We primarily use the solution for the SD-WAN solution, not the firewall. We use it to protect the perimeter of the client. It's like a firewall for the perimeter.
Pre-Sales Analyst at a tech services company with 201-500 employees
Stable with application control features and a straightforward setup
Pros and Cons
- "The solution has been good for fulfilling our basic needs."
- "The solution isn't very granular or detailed."
What is our primary use case?
What is most valuable?
The application control features are excellent.
The solution has been good for fulfilling our basic needs.
What needs improvement?
Our operational team handles the solution more than I do. I personally haven't seen any features that are missing per se.
The solution isn't very granular or detailed. However, we're just using the basics anyway.
The product could have a quicker response when it comes to technical support getting back when we have questions.
For how long have I used the solution?
We've been using the solution for one year.
Buyer's Guide
Juniper SRX Series Firewall
December 2024
Learn what your peers think about Juniper SRX Series Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
What do I think about the stability of the solution?
The stability overall has been okay. It's working. We have the solution in production now for almost a month. At this moment, I haven't heard of any complaints of the stability, or of any bugs within this product.
Typically, we deal with medium-sized organizations.
What do I think about the scalability of the solution?
The solution doesn't have scalability due to the fact that it is a fixed WAN and therefore it's limited to its hardware. You can't scale that to attend to a bigger organization. It's limited. It was created to a specific size; it was not created to scale. It doesn't have this option.
How are customer service and support?
Technical support has been very good. I would rate it a nine out of ten. We're quite satisfied with the level of service we've been provided so far. However, they could improve slightly by increasing their time to respond. They can be a bit slow.
Which solution did I use previously and why did I switch?
As resellers, we deal with a variety of products including Cisco and Fortinet.
How was the initial setup?
The initial setup wasn't too complex. It was pretty straightforward. We didn't really face any problems during implementation.
The deployment takes about 20 minutes. This without the client tests and just the configuration and no validation. Everything that was necessary was applied, however, not with the tests as it took too much of the client's time, and would have took much longer.
What's my experience with pricing, setup cost, and licensing?
We buy the license from our reseller and implement the license for our clients.
With Jupiter, we sell IT services such as perimeter security. The client can buy his own firewall or we can buy it for the clients if they would like us to.
We don't have a focus on selling equipment, however.
What other advice do I have?
We are a reseller. We don't use the product ourselves. We implement solutions such as this for our clients.
I'd advise those considering the solution to gather the most information possible and organize it so that you can configure the firewall according to the company's needs. The relationship between the information that we get and what the client needs at the firewall, the real needs, is important.
Overall, we've been happy with the solution and I would rate it a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
Technology Services Director at a computer software company with 11-50 employees
Excellent high-speed interfaces but throughput when using features can be improved
Pros and Cons
- "The solution's stability is very good."
- "The big thing is performance. With all the features turned on it slows down."
What is our primary use case?
We primarily use this solution for data center segregation.
What is most valuable?
The features that are most valuable are the high-speed interfaces and MPLS.
What needs improvement?
The throughput when using features can be improved.
100-gigabit interfaces should be added into the next release because we'd like to adopt them.
For how long have I used the solution?
I've been using the solution for approximately 6 years.
What do I think about the stability of the solution?
The solution's stability is very good.
What do I think about the scalability of the solution?
The scalability of the solution is limited.
Which solution did I use previously and why did I switch?
We did use a different solution. The old boxes were at end of life.
How was the initial setup?
The initial setup was complex because we have a complex network.
What other advice do I have?
I find that the interfaces are okay. The big thing is performance. With all the features turned on it slows down.
The advice I would give to everyone is to specify a larger box than you think you need.
Due to the performance indications, I'd rate this product as a 7 out of 10.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Juniper SRX Series Firewall
December 2024
Learn what your peers think about Juniper SRX Series Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Data Department Manager at BTC Networks
As a firewall in general, it is good.
What is most valuable?
As a firewall in general, it is good.
How has it helped my organization?
As we are a solution provider and not product oriented, we give the best solution for our customers, with a good price. We are the number one company in the region, BTC, and operate in Egypt, Iraq, Jordan, Lebanon, and Saudi Arabia.
For how long have I used the solution?
I've used Juniper products for over 10 years. Alongside SRX I also use Netscreen, SSG, and WXC. As a UTM, Juniper is 5/10.
What was my experience with deployment of the solution?
No issues encountered.
What do I think about the scalability of the solution?
No issues encountered.
How are customer service and technical support?
Customer Service:
For me, the customer satisfaction, and awareness, is the most important thing. I usually train all my clients on their chosen system.
Technical Support:10/10
Which solution did I use previously and why did I switch?
As we are a service provider, we offer various other products to our customer:
- Astaro ASG
- Avaya/Netscreen
- Fortinet
- HP Switches & WiFi
- Juniper SSG
- Juniper SRX 210 & 240
- Juniper WXC
- Sophos next generation SG, including RED, SG, and WiFi
- Telindus Crocus E1
How was the initial setup?
For me, the installation and setup is simple. I work hard to do the simulation for the customer, and discuss all the requirements before implementation with the client.
What other advice do I have?
Give us 10 minutes of your time, and we will show you the differences. When I do presentations, I give potential clients demo access to the solution(s) I am presenting.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
System Administrator at a leisure / travel company with 51-200 employees
Scalable with good technical support and works well for larger organizations
Pros and Cons
- "You can scale the solution."
- "The solution is quite advanced. You need a lot of training to use it effectively."
What is our primary use case?
We had implemented two SRXs in high availability mode. They were used, generally, for firewall and NAT translation tables, for forwarding for services, and connecting branch offices. We have a constant internet connection, which is directly connected with the branch offices, in general. We didn't explicitly configure or use any specific SRX features regarding the filtering of URLs or something that a UTM could use, since Juniper has a more advanced configuration and, in general, a UI that's made for the customer.
What is most valuable?
The solution is mostly stable.
We get technical support via the reseller, and they are very helpful.
You can scale the solution.
The solution works well for larger organizations.
What needs improvement?
We've had some issues with the firmware.
The solution is quite advanced. You need a lot of training to use it effectively.
When we bought the equipment, and we have more Juniper devices, not just SRX, they started to malfunction. I'm not sure why. All the devices that we bought were from the year 2018. We had the EX4600. Something was not working with this device. It was offline. We bought everything in twos so we could make a high availability with all of them. The current has malfunctioned, and all the warranties have also expired. We are, generally, expecting malfunctioning, maybe in the next few years. I was planning to switch the Juniper equipment with something else to avoid this.
It does not have a simple user interface.
The warranty offered on the devices isn't long enough. it would be better if you could extend it out to five or eight years. Otherwise, you have to be very careful with the equipment.
I'm not sure if Juniper SRX can filter emails or block viruses. I'm not familiar with these aspects as I haven't had that much experience using the SRX inside the UI. However, if they do not, it would be ideal if they did. I'm not sure if it can deflect any kind of DDoS attack.
The one particular issue that I've seen on the SRX, is if you have SSH enabled and if there is a large number of SSH connections, when a brute force attack happens, the SRX, in general, tends to become unstable, or it resets by itself. That's one issue that's particularly making me angry, and I had to request the reseller to block the SSH permanently, or just to allow access, so only they can connect.
For how long have I used the solution?
Juniper SRX was implemented in our company at the start of 2018.
What do I think about the stability of the solution?
While the solution has been running stable, one device has also malfunctioned. We had some issues with Juniper in general. It was regarding the firmware and some box, or something like that. We've needed to contact our reseller more frequently to fix the issues that are occurring when using the device.
Regarding stability, it's pretty much working in a stable way. I haven't had any issues regarding, let's say, speeds or connectivity or general day-to-day use, when users connected on the switches and accessing the internet, and so on. That said, sometimes with the devices, strange issues happen.
What do I think about the scalability of the solution?
Regarding scalability, generally, it is simple, I would say, at least from my perspective. I wasn't the person that configured the devices, however. The reseller was.
Before the Corona crisis, there were 250 users. Now we've got maybe 90 to 100 people.
How are customer service and technical support?
We generally contact the reseller that sold us the device and also has a maintenance protocol. We have services on-demand when some issues arise and we need help.
The reseller was pretty good regarding ticket issues, management, or making modifications, even during the production time. They are really trusted people, and a trusted IT company, and they've expertly managed all the requirements that I've sent them or any other modification on the network that I wanted to have.
Which solution did I use previously and why did I switch?
I've used Cyber and a Sophos UTM device. Juniper is, generally, more advanced. I haven't been able to get enough training to maintain the Juniper device.
The main reason we chose Juniper was the stability, and the number of concrete connections that users can make when, let's say, they going out to the internet, and accessing services over the internet. Also, regarding the network port-forwarding to internal servers, in services, the device that we had before was Cyberoam UTM, and it didn't quite handle the high load. I generally noticed that SRX can handle pretty high network loads when going in or out. It's proven itself to be stable in that regard.
How was the initial setup?
The initial setup was generally handled by the reseller and they did the setup as described on the schematic and regarding core network configuration, high availability, security, firewalls, et cetera. It was, generally, out of the box when it was configured and set up from the ground up.
While the setup was planned in 2017, it was up and running in 2018. It took about six months or so.
We switched office buildings, the main office. The new office was built with this solution. Everything was migrated, including all the network devices, all the servers, all the ISP, internet connections, and so on. Everything was, generally, carefully planned when it was deployed.
Our reseller also handles the maintenance. Generally, that takes one or two people.
What about the implementation team?
Our reseller partner handled the initial setup for the most part.
What's my experience with pricing, setup cost, and licensing?
I can't speak to the licensing. It's not an aspect I handle directly. I can't say that there are extra costs involved beyond the licensing fee.
Which other solutions did I evaluate?
We are currently using Juniper SRX, however, I was thinking about maybe changing the devices to FortiGate or a UTM device.
Lately I was thinking about simplifying. Maybe FortiGate might have something more user-friendly for the end-user or for the customer experience.
What other advice do I have?
I'm just a customer and an end-user.
We are using the SRX Model 345. It's a physical device. It's not a virtual instance.
In general, I wouldn't recommend Juniper to, for example, a small business. I would maybe recommend it to a bigger company. We might have made a mistake taking Juniper. Maybe we should have used something more user-friendly.
I would recommend it to a company that has more than 250 people. Or maybe even over 300. For a smaller company, it's not financially, efficient in the long-term, in terms of subscriptions or maintenance costs and similar things. A company that uses high-grade enterprise equipment, should be really financially equipped to handle such things.
It's highly advanced, at least for me. I would really need some training to at least handle some basic things, or maintenance, or even Firmware upgrading or high availability configurations. It's too advanced for me. I would really need to have some kind of network specialist certificate to manage them.
I would be really worried about the warranty as a new user as well. You really need to keep the subscriptions up to date, or not to stop them. If you've stopped them, you also need to pay penalties for the years that the subscriptions weren't used.
Regarding equipment, you really need to have them in twos, not one. You need to have high availability for all of them. The equipment tends to malfunction, specifically if there are any power issues inside the building, or if there isn't any generator or UPS underneath, and so on. The equipment really needs to be taken care of.
I'd rate the solution at an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Network Security Engineer at Aplikas
A Competitively Priced Network and Cybersecurity Solution
Pros and Cons
- "On a scale from one to ten, one being the worst and ten being the best I'd give Juniper SRX an overall rating of eight because of its' competitive price."
- "Improvements can be made to the GUI. The GUI can be improved by creating policies to handle IPS requirements. The configuration should be a one-step process. This would make it easier to complete the setup to register the time of operation."
What is our primary use case?
Our primary use case is consultation and deployment of the solution. We operate as a Juniper Elite Partner. Our customers, large enterprises, want to prevent network failure and downtime.
What needs improvement?
Improvements can be made to the GUI. The GUI can be improved by creating policies to handle IPS requirements. The configuration should be a one-step process. This would make it easier to complete the setup to register the time of operation.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
Yes, it's very stable.
What do I think about the scalability of the solution?
It's scalable. Juniper Select has a solution to boot in high availability technology. We use the Juniper Select from low-end and high-end. In my position as a Senior Network Security Engineer, I handle the high-end suite of Juniper Select 5K.
Currently, the solution is being used every day. We have plans to increase usage in the future.
How are customer service and technical support?
Technical support is good. They seem to understand our customer's requirements. When they troubleshoot or support our customers, they seem to know what they are doing. They seem to be very helpful. But customers need support right away, and this has been an issue. It can take two to three days to get help some times just because of the volume of ticket request.
Which solution did I use previously and why did I switch?
Previously we used a CISCO ASA solution. But in the last three years, we switched to the Juniper solution because Juniper has a competitive price per feature.
How was the initial setup?
The initial setup was complex. It took a group of five, engineers and architects, to get it up and running within 24-hours. And it takes a group of five, engineers and IT experts, to operate and maintain
What's my experience with pricing, setup cost, and licensing?
Licensing which covers maintenance is on an annual basis. Our customers are on one-year contracts. There are additional cost above and beyond the standard licensing fees.
Which other solutions did I evaluate?
Before choosing Juniper, we evaluated a Fortinet solution because Fortinet has a competitive price. It's also effortless for our engineers to operate and maintain. They can understand and complete tasks quickly.
What other advice do I have?
Further advice regarding this solution is that anyone planning to implement this product should understand the Juniper suite. They should understand the firewall concept, Juniper configuration, and the command line. They need previous experience with Juniper products.
On a scale from one to ten, one being the worst and ten being the best I'd give Juniper SRX an overall rating of eight because of its' competitive price. But it's a very complex product compared with other similar products.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
ICT System Specialist at a comms service provider with 1,001-5,000 employees
Provides good routing and high performance of the data center
Pros and Cons
- "It provides good routing and high performance of the data center."
- "The web interface on Juniper SRX is just a short conversion from Junos OS CLI; this is not very suitable for users with little expertise/"
What is our primary use case?
One solution is data center Firewall and also we use this solution for protection our service GI + Triple Play
How has it helped my organization?
It provides good routing and high performance of the data center. It solves protecting our datacenter, separate networks and protect data center with FW policies + DPI
What is most valuable?
The routing feature is most valuable, because SRX is the best enterprise router. SRX has complete MPLS service features with L3VPN, VPLS, EVPN. You can also combine Router and FW in one box, with selective packet filter to bypass flow engine and set traffic to packet mode.
What needs improvement?
Web management needs to improve. The web interface on Juniper SRX is just a short conversion from Junos OS CLI; this is not very suitable for users with little expertise.
But Juniper has complete MGMT for managing SRX devices and other Juniper devices. it' s called Junos Space with APP security director for security devices. It's good, but there is space for improvment.
What do I think about the stability of the solution?
There were some stability issues.
What do I think about the scalability of the solution?
There are not many scalability issues experienced.
How are customer service and technical support?
I would give the technical support an eight out of 10 rating.
Which solution did I use previously and why did I switch?
Previously, we were using the old Juniper ScreenOS, we switched due to end-of-support. I have also expertise with Cisco ASA, Cisco Firepower, Checkpoint R80.10, Dell Sonicwall, Fortinet.
How was the initial setup?
The setup was very complex, e.g., if you are beginner.
What about the implementation team?
We implement is by our self with team in-house.
What's my experience with pricing, setup cost, and licensing?
The prices are very good as compared to other vendors.
Which other solutions did I evaluate?
What other advice do I have?
It is a very good router with firewall.
Disclosure: My company has a business relationship with this vendor other than being a customer: We are partners.
IToV Implementation Engineer at a renewables & environment company with 5,001-10,000 employees
Scalable and easy to use, but the interface could still be improved
Pros and Cons
- "The Juniper SRX series is easy to use."
- "The interface could be more user-friendly."
What is our primary use case?
This product is our network firewall.
What is most valuable?
The Juniper SRX series is easy to use.
What needs improvement?
The interface could be more user-friendly.
For how long have I used the solution?
I have been using Juniper SRX for a few years.
How are customer service and technical support?
I have never needed to contact Juniper technical support.
How was the initial setup?
I have not been involved in the installation of this device.
What's my experience with pricing, setup cost, and licensing?
There is a licensing fee.
What other advice do I have?
This is a product that I can recommend to others.
I would rate this solution a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Sr. Engineer at a comms service provider with 51-200 employees
Good Layer 3 and Layer 4 protection, but the solution is not end-to-end
Pros and Cons
- "Most of our clients use it as a traditional firewall, blocking Layer 3 and Layer 4, blocking by transport."
- "it would be more powerful if Juniper brought out a security product other than the firewall, like anti-spam, endpoint protection, etc. Customers who want to deploy security solutions are not just thinking about firewalls... Juniper should have an end-to-end solution, from the endpoint to the network level."
What is our primary use case?
Juniper SRX is solely used as a firewall gateway. We use it only for interfacing with the internet and for server farms, as a data center firewall gateway.
What is most valuable?
Most of our clients use it as a traditional firewall, blocking Layer 3 and Layer 4, blocking by transport.
What needs improvement?
We also use firewalls from FortiGate and Palo Alto and they're built with technology to make them next-generation firewalls. Juniper utilizes a router OS and includes enhancements to make it a firewall. But FortiGate and Palo Alto are full-on firewalls because they are built from scratch with features which are specific to firewalls.
Juniper needs to enhance the solution so that it is more powerful. They need to update the administrative tools to create an easier admin experience. An average administrator would find it easier to configure if they could use https rather than the command line interface to do so.
In addition, it would be more powerful if Juniper brought out a security product other than firewalls, like anti-spam, endpoint protection, etc. Customers who want to deploy security solutions are not just thinking about firewalls. They're thinking about security across their environment. If Juniper could give me a security solution, beyond the firewall, that integrates with the firewall, that would be helpful. Other products have built a security fabric. So if a customer already uses one of their solutions, like a firewall, they will be thinking about integrating with that vendor's other products. If there is more than just a firewall solution, they will use that same vendor's products throughout the security environment. A security fabric is more powerful than just blocking via network parameters.
Juniper should have an end-to-end solution, from the endpoint to the network level. It would provide a more powerful security solution to the customer. Customers are looking for a holistic security solution.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
For one to three years it's stable.
What do I think about the scalability of the solution?
If users want to scale up the firewall, they basically want the cheapest firewall that gives them powerful features. Most users choose FortiGate rather than Juniper. Technically, Juniper's scalability is good. But when customers look at the overall price, FortiGate will come out cheaper than Palo Alto or Juniper.
How are customer service and technical support?
The technical support is good. The engineers help support our customers day-to-day.
How was the initial setup?
The setup depends on the deployment, on what we have to configure. But from one firewall to another firewall, it's about the same. They're not really complex. We have experience using the command line and the user interface. If you ask me which one is easier to configure, I will answer that configuring through the user interface is easier.
The amount of time the deployment takes depends on the complexity of the solution. If the firewall is used as an L3 firewall or L4 firewall, for blocking by IP address and, it's going to be faster to deploy than deploying the firewall using Unified Threat Management. In that case, we need to carefully tune the VPN configuration.
What was our ROI?
The time for one of our customers to achieve ROI depends on the scalability of the product. It also depends on the type of organization. If it's a hospitality or government organization, it will take them more time to achieve ROI than an internet service provider, where using this product is in line with their business objectives.
What's my experience with pricing, setup cost, and licensing?
In terms of pricing, Juniper is in the middle. The most expensive firewall is Palo Alto. If a customer wants the cheapest price they should go for FortiGate. Juniper is in between these products.
Which other solutions did I evaluate?
From experience, we like to use firewalls from Palo Alto and FortiGate because the solution is easy to configure with a UI to execute the app. If we use Juniper firewalls, we don't really use the UI because it is not as easy as the command line interface for configuration.
The VPN is different between Juniper and Palo Alto. As far as I know, Juniper does packet inspection in their VPN. Functions like anti-spam and antivirus are running step-by-step. Once the anti-spam processing is done, it goes on to antivirus scanning. But with Palo Alto, the technology is different. It copies each packet to each function. For example, if we activate anti-spam, antivirus, and another check, Palo Alto makes three copies of each packet and inspects them in parallel. This makes the system faster, compared to Juniper. This is the biggest difference as far as I know.
What other advice do I have?
Juniper is good at the routing protocol. If you want a solution to protect your environment from the internet, I would propose a firewall gateway solution but ultimately it depends on what the customer needs.
We are partnered with Juniper, so if customers ask for a firewall solution, the first solution that we pick is generally a Juniper firewall. If a customer wants a firewall other than Juniper, we offer it. Usually, we will do a firewall like FortiGate or Palo Alto, if the customer has enough money, as Palo Alto is very expensive.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Buyer's Guide
Download our free Juniper SRX Series Firewall Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Popular Comparisons
Fortinet FortiGate
Netgate pfSense
Cisco Secure Firewall
Palo Alto Networks NG Firewalls
Azure Firewall
Check Point NGFW
WatchGuard Firebox
SonicWall TZ
Fortinet FortiGate-VM
SonicWall NSa
Fortinet FortiOS
Sangfor NGAF
Buyer's Guide
Download our free Juniper SRX Series Firewall Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What Is The Biggest Difference Between Fortinet FortiGate and Juniper SRX?
- Which solution do you prefer: Juniper SRX4200 or FortiGate 1800?
- What do you recommend for a corporate firewall implementation?
- Comparison of Barracuda F800, SonicWall 5600 and Fortinet
- Sophos XG 210 vs Fortigate FG 100E
- Which is the best network firewall for a small retailer?
- When evaluating Firewalls, what aspect do you think is the most important to look for?
- Cyberoam or Fortinet?
- Fortinet, Palo Alto or Check Point?
- If you could go back, would you change your decision to buy that firewall and why?