We performed a comparison between Cisco Secure Firewall vs Juniper SRX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. Each of them have a good set of features, and the solution you choose will ultimately be dependent on your company’s specific preferences and requirements.
"FortiGate is flexible and easy to use."
"The secure web gateway module and the application control module are valuable. HA operations are very easy."
"Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution."
"There is an easy process for configuring it, and it is straightforward to implement the device from scratch."
"We are using the FortiGate 100D series. VPN, firewall, anti-malware, OTM, and intrusion prevention are useful features."
"The reporting and monitoring are very good."
"The Intrusion Prevention System and the web filtering are both working well."
"Anti-Spam web content filterinG."
"The most valuable feature would be ASDM. The ability to go in, visualize and see the world base in a clear and consistent manner is very powerful."
"Filtering is the best feature."
"The most valuable feature for the customers is that they can control what communication is allowed and what is not allowed. That is, they can allow or deny client traffic."
"Cisco ASA Firewall is a well known product. They're always updating it, and you know what they're doing and that it works."
"The configuration capabilities and the integration with other tools are the most valuable features. I really like this product. Cisco is one of my favorite brands, and I always think Cisco solutions are very reliable, easy to configure, and very secure."
"Collaboration with other Cisco products such as ISE and others is the most valuable feature."
"I like all of the features."
"I like that Cisco Firepower NGFW Firewall is reliable. Support is also good."
"Juniper supports their products very well."
"Most of our clients use it as a traditional firewall, blocking Layer 3 and Layer 4, blocking by transport."
"The CLI works perfectly."
"What I like the most about Juniper is that they have the same CLI on all routers, switches, and firewalls. If you have worked with any Juniper device, such as a Juniper router, you will be able to work with an SRX, which is really cool. It is a nice experience to work with every device of Juniper, not only firewalls."
"We did not have problems with scaling, as we have less than 500 users in our organization."
"The solution is stable, inexpensive, and works well for medium size companies."
"The ports are really versatile for their application and don't always have to be used for the purpose for which they were made."
"We're primarily using Juniper's EPA feature, but not the other things. We use it to manage different points of firewalling of routing."
"With the addition of some features, it is possible that FortiGate can be used in all verticals."
"One area for improvement is the performance on bandwidth demands for smaller devices, as well as better web filtering."
"Fortinet FortiGate should improve the VPN tokens."
"The graphical user interface of Fortinet's FortiGate product does not function well with text-based interfaces."
"We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs."
"One of the features that I would like to have is to do with endpoint production, it should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not."
"The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall."
"The routing capability on the FortiGate devices has room for improvement."
"I would like to see the inclusion of more advanced antivirus features in the next release of this solution."
"I was just trying to learn how this product actually operates and one thing that I see from internal processing is it does fire-walling and then sends it to the IPS model and any other model that needs to be performed. For example, content checking or filtering will be done in a field processing manner. That is something that causes delays in the network, from a security perspective. That is something that can be improved upon. Palo Alto already has implemented this as a pilot passed processing. So they put the same stream of data across multiple modules at the same time and see if it is giving a positive result by using an XR function. So, something similar can be done in the Cisco Firepower. Instead of single processing or in a sequential manner, they can do something similar to pile processing. Internal function that is something that they can improve upon."
"We have more than one Cisco firewall and it is difficult for me to integrate both on the single UI."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"The interface for monitoring could be improved to allow better views to make troubleshooting easier."
"Other products are becoming easier to access and configure. They are providing UI interfaces to configure, take backup, synchronize redundant machines, and so on. It is very easy to take backup and upgrade the images in those products. Cisco ASA should have such features. If one redundant machine is getting upgraded, the technology and support should be there to upgrade other redundant machines. In a single window, we should be able to do more in terms of backups, restores, and upgrades."
"With regards to stability, we had a critical bug come out during our evaluation... not good."
"The service could use a little more web filtering. If I compare it to Cyberoam, Cyberoam has more the web filtering, so if you want to block a website, it's easier in other solutions than in Cisco."
"The solution could cost less. It's a bit expensive right now."
"The training videos that are available need to be improved, and made more educative."
"We tried configuring the IDS for more than four months, but it did not work properly."
"I've noticed that the management interface could use some updates and upgrades."
"Juniper SRX's UI is very bad."
"IPS is one that I would definitely want to be improved. I would also like SSL VPN to be integrated."
"The CPU switch could be improved for a better overall performance of traffic flow."
"I would like them to add a dashboard because it's difficult to operate."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Juniper SRX Series Firewall is ranked 19th in Firewalls with 86 reviews. Cisco Secure Firewall is rated 8.2, while Juniper SRX Series Firewall is rated 7.8. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Juniper SRX Series Firewall writes "Highly scalable, user-friendly UI, and easy to maintain". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Juniper SRX Series Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Palo Alto Networks NG Firewalls, Check Point NGFW and Meraki MX. See our Cisco Secure Firewall vs. Juniper SRX Series Firewall report.
See our list of best Firewalls vendors and best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.