We performed a comparison between Cisco Secure Firewall vs Juniper SRX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. Each of them have a good set of features, and the solution you choose will ultimately be dependent on your company’s specific preferences and requirements.
"The base firewall features are quite valuable to us."
"It's great for capturing the traffic and troubleshooting it."
"The initial setup of Fortinet FortiGate was straightforward."
"FortiGate has a strong security topic which allows all of the Fortinet devices to communicate and share information which makes their security more powerful."
"Customers want to load balance more than eight lines or six internet lines. FortiGate is the only solution that can accomplish this."
"The CLI and GUI do a good job of putting a lot at your fingertips."
"FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all of these features on one device because it can cause performance issues."
"The response is very quick and they can visually resolve our problems in a short period."
"They wanted to leverage something which is equivalent that can give them the next gen features like application awareness and intrusion protection. So that is a major reason they were looking forward to this. The original ASA firewall did not have these features. This was the major reason the customer moved on to Cisco Firepower Threat Defense (FTD). Now they can go ahead and leverage those functionalities."
"The greatest benefit that this has provided to our organization is that we've been able to adjust the time that it takes to implement firewall changes. It's gone from a week to less than half a day to implement a change, which means that our DevOps team can be much more agile, and there is much less overhead on the firewall team."
"The features that are most valuable within the firewall are the IPS as well as the Unified Communications. We also really like the dynamic grouping."
"The command line is the same as it is on the Cisco iOS router."
"I like that it is easy to change the settings."
"ASA is stable and with a low level of work required on the maintenance side."
"Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening."
"IPS and Snort are very important because they also differentiate Cisco from other vendors and competitors."
"Great as an inter-segmentation firewall or border or arch-firewall."
"The main features are safeguarding their data and ensuring robust security services for organizational data."
"The virtualization feature is the most valuable feature. Sometimes customers are requesting a private connection using mobile data when they are connecting to remote sites."
"The most valuable features are the security cloud ACP and KPP features."
"The solution has proven to be quite stable."
"I like the routing and firewall features."
"It integrates well with Fortinet and Palo Alto."
"I have used technical support quite a bit, and they are really good."
"Fortinet FortiGate can improve the integration with Active Directory. Additionally, I would like to have a Cloud Controller, such as they do in the Cisco Meraki solution."
"Fortinet FortiGate could improve by having more storage in the hardware for log data."
"They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI."
"One area for improvement is the performance on bandwidth demands for smaller devices, as well as better web filtering."
"The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. When I have used the Sophos solution it is a complete solution, in Fortinet FortiGate you have to use additional tools to have the features needed."
"Monitoring and reporting could be better."
"MTBF: Hardware failure is more common when compared to SonicWall or Cisco ASA."
"They should improve the interface to make it more user-friendly."
"Initial setup was fairly complex."
"Antivirus features must be integrated for end user security."
"The content filtering on an application level is not as good as other solutions such as Palo Alto."
"The license system is also good but it's not very impressive. It's a very regular licensing system. They call it a smart license which means that your device will connect to the internet. This is a little bit of a headache for some customers. It doesn't make the customer happy because most of the customers prefer not to connect their firewall or system to the internet."
"One thing that we really would have loved to have was policy-based routing. We had a lot of connections, and sometimes, we would have liked to change the routing depending on the policies, but it was lacking this capability. We also wanted application filtering and DNS filtering."
"The access layer of this solution could be improved in terms of the way the devices interconnect with our network. We need to be able to analyze the traffic between the different interconnection in these areas."
"The scalability has room for improvement."
"Multiple WAN connections: Even though you can implement more than one interface to outside connections, it is lacking on load balances, etc."
"I've noticed that the management interface could use some updates and upgrades."
"The workplace management console needs improvement. It should be a little bit more developed. Also, the interface needs a bit more improvement."
"There are a lot of features that customers do not know about and I think that better documentation would help when it comes to learning how to use the product."
"It would be good if Junos had "unique commands" between all hierarchical levels, discarding the use of the "Run" command."
"It could have features that other products support like blade options and stand-alone endpoint security."
"The setup process should be improved."
"IPS is one that I would definitely want to be improved. I would also like SSL VPN to be integrated."
"The CPU switch could be improved for a better overall performance of traffic flow."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Juniper SRX Series Firewall is ranked 19th in Firewalls with 86 reviews. Cisco Secure Firewall is rated 8.2, while Juniper SRX Series Firewall is rated 7.8. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Juniper SRX Series Firewall writes "Highly scalable, user-friendly UI, and easy to maintain". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Check Point NGFW, whereas Juniper SRX Series Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Palo Alto Networks NG Firewalls, Check Point NGFW and Meraki MX. See our Cisco Secure Firewall vs. Juniper SRX Series Firewall report.
See our list of best Firewalls vendors and best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.