We performed a comparison between Juniper SRX Series Firewall and Palo Alto Networks NG Firewalls based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Juniper SRX Series Firewall is highly regarded for its simplicity, intuitive interface, and exceptional customer assistance. It provides advantageous capabilities, including site-to-site VPN, effortless configuration, and a robust command line. Palo Alto Networks NG Firewalls excel in embedded machine learning, formidable security functionalities, and a cohesive platform. They present features such as application identification, DNS security, URL filtering, and GlobalProtect VPN.
Juniper SRX Series Firewall could enhance its capacity, reporting and alerts, user interface, device reliability, documentation, and feature set. Palo Alto Networks NG Firewalls would benefit from improved customization, configuration simplicity, machine learning capabilities, troubleshooting tools, documentation, user interface, VPN availability, and product stability.
Service and Support: Customers have generally found the customer service of Juniper SRX Series Firewall to be satisfactory, with helpful and knowledgeable support. Palo Alto Networks NG Firewalls have received mixed feedback, as some customers have praised the support while others have expressed dissatisfaction.
Ease of Deployment: The setup process for Juniper SRX Series Firewall is time-consuming, varying based on the environment's complexity. Palo Alto Networks NG Firewalls are known for their simplicity and ease of use. Palo Alto is considered more user-friendly and has a quicker deployment time.
Pricing: The setup cost for Juniper SRX Series Firewall is seen as simple, while Palo Alto Networks NG Firewalls are considered to be more expensive than other vendors. Juniper's pricing is fair and within budget, while Palo Alto's pricing is justified considering the level of security and features offered.
ROI: Juniper SRX Series Firewall is praised for its reliability, consistent performance, and advanced security capabilities, which ultimately lead to a favorable return on investment. Palo Alto Networks NG Firewalls excel in providing better visibility, detailed reporting, and streamlined management, resulting in decreased administrative burden.
Comparison Results: Based on the comparison between Juniper SRX Firewall and Palo Alto Networks NG Firewalls, it is evident that users prefer Palo Alto Networks NG Firewalls. This is due to its embedded machine learning for real-time attack prevention, strong security capabilities, and a unified platform that offers ease of use and maintenance. Users appreciate the advanced security features and user-friendly interface.
"It's quite comfortable to handle the FortiGate firewall."
"The most valuable feature is the web filter."
"Centralized monitoring, policy management, and virtualized appliances allow us to take control over our public and private infrastructure."
"The most valuable feature of Fortinet FortiGate is the simple configuration."
"We use a lot of function on the IPS and it works well for us."
"It has improved our organization with control data."
"It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working."
"The interface is very user-friendly and I like it very much."
"From a protection perspective, it provides a network perimeter security function for our company."
"The rollback option and Commit Confirmed are great features. They give us the security to change configurations without downtime."
"It is very fast and very easy to maintain. Another nice part of it is that you can easily extract the logs and move them over to a security operations center."
"The setup is pretty straightforward."
"If we need to define our user system from an anti-spam perspective, we can constantly update the antivirus."
"We think they have a good interface, the operating system is good, it's robust. It has plenty of great features, and the relation between the cost and benefits works for our business."
"The most valuable features of the Juniper SRX Series Firewall are the user-friendly UI, and accessing the solution is simple."
"Using a Juniper CLI, you configure a "candidate configuration", then "commit" it to bring it live. If you do not like it or messed up something, you just "rollback" to the previous configuration. It can all be done in a matter of minutes. This is super handy once you get use to it."
"Overall, it is a good solution. It is stable. We use URL filtering, which is useful for blocking undesired URLs."
"We like the fact that this product can provide multiple layers of protection depending on our clients requirements, and can be configured to whatever level of protection and the specific protocols that they want."
"We have found the application control to be the most valuable feature. Also, Layer 7, because all other products are working up to the maximum capacity. But Palo Alto is benefiting us, especially in application control management. We are able to differentiate between Oracle traffic and SQL traffic."
"The sandboxing is valuable and they are frequently updating their signature database. We get new updates every five minutes. That makes it easy to detect new and unknown attacks."
"The most valuable features include the different security zones and the ability to identify applications not only by port numbers but by the applications themselves... And with the single-pass architecture, it provides a good trade-off between security and network performance. It provides good security and good network throughput."
"It worked fine normally."
"The feature that I like the most is its IPS model, the WildFire model. I really like how the whole threat protection model functions, including the vulnerability and anti-spyware aspects. That is really awesome."
"The most valuable aspect of this solution is pre-sales and post-sales because of the support and relationship building."
"Its reporting can be improved. Sometimes, I don't get proper reports."
"There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision."
"Palo Alto has a feature called WildFire Analysis that is unavailable in FortiGate. WildFire is better than a sandbox because it can address zero-day threats and vulnerabilities. It can immediately identify zero-day threats from the cloud."
"Scalability for Fortinet FortiGate needs to be improved. SD-WAN security for this solution also needs some improvement."
"The user interface could be improved to make it less confusing and easier to set up."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN."
"The visibility of the network can be better. The GUI can be improved for better visibility of the network flow. Other solutions have better GUI in terms of network visibility."
"Improvements can be made to the GUI. The GUI can be improved by creating policies to handle IPS requirements. The configuration should be a one-step process. This would make it easier to complete the setup to register the time of operation."
"Juniper SRX could improve by adding an IPX feature."
"It could be more secure."
"It did not improve our safety because the IDS does not detect some attacks, but our anti-virus software did."
"The reporting is lacking."
"The user interface is something that Juniper needs to improve."
"It does have its nuances in terms of deployment. There are always areas to make something easier or more intuitive or make the system auto-negotiate more with existing hardware."
"This solution needs to update for "Next Generation" needs."
"There is a bit of limitation with its next-generation capabilities. They could be better. In terms of logs, I feel like I am a bit limited as an administrator. While I see a lot of logs, and that is good, it could be better."
"We have a lot of the older firewall models, i.e., the PA-220. It seems that with newer operating systems the PA-220 is becoming slower than when I first bought it. It is not really an issue for users who are passing traffic through the firewall, but more from the management access of it."
"Support should be improved, wait times can be long."
"The built-in machine learning features provide some automation, but I think there should be an option for manual review because nothing replaces the human eye."
"The solution has normal authentication, but does not have two-factor or multi-factor authentication. There is room for development there."
"The analysis of the ITS ID by Palo Alto Networks NG Firewalls could be improved."
"I think they need to have a proper hardware version for a smaller enterprise. We had to go to a very high-end version which is very expensive. If we chose the lower-end version, it would not meet our goals. A middle-end is missing in its portfolio."
"We would like to see improvement in the web interface for this solution, so that it can handle updates without manual intervention to put the data in order."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Juniper SRX Series Firewall is ranked 18th in Firewalls with 86 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 162 reviews. Juniper SRX Series Firewall is rated 7.8, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Juniper SRX Series Firewall writes "Highly scalable, user-friendly UI, and easy to maintain". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Juniper SRX Series Firewall is most compared with Cisco Secure Firewall, Palo Alto Networks WildFire, Netgate pfSense, Check Point NGFW and Meraki MX, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Sophos XGS. See our Juniper SRX Series Firewall vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors and best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.