Juniper vSRX Reviews

We use the solution for the VPN provider.

I like the role-based functions, but the device can now perform most of the tasks. We have open access to CLI. You can access it directly. Many vendors have also opened their CLI to Linux, making troubleshooting easier.

The GUI needs to be faster.

I have been using Juniper vSRX for five years.

Stability depends on the configuration and virtualization.

I rate the solution’s stability a nine out of ten.

It's scalable. They've improved because previously, you could only handle up to 500 tunnels, but now they can handle up to 2000 concurrently. Around three or four people in my team are using this solution.

I rate the solution’s scalability an eight out of ten.

The initial setup is very easy. You need the management IP. Then, you can copy and paste. Additionally, in the CLI, you can load the configuration and manage devices, which saves a lot of time.

I rate the product’s pricing a three out of ten, where one is cheap, and ten is expensive.

Palo Alto is more better. Juniper has firewall issues. Juniper is cheaper and more reliable than others. Palantir is reliable but it is pricey.

It is easy to integrate the solution with your IT workflow. We have a lot of VM quota. We need to download the configuration. 

I recommend opting for a normal firewall if you only need around 50 percent efficiency up to the protocol level. I suggest purchasing a VM rack. You can receive support without complicating things.

Overall, I rate the solution a seven out of ten.

We did a project for the government. We deployed the Juniper Firewall on their premises. The solution is used for the security purpose of client infrastructure security. There are three types of zones: zone-to-zone-based policy, IPS intrusion, and other policies implemented there.

The graphical unit is slow. Also, Juniper vendor shipping of UPM devices, support, Bandwidth shift, and other activities are very complex.

I have been using Juniper vSRX for six months.

Compared to the Palo Alto firewall and Fortinet firewall, Juniper has low stability. After deploying, I didn't face any challenges.

The solution is scalable. There's one client requirement to make an external firewall. There is no HA. We are focusing more on the user. We are working with Fortinet, Juniper, and Cisco teams to provide our clients with the best solutions. If the client is interested in Juniper, we implement that.

The initial setup is straightforward. For deployment, we are using some networking devices for the routing. I deployed it in the firewall inline mode and created some zones for security purposes.

People in Bangladesh, including the government and small businesses, have pricing issues.

Many customers are using Juniper routers and switches, which has prompted another team to work with Office 365. I am only working on the Juniper firewall part. The technical side is almost the same, and the function is similar with respect to other competitors. Juniper deployment is not very complex, but Cisco deployment is very complex.

I recommend having a price and other comparison with Palo Alto and others.

Overall, I rate the solution an eight out of ten.

The software is good. It's similar to when we used LAN and Cisco routers and firewalls in the past. We were able to scale. Juniper is better than Cisco for management.

It is pretty complex to manage and could be easier.

We have been using this solution for about nine years, and it is deployed on-premises. We are using version SRX 500.

The hardware is stable and more stable than Sophos.

It is a scalable solution. We have about 500 users using this solution in our company.

It is easy to install.

I rate this solution a seven out of ten, and I would recommend it to other people.

I use the solution for network authentication, what you use while accessing the network. In general, controlling the traffic going inside the enterprise and off it.

I find the VPN and the cluster the most valuable features.

The syndication or domain controllers, quick policies, and user rules - like being able to see the IP source and destination could be improved. This feature already exists in Palo Alto.

They really need to improve the GUI.

The stability is getting better. It has got some bugs.

The scalability is good. It's very flexible, but the problem is the GUI is not very easy to use.

They have good technical support but we very rarely use technical support. We go through vendors.

We previously used Cisco.

The initial setup was very straightforward. There was no problem. The initial deployment took about one hour. One person is enough for deployment and maintenance.

I implemented the solution myself.

In Saudi Arabia, Juniper has a problem with marketing. They're less well known. A lot of companies are changing or going with Palo Alto.

With the GUI, the firewall is not easy to use. It doesn't cover all the features. Juniper should enhance the GUI, and make it easier to use. Both the firewall and virtual security are hard to use. It's not easy to configure it and not friendly to users.

I would advise for those thinking about using the product, to make sure they learn as much as possible, and also look to use a redundancy.

I would rate this solution seven out of 10.

We are Value Add Resellers and we provide the Cloud for our customers.

We set up Amazon Web Services as the cloud for our customers.

It's standard, with standard routing.

Juniper vSRX has everything at the moment; they are covering it all and getting into automation, which is great.

The dashboard, customization, API, and pricing are good.

VPN access is an area that needs improvement.

I have been using Juniper vSRX for four years.

This is a product that I have been using it ever since it was released.

This product is very stable.

Juniper vSRX is scalable. 

We have four users in our organization.

Technical support has been very supportive.

The initial setup was straightforward.

We did not use a vendor team, reseller, or an integrator. The implementation was done in-house.

The pricing is reasonable.

I can recommend Juniper vSRX to others who are looking at implementing it.

I would rate this solution an eight out of ten.

The tool could be used without additional work. It is easy to implement.

The IDs of interfaces that are implemented inside of the vSRX maybe should be extended in some cases because there is the imitation of virtual interfaces.

I have been using Juniper vSRX as an end user for five years.

The product is stable.

I rate the solution’s stability a ten out of ten.

The solution’s scalability is high because more than 4000 elements can be deployed.

Around 100 users are using this solution.

Technical support is fine.

The initial setup is easy. We use the special scripts to configure it. It is automatic to configure and implement. 

Documentation.

The tool is sold in a package. Hence, the individual price is very low.

I recommend the Juniper vSRX solution. Its effectiveness depends on the architect's expertise. We've encountered no issues with its deployment in our system. Our collaboration with Juniper has been satisfactory in terms of quality. However, it's essential to consider cloud technology within such architectures. The current solution lacks scalability and might need to be reevaluated based on emerging trends in security with the increasing shift toward cloud technology.

Overall, I rate the solution an eight out of ten.

We use the solution to block unwanted sites on our internal platform.

We like the solution’s protocol and its dashboard system.

The solution should consider improving its licensing policies. It would be better if we could make a one-time payment for the hardware.

Our organization has been using the solution for about three and a half years.

The solution is stable. I rate the stability a nine out of ten.

It is not a scalable solution since it depends on the hardware. In our organization, 500 people use the solution. We have no plans to increase the number of users.

The initial setup is straightforward.

It took about three to four days to deploy the solution. We hired third-party consultants to deploy the solution the first time.

The deployment model depends on our operations. We needed only one engineer to deploy the solution.

We have purchased a one-year license for the solution. The solution could have been cheaper.

I would recommend the solution to others. Overall, I rate the solution a nine on ten.

I can’t really say a firewall improves anything other than security, but we have been able to solve a lot of extranet connectivity issues with these firewalls that the bigger name devices didn’t handle so well.

It is bomb proof as seen by the fact they are still in production use today. A simple human friendly command structure, making CLI edits and debug sessions easy and quick, means that they just don’t fail.

The SRX is a different device. It is much more sensitive to unexpected power loss so we had to RMA several after unexpected site power outages. The command structure is also different so that I always need my cheat sheet when debugging on them.

The NSM is its own beast. It's a 10 when it’s running properly, gives you all the info you need easily to make and document edits and monitor status of devices, but keeping it running well is almost a job in itself. It doesn’t manage its own database very well and it gets slow and unresponsive, often requiring user intervention on the server backend.

Currently we use Juniper products, SSG and SRX firewalls in about a 50/50 mix both standalone and in HA clusters. We also use their NSM for device management and logging.

The SSG models are mostly EOL and are being replaced with new “Next Gen” firewalls. The SRX models will likely continue to be used internally as support will remain available for some time.

We only use the firewall and virtual router options and they do what we need:

• The firewall is easy to configure and testing shows we are blocking the threats.
• The virtual routers make this solution a one box answer for our needs and simplify our internal networking. As they are built into the devices, they allow you to move and separate traffic in a number of ways on one set of hardware.

They constitute a solid working solution that has been able to cope with any of the unique challenges that have come up.

While the OS supports a pretty full UTM option, we found in testing that the hardware was not powerful enough to run with all the bells and whistles turned on for the amount of traffic we process. So we use other hardware for those services meaning it’s not a deal breaker for us.

We have had no issues at all with the SSG models and the SRX model only had problems with sudden power loss occasionally.

The only issue was that the Network Security Manager (which is EOL) was sold as supporting over 125 devices. That may be true if you are just managing the configurations but once you add in monitoring and logging it’s really only happy with fewer than 40 devices, as the database grows too big to deal with and needs constant maintenance.

I would rate the technical support as average, as the calls were responded to quickly but as usual it depends on who you happen to get on the phone that day. Some were very good, others times I had to ask for a different engineer to join the call.

This solution was in place when I started so I cannot answer this question.

The setup was straightforward and to get into a cluster consists of about ten commands. The hardest part is deciding on active/active or active/passive for your solution.

I’m not involved in the financial side of the purchase. Our buyers handle that. Support and licensing comes in the usual tiers, SLA for repairs and/or options turned on in the device.

I know they left Check Point and looked at Cisco products before choosing Juniper, but that decision pre-dates my involvement.

I would say get an SSG but they are EOL so for the SRX make sure you have the recovery boot system configured and a way to remote console the device.
I know this sounds like a major problem but it’s not been that big an issue. We run HA and have same day replacement on them so if we lose one it’s not a major outage, just more work to do.