Cisco Secure Firewall (formerly Firepower NGFW) vs Juniper SRX

Likelihood to Recommend

Excellent enterprise grade solution with full features to perform any security scenario. Available licenses that can be customized to suit the security needs. Backed by Cisco Talos security centre that provides IPS and security signatures to keep the business protected at all times. Backed by manufacturer support and excellent help desk resources.

Read full review

Victor Lau

Network Architect

BSSTelecommunications, 10,001+ employees

View all 8 answers on this topic

Juniper SRX is well suitable for large-scale organizations and also large service providers who use Advanced security and routing features and provide service to clients. juniper is very expensive and difficult to configure.

Read full review

Vipin Sharma

Network security engineer

MultiTech ServersInformation Technology & Services, 1-10 employees

View all 8 answers on this topic

Feature Rating Comparison

Cisco Secure Firewall (formerly Firepower NGFW)

Juniper SRX

Identification Technologies

Visualization Tools

Content Inspection

Policy-based Controls

Active Directory and LDAP

Firewall Management Console

Reporting and Logging

VPN

High Availability

Stateful Inspection

Proxy Server

Pros

Its very fast
Cisco products are generally very stable.
Cisco is on top of bug fixes.
You get well built hardware at this price point.
Compatibility with most 3rd party equipment.

Read full review

Verified User

Manager in Information Technology

Government Administration Company, 501-1000 employees

View all 8 answers on this topic

One JUNOS is the Juniper mantra, including for the SRXs. While not entirely true, it comes close enough that if you learn some SRX configuration tricks, they will likely work across all of your SRXs.
Out of the box, with no additional license required, you have a NextGen firewall, by default. You can turn off the firewall and have just a plain ole router.

Read full review

Verified User

Engineer in Information Technology

Financial Services Company, 201-500 employees

View all 8 answers on this topic

Cons

The integration between ASA/Firewall functions and SourceFire functions could use some work.
Some little glitches in the interface which require refreshes or additional clicks.
Cost is high but it is likely because you're now buying two products in one.

Read full review

Verified User

Engineer in Engineering

Government Administration Company, 501-1000 employees

View all 8 answers on this topic

My only real criticism of the product is that it's hard to figure out how to upgrade the firmware from the CLI via TFTP via the docs, but it works great once you get it sorted.

Read full review

Bear Golightly

IT Operations Manager / IT Service Manager

Nashville WrapsWholesale, 51-200 employees

View all 8 answers on this topic

Usability

Cisco Secure Firewall (formerly Firepower NGFW) 8.0

Based on 1 answer

It's overall very great, however the Management Console needs updating to fix the slowness of policy and rule deployments.

Read full review

Kenneth Ma

AVP Network Security Team Lead

East West BankFinancial Services, 1001-5000 employees

View all 1 answers on this topic

No score

No answers yet

No answers on this topic

Support Rating

Cisco Secure Firewall (formerly Firepower NGFW) 8.0

Based on 6 answers

Cisco support is not at all suitable for this product, at least. It takes a long for them to help us with our server issues. A lot of the time, the customer support person keeps on redirecting calls to another person. They need to be well versed with the terminologies of the product they are supporting us with. Support needs a lot of improvement. Cisco Fire Linux OS, the operating system behind Cisco Firepower NGFW (formerly Sourcefire), also doesn't receive regular patches. In short, average customer service.

Read full review

Kuntal Das

Graduate Research Assistant

University of Colorado DenverHigher Education, 5001-10,000 employees

View all 6 answers on this topic

Juniper SRX 6.0

Based on 4 answers

This is the one area where I have a beef with Juniper. When I called into Cisco TAC, 90% of the time, the first person I spoke with was able to resolve my issue. With Juniper TAC, 90% of the time, the first person I speak with is not able to resolve my issue, seems to almost be reading from a script, and must escalate my ticket. All of which takes time.

Read full review

Verified User

Engineer in Information Technology

Financial Services Company, 201-500 employees

View all 4 answers on this topic

Alternatives Considered

We selected Firepower after evaluating all features in nonproduction environment and validated against other similar vendors such as Fortinet, Palo Alto, Checkpoint, Sophos and Watchguard. NGFW provides flexibility in selecting the licensing model and is very cost-effective, easy to integrate with third-party tools and applications and offers user-friendly control.

Read full review

Verified User

Manager in Information Technology

Information Technology and Services Company, 10,001+ employees

View all 8 answers on this topic

The juniper is very versatile router/firewall box. it is an excellent router/edge device with zone based firewall.

The PaloAlto and the Fortinet have better GUIs and similar firewall featureset but they are not as flexible routers.

The Cisco CSR1kv is the only box that I would rank similar or higher to the Juniper SRX as it is as versatile as a router and supports the same security feature-set as the Juniper but it has better support and Cisco IOS is more widely adopted by the industry.

Read full review

Amr Momtaz

Cloud Migration Architect

IBMComputer & Network Security, 10,001+ employees

View all 8 answers on this topic

Return on Investment

Not having security levels on the Cisco Firepower NGFW (formerly Sourcefire) negatively impacted when we cutover.
It has been rock solid in the running, has not been any downtime.

Read full review

Cody Plassmeyer

IT Network Specialist

Central Electric Power CooperativeUtilities, 51-200 employees

View all 8 answers on this topic

It is a workhorse for our field operations. It provides the last touch for an ISP to the customer. The customer has no view of the device, but with the repeatability of the device, they do not need to.
The ability to roll out a dynamic routing protocol attached to a security zone allows elasticity to the environment that supports growth.
VLAN support on the inside interfaces allow this to be the only device in some smaller deployments we install these in.

Read full review

Eric Stephenson

Staff System Engineer

CommScopeTelecommunications, 10,001+ employees

View all 8 answers on this topic

Pricing Details

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

Rating Summary

Cisco Secure Firewall (formerly Firepower NGFW)

Juniper SRX

Cisco Secure Firewall (formerly Firepower NGFW)

Juniper SRX

Cisco Secure Firewall (formerly Firepower NGFW)

Juniper SRX

Cisco Secure Firewall (formerly Firepower NGFW)

Juniper SRX

Cisco Secure Firewall (formerly Firepower NGFW) vs Juniper SRX