Juniper SRX Series Firewall Reviews

The Juniper SRX that we have is being used as a firewall. Somehow, it is performing.

The product is a normal router with basic firewall capacity. We don't have a dedicated firewall. Therefore, I don't have high expectations from Juniper. 

It helps us perform our daily jobs.

We are using it as a normal type of firewall.

I would like them to add a dashboard because it's difficult to operate.

The product only has basic features.

The stability is normal.

The scalability is normal.

I haven't used technical support, just local support.

The initial setup was complex.

It is not that expensive.

We are evaluating Palo Alto, Barracuda, and Sophos because we need a Next-Gen firewall.

It crashed, and we could not change it for some reason. I don't want to keep Juniper within my network anymore.

Most important criteria when selecting a vendor: 

• Dedicated support team
• Easy configuration.

We're using it as a primary firewall and UTM for the main lines coming into our offices and also for connecting our sub-offices around the world.

Previously, we had different routers for each of the incoming lines to the office, and we had other firewalls on the backend to manage them. Now, we have changed all of these, and we have all the lines coming into one single solution, which is SRX. We manage everything very easily from one single interface. Previously, we used to have 10 different devices to do that. Now, we have only one.

We like the fact that we can easily combine multiple internet links to the office and use them like one link.

It is very fast and very easy to maintain. Another nice part of it is that you can easily extract the logs and move them over to a security operations center.

Its logging is very good, but we would like to have an easier way of creating more reports. We would like to be able to manipulate the reports or manage the way the reports are coming out.

In terms of new features, we are using almost all of the features that it has, and there is nothing specific that it is lacking.

I have been using this solution for four years.

It is very stable.

It is scalable. We haven't used the scalability up till now, but we know that we can extend it.

We have 150 users here, and then we have around 30 to 40 users in different countries such as Singapore, Hong Kong, and Norway. They're using some parts of it. They are using some smaller units to connect to the main office.

We don't have any plans to increase its usage as of now. Any expansion would be in terms of getting new offices around the world. We may install more of those smaller ones, but for the time being, as far as I know, we will not expand it in the office because it is already performing as it should. It actually did a very good job when we were working remotely because it allows us to connect to the office very easily and work remotely.

They have been pretty good. In some cases, they took a little bit of time to give a response for the cases we were facing. However, in most of the cases, they were very fast in responding and providing full resolution to the cases we faced.

We had different routers for each of the incoming lines to the office, and we had other firewalls on the backend to manage them. We switched because it was too difficult to manage multiple solutions for each of those lines. We wanted to have one single place where we could manage everything. We also didn't want to have some people going out from one internet line and some from another internet line. We wanted to combine all those lines together and make them work as one, and that's what we achieved with SRX.

We were not so much involved in the setup because we had a security company to do that for us. It took us about two months.

We had a security company for its implementation. Our experience with them was very good.

For its maintenance, we have our IT department. There are three people for managing the maintenance of it. 

We evaluated many other options. We checked out Palo Alto, Fortinet, and Check Point.

I would advise others to do good planning in the beginning because that helps a lot in having a very little downtime. It took us two months to implement it, which might seem very long, but we had zero downtime. Nobody noticed anything during the switch. It was the best way to implement it. This is the most important part. When you are trying to do such changes in the organization, it is very important that you do it by using the right resources and from the right perspective.

I would rate Juniper SRX a 10 out of 10.

I work with firewalls. We have a team to manage them. We also have services that are related to hosting and we provide solutions related, and we set up everything.

We manage their connections remotely.

Every firewall has different use cases. Juniper is zone-based and the architecture matters. It offers convenience for the users to have remote access and ensures a secure and safe authentication.

When compared to Palo Alto, Juniper is a better choice when it comes to the enterprise network and connectivity.

Juniper SRX is pretty fast to configure and make it work.

Once it is configured, it's fine, which is not the case with other firewalls.

Juniper is user-friendly. It works perfectly well.

Upgrades are available.

Juniper SRX has a roll-back feature which is very interesting. As no one is perfect and mistakes do happen, we can roll it back to the previous configuration.

This solution can handle a lot. It's manageable when you know the parameters, the features, and the number of policies of your firewall.

The user interface is something that Juniper needs to improve. 

We have used many models of Juniper SRX. Based on the scale and the environment of the customer, we choose what is best for them.

Most of what we use are between the SRX300 and SRX345. These are the most commonly used series.

Simple, mid-scale establishments can use these models.

It is more or less stable. I prefer it for its stability as a firewall.

We are not a large team, we have 20 members in our company.

It's a scalable solution.

The support could be somewhat improved with Juniper.

We have also had firewalls from Palo Alto as well as FortiGate. I prefer Palo Alto, comparatively, it is better.

We find that the technical support with FortiGate is very slow. We are not able to get the proper help in spite of having the AMC add-on.

It is not at all complex. It's easy. 

The initial setup is straightforward.

The maintenance requirements are based on the customer's agreement and whether it is to manage the firewall and maintain it.

It is best suited to an enterprise-level, as the mid-range companies may find that the cost is not affordable.

Previously, we had an implementation plan for a client. We verified the different types of firewalls and the support and how it works. We evaluated Cisco, Juniper, and FortiGate.

From the previous recommendation, we saw all of the technical aspects of the different firewalls. Based on that information, we were able to clarify and come to a conclusion and chose the firewall that was best suited to the client's needs.

Recently, because of the price, we have moved to Juniper.

Most of the AMCs are costly.

We choose our solution based on many reasons. One is the cost, which is the primary reason, and the second is the performance. Performance in this context includes how it loads, and how it handles. Based on these parameters, we choose the firewalls.

At this time, we are not using cloud-based features. It is something we anticipate in the future. We are not using Juniper cloud-based. When you have a setup at an architecture level, they will not have drastic changes until, or unless they are financially stable and they want a higher level of architecture to be implemented.

The change will not happen suddenly, even if you have an enterprise core application it won't be done in a different way. There will be a roadmap done. We also have the SSG firewalls.

There is a lot of work in the pipeline, it might take more time to change the firewalls that need upgrading.

When we use so many products, we have to follow the hierarchy. We don't commonly work in a UI environment.

I would recommend this solution to others who are interested in using it. It is good, and it is faster and easier to maintain. The price is not bad and when compared with Cisco, I find that Juniper is better. It's a good product for enterprise companies. 

We have a custom-built model that makes it very simple to migrate.

I would rate Juniper SRX an eight out of ten.

The primary use case of this solution is a traditional firewall.

We use Juniper SRX for the site-to-site VPN.

The IPSec configuration is going well.

We are experiencing some issues with the clustering. It needs to be simplified and more stable.

Some of the features included in SRX need improvement. For example, if you want to change your SSH port number, you cannot go into the application layer. You will have to go to the shell command to change the port. This is a problem because when you show the configuration, you cannot see what was put in the shell. It should easier.

Also, the user interface is a bit slow.

In the future, I would like to see the UI more responsive. The new generation doesn't use SSH anymore. One-click would be better.

I have been using Juniper SRX for approximately six years.

A few years ago, we were using the SRX240 now we are using a more recent version.

We deploy on SRX to handle 500 sites.

We will continue to use this solution in the future. We have no plans to change.

The technical support is a lot better because when we log a case, they respond.

We also use Fortinet FortiGate and I have some experience and knowledge of Cisco ASA.

It's not too complicated. It's plug and play.

The most challenging is when you upload the ISO. Deployment is less than one hour.

The installation is completed in-house.

We are not a large company, we have a team of less than five for deployment and maintenance.

I would recommend this solution for those who are interesting in using it for a VPN.

I would rate this solution an eight out of ten.

I've found the security features, such as IDS and the VPN most valuable.

In terms of other features, I'd like to see a web filter, 10 point control, application control and DNA features in the next release.

We previously didn't use a different solution.

I would rate this solution a 7 out of 10.

• Form factor: It is small, very nimble, and can be deployed in very small environments which do not have wiring closets.
• Consolidation: It combines routing, switching, and firewall services in one device.
• Stable OS: There is a one Junos release training for all the Juniper products, thus minimizes the training needed and enhances interoperability.
• Open standards: The Juniper OS is based on the open standards and making it very interoperable in the mixed vendor environments.
• Superior performance: This can be achieved by true separation of control and data plane, hence data plane inefficiencies do not affect the control plane and vice versa.
• Cloud-enabled device: The SRX300 is cloud-ready and can be used to implement SDSN in micro-environments.

It has greatly reduced the network management functions by reducing the number of devices to manage (one vs three), and easy fault management using the new GUI.

Disaggregation (this is available in the box) should be improved to include software intelligence that is actionable.

I have used this solution for about four and a half years.

There were no stability issues. It is a very stable and reliable product. It can run for several years without a single glitch.

It is highly scalable for its target market.

The technical support team is very co-operative and gives quick responses for the logged cases. A hundred percent of the logged cases have been resolved within the SLA period.

We looked at MikroTik. However, more features such as the performance, scalability, and consolidation were available on the Juniper device.

The initial setup was simple and can be done 100% via the GUI.

The price per performance value is the best out there in the market. No licensing is needed for all the features apart from the security part, i.e., no licensing for extra services and VPN comes free in the base.

We evaluated the FortiGate 80 and 60 series and Cisco ASA 5500.

The Juniper SRX300 is a stable and very reliable product, packed with a lot of capabilities that are not available in the competing products of the same range. I would highly recommend this product to anyone interested in implementing it.

This box has it all and is more for the small-scale branch market. Packaged as an all-in-one routing, switching, and security solution, the SRX300 minimizes the need to deploy separate devices to perform these functions by leveraging on its consolidation, all coming with the carrier-grade capabilities.

We use it to deploy the firewall.

Sometimes we use the newer version, sometimes the older version. It depends.

In terms of valuable features, Juniper firewall filtering is good.

Juniper SRX's UI is very bad. We have to use CLA all of the time and Sky ATP.

If I compare Fortinet with SRX, particularly for filtering websites and email addresses, SRX is very very difficult.

I have been using Juniper SRX for the last five to six years.

It is good for a medium sized network. It depends how it is deployed.

If you look at the Gartner rating, Juniper is not among the top rankers.

The scalability is fine.

Since COVID, the tech support is not much good. You have to wait a long time. For example, if you open up a case, you don't know how much time it will be before they come and if the person opening the ticket is even experienced.

Because I have been using Juniper for five years, for me the setup is not hard. But compared to FortiGate it is much more difficult for new users.

It is on a subscription basis, mostly yearly. It totally depends on the customer. The customer gets a discount on the hardware.

On a scale of one to ten, I would give Juniper SRX a seven.

The primary use case of this solution is as a high-capacity firewall.

It was very difficult to deal with and required a lot of support, and the UI is very poor. 

I didn't like this product at all.

We faced many issues with the power supply causing many outages with this SRX box.

We experienced outage issues when load-balancing between two availability architectures, which had an effect on the availability.

Once we started to deal with this solution, it was very difficult to troubleshoot. It was not straightforward at all when comparing to Cisco. 

We always had support tickets. More than 50 tickets per month exceeded the SLA by more than two weeks.

Better support is needed.

In the next release, this solution needs to be stable, offer better support, better pricing, and less expensive to migrate.

I have been using Juniper SRX for more than five years.

We are using the latest version but will be dismantling this product soon.

It is not stable at all. There are many outages.

We will not continue using this solution.

We did not have problems with scaling, as we have less than 500 users in our organization.

Technical support was not helpful.

The support was horrible. Once we started our investigation, we were faced with another support engineer calling to go over the first steps again. We needed to restart the investigation from the beginning of the week.

The installation was not straightforward.

It took more than one month to set it up.

We had a team of three technicians to implement this solution.

One of the main reasons for dismantling this solution is that were asked to migrate the old books to the new books using Juniper and to transfer the policies and firewalls by using licensing. 

It was very expensive to upgrade to their products. 

The product itself is costly and the price of migration is very high.

I do not recommend this product and instead, would recommend using FortiGate.

I would rate Juniper SRX a zero. I would not even give it a one out of ten.