We just raised a $30M Series A: Read our story

Compare Cisco IOS Security vs. Juniper SRX

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Cisco IOS Security vs. Juniper SRX and other solutions. Updated: November 2021.
553,954 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS).""It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS.""A good intrusion prevention system and filtering.""The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic.""The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy.""We have not had to deal with stability issues.""When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well.""The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."

More Cisco Firepower NGFW Firewall Pros »

"Cisco is head-and-shoulders above all of the competition when it comes to technical support.""Cisco has always been a premium product. There's a lot of other entry-level solutions. This is more robust.""The technical is excellent.""The capabilities for scalability with this product are huge""One of the main features is that the hardware is extremely reliable.""We are able to filter a lot of traffic especially when a lot of the traffic is in layer 7.""The solution is very user-friendly and easy to deal with.""Completely integrates branch offices with perimeter security."

More Cisco IOS Security Pros »

"We did not have problems with scaling, as we have less than 500 users in our organization.""The solution has proven to be quite stable.""I like that Juniper SRX is easy to use, scalable, and stable with good performance.""The firewall features and the routing capability are the most valuable.""The reason that we picked Juniper SRX is for the scalability, the fit for purpose, the tools that are available, the ongoing support and the ability to monitor, but particularly for the virtual routers in our data centers so that we can quickly upscale them when needed, when we need more throughput.""The solution has been good for fulfilling our basic needs.""I have used technical support quite a bit, and they are really good.""The EEE security controls allow us to make policy restrictions, so I can customize port numbers to allow or limit control."

More Juniper SRX Pros »

Cons
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore.""The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs.""One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue.""Its interface is sometimes is a little bit slow, and it can be improved. When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode. In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment.""Implementations require the use of a console. It would help if the console was embedded.""They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me.""The performance should be improved.""The initial setup can be a bit complex for those unfamiliar with the solution."

More Cisco Firepower NGFW Firewall Cons »

"The pricing is the only con for this product.""It would be ideal if the solution had more capacity.""The configuration should be easier in the solution.""Signatures and other critical definitions need to be updated more frequently.""The company needs to make its solution more affordable to make it more accessible to larger markets. Otherwise, it's seen as an enterprise-level solution that small or medium-sized organizations can't afford and therefore they won't even look at it.""There could be a bit more functions on offer that could make it easier to use.""I think they should bring back remote VPN for users.""The user interface needs to be improved."

More Cisco IOS Security Cons »

"In the next release, I would like to have a better web interface. It needs to be more user-friendly. Right now, you can only access many features through the console.""The interface could be more user-friendly.""As a networking person, I don't really have any major issues with this device. Based on my experience of using it in a cluster, it could be more stable. I had an incident when one of the SRXs in a cluster couldn't learn ARP. It is a good solution, but firewalls don't seem to be an area of development for Juniper. They are focusing on data centers, routers, and switches, not firewalls.""The configuration is difficult and it should be easier.""The training videos that are available need to be improved, and made more educative.""The user interface and the GUI need improvement.""The capacity can be limiting. We have outgrown its capacity. You can only scale up to a certain extent, depending on the device purchased.""The solution isn't very granular or detailed."

More Juniper SRX Cons »

Pricing and Cost Advice
"When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today.""I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way.""The solution was chosen because of its price compared to other similar solutions.""The price of Firepower is not bad compared to other products.""When we purchased the firewall, we had to take the security license for IPS, malware protection, and VPN. If we are using high availability, we have to take a license for that. We also have to pay for hardware support and technical support. Its licensing is on a yearly basis.""There are additional implementation and validation costs.""The price is comparable.""Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."

More Cisco Firepower NGFW Firewall Pricing and Cost Advice »

"Palo Alto networks are more expensive than this solution and this is why you will see more products like this one in Mexico.""Price is certainly something that the IOS technology has fallen behind the competition on.""The price of the solution should be cheaper, and the license is purchase annually.""It is necessary to pay for a license in order to use the solution. It is on a yearly basis and the price is high.""The pricing is okay. It is competitive. It costs more when you need get more features.""It is an expensive solution."

More Cisco IOS Security Pricing and Cost Advice »

"Compared to other vendors, the pricing of this solution is good.""The product itself is costly and the price of migration is very high.""The price is reasonable.""It is best suited to an enterprise-level, as the mid-range companies may find that the cost is not affordable.""There is a licensing fee.""When you consider performance, price, and features, maybe Juniper is not so cost-effective compared to other solutions like MikroTik.""The price could improve, it is a bit expensive.""This is an expensive product."

More Juniper SRX Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
553,954 professionals have used our research since 2012.
Questions from the Community
Top Answer:  When you compare these firewalls you can identify them with different features, advantages, practices and… more »
Top Answer:  The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
Top Answer: It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
Top Answer: One of the main features is that the hardware is extremely reliable.
Top Answer: Palo Alto networks are more expensive than this solution and this is why you will see more products like this one in… more »
Top Answer: I think they should bring back remote VPN for users. However, I understand the attempt is to have these functions inside… more »
Top Answer: I'm not sure we are satisfied fully with the pricetag of Juniper SRX, but we understand why the dealer prices it this… more »
Top Answer: Its logging is very good, but we would like to have an easier way of creating more reports. We would like to be able to… more »
Comparisons
Also Known As
Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
IOS Security
SRX
Learn More
Overview

Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

Cisco IOS Software delivers a sophisticated set of security capabilities for a comprehensive, layered security approach throughout your network infrastructure. Cisco IOS security technologies help to defend critical business processes against attack and disruption, protect privacy, and support policy and regulatory compliance controls.
High-performance security with advanced, integrated threat intelligence, delivered on the industry's most scalable and resilient platform. SRX Series gateways set new benchmarks with 100GbE interfaces and feature Express Path technology, which enables up to 1 Tbps performance for the data center.
Offer
Learn more about Cisco Firepower NGFW Firewall
Learn more about Cisco IOS Security
Learn more about Juniper SRX
Sample Customers
Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
Arup Group, Brunel University London, City of Biel, Gobierno de Castilla-La Mancha, K&L Gates , New South Wales Rural Fire Service, Offshore Northern Seas, Transplace
7-Eleven, AARNet Pty Ltd, Allegro Networks, alltours GmbH, Apollo Hotel Papendrecht, Armstrong Atlantic State University, Atlantech Online, Availity, Bajaj Capital, Baloise Insurance, BancABC, BAS Group, Black Lotus, Blue Box, Borealis, Carilion Clinic, Catholic Health System, CATV, Champlain College, Chinas Ministry of Railways, China University of Mining and Technology (CUMT), Cloud Dynamics, CloudSeeds, Cloudwatt, CODONiS, Colt Technology Services, Cork Internet Exchange, CSS Versicherung AG, CyrusOne, Danish Crown, Deloitte Belgium, Department of Energy, Divona Telecom, DQE Communications, DreamHost, European Government Agency, Expedient, Financial Market Information Services Provider, Fluidata, Fonality, Fox Sports, Global Financial Institution, Global Investment Bank, Global Investment Company, Energy Sciences Network (ESnet), Goethe University, HEAnet, High Performance Networks Inc., Hillenbrand
Top Industries
REVIEWERS
Comms Service Provider22%
Financial Services Firm16%
Manufacturing Company8%
Non Profit8%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company21%
Government7%
Manufacturing Company4%
REVIEWERS
Financial Services Firm17%
Comms Service Provider17%
Security Firm8%
Computer Software Company8%
VISITORS READING REVIEWS
Comms Service Provider29%
Computer Software Company28%
Government6%
Financial Services Firm4%
REVIEWERS
Comms Service Provider44%
Financial Services Firm16%
Energy/Utilities Company6%
University3%
VISITORS READING REVIEWS
Comms Service Provider36%
Computer Software Company23%
Government5%
Financial Services Firm3%
Company Size
REVIEWERS
Small Business43%
Midsize Enterprise28%
Large Enterprise29%
VISITORS READING REVIEWS
Small Business21%
Midsize Enterprise13%
Large Enterprise66%
REVIEWERS
Small Business29%
Midsize Enterprise42%
Large Enterprise29%
REVIEWERS
Small Business43%
Midsize Enterprise23%
Large Enterprise34%
VISITORS READING REVIEWS
Small Business32%
Midsize Enterprise23%
Large Enterprise45%
Find out what your peers are saying about Cisco IOS Security vs. Juniper SRX and other solutions. Updated: November 2021.
553,954 professionals have used our research since 2012.

Cisco IOS Security is ranked 19th in Firewalls with 10 reviews while Juniper SRX is ranked 14th in Firewalls with 32 reviews. Cisco IOS Security is rated 7.8, while Juniper SRX is rated 7.8. The top reviewer of Cisco IOS Security writes "Prevent unauthorized use of network resources and integrate branch offices with reliability". On the other hand, the top reviewer of Juniper SRX writes "This best in class Next-Gen firewall is elegant in its ease-of-use and architecture". Cisco IOS Security is most compared with Zyxel Unified Security Gateway, Cisco ASA Firewall, Fortinet FortiGate, pfSense and Darktrace, whereas Juniper SRX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, pfSense and Palo Alto Networks VM-Series. See our Cisco IOS Security vs. Juniper SRX report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.