We performed a comparison between Juniper SRX Series Firewall and Palo Alto Networks NG Firewalls based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Juniper SRX Series Firewall is highly regarded for its simplicity, intuitive interface, and exceptional customer assistance. It provides advantageous capabilities, including site-to-site VPN, effortless configuration, and a robust command line. Palo Alto Networks NG Firewalls excel in embedded machine learning, formidable security functionalities, and a cohesive platform. They present features such as application identification, DNS security, URL filtering, and GlobalProtect VPN.
Juniper SRX Series Firewall could enhance its capacity, reporting and alerts, user interface, device reliability, documentation, and feature set. Palo Alto Networks NG Firewalls would benefit from improved customization, configuration simplicity, machine learning capabilities, troubleshooting tools, documentation, user interface, VPN availability, and product stability.
Service and Support: Customers have generally found the customer service of Juniper SRX Series Firewall to be satisfactory, with helpful and knowledgeable support. Palo Alto Networks NG Firewalls have received mixed feedback, as some customers have praised the support while others have expressed dissatisfaction.
Ease of Deployment: The setup process for Juniper SRX Series Firewall is time-consuming, varying based on the environment's complexity. Palo Alto Networks NG Firewalls are known for their simplicity and ease of use. Palo Alto is considered more user-friendly and has a quicker deployment time.
Pricing: The setup cost for Juniper SRX Series Firewall is seen as simple, while Palo Alto Networks NG Firewalls are considered to be more expensive than other vendors. Juniper's pricing is fair and within budget, while Palo Alto's pricing is justified considering the level of security and features offered.
ROI: Juniper SRX Series Firewall is praised for its reliability, consistent performance, and advanced security capabilities, which ultimately lead to a favorable return on investment. Palo Alto Networks NG Firewalls excel in providing better visibility, detailed reporting, and streamlined management, resulting in decreased administrative burden.
Comparison Results: Based on the comparison between Juniper SRX Firewall and Palo Alto Networks NG Firewalls, it is evident that users prefer Palo Alto Networks NG Firewalls. This is due to its embedded machine learning for real-time attack prevention, strong security capabilities, and a unified platform that offers ease of use and maintenance. Users appreciate the advanced security features and user-friendly interface.
"The CLI is robust and powerful, enabling rapid, consistent changes via SSH."
"It increases security posture and is helpful for firewall reporting, intrusion protection, web filtering, and SD-WAN implementation."
"You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances."
"It has improved our organization with control data."
"The solution is stable."
"I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over."
"The security fabric is excellent."
"Secure, user-friendly, stable, and scalable network security solution. Installation is straightforward."
"It integrates well with Fortinet and Palo Alto."
"Commit: You can update the whole configuration without affecting the production. The new configuration will be loaded once the command "Commit" is submitted. You can also do a Commit confirmed to automatically roll back to the previous config after X minutes."
"The reason that we picked Juniper SRX is for the scalability, the fit for purpose, the tools that are available, the ongoing support and the ability to monitor, but particularly for the virtual routers in our data centers so that we can quickly upscale them when needed, when we need more throughput."
"I've found the security features, such as IDS and the VPN most valuable."
"The IPSec configuration is going well."
"The CLI works perfectly."
"Juniper is one of the most powerful network security solutions while remaining simple to use, set up, and scale."
"Juniper supports their products very well."
"I like the sandbox feature, and it's very good. It kills each malware deployment in the sense of signatures within five minutes. So, we can secure our network and infrastructure very well within the stipulated time. The WildFire functionality is very good because a few files are also getting blocked. It's critical as malware attacks are also getting ignored, and the logging is very well maintained in this firewall. The most valuable solutions in this field are application-based firewalls. That is the main criteria of the firewall and functionality. We can get all the logs related to this and each and every packet. I like that the firewall is working as an application. The application-based entity we have deployed is well maintained and working very well. We were able to find lots of vulnerabilities when we deployed it, but we could not disclose all. But there were vulnerabilities we could block by updating the firewall and taking actions on clientside machines. So, we got to know that we have lots of vulnerabilities inside the organization too, and we took lots of steps and resolved the number of vulnerabilities. Palo Alto Networks NG Firewalls is an all-in-one solution. It provides every entity log, which is a very good functionality of this firewall. It gives every packet and aspect that the firewall is performing through its logs, and it does it very well. This firewall's unified platform helped eliminate multiple network security tools. If anyone uses P2P sites, cryptocurrency websites, or any illegal sites, we can block it easily. It gives us a proper alert for these kinds of sites, and it properly secures our network. Monitoring is the best thing we are doing here, and we can block this kind of vulnerability as soon as it comes to us."
"I like the remote access and URL filtering features that are available on global products."
"The most important thing is that it's really user-friendly. I have almost stopped using the CLI because I like the graphical interface. You can do whatever you want on a single screen, including all the configuration and implementation, using Panorama. You don't have to switch from one place to another."
"The most important part of this solution is its reliability, as it just works without any fancy features."
"The solution's most valuable feature is the robust firewall, which we can also use as a UTM device."
"The structure is much faster and more sophisticated than Cisco."
"The most valuable features of this solution are all of the services it provides."
"The technical support is great."
"There are some cloud-based features that could be much more flexible than they currently are."
"Technical support is good but the response time could be faster."
"In terms of what could be improved, the SD-WAN is quite difficult, because if you install the new box, 15 is okay, but if you change from an old configuration, if there is already configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface."
"The monitor and the visibility, in this proxy, is very weak."
"Fortinet FortiGate can be integrated with different platforms. They have integrations in place, but I can't say they're 100%."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"Some of the web policy reports could be improved."
"The solution is very expensive."
"Improvements can be made to the GUI. The GUI can be improved by creating policies to handle IPS requirements. The configuration should be a one-step process. This would make it easier to complete the setup to register the time of operation."
"The solution is quite advanced. You need a lot of training to use it effectively."
"Juniper SRX is stable, but it could improve. FortiGate has better stability than Juniper SRX."
"Juniper SRX could improve by adding an IPX feature."
"The GUI needs improvement."
"Its logging is very good, but we would like to have an easier way of creating more reports. We would like to be able to manipulate the reports or manage the way the reports are coming out."
"When I was going to upgrade the OS, the solution didn't accept certain USB devices."
"As a networking person, I don't really have any major issues with this device. Based on my experience of using it in a cluster, it could be more stable. I had an incident when one of the SRXs in a cluster couldn't learn ARP. It is a good solution, but firewalls don't seem to be an area of development for Juniper. They are focusing on data centers, routers, and switches, not firewalls."
"The only real drawback to this product is that it is expensive. But you get what you pay for and there is no way to put a price on top-notch security."
"I would like to see it provide us with intelligent information from the data that it captures, within the same cost."
"Customers don't want to buy extra things for extra capabilities"
"Its stability can be better. Their technical response from the support side can also be better."
"The solution could be simplified."
"There is a bit of limitation with its next-generation capabilities. They could be better. In terms of logs, I feel like I am a bit limited as an administrator. While I see a lot of logs, and that is good, it could be better."
"The bugs can be improved."
"Having a better pricing model would make this product more competitive, and more affordable for our customers."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Juniper SRX Series Firewall is ranked 19th in Firewalls with 86 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 161 reviews. Juniper SRX Series Firewall is rated 7.8, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Juniper SRX Series Firewall writes "Highly scalable, user-friendly UI, and easy to maintain". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Juniper SRX Series Firewall is most compared with Cisco Secure Firewall, Palo Alto Networks WildFire, Netgate pfSense, Check Point NGFW and Meraki MX, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Sophos XGS. See our Juniper SRX Series Firewall vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors and best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.