We performed a comparison between Cisco Secure Firewall vs Juniper SRX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. Each of them have a good set of features, and the solution you choose will ultimately be dependent on your company’s specific preferences and requirements.
"Its user interface is good, and it is always working fine."
"The most valuable feature is the policy routing and application control."
"The stability and scalability of this solution are satisfactory. Its SD-WAN, VPN, and URL filtering features are very useful."
"It's a user-friendly firewall. Most of the tasks are very simple. It's simple to configure and troubleshoot this firewall."
"Fortinet FortiGate is user-friendly and affordable."
"FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features."
"Fortigate's most valuable feature is that it doesn't need a push policy when writing rules."
"It's user-friendly and easy to operate."
"I like the ASDM for the firewall because it is visual. With the command line, it is harder to visualize what is going on. A picture is worth a thousand words."
"The whole firewall functionality, including firewall policies and IPS policies, is valuable. It has all kinds of functionalities. It has IPS, VPN, and other features. They are doing quite a lot of stuff with their devices."
"ASA is stable and with a low level of work required on the maintenance side."
"I like them mostly because they don't break and they have great diagnostics."
"Application inspection, network segmentation, and encrypted traffic detection or encrypted traffic analysis (ETA) are valuable for our customers."
"It is a highly stable product. We rarely receive any serious outdates, so it works quite well."
"With Cisco, there are a lot of features such as the network map. Cisco builds the whole network map of the machines you have behind your firewall and gives you insight into the vulnerabilities and attributes that the host has. Checkpoint and Fortinet don't have that functionality directly on the firewall."
"One of the best features is the ease of use. It's also easy to teach new engineers to use the ASA CLI."
"The command line in Juniper SRX is extremely powerful, in my opinion. It's one of the best command lines I've used in networking products."
"Juniper supports their products very well."
"We did not have problems with scaling, as we have less than 500 users in our organization."
"It is very fast and very easy to maintain. Another nice part of it is that you can easily extract the logs and move them over to a security operations center."
"Performance is a strong point."
"The IPSec configuration is going well."
"What I like the most about Juniper is that they have the same CLI on all routers, switches, and firewalls. If you have worked with any Juniper device, such as a Juniper router, you will be able to work with an SRX, which is really cool. It is a nice experience to work with every device of Juniper, not only firewalls."
"The solution is stable, inexpensive, and works well for medium size companies."
"The solution could be more secure and stable."
"The price of FortiGate should be reduced because there are some other leading products that are cheaper."
"Fortinet FortiGate could improve by adding enhancements to FortiMail, FortiSOAR, and FortiDeceptor."
"The support system could be improved."
"The logs need to be better. They need to be more visible and easier to access."
"The pricing could be reduced or include the first year warranty."
"It should provide better visibility over the network and more information in the form of reports for the end users. Its installation should also be easier."
"I don't like that anything more than very basic reporting is not included."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"One of my main concerns, an area that could use improvement is in adjusting the need to buy a license to enable features."
"The Cisco ASA device needs overall improvement, as configurations alone do not completely secure my network."
"In terms of what could be improved, I would say the UTM part should be more integrated for one price, because if you buy ASA from Cisco, you need to buy another contract service from Cisco as a filter for the dictionary of attacks. In Fortinet, you buy a firewall and you have it all."
"On firewall features, Fortinet is better. Cisco needs to become more competitive and add more features or meet Fortinet's offering."
"The product would be improved if the GUI could be brought into the 21st Century."
"We would like to see improvement in recovery. If there is an issue that forces us to do recovery, we have to restart or reboot. In addition, sometimes we have downtime during the maintenance windows. If Cisco could enhance this, so that upgrades would not necessarily require downtime, that would be helpful."
"The scalability has room for improvement."
"To compare with Fortinet, Juniper needs to improve their security features."
"it would be more powerful if Juniper brought out a security product other than the firewall, like anti-spam, endpoint protection, etc. Customers who want to deploy security solutions are not just thinking about firewalls... Juniper should have an end-to-end solution, from the endpoint to the network level."
"Its logging is very good, but we would like to have an easier way of creating more reports. We would like to be able to manipulate the reports or manage the way the reports are coming out."
"We purchased three devices and all three have been replaced under RMA."
"Improvements can be made to the GUI. The GUI can be improved by creating policies to handle IPS requirements. The configuration should be a one-step process. This would make it easier to complete the setup to register the time of operation."
"Both the web management and the graphical user interface are inadequate and should be improved."
"It would be good if Junos had "unique commands" between all hierarchical levels, discarding the use of the "Run" command."
"The CLI is verbose. You have to say a lot to do a little. I don't like that part of it. Cisco's command syntax seems to be a good bit more concise. When you're trying to get something done, you don't want to have to type a bunch."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Juniper SRX Series Firewall is ranked 19th in Firewalls with 86 reviews. Cisco Secure Firewall is rated 8.2, while Juniper SRX Series Firewall is rated 7.8. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Juniper SRX Series Firewall writes "Highly scalable, user-friendly UI, and easy to maintain". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Check Point NGFW, whereas Juniper SRX Series Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Palo Alto Networks NG Firewalls, Check Point NGFW and Meraki MX. See our Cisco Secure Firewall vs. Juniper SRX Series Firewall report.
See our list of best Firewalls vendors and best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.