Reviews (1-5 of 5)
January 13, 2020
Score 8 out of 10
We use the Juniper SRX platform to connect two buildings with metro ethernet between two buildings, including link failover, provide high reliability between sites. Our carriers drop LACP frames and most other layer-2 uplink aggregation protocols, so we used specific features on the Juniper SRX platform to implement connectivity testing on each end, with automatic route injection on failover.
- The Juniper SRX platform is easy to set up (out of the box).
- The support team responds to tickets quickly and with good solutions.
- My only real criticism of the product is that it's hard to figure out how to upgrade the firmware from the CLI via TFTP via the docs, but it works great once you get it sorted.
Read Bear Golightly's full review
I don't know much about the rest of the line, but if you require a primary branch-grade router with sub-gig throughput and some enterprisey software features, or you need an actual branch router for an office branch, the Juniper SRX is a solid choice. The out-of-box web GUI setup is pretty easy if you choose to set it up as a "real" router, but you can ignore the GUI entirely and configure layer 2/3 ports all you want with a robust CLI.
January 31, 2020
Score 10 out of 10
in 2014, our organization did a wholesale forklift of our older network equipment and replaced ALL of it with Juniper gear. We use SRX routers/firewalls/IDP and EX & QFX switches. The smaller SRX-220s are in our 17 branch locations with larger SRX-550s in our 3 data center locations. They are all tied together across a telco's MPLS circuitry and also connected to the Internet to 3rd party partners. Juniper network equipment comprises our entire infrastructure - it has proven to be very reliable and effective, plus has a great ROI, especially when compared to the top networking equipment companies.
- One JUNOS is the Juniper mantra, including for the SRXs. While not entirely true, it comes close enough that if you learn some SRX configuration tricks, they will likely work across all of your SRXs.
- Out of the box, with no additional license required, you have a NextGen firewall, by default. You can turn off the firewall and have just a plain ole router.
- Technical support is often lacking. By that, I mean that Tier 1 support frequently has to escalate to the next group. I find that most of my support calls don't get resolved until I hit about Tier 3. Plus it takes minimum of 3 days with medium priority issues.
- Automation is very flexible, but because there are so many options, it would great to have a road map to perform the most frequent automation tasks.
Read this authenticated review
SRXs seem to be well suited at the enterprise level for plain routers, firewalls, and IDP/IDS. They work well on MPLS and Ethernet, including Internet. I have 3 SRXs also performing edge duty, with 2 in a high availability (HA) cluster. The Juniper line of SRXs provides a good range of scaling from small business to extremely large enterprise. Wire speed is a common comparison factor and Juniper shines in that area.
March 22, 2017
We use the Juniper SRX for various purposes ranging from dedicated site-to-site VPN endpoints, to standard firewall, to all-in-one router/firewall/switching. We use the Juniper SRX for our own internal use, as well as for our clients.
- Ease and stability of configuration. Automatic rollback makes changes foolproof.
- Strong range of hardware options in all tiers.
- Common OS and configuration across all models and even other Juniper products.
- Some of the more complex setups (clustered HA, etc.) can be a little difficult to configure.
- The lowest-end model that supports true multi-site HA is relatively expensive. It would be nice to have that option in lower models.
- Some configuration options (particularly the way address book entries are done) can get tedious and make for very long configs.
Read Randy Carpenter's full review
- Well suited for any application where a firewall or routing is needed.
- Compared to other offerings, it is really the best.
- The only area where there may be a need for something different is for high-end DDoS protection.
We use the Juniper SRX series FWs as our edge firewalls, core FWs and VPN P2P peers. We use these in our dept, other dept and divisions make their own decisions on products and vendors to suit their specific needs. The SRX provides us the security we require at a price point much better than other options. Once the learning curve is leveled out, the easy of use for making changes or undoing changes is far greater than other manufactures methods. In a 24/7/365 environment, it's critical that changes be made in a timely manner with minimum errors, Junos provides a great way to validate the change and an automated rollback if any unintended outcomes occur.
- The Junos OS provides engineers the ability to review past changes and see who made the change which can be a huge advantage when troubleshooting issues that recently manifested themselves in a network. Not all issues pop up right away, so this is a great tool to see how the environment has changed in the recent past.
- Junos uses a 2 config process to make changes and put into operation, a operational config and a proposed config called a candidate config. This allows engineers making changes to see the entire proposed changes and confirm its accuracy prior to implementing.
- Configuration changes can be done in several different methods. Once you get comfortable with each, making quick changes can done easily and validated prior to committing to operation.
- There's not a lot about the SRX that I don't like but if I had to say, I'd say the remote access VPN and associated client app needs improvement and by using a 3rd party as the client app provider this made troubleshooting RA issues much more difficult. For this reason, we do not use the SRX for RA VPNs.
Read Robert Beck's full review
The Juniper SRX is a great product for almost any deployment, the form factor, the price point, the power and ease of use make it an all purpose FW for any situation.
We have multiple clients that are utilizing Juniper SRXs that we administer, some of which are used for specific depts/uses some of which are for an entire Branch. The business problems that this addresses is perimeter security, allowing you to block traffic based off IP and port.
- These will route your traffic well and support most all major routing protocols.
- VPN Termination is straightforward compared to some competitors.
- The commit feature on the SRX puts it way ahead in the ability to roll back changes in case of an error/unplanned consequence.
- This is personal preference, but I strongly dislike the XML format that is displayed if you do not use the display set option.
- Commands to do some simple operations are much longer/more cumbersome compared to some of its main counterparts.
- The lack of application detection is a big knock on these, we ended up replacing the one in my office with a next-gen firewall to give us greater control.
Read this authenticated review
I think if you're using it internally, maybe for segregation in the datacenter, this could excel if you're not worrying about application filtering. The firewalling policies are little more cumbersome to configure but are more robust than a basic ACL.
Juniper SRX Scorecard Summary
Feature Scorecard Summary
About Juniper SRX
Juniper SRX Technical Details