Reviews (1-8 of 8)
Juniper SRX series Firewall is a very high-performance network security solution for large-scale origination ISP providers which need advanced Routing and Security features. [Juniper] SRX Series offers all the next-generations firewall features, deep packet scanning, IPS, and lots of others. I am using this product on one of our sites and feel relaxed about our organization's security and I using this for Site to Site VPN, routing, and IPS.
- Intrusion detection and prevention
- Unified threat management is advanced feature fo Juniper SRX
- AppSecure Suit
- URL filtering
- Advanced Routing features
- GUI could be better
- Less technical support
- Complicated CLI commands and some features through GUI also like HA,IPS.
- Less documentation and training for implementation
Read Vipin Sharma's full review
Juniper SRX is well suitable for large-scale organizations and also large service providers who use Advanced security and routing features and provide service to clients. juniper is very expensive and difficult to configure.
April 30, 2021
Score 9 out of 10
The Juniper SRX is a very capable firewall & router. It is a versatile appliance that can fit into many designs, it can be placed as an Internet GW, as a DC firewall, as a DMZ Firewall, as a North-South Firewall & Router, as an edge router/firewall. It mainly addresses the need for a L3 feature rich device (VRFs, BGP, GRE...) as well as security features (Security, IPSEC, IPS, URL Filtering, ...).
The combination of routing instances, support for multiple tunneling (Route Based IPSEC, Policy Based IPSEC, GRE, ...) with the advanced BGP features makes the vSRX perfect for an edge device in your DC or Cloud design.
The boxes can be physical or virtual and support active/standby configuration for high availability config.
- Edge Device (Tunneling & Routing)
- Routing Instances
- Zone Based Firewall
- L3 Gateway/Vlan termination
- DHCP Server & DHCP Relay
- Good support community & Good available documentation
- Good support by the Vendor
- The GUI is pretty basic and need some enhancements
Read Amr Momtaz's full review
Juniper vSRX is an excellent edge gateway device. The combination of Tunneling protocols supported and the advanced routing & security features makes it perfect for this kind of deployment. It is available in physical, virtual appliances as well as support on multiple clouds so you can have the same box be your edge gateway in multiple environments for consistency.
It can also work as a Internet Gateway, DMZ Firewall/Router and it would function just fine.
While it can also work as a DC firewall (North-South), the poor GUI will make it harder in the day to day administration for the multiple policies in a DC.
December 27, 2020
The Juniper platform is one of our core devices for customers through our partner. They have the ability to work in almost any situation we put them into. From basic edge routers to full stateful firewall to BGP peering for high availability use cases. The devices have a good background in security and once updated to the current firmware, have no issues passing audits.
- The ease of use for the CLI is a huge benefit. Unlike the Cisco platform, all changes are implemented in a commit statement vs. live on the box.
- The devices hit a price point that is very competitive.
- Dynamic routing support is a huge win.
- The areas that can improve are met by higher-level platforms within the Juniper portfolio.
Read Eric Stephenson's full review
Based on a head to head with Cisco ISR platform, it handles very well and exceeds in a few aspects. The ability to attach policy to DNS values is a huge win in the comparison. Juniper embraced the API driven model much easier than Cisco and other vendors, and are able to provide a much better hook-in with that area.
January 31, 2020
Score 10 out of 10
in 2014, our organization did a wholesale forklift of our older network equipment and replaced ALL of it with Juniper gear. We use SRX routers/firewalls/IDP and EX & QFX switches. The smaller SRX-220s are in our 17 branch locations with larger SRX-550s in our 3 data center locations. They are all tied together across a telco's MPLS circuitry and also connected to the Internet to 3rd party partners. Juniper network equipment comprises our entire infrastructure - it has proven to be very reliable and effective, plus has a great ROI, especially when compared to the top networking equipment companies.
- One JUNOS is the Juniper mantra, including for the SRXs. While not entirely true, it comes close enough that if you learn some SRX configuration tricks, they will likely work across all of your SRXs.
- Out of the box, with no additional license required, you have a NextGen firewall, by default. You can turn off the firewall and have just a plain ole router.
- Technical support is often lacking. By that, I mean that Tier 1 support frequently has to escalate to the next group. I find that most of my support calls don't get resolved until I hit about Tier 3. Plus it takes minimum of 3 days with medium priority issues.
- Automation is very flexible, but because there are so many options, it would great to have a road map to perform the most frequent automation tasks.
SRXs seem to be well suited at the enterprise level for plain routers, firewalls, and IDP/IDS. They work well on MPLS and Ethernet, including Internet. I have 3 SRXs also performing edge duty, with 2 in a high availability (HA) cluster. The Juniper line of SRXs provides a good range of scaling from small business to extremely large enterprise. Wire speed is a common comparison factor and Juniper shines in that area.
Read this authenticated review
This is the one area where I have a beef with Juniper. When I called into Cisco TAC, 90% of the time, the first person I spoke with was able to resolve my issue. With Juniper TAC, 90% of the time, the first person I speak with is not able to resolve my issue, seems to almost be reading from a script, and must escalate my ticket. All of which takes time.
January 13, 2020
We use the Juniper SRX platform to connect two buildings with metro ethernet between two buildings, including link failover, provide high reliability between sites. Our carriers drop LACP frames and most other layer-2 uplink aggregation protocols, so we used specific features on the Juniper SRX platform to implement connectivity testing on each end, with automatic route injection on failover.
- The Juniper SRX platform is easy to set up (out of the box).
- The support team responds to tickets quickly and with good solutions.
- My only real criticism of the product is that it's hard to figure out how to upgrade the firmware from the CLI via TFTP via the docs, but it works great once you get it sorted.
I don't know much about the rest of the line, but if you require a primary branch-grade router with sub-gig throughput and some enterprisey software features, or you need an actual branch router for an office branch, the Juniper SRX is a solid choice. The out-of-box web GUI setup is pretty easy if you choose to set it up as a "real" router, but you can ignore the GUI entirely and configure layer 2/3 ports all you want with a robust CLI.
Read Bear Golightly's full review
I have contacted support twice, once for licensing and again for help figuring out how to achieve what I want. The licensing issue was solved immediately, and the technician provided links to documentation on the specific feature I needed to implement, and I had it resolved within an hour.
March 22, 2017
We use the Juniper SRX for various purposes ranging from dedicated site-to-site VPN endpoints, to standard firewall, to all-in-one router/firewall/switching. We use the Juniper SRX for our own internal use, as well as for our clients.
- Ease and stability of configuration. Automatic rollback makes changes foolproof.
- Strong range of hardware options in all tiers.
- Common OS and configuration across all models and even other Juniper products.
- Some of the more complex setups (clustered HA, etc.) can be a little difficult to configure.
- The lowest-end model that supports true multi-site HA is relatively expensive. It would be nice to have that option in lower models.
- Some configuration options (particularly the way address book entries are done) can get tedious and make for very long configs.
- Well suited for any application where a firewall or routing is needed.
- Compared to other offerings, it is really the best.
- The only area where there may be a need for something different is for high-end DDoS protection.
Read Randy Carpenter's full review
It is pretty good. There are sometimes minor issues.
We use the Juniper SRX series FWs as our edge firewalls, core FWs and VPN P2P peers. We use these in our dept, other dept and divisions make their own decisions on products and vendors to suit their specific needs. The SRX provides us the security we require at a price point much better than other options. Once the learning curve is leveled out, the easy of use for making changes or undoing changes is far greater than other manufactures methods. In a 24/7/365 environment, it's critical that changes be made in a timely manner with minimum errors, Junos provides a great way to validate the change and an automated rollback if any unintended outcomes occur.
- The Junos OS provides engineers the ability to review past changes and see who made the change which can be a huge advantage when troubleshooting issues that recently manifested themselves in a network. Not all issues pop up right away, so this is a great tool to see how the environment has changed in the recent past.
- Junos uses a 2 config process to make changes and put into operation, a operational config and a proposed config called a candidate config. This allows engineers making changes to see the entire proposed changes and confirm its accuracy prior to implementing.
- Configuration changes can be done in several different methods. Once you get comfortable with each, making quick changes can done easily and validated prior to committing to operation.
- There's not a lot about the SRX that I don't like but if I had to say, I'd say the remote access VPN and associated client app needs improvement and by using a 3rd party as the client app provider this made troubleshooting RA issues much more difficult. For this reason, we do not use the SRX for RA VPNs.
Read Robert Beck's full review
The Juniper SRX is a great product for almost any deployment, the form factor, the price point, the power and ease of use make it an all purpose FW for any situation.
We have multiple clients that are utilizing Juniper SRXs that we administer, some of which are used for specific depts/uses some of which are for an entire Branch. The business problems that this addresses is perimeter security, allowing you to block traffic based off IP and port.
- These will route your traffic well and support most all major routing protocols.
- VPN Termination is straightforward compared to some competitors.
- The commit feature on the SRX puts it way ahead in the ability to roll back changes in case of an error/unplanned consequence.
- This is personal preference, but I strongly dislike the XML format that is displayed if you do not use the display set option.
- Commands to do some simple operations are much longer/more cumbersome compared to some of its main counterparts.
- The lack of application detection is a big knock on these, we ended up replacing the one in my office with a next-gen firewall to give us greater control.
Read this authenticated review
I think if you're using it internally, maybe for segregation in the datacenter, this could excel if you're not worrying about application filtering. The firewalling policies are little more cumbersome to configure but are more robust than a basic ACL.
Juniper SRX Scorecard Summary
Feature Scorecard Summary
What is Juniper SRX?
Juniper SRX is a firewall and web security gateway. It can be deployed on-premises, as well as virtually for smaller use cases, and is optimized for enterprise-level use. Each of the SRX line are based on the Junos OS, which enables three-in-one routing, switching, and security. The features of a given product in the line are purpose-built to the scope of the business needs. These features start with base next-generation firewall (NGFW) and Unified Threat Management (UTM) capabilities. From there, the offerings scale up to include additional scalability and customizability, as well as Advanced Threat Protection and SSL inspection.
Juniper SRX Video
Juniper SRX Technical Details
Frequently Asked Questions
Juniper SRX is a firewall offering. It provides a variety of modular features, scaled for enterprise-level use, based on a 3-in-1 OS that enables routing, switching, and security in each product.
Reviewers rate VPN highest, with a score of 9.7.
The most common users of Juniper SRX are from Enterprises and the Information Technology & Services industry.