Snort vs. Juniper SRX

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Snort
Score 8.4 out of 10
N/A
Sourcefire developed Snort, an open source intrusion prevention system capable of real-time traffic analysis and packet logging. Snort was acquired (and is now supported) by Cisco in 2013.N/A
Juniper SRX
Score 8.1 out of 10
N/A
Juniper SRX is a firewall offering. It provides a variety of modular features, scaled for enterprise-level use, based on a 3-in-1 OS that enables routing, switching, and security in each product.N/A
Pricing
SnortJuniper SRX
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
SnortJuniper SRX
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Features
SnortJuniper SRX
Firewall
Comparison of Firewall features of Product A and Product B
Snort
-
Ratings
Juniper SRX
8.7
5 Ratings
2% above category average
Identification Technologies00 Ratings9.03 Ratings
Visualization Tools00 Ratings7.03 Ratings
Content Inspection00 Ratings8.04 Ratings
Policy-based Controls00 Ratings10.04 Ratings
Active Directory and LDAP00 Ratings8.03 Ratings
Firewall Management Console00 Ratings7.05 Ratings
Reporting and Logging00 Ratings8.05 Ratings
VPN00 Ratings10.04 Ratings
High Availability00 Ratings10.05 Ratings
Stateful Inspection00 Ratings10.04 Ratings
Proxy Server00 Ratings9.03 Ratings
Best Alternatives
SnortJuniper SRX
Small Businesses
AlienVault USM
AlienVault USM
Score 8.1 out of 10
pfSense
pfSense
Score 9.2 out of 10
Medium-sized Companies
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.2 out of 10
Palo Alto Networks Next-Generation Firewalls - PA Series
Palo Alto Networks Next-Generation Firewalls - PA Series
Score 9.4 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.2 out of 10
Palo Alto Networks Next-Generation Firewalls - PA Series
Palo Alto Networks Next-Generation Firewalls - PA Series
Score 9.4 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
SnortJuniper SRX
Likelihood to Recommend
8.1
(5 ratings)
8.0
(8 ratings)
Likelihood to Renew
-
(0 ratings)
8.0
(2 ratings)
Support Rating
-
(0 ratings)
6.4
(3 ratings)
User Testimonials
SnortJuniper SRX
Likelihood to Recommend
Cisco
If a colleague was looking to tighten down their network I can easily recommend Snort to them. It gives you some more peace of mind knowing that its always scanning traffic for malicious looking code. Even things your major firewalls and security hardware might miss, Snort has picked up. Its an easy recommendation for me.
Read full review
Juniper Networks
SRXs seem to be well suited at the enterprise level for plain routers, firewalls, and IDP/IDS. They work well on MPLS and Ethernet, including Internet. I have 3 SRXs also performing edge duty, with 2 in a high availability (HA) cluster. The Juniper line of SRXs provides a good range of scaling from small business to extremely large enterprise. Wire speed is a common comparison factor and Juniper shines in that area.
Read full review
Pros
Cisco
  • IPS detection.
  • DoS detection.
  • Packet logging.
Read full review
Juniper Networks
  • Edge Device (Tunneling & Routing)
  • Routing Instances
  • Zone Based Firewall
  • L3 Gateway/Vlan termination
  • DHCP Server & DHCP Relay
  • Good support community & Good available documentation
  • Good support by the Vendor
Read full review
Cons
Cisco
  • At times can be unstable with Cisco bugs, require frequent upgrading.
  • FTD images that are being pushed for ASAs are less efficient from an administration standpoint, no CLI.
Read full review
Juniper Networks
  • My only real criticism of the product is that it's hard to figure out how to upgrade the firmware from the CLI via TFTP via the docs, but it works great once you get it sorted.
Read full review
Support Rating
Cisco
No answers on this topic
Juniper Networks
This is the one area where I have a beef with Juniper. When I called into Cisco TAC, 90% of the time, the first person I spoke with was able to resolve my issue. With Juniper TAC, 90% of the time, the first person I speak with is not able to resolve my issue, seems to almost be reading from a script, and must escalate my ticket. All of which takes time.
Read full review
Alternatives Considered
Cisco
For our organization, the Cisco defense in depth concept works the best. While Cisco can be made to work with other vendors, we have found the best in depth protection by integrating Cisco products for maximum visibility. We had a Barracuda Web Filter, but it was difficult to maintain when you had limited scope on what you could block, so we created a whitelist only setup which required a lot of additional manpower. This wouldn't have covered new threats with DNS spoofing and the like. Sourcefire also integrated with our anti-malware platform (Cisco AMP) for even better visibility on what may be happening on the end users workstation. We are planning on adding in Cisco ISE to complete the approach and possibly stealthwatch to cover our bases in the future. The Palo Alto gear was interesting, but it was priced far out of our range.
Read full review
Juniper Networks
Juniper SRX stands tall compared to all these products for Large Service Provider Networks, where traffic volume is larger. Also, cost comparison with SRX's few other products can also be another contributing factor while selecting this. As well as Juniper Routers, Switches, and multiple products from the same vendor to maintain one single vendor environment. As well as Juniper Support is also really good.
Read full review
Return on Investment
Cisco
  • Being open source, ROI on free is hard to beat for something that works.
  • I believe it greatly enhances the security of my network.
Read full review
Juniper Networks
  • It is a workhorse for our field operations. It provides the last touch for an ISP to the customer. The customer has no view of the device, but with the repeatability of the device, they do not need to.
  • The ability to roll out a dynamic routing protocol attached to a security zone allows elasticity to the environment that supports growth.
  • VLAN support on the inside interfaces allow this to be the only device in some smaller deployments we install these in.
Read full review
ScreenShots