SRX: A very versitile Router/Firewall Box
April 30, 2021

SRX: A very versitile Router/Firewall Box

Amr Momtaz | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with Juniper SRX

The Juniper SRX is a very capable firewall & router. It is a versatile appliance that can fit into many designs, it can be placed as an Internet GW, as a DC firewall, as a DMZ Firewall, as a North-South Firewall & Router, as an edge router/firewall. It mainly addresses the need for a L3 feature rich device (VRFs, BGP, GRE...) as well as security features (Security, IPSEC, IPS, URL Filtering, ...).

The combination of routing instances, support for multiple tunneling (Route Based IPSEC, Policy Based IPSEC, GRE, ...) with the advanced BGP features makes the vSRX perfect for an edge device in your DC or Cloud design.

The boxes can be physical or virtual and support active/standby configuration for high availability config.
  • Edge Device (Tunneling & Routing)
  • Routing Instances
  • Zone Based Firewall
  • L3 Gateway/Vlan termination
  • DHCP Server & DHCP Relay
  • Good support community & Good available documentation
  • Good support by the Vendor
  • The GUI is pretty basic and need some enhancements
  • Edge Device/Tunnel Termination
  • Routing (eBGP)
  • Zone Based Firewall
  • L3 Gateway
  • DHCP Server/Relay
  • Solid Return of investment as an edge gateway appliance
  • Very versatile appliance that supports multiple deployment scenarios and configuration. one ha/pair can serve multiple functions using Routing Instances.
  • Great support by the vendor, community and online resources
  • it is not hard to find people with Juniper experience and there is training courses and resources that can help anyone with networking experience pick it up and be able to administrate and configure the box.
The juniper is very versatile router/firewall box. it is an excellent router/edge device with zone based firewall.

The PaloAlto and the Fortinet have better GUIs and similar firewall featureset but they are not as flexible routers.

The Cisco CSR1kv is the only box that I would rank similar or higher to the Juniper SRX as it is as versatile as a router and supports the same security feature-set as the Juniper but it has better support and Cisco IOS is more widely adopted by the industry.

Do you think Juniper SRX delivers good value for the price?

Yes

Are you happy with Juniper SRX's feature set?

Yes

Did Juniper SRX live up to sales and marketing promises?

Yes

Did implementation of Juniper SRX go as expected?

Yes

Would you buy Juniper SRX again?

Yes

VMware NSX, IBM Cloud for VMware Solutions, Veeam Backup & Replication, VMware HCX (CloudVelox), Palo Alto Networks Next-Generation Firewalls - PA Series, Cisco Cloud Services Router 1000V Series (CSR 1000V)
Juniper vSRX is an excellent edge gateway device. The combination of Tunneling protocols supported and the advanced routing & security features makes it perfect for this kind of deployment. It is available in physical, virtual appliances as well as support on multiple clouds so you can have the same box be your edge gateway in multiple environments for consistency.

It can also work as a Internet Gateway, DMZ Firewall/Router and it would function just fine.

While it can also work as a DC firewall (North-South), the poor GUI will make it harder in the day to day administration for the multiple policies in a DC.

Juniper SRX Feature Ratings

Identification Technologies
6
Visualization Tools
5
Content Inspection
7
Policy-based Controls
7
Active Directory and LDAP
7
Firewall Management Console
5
Reporting and Logging
7
VPN
9
High Availability
9
Stateful Inspection
9
Proxy Server
7