to delete them. It should be more practical.

View full review »
it_user893853 - PeerSpot reviewer
IT Manager at a comms service provider with 1,001-5,000 employees

We have some weird errors and some weird behavior on the solution occasionally. The device gets buggy without anyone touching it. It would work and then suddenly stop. Sometimes you need to just move the cards out and restart it again, and it will work. The solution itself, the hardware and the software, there must be some bugs that need to be dealt with. 

We are using high-end devices. For the high-end devices, all the features are there; we don't need more features. What we need are for the features we have to work exactly as we want them to. Especially on the IT desk. There's something wrong between the hardware and the software. As I mentioned, some hardware is not working correctly in some integrations, and I'm not sure why. 

View full review »
AH
Network Security Engineer at a tech services company with 51-200 employees

We worked with Cisco's support and Juniper's support and there are some differences, to be honest, Cisco is more available and is more competent at addressing our cases. So that is something negative about Juniper but otherwise, the architecture of Juniper's OS is flexible and scalable and technically Juniper is good.

The GUI is really bad. Cisco's is more advanced with their ASDM platforms. Cisco has more advantages.

View full review »
AV
CTO at SEV Technologies LLC

The GUI interface needs improvement. It also needs improvement with the VPCs.

View full review »
SM
Solutions Architect at a tech services company with 11-50 employees

The reporting can be improved.

View full review »
PP
Technical Product Manager at a financial services firm with 5,001-10,000 employees

Right now, we are going through issues and problems where the product gets dropped with the connection or during the authentication initial phase. While it could be our problem, we would like to see more stability in this area.

View full review »
JJ
Expert - architect of ICT systems at a tech services company with 501-1,000 employees

I would like to see an activity sensor for malicious content or sensor for viruses and malware.

View full review »
SV
Network Engineer at a tech services company with 11-50 employees

The stability could be improved.

For the moment I think it has all of the features I need. The only thing I'd like to see is the ability to create firewalls. That's the only feature I lack. Also, when you need to upgrade and when you need to reboot it, there's some downtime, and I'd like to be able to upgrade it without downtime.

View full review »
SM
Solutions Architect at a tech services company with 11-50 employees

Up to the point we have used it now, there is no need for anything extra in the product.

View full review »
SN
Security Administrator at a comms service provider with 11-50 employees

It seems that most of the problems were the device from management and not from support.  We would spend a lot of time with support trying to solve the problems we had. We didn't resolve it because it was a problem from the device and management. The technical support did not seem to help.

I've talked to people that say Juniper now, as a device, can be a solution for a data center, but in the past, I have not seen this as being possible.

View full review »
Buyer's Guide
Firewalls
March 2024
Find out what your peers are saying about Juniper, Microsoft, Netgate and others in Firewalls. Updated: March 2024.
765,386 professionals have used our research since 2012.