TrustRadius
Juniper SRX is product-line of firewall technology and intrusion detection / prevention systems from Juniper Networks in California.https://media.trustradius.com/product-logos/0K/BL/1F7ZQK20X4JW.pngJuniper NetworksJuniper SRX: The best choice for enterprise firewall.2016-10-10T20:42:13.053ZWe use the Juniper SRX for various purposes ranging from dedicated site-to-site VPN endpoints, to standard firewall, to all-in-one router/firewall/switching. We use the Juniper SRX for our own internal use, as well as for our clients.,Ease and stability of configuration. Automatic rollback makes changes foolproof.
Strong range of hardware options in all tiers.
Common OS and configuration across all models and even other Juniper products.,Some of the more complex setups (clustered HA, etc.) can be a little difficult to configure.
The lowest-end model that supports true multi-site HA is relatively expensive. It would be nice to have that option in lower models.
Some configuration options (particularly the way address book entries are done) can get tedious and make for very long configs.,9,It is difficult to measure ROI, as the SRX is a basic requirement for us.,Cisco ASA,Juniper Enterprise Routers, Juniper Ethernet Switches, Ruckus Wireless,25,2,Routing
Firewall,10,8,Yes,Nothing really that I can think of that would be characterized as "exceptional"Randy CarpenterNew to Junos and loving it.2016-07-15T18:32:51.039ZWe use the Juniper SRX series FWs as our edge firewalls, core FWs and VPN P2P peers. We use these in our dept, other dept and divisions make their own decisions on products and vendors to suit their specific needs. The SRX provides us the security we require at a price point much better than other options. Once the learning curve is leveled out, the easy of use for making changes or undoing changes is far greater than other manufactures methods. In a 24/7/365 environment, it's critical that changes be made in a timely manner with minimum errors, Junos provides a great way to validate the change and an automated rollback if any unintended outcomes occur.,The Junos OS provides engineers the ability to review past changes and see who made the change which can be a huge advantage when troubleshooting issues that recently manifested themselves in a network. Not all issues pop up right away, so this is a great tool to see how the environment has changed in the recent past.
Junos uses a 2 config process to make changes and put into operation, a operational config and a proposed config called a candidate config. This allows engineers making changes to see the entire proposed changes and confirm its accuracy prior to implementing.
Configuration changes can be done in several different methods. Once you get comfortable with each, making quick changes can done easily and validated prior to committing to operation.,There's not a lot about the SRX that I don't like but if I had to say, I'd say the remote access VPN and associated client app needs improvement and by using a 3rd party as the client app provider this made troubleshooting RA issues much more difficult. For this reason, we do not use the SRX for RA VPNs.,8,Although I'm not a part of the budgeting process, I do know that by using Juniper SRXs, we were able to get the products we needed with much less issues and justifications as other product we've purchased in the past.,Cisco ASA,Cisco IOS SecurityRobert BeckSRX Review2016-07-12T20:16:05.465ZWe have multiple clients that are utilizing Juniper SRXs that we administer, some of which are used for specific depts/uses some of which are for an entire Branch. The business problems that this addresses is perimeter security, allowing you to block traffic based off IP and port.,These will route your traffic well and support most all major routing protocols.
VPN Termination is straightforward compared to some competitors.
The commit feature on the SRX puts it way ahead in the ability to roll back changes in case of an error/unplanned consequence.,This is personal preference, but I strongly dislike the XML format that is displayed if you do not use the display set option.
Commands to do some simple operations are much longer/more cumbersome compared to some of its main counterparts.
The lack of application detection is a big knock on these, we ended up replacing the one in my office with a next-gen firewall to give us greater control.,3,If you were using this for internal firewalling for traffic you "trust" this could provide a positive impact on your infrastructure.
For a perimeter firewall I am not impressed with lack of a lot of current next gen technologies (at least on the models I have used).
The return on investment can be very good in the right situation. The low cost vs competitors offers great ROI.,Palo Alto Networks PA-500, Check Point 13000 Appliances, Fortinet FortiGate, Cisco ASA and Dell SonicWALL Aventail,Palo Alto Networks PA-3000 Series, Check Point 13000 Appliances, Fortinet FortiGateVerified User
Unspecified
Juniper SRX
17 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
