Likelihood to Recommend If you are looking for a smaller network/security team, the ease and low complexity create an easy to manage environment. One engineer can easily manage 100 nodes/locations. If you are just starting to get security conscious and predict regular adjustments to policy, routing, and access, this is a very good system for making easy to understand and low impact changes on a regular basis without operations interruption.
Read full review SRXs seem to be well suited at the enterprise level for plain routers, firewalls, and IDP/IDS. They work well on MPLS and Ethernet, including Internet. I have 3 SRXs also performing edge duty, with 2 in a high availability (HA) cluster. The Juniper line of SRXs provides a good range of scaling from small business to extremely large enterprise. Wire speed is a common comparison factor and Juniper shines in that area.
Read full review Pros Easy to manage and make changes on - ACL's are done with ease. Easy USB initial configuration - The easy initial setup of a new location and firewall saves massive time. Settings are automatically pushed to new nodes upon contact with the controller. Low Complexity - This system does not have a lot of complexity requiring extra hours, training, or personnel to manage. Read full review Edge Device (Tunneling & Routing) Routing Instances Zone Based Firewall L3 Gateway/Vlan termination DHCP Server & DHCP Relay Good support community & Good available documentation Good support by the Vendor Read full review Cons Poor Reporting - It exists but even when calling in to support for assistance, they have no idea how to tackle customizing reports or searching for specific data. Read full review My only real criticism of the product is that it's hard to figure out how to upgrade the firmware from the CLI via TFTP via the docs, but it works great once you get it sorted. Read full review Usability The Graphical User Interface is very easy to read, understand and work with. The usability of this product is very high.
Read full review Support Rating Support has varied over the history of the company. Terro is a name that comes up often with the best of service from this company.
Read full review This is the one area where I have a beef with Juniper. When I called into Cisco TAC, 90% of the time, the first person I spoke with was able to resolve my issue. With Juniper TAC, 90% of the time, the first person I speak with is not able to resolve my issue, seems to almost be reading from a script, and must escalate my ticket. All of which takes time.
Read full review Alternatives Considered There are similar hardware and license costs between the two products. The Forcepoint NGFW product is by far easier to use and manage.
Read full review Juniper SRX stands tall compared to all these products for Large Service Provider Networks, where traffic volume is larger. Also, cost comparison with SRX's few other products can also be another contributing factor while selecting this. As well as Juniper Routers, Switches, and multiple products from the same vendor to maintain one single vendor environment. As well as Juniper Support is also really good.
Read full review Return on Investment Efficiency/Productivity increase. The company moved from Cisco firewall and routing hardware to Forcepoint NGFW. It now takes fewer people and fewer hours to manage the new product. This has allowed the company to put the man-hours to use on other projects and tasks. Long term viability. This has been a concern in the past when the company started as Stonegate, merged to become Stonesoft then got purchased by McAfee, then McAfee got purchased by Intel. However, with Forcepoint the product seems to have found a stable home. Low complexity. The Web GUI based system for management has reduced the cost of personnel and training required. There is no longer a need for the company to have higher trained and higher salary cost employees to manage the system. Mid-level admins at lower salaries are capable of managing the GUI based system with ease. Read full review It is a workhorse for our field operations. It provides the last touch for an ISP to the customer. The customer has no view of the device, but with the repeatability of the device, they do not need to. The ability to roll out a dynamic routing protocol attached to a security zone allows elasticity to the environment that supports growth. VLAN support on the inside interfaces allow this to be the only device in some smaller deployments we install these in. Read full review ScreenShots