Try our new research platform with insights from 80,000+ expert users
it_user738864 - PeerSpot reviewer
Senior Network Engineer at a tech services company with 51-200 employees
Real User
Zones make it easy to logically organize security polices
Pros and Cons
  • "Security policies in combination with zones: It is very easy to organize the security polices in a logical structure."
  • "CLI: Junos CLI is very easy to use, and it is also very easy to find back items in the configuration and to change them."
  • "Commit: You can update the whole configuration without affecting the production. The new configuration will be loaded once the command "Commit" is submitted. You can also do a Commit confirmed to automatically roll back to the previous config after X minutes."
  • "The visibility/reporting could be better. To see something, you have to export the log to a syslog and then process with another product."

How has it helped my organization?

Thanks to the well-structured and organized security policies, we decreased operations time to create/update/delete our security policies.

What is most valuable?

Security policies in combination with zones: It is very easy to organize the security polices in a logical structure.

CLI: Junos CLI is very easy to use, and it is also very easy to find back items in the configuration and to change them.

Commit: You can update the whole configuration without affecting the production. The new configuration will be loaded once the command "Commit" is submitted. You can also do a Commit confirmed to automatically roll back to the previous config after X minutes. 

What needs improvement?

The visibility/reporting could be better. To see something, you have to export the log to a syslog and then process with another product.

For how long have I used the solution?

More than five years.
Buyer's Guide
Juniper SRX Series Firewall
December 2024
Learn what your peers think about Juniper SRX Series Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.

What do I think about the stability of the solution?

We have used it for years without any stability issues.

What do I think about the scalability of the solution?

We haven't encountered scalability issues.

How are customer service and support?

Technical support is pretty good. I would rate it eight out of 10.

Which solution did I use previously and why did I switch?

I previously used a Netscreen ISG1000 firewall. I switched because the ISG was end-of-life and Netscreen was bought by Juniper.

How was the initial setup?

Initial setup was complex because Junos is totally different than ScreenOS. But with some introductory courses and some googling it becomes much easier.

What's my experience with pricing, setup cost, and licensing?

I’m just the tech, I didn’t take part in the price negotiation. I would say about $20,000 for a SRX650 with IDP licence.

Which other solutions did I evaluate?

No, we didn't evaluate other options. This was a natural way for us to migrate from ISG to SRX.

What other advice do I have?

Be sure you know what you are looking for. The SRX650 is a perfect product for a small datacenter, not for a branch office where you need lots of visibility.

Implement your structure (zones) first, on paper, before starting to configure it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Senior Network Analyst at a energy/utilities company with 10,001+ employees
Real User
Large total throughput, and we are able to change configurations without downtime
Pros and Cons
  • "The rollback option and Commit Confirmed are great features. They give us the security to change configurations without downtime."
  • "It would be good if Junos had "unique commands" between all hierarchical levels, discarding the use of the "Run" command."

How has it helped my organization?

  • Manipulation of rules
  • Flexibility in day-by-day use

What is most valuable?

Junos is the best OS for networks. It is very powerful and flexible.

The rollback option and Commit Confirmed are great features. They give us the security to change configurations without downtime.

What needs improvement?

It would be good if Junos had "unique commands" between all hierarchical levels, discarding the use of the "Run" command.

The robustness of Linux on top of Junos can be more effective after power down.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

No stability issues.

What do I think about the scalability of the solution?

No scalability issues.

How are customer service and technical support?

High level of technical support.

Which solution did I use previously and why did I switch?

We used Fortinet, and changed to Juniper to use Junos.

How was the initial setup?

Easy.

What's my experience with pricing, setup cost, and licensing?

Pricing is very good, not expensive.

What other advice do I have?

We use the SRX1500 with Junos 15.1X49-D75.5. 

I rate the product 10 out of 10. It is very strong and Junos is very powerful. The total throughput is very large.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Juniper SRX Series Firewall
December 2024
Learn what your peers think about Juniper SRX Series Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
reviewer1521537 - PeerSpot reviewer
Consultant at a financial services firm with 5,001-10,000 employees
Real User
Stable, good for putting policies in place and quite stable
Pros and Cons
  • "The solution has proven to be quite stable."
  • "I've noticed that the management interface could use some updates and upgrades."

What is our primary use case?

We use the solution for protection and security. We primarily use the solution for an internal firewall.

How has it helped my organization?

If you require any particular rule that needs to be modified, any particular rule that needs to be fine-tuned, the solution will give you all the details regarding how to fine-tune the policy, including the destination, IP, et cetera. You can easily fine-tune whatever you need to in Juniper. It's easy to implement and meets our patience threshold. 

What is most valuable?

The dashboard is very helpful. It's extremely useful in terms of putting the necessary policies in place.

I handle the operation part. I'm just putting policies, et cetera, on Juniper. For tasks such as those, it is very easy and it is a comfortable, straightforward process.

The solution has proven to be quite stable.

Technical support has been quite helpful.

What needs improvement?

I've noticed that the management interface could use some updates and upgrades.

The dashboard can be updated. 

The reporting could be more robust and in-depth.

I've looked into the Check Point firewall a bit and I've found that its anti-spoofing is a good feature. Juniper should consider adding that as a feature.

I've only just begun to really use the product. I only have one year of experience so far. It's still new to me. Therefore, it's hard to make any notes on any features or improvements, as I'm still familiarizing myself with everything. I need time to compare it to other firewalls, and I have not gone through the process of doing that just yet. I need more time.

For how long have I used the solution?

I've been dealing with the solution for about one year. It hasn't been that long. 

What do I think about the stability of the solution?

It is really stable. I've seen Juniper work well in my other companies as well. It is very good, in terms of stability. There are no bugs or glitches. It doesn't crash or freeze. The performance is reliable.

What do I think about the scalability of the solution?

Overall, the scalability is very good. A company should have no trouble with scaling if it would like to do so.

We have about 2,000 users currently. They cover various roles in our organization. It's not just used by a specific team.

How are customer service and technical support?

The technical support on offer is very good. Whenever I would have some issues, they have responded on time and they have really good knowledge of the product. We've been quite satisfied overall.

Which solution did I use previously and why did I switch?

We use a variety of solutions, including Cisco and Check Point.

How was the initial setup?

I did not handle the initial implementation. That was handled by someone else. Therefore, I can't really share any insights on the process. I do not know if it was easy or difficult, or how long it really took to deploy.

What's my experience with pricing, setup cost, and licensing?

I do not handle the licensing arrangements. That's handled by management. Therefore, I can't speak to how much it costs the organization or how often we pay a licensing fee.

What other advice do I have?

We're just a customer and an end-user.

In general, on a scale from one to ten, I'd rate this product at a nine. We've been quite satisfied with its capabilities so far. 

I'd recommend the solution, however, it really depends on what an organization needs. There are various factors, like pricing, for example, that should be taken into account when looking at solutions.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
ANanonymous - PeerSpot reviewer
Consumer Engineer at a comms service provider with 1,001-5,000 employees
Real User
It protects from distributed denial-of-service attacks with Screen Options
Pros and Cons
  • "It protects from distributed denial-of-service attacks with Screen Options."
  • "The GUI needs to be easier and more helpful for users who don't have security experience."

What is our primary use case?

The primary use case is for protecting enterprise systems.

How has it helped my organization?

It allows users connecting from homes, who urgently need to log into the networks through a secure tunnel without using internet IP gateway, access using a SSL.

What is most valuable?

  • It is highly scalable, stable, and can be easily updated.
  • It protects from distributed denial-of-service attacks, DDoS attacks, with Screen Options.
  • When you design your networks, you can put SSL Inspection as a gateway to make the systems secured, like IT systems.

What needs improvement?

The GUI needs to be easier and more helpful for users who don't have security experience.

They need to add WAF management to the tool, as competitors already have it as part of their offerings. This feature is future of protecting enterprise solutions.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

It is very stable, but it needs an engineer on the system while it is running to monitor for attacks and when attacks are in process.

What do I think about the scalability of the solution?

It is easy to expand.

How are customer service and technical support?

The technical support is good, but there is a time delay between the support and attacks.

How was the initial setup?

The initial setup was straightforward, but has since become straightforward with experience.

For example, with MX (not SRX), it needs to be specific when you export or import the subnetting or addresses that you want to block or filter out of your networks. This is why it is a complex process the first time and becomes subsequently easier

What other advice do I have?

You have to be aware of Linux commands, which will make you able to use this device, like exporting file, saving file, monitoring your logs, and making a new script.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Senior Network and Security Consultant, JNCIE-SEC#408 at a financial services firm with 501-1,000 employees
Real User
Improves our operational performance and stability; there are no outages
Pros and Cons
  • "​It's a reliable firewall and very stable, for both the hardware and applications it is stable."
  • "It'sa very secure device, it has good attack prevention capabilities using UTM."

    How has it helped my organization?

    The greatest improvement we have seen is in operational performance and operational stability. There are no outages.

    What is most valuable?

    • It's a reliable firewall and very stable, for both the hardware and applications it is stable. 
    • It's very powerful. 
    • It's also a very secure device, it has good attack prevention capabilities using UTM.
    • It's user-friendly with a good UI.
    • It has powerful CLI.

    What needs improvement?

    It's not 100%, it's not a perfect product, some points need to be adjusted, need to be enhanced.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    There have been no issues with this product.

    What do I think about the scalability of the solution?

    It's a very scalable product.

    How are customer service and technical support?

    I think they have professional support. Support is really good, they are professional engineers.

    Customer support is very good.

    Which solution did I use previously and why did I switch?

    I used Cisco, and Palo Alto, and used McAfee. As a consultant, a systems integrator, if customers go to SRX it's because of its features and the stability of the product. It's the most stable product.

    How was the initial setup?

    It was very straightforward, very clear.

    Which other solutions did I evaluate?

    Other than Palo Alto, StrongSoft is very stable. Cisco Firepower is very unstable.

    What other advice do I have?

    I can say for, that for a datacenter, and for price, first I appreciate Palo Alto and then I appreciate Juniper, more than the others.

    Support for Juniper is best, better than Palo Alto, but Palo Alto is more powerful. And there is a big difference in pricing.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Pre-sales manager at RETO Industrial S.A. de. C.V.
    Real User
    Delivers security and advanced protection services
    Pros and Cons
    • "We think they have a good interface, the operating system is good, it's robust. It has plenty of great features, and the relation between the cost and benefits works for our business."

      What is our primary use case?

      Many customers of ours use Juniper firewalls — almost 30 enterprise companies in total. 

      What is most valuable?

      We have explored perimeter security; however, we have not had the chance to group all the security solutions from Juniper. In relation to perimeter firewalls, we have had a good experience. We have been working with Juniper for about 10 years now, and I think it's a good brand in the market in general. In the past, they had some issues involving integration with different products in the portfolio, but currently, I think they have solved that issue. Speaking about our experience with perimeter firewalls, we feel comfortable. We think they have a good interface, the operating system is good, it's robust. It has plenty of great features, and the relation between the cost and benefits works for our business.

      What needs improvement?

      They recently improved this solution. Currently, I feel comfortable with Juniper in general.

      What do I think about the stability of the solution?

       

      How are customer service and technical support?

      Support is good. We speak to them quite often.

      How was the initial setup?

      The initial setup was very simple.

      Which other solutions did I evaluate?

      Currently, we plan on exploring more products and solutions geared toward cloud security.

      What other advice do I have?

      Overall, on a scale from one to ten, I would give Juniper SRX a rating of nine.

      Which deployment model are you using for this solution?

      On-premises
      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      GCD Network Architecture Manager at Technicolor
      Real User
      It provides stability for our complex network

      What is our primary use case?

      Firewall for a lab environment.

      How has it helped my organization?

      Before, we were handling everything with a Vyatta server until our network became more complex.

      What is most valuable?

      Stability.

      What needs improvement?

      The device could be more user-friendly.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Consultant at Lantec
      Real User
      Top 5Leaderboard
      Has a very usable interface CLI, support and stability
      Pros and Cons
      • "It has a very usable CLI."
      • "It doesn't support SSL encryption."

      How has it helped my organization?

      We integrate these solutions with clusters, which are a risk to firewalls.

      What is most valuable?

      It has a very usable CLI.

      What needs improvement?

      It doesn't support SSL encryption.

      For how long have I used the solution?

      I have been using Juniper SRX Series Firewall for three years.

      What do I think about the stability of the solution?

      It is a stable solution. We work it with clusters to two SRX firewalls for redundancy.

      What do I think about the scalability of the solution?

      It is suitable for enterprise businesses.

      How was the initial setup?

      The initial setup is complex and takes a few days to complete.

      I rate the initial setup a six out of ten, where one is difficult and ten is easy.

      What's my experience with pricing, setup cost, and licensing?

      Customers always want cheaper solutions. Fortinet is a cheaper solution than Juniper.

      What other advice do I have?

      It's difficult to implement when we have many policies and security.

      I recommend the solution.

      Overall, I rate the solution an eight out of ten.

      Which deployment model are you using for this solution?

      On-premises
      Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
      Flag as inappropriate
      PeerSpot user
      Buyer's Guide
      Download our free Juniper SRX Series Firewall Report and get advice and tips from experienced pros sharing their opinions.
      Updated: December 2024
      Buyer's Guide
      Download our free Juniper SRX Series Firewall Report and get advice and tips from experienced pros sharing their opinions.