Juniper SRX is a firewall offering. It provides a variety of modular features, scaled for enterprise-level use, based on a 3-in-1 OS that enables routing, switching, and security in each product.
N/A
SonicWall NSA Series
Score 8.7 out of 10
N/A
The SonicWall NSA Series is the company's mid-range next generation firewall (NGFW).
SRXs seem to be well suited at the enterprise level for plain routers, firewalls, and IDP/IDS. They work well on MPLS and Ethernet, including Internet. I have 3 SRXs also performing edge duty, with 2 in a high availability (HA) cluster. The Juniper line of SRXs provides a good range of scaling from small business to extremely large enterprise. Wire speed is a common comparison factor and Juniper shines in that area.
This is a higher-end firewall, built for a medium to large business. It handles traffic and scanning and protection well but it would be a bit of a budget-buster and probably overkill for a small to (barely) medium sized business. SonicWall makes SoHo devices for those use cases and they would be more appropriate.
My only real criticism of the product is that it's hard to figure out how to upgrade the firmware from the CLI via TFTP via the docs, but it works great once you get it sorted.
The usability takes a bit of training, like any firewall, but I've found that showing even Tier 1 helpdesk how to do basic things has been easy. We have entry-level IT technicians performing white-listing, IP entries, VPN access and LDAP functions, to name a few tasks. The menus in the GUI are pretty straight forward.
This is the one area where I have a beef with Juniper. When I called into Cisco TAC, 90% of the time, the first person I spoke with was able to resolve my issue. With Juniper TAC, 90% of the time, the first person I speak with is not able to resolve my issue, seems to almost be reading from a script, and must escalate my ticket. All of which takes time.
Cost, ease of use and reliability after implementation. It's a great and easy product to use to meet the needs of smaller organizations that want a more "legitimate" setup without going overboard or spending Cisco money. Great product. Can be rack mounted or stand alone. VPN easy to setup and update. A great product to start with and grow with in a developing organization.
Juniper SRX stands tall compared to all these products for Large Service Provider Networks, where traffic volume is larger. Also, cost comparison with SRX's few other products can also be another contributing factor while selecting this. As well as Juniper Routers, Switches, and multiple products from the same vendor to maintain one single vendor environment. As well as Juniper Support is also really good.
We compared the FortiGate to Sonicwall and continued with Sonicwall as we were a mid-size school where the Sonicwall was performing adequately, and the learning curve was steep to switch platforms. The Sonicwall offered everything the FortiGate did, and was not as costly, both in the appliance and in licensing.
It is a workhorse for our field operations. It provides the last touch for an ISP to the customer. The customer has no view of the device, but with the repeatability of the device, they do not need to.
The ability to roll out a dynamic routing protocol attached to a security zone allows elasticity to the environment that supports growth.
VLAN support on the inside interfaces allow this to be the only device in some smaller deployments we install these in.
