Cisco offers a threat-focused next-generation firewall (NGFW), the ASA 5500-X Series. The ASA 5500 Series platforms can run either the Cisco ASA Firewall or Cisco Firepower Threat Defense (FTD). The series features appliances in a variety of form factors, including standalone options for small and midsize businesses, ruggedized appliances for extreme environments, midsize appliances for security at the Internet edge, and high-performance appliances for enterprise data centers.
N/A
Juniper SRX
Score 9.0 out of 10
N/A
Juniper SRX is a firewall offering. It provides a variety of modular features, scaled for enterprise-level use, based on a 3-in-1 OS that enables routing, switching, and security in each product.
N/A
Pricing
Cisco ASA 5500-X with FirePOWER Services
Juniper SRX
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Cisco ASA 5500-X with FirePOWER Services
Juniper SRX
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
Cisco ASA 5500-X pricing starts at ~$400 and scales up to $20,000 for higher capacity appliances.
Cisco ASA 5500-X with FirePOWER Services provides a robust product, and one of its advantages over other devices is Cisco's support. The devices have a long lifespan and rarely fail. They are easy to configure and manage, and do they do not require any additional licensing to …
Cisco has been industry for a long time and it's a trustworthy name. Cisco ASA 5500-X FirePOWER has the best Customer Support and robust hardware, user friendly configurations, [and] configuration documentations [are] available openly on internet. Cisco has also [been] named a …
Juniper SRX stands tall compared to all these products for Large Service Provider Networks, where traffic volume is larger. Also, cost comparison with SRX's few other products can also be another contributing factor while selecting this. As well as Juniper Routers, Switches, …
Features
Cisco ASA 5500-X with FirePOWER Services
Juniper SRX
Firewall
Comparison of Firewall features of Product A and Product B
Cisco ASA 5500-X with FirePOWER Services
8.5
31 Ratings
1% below category average
Juniper SRX
8.7
5 Ratings
1% above category average
Identification Technologies
6.829 Ratings
9.03 Ratings
Visualization Tools
9.324 Ratings
7.03 Ratings
Content Inspection
6.830 Ratings
8.04 Ratings
Policy-based Controls
8.029 Ratings
10.04 Ratings
Active Directory and LDAP
10.029 Ratings
8.03 Ratings
Firewall Management Console
9.231 Ratings
7.05 Ratings
Reporting and Logging
8.630 Ratings
8.05 Ratings
VPN
10.031 Ratings
10.04 Ratings
High Availability
10.029 Ratings
10.05 Ratings
Stateful Inspection
8.14 Ratings
10.04 Ratings
Proxy Server
7.23 Ratings
9.03 Ratings
Best Alternatives
Cisco ASA 5500-X with FirePOWER Services
Juniper SRX
Small Businesses
pfSense
Score 9.2 out of 10
pfSense
Score 9.2 out of 10
Medium-sized Companies
Quantum Firewalls and Security Gateways
Score 9.3 out of 10
Quantum Firewalls and Security Gateways
Score 9.3 out of 10
Enterprises
Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series
Score 9.4 out of 10
Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series
This firewall is best suited for the network edge/perimeter deployment. The next gen features works very well and the remote access VPN is also very much suitable for the organizations which have a huge user base working remotely. The Remote Access VPN is very much customizable and the authentication integration option like LDAP and RADIUS provides and addon.
SRXs seem to be well suited at the enterprise level for plain routers, firewalls, and IDP/IDS. They work well on MPLS and Ethernet, including Internet. I have 3 SRXs also performing edge duty, with 2 in a high availability (HA) cluster. The Juniper line of SRXs provides a good range of scaling from small business to extremely large enterprise. Wire speed is a common comparison factor and Juniper shines in that area.
My only real criticism of the product is that it's hard to figure out how to upgrade the firmware from the CLI via TFTP via the docs, but it works great once you get it sorted.
Ever since we installed Cisco ASA 5500-X with FirePOWER Services we have never had to deal with an attack. We can see in the logs almost every day hackers attempting to break into our networks and failing. We also have the ability to blacklist every IP address that attempts to break into our firewalls
Cisco firepower provides automatation for an organisations security operations to detect and stop the most advanced threats fast. It also assists in preventing attacks in using intelligence and innovative solutions.
We have never had an outage caused by firewall failure. We have had a few outages caused by the internet failing or cloud applications going offline but never a firewall breaking down. When making changes we have a very strong change control, major software updates are always carried out out of working hours. At places where we have two firewalls in HA, we are able to do upgrades in working ours and the users will never know that an upgrade is taking place, that how great these firewalls are
The Cisco ASA 5500X with Firepower performance needs consideration before deploying. Although the solution is Pay as you grow, adding additional features to the system has a negative impact on overall throughput. I would more like now only to deploy the Cisco FPR units as they have better performance and will last the test of time.
I would recommend the purchase of the Smartnet 24x7 service in the case of a unit and the Smartnet 8x5NBD in the case of only one appliance installed on site. This service is important to always have the latest firmware updates, corrective updates and especially the hardware warranty and maintenance service in case of problems. The service is done by phone or on the official Cisco website and I can say that it is very good and efficient.
This is the one area where I have a beef with Juniper. When I called into Cisco TAC, 90% of the time, the first person I spoke with was able to resolve my issue. With Juniper TAC, 90% of the time, the first person I speak with is not able to resolve my issue, seems to almost be reading from a script, and must escalate my ticket. All of which takes time.
We implemented a centralized management of all our Cisco ASA 5500-x with FirePOWER Services so that we can have a holistic view of all our sites in London and other European countries. This also helps when making changes, instead of login on to each firewall we can use Firepower Management Center (FMC) to central deploy changes across all devices
Previous],] I was using the [pfSense] in my organization but when i switched to [Cisco ASA 5500-X with FirePOWER Services] I realized there are lots of issue and missing security features in [pfSense]. The deployment and configuration is very easy as compare to [pfSense]. I highly recommend this product to everyone.
Juniper SRX stands tall compared to all these products for Large Service Provider Networks, where traffic volume is larger. Also, cost comparison with SRX's few other products can also be another contributing factor while selecting this. As well as Juniper Routers, Switches, and multiple products from the same vendor to maintain one single vendor environment. As well as Juniper Support is also really good.
Security was enhanced on the data traffic shared with the vendors due to the use of VPNs
Inbound attacks were mostly blocked on the edge and saved a lot of resources (which could had been used in case of attacks getting successful on the application servers)
It is a workhorse for our field operations. It provides the last touch for an ISP to the customer. The customer has no view of the device, but with the repeatability of the device, they do not need to.
The ability to roll out a dynamic routing protocol attached to a security zone allows elasticity to the environment that supports growth.
VLAN support on the inside interfaces allow this to be the only device in some smaller deployments we install these in.