Compare Juniper SRX vs. WatchGuard Firebox

Cancel
You must select at least 2 products to compare!
Most Helpful Review
Shashidhara B N
Find out what your peers are saying about Juniper SRX vs. WatchGuard Firebox and other solutions. Updated: September 2020.
437,557 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
Unfortunately in Cisco, only the hardware was good.The traffic inspection and the Firepower engine are the most valuable features. It gives you full details, application details, traffic monitoring, and the threats. It gives you all the containers the user is using, especially at the application level. The solution also provides application visibility and control.If we look at the Cisco ASA without Firepower, then one of the most valuable features is the URL filtering.It's easy to integrate ASA with other Cisco security products. When you understand the technology, it's not a big deal. It's very simple.The benefits we see from the ASA are connected to teleworking as well as, of course, having the basic functionality of a firewall in place and the prevention of attacks.On the network side, where you create your rules for allowing traffic — what can come inside and what can go out — that works perfectly, if you know what you want to achieve. It protects you.If you have a solution that is creating a script and you need to deploy many implementations, you can create a script in the device and it will be the same for all. After that, you just have to do the fine tuning.They provide DDoS protection and multi-factor authentication. That is a good option as it enables work-from-home functionality.

More Cisco Adaptive Security Appliance (ASA) Firewall Pros »

Juniper is one of the most powerful network security solutions while remaining simple to use, set up, and scale.The most valuable feature is the licensing scheme for security functions.Performance is a strong point.The EEE security controls allow us to make policy restrictions, so I can customize port numbers to allow or limit control.It helped us with its routing capabilities which eased the cost, because otherwise I would have had to take a router and firewall, and then integrate it. With this, however, it was an integration of firewall and routing services all together in a single product. That was one thing that I loved about it.I like the routing and firewall features.The solution's stability is very good.I've found the security features, such as IDS and the VPN most valuable.

More Juniper SRX Pros »

The security that is used for defending from the attacks is very good.After conducting several tests I found the antivirus is working very well. Additionally, they have a very interesting feature, DNS WatchGuard, which is checking DNS requests for phishing, among other things, and it has caught a lot of unwanted attempts and attacks.It saves us time in the respect that we now have the template built for it so we can get in and get it done. We've had much less problem supporting Voice over IP technologies from different companies. Because our client base has grown over the years, we're probably saving 20 to 30 man-hours a month now that we've got this on a good stable level.Because we bought two firewalls... we need a central place to manage the policies and deploy them to both devices. It's good that it provides a system management console that is able to manipulate and manage policies in one place and deploy them to different locations.The solution simplifies my business. Normally, for administration, we are using NetApp System Manager on Window since it's easy to create new policies. In a short amount of time, you can create new policies based on new requirements. For example, in the last few months, many requirements changed due to the coronavirus, adding the use of new services, like Office 365, and eLearning tools, like Zoom.As a whole, it has a very low requirement for ongoing interaction. It's very self-sufficient. If properly patched, it has very high reliability. The total cost of ownership once deployed is very low.Among the most valuable features is the ease of use — love the interface — of both the web interface and of the WatchGuard System Manager.The most valuable feature is the NAT-ing, the IP addresses... We can direct the traffic where it needs to go. We can control the traffic.

More WatchGuard Firebox Pros »

Cons
In NGFW, Cisco should be aligned with the new technology and inspection intelligence because Cisco is far behind in this pipeline.Security generally requires integration with many devices, and the management side of that process could be enhanced somewhat. It would help if there was a clear view of the integrations and what the easiest way to do them is.One area where the ASA could be improved is that it doesn't have AMP. When you get an ASA with the Firepower model, ASA with FTD, then you have advanced malware protection.If I want to activate IPS features on it, I have to buy another license. If I want Cisco AnyConnect, I have to buy another license. That's where we have challenges.Cisco missed the mark with all the configuration steps. They are a pain and, when doing them, it looks as if we're using a very old technology — yet the technology itself is not old, it's very good. But the front-end configuration is very tough.Cisco provides us with application visibility and control, although it's not a complete solution compared to other vendors. Cisco needs to work on the application behavior side of things, in particular when it comes to the behavior of SSL traffic.It is expensive.We were also not too thrilled when Cisco announced that in the upcoming new-gen ASA, iOS was not going to be supported, or if you install them, they will not be able to be managed through the Sourcefire. However, it seems like Cisco is moving away from the ASA iOS to the Sourcefire FireSIGHT firmware for the ASA. We haven't had a chance to test it out.

More Cisco Adaptive Security Appliance (ASA) Firewall Cons »

It could have features that other products support like blade options and stand-alone endpoint security.In the next release, I would like to see the remote access client improved as well as improvements made to the administration GUI.There are a lot of features that customers do not know about and I think that better documentation would help when it comes to learning how to use the product.It should be easier to escalate support tickets.IPS is one that I would definitely want to be improved. I would also like SSL VPN to be integrated.The workplace management console needs improvement. It should be a little bit more developed. Also, the interface needs a bit more improvement.The big thing is performance. With all the features turned on it slows down.In terms of other features, I'd like to see a web filter, 10 point control, application control and a DNA filter in the next release.

More Juniper SRX Cons »

I would like to see the devices made more flexible by adding modules to increase the ports that we can use.I haven’t dug deeply into the reporting features yet or if they are working well. However, I have generated several reports and there was too much unnecessary information, in comparison with the reporting features in the Sophos firewall. Sophos' reporting is more readable and easier to configure.The pricing could be improved. It is definitely one of the more expensive products.The UI is not as user-friendly as the model that I had used before, which was from Check Point. The design of the Firebox UI is restricted and needs an experienced network guy to understand the format and settings.Sometimes I would like to copy a rule set from one box to another box in a direct way. This is a feature that is not present at the moment in WatchGuard.The data loss protection works well, but it could be easier to configure. The complexity of data loss protection makes it a more difficult feature to fully leverage. Better integration with third-party, two-factor authentication would be advantageous.If they could make the traffic monitoring easier that would be great. I don't use it that frequently, but I would like to see some improvements in the ease of use of that component, so it makes more sense. I know it's a technical component so there's going to be some difficulty trying to make that easier.I would like to see more tutorials on setting up the Firebox.

More WatchGuard Firebox Cons »

Pricing and Cost Advice
Always consider what you might need to reduce your wasted time and invest it in other solutions.There is room for improvement in the pricing when compared to the market. Although, when you compare the benefits of support from Cisco, you can adjust the value and it becomes comparable, because you usually need very good support. So you gain value there with this device.When it comes to Cisco, the price of everything is higher. Cisco firewalls are expensive, but we get support from Cisco, and that support is very active.It's a brilliant firewall, and the fact that it comes with a perpetual license really does go far in terms of helping the organization in not having to deal with those costs on an annual basis. That is a pain point when it comes to services like the ones we have on Fortigate. That's where we really give Cisco firewalls the thumbs up.Cisco is expensive, but you do get benefits for the price.In terms of costs, other solutions are more expensive than Cisco. Palo Alto is more expensive than Cisco.Pricing varies on the model and the features we are using. It could be anywhere from $600 to $1000 to up to $7,000 per year, depending on what model and what feature sets are available to us.We used Check Point and the two are comparable. Cost was really what put us onto the ASAs... the price tag for Check Point was exorbitantly more than what it is for the ASA solution.

More Cisco Adaptive Security Appliance (ASA) Firewall Pricing and Cost Advice »

Compared to other vendors, the pricing of this solution is good.There was no additional licensing cost because there were no IPS services. It was just a firewall IP circuit router so they have the default licensing. We just need to renew the support yearly.The price of this solution is more than other products, but it's stable, and the technical support is better than I have seen with others.While the price of support is expensive, the price of the solution, itself, is not.The pricing is perhaps half, probably forty percent, of Cisco.The direct support with Juniper is expensive. When you stop using the solution and miss one year of payments, if you want the support back on a specific node, they ask you to pay for the year that you haven't used the node.In terms of pricing, Juniper is in the middle. The most expensive firewall is Palo Alto. If a customer wants the cheapest price they should go for FortiGate. Juniper is in between these products.

More Juniper SRX Pricing and Cost Advice »

They license it. When we buy it, we buy it with a three-year license. That's the most cost-effective way to do it. So, if you're going to buy it, then buy it with the three-year licensing.WatchGuard had a very competitive price. It was only 10 to 20 percent more than a single instance device but with that extra cost it provided a second load balancing device... unlike other brands whose method of hardware and software licensing would have doubled our cost.I think the larger firewall packages are much better because a normal firewall is not enough for these times. You need IPS, APT, and all the security features of a firewall that you can buy.The pricing was in line with everyone else; maybe slightly higher.The pricing of WatchGuard is probably a little higher than the SonicWall, but it makes up for it in dependability. It's worth it to me, especially since it's not much higher. For just a little bit higher price you get the dependability of the firewall with the WatchGuard brand.I usually tell people that it's really affordable as well, particularly compared to Cisco.We don't have any other costs other than the licensing stuff.The cost was somewhere in the vicinity of $2,000 to $3,000 for each one...

More WatchGuard Firebox Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
437,557 professionals have used our research since 2012.
Questions from the Community
Top Answer: Fortinet FGs: Great devices, relatively easy to deploy and maintain. Cheaper than most devices of their kind. If you're looking for a lot of features at a relatively low price point this is the way to… more »
Top Answer: They provide DDoS protection and multi-factor authentication. That is a good option as it enables work-from-home functionality.
Top Answer: In terms of costs, other solutions are more expensive than Cisco. Palo Alto is more expensive than Cisco.
Top Answer: The EEE security controls allow us to make policy restrictions, so I can customize port numbers to allow or limit control.
Top Answer: When we first tested the serial interface on our model, it did not work. It should be easier to escalate support tickets.
Top Answer: We use Juniper for EEE routing and we also use the gateway feature.
Top Answer: I recently went from an M200 to M270 through their trade-up program. It cost a few dollars more than the subscription alone. I’m going to stay with WatchGuard, I've been a customer for the last 20… more »
Top Answer: The main reason we went with it was the security protocols. They were more robust on this device.
Top Answer: The pricing was in line with everyone else; maybe slightly higher. That's why it's not a 10 out of 10.
Popular Comparisons
Compared 34% of the time.
Compared 7% of the time.
Compared 4% of the time.
Compared 2% of the time.
Compared 14% of the time.
Compared 11% of the time.
Compared 10% of the time.
Also Known As
Cisco ASA Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire FirewallsSRX
Learn
Cisco
Juniper
WatchGuard
Overview

Cisco ASA firewalls deliver enterprise-class firewall functionality with highly scalable and flexible VPN capabilities to meet diverse needs, from small/branch offices to high performance data centers and service providers. Available in a wide range of models, Cisco ASA can be deployed as a physical or virtual appliance. Flexible VPN capabilities include support for remote access, site-to-site, and clientless VPN. Also, select appliances support clustering for increased performance, VPN load balancing to optimize available resources, advanced high availability configurations, and more.

Cisco ASAv is the virtualized version of the Cisco ASA firewall. Widely deployed in leading private and public clouds, Cisco ASAv is ideal for remote worker and multi-tenant environments. The solution scales up/down to meet performance requirements and high availability provides resilience. Also, Cisco ASAv can deliver micro-segmentation to protect east-west network traffic.

Cisco firewalls provide consistent security policies, enforcement, and protection across all your environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables greater simplicity, visibility, and efficiency.

Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

High-performance security with advanced, integrated threat intelligence, delivered on the industry's most scalable and resilient platform. SRX Series gateways set new benchmarks with 100GbE interfaces and feature Express Path technology, which enables up to 1 Tbps performance for the data center.

WatchGuard's approach to network security focuses on bringing best-in-class, enterprise-grade security to any organization, regardless of size or technical expertise. Ideal for SMBs and distributed enterprise organizations, our award-winning Unified Threat Management (UTM) appliances are designed from the ground up to focus on ease of deployment, use, and ongoing management, in addition to providing the strongest security possible.

Offer
Learn more about Cisco Adaptive Security Appliance (ASA) Firewall
Learn more about Juniper SRX
Learn more about WatchGuard Firebox
Sample Customers
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.7-Eleven, AARNet Pty Ltd, Allegro Networks, alltours GmbH, Apollo Hotel Papendrecht, Armstrong Atlantic State University, Atlantech Online, Availity, Bajaj Capital, Baloise Insurance, BancABC, BAS Group, Black Lotus, Blue Box, Borealis, Carilion Clinic, Catholic Health System, CATV, Champlain College, Chinas Ministry of Railways, China University of Mining and Technology (CUMT), Cloud Dynamics, CloudSeeds, Cloudwatt, CODONiS, Colt Technology Services, Cork Internet Exchange, CSS Versicherung AG, CyrusOne, Danish Crown, Deloitte Belgium, Department of Energy, Divona Telecom, DQE Communications, DreamHost, European Government Agency, Expedient, Financial Market Information Services Provider, Fluidata, Fonality, Fox Sports, Global Financial Institution, Global Investment Bank, Global Investment Company, Energy Sciences Network (ESnet), Goethe University, HEAnet, High Performance Networks Inc., HillenbrandEllips, Diecutstickers.com, Clarke Energy, NCR, Wrest Park, Homeslice Pizza, Fortessa Tableware Solutions, The Phoenix Residence
Top Industries
REVIEWERS
Financial Services Firm20%
Manufacturing Company10%
Comms Service Provider9%
University8%
VISITORS READING REVIEWS
Computer Software Company28%
Comms Service Provider22%
Media Company6%
Government5%
REVIEWERS
Comms Service Provider56%
Financial Services Firm17%
Energy/Utilities Company11%
Media Company6%
VISITORS READING REVIEWS
Computer Software Company32%
Comms Service Provider31%
Media Company7%
K 12 Educational Company Or School4%
REVIEWERS
Manufacturing Company21%
Construction Company11%
Healthcare Company11%
Retailer7%
VISITORS READING REVIEWS
Computer Software Company21%
Comms Service Provider17%
Media Company8%
Retailer7%
Company Size
REVIEWERS
Small Business35%
Midsize Enterprise25%
Large Enterprise40%
VISITORS READING REVIEWS
Small Business32%
Midsize Enterprise23%
Large Enterprise46%
REVIEWERS
Small Business42%
Midsize Enterprise16%
Large Enterprise42%
REVIEWERS
Small Business68%
Midsize Enterprise25%
Large Enterprise8%
Find out what your peers are saying about Juniper SRX vs. WatchGuard Firebox and other solutions. Updated: September 2020.
437,557 professionals have used our research since 2012.
Juniper SRX is ranked 9th in Firewalls with 18 reviews while WatchGuard Firebox is ranked 2nd in Unified Threat Management (UTM) with 38 reviews. Juniper SRX is rated 7.6, while WatchGuard Firebox is rated 9.0. The top reviewer of Juniper SRX writes "This best in class Next-Gen firewall is elegant in its ease-of-use and architecture". On the other hand, the top reviewer of WatchGuard Firebox writes "Geolocation allows us to lock down certain policies to only U.S. IPs". Juniper SRX is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, pfSense, Meraki MX and SonicWall TZ, whereas WatchGuard Firebox is most compared with Fortinet FortiGate, Sophos XG, pfSense, SonicWall NSA and Barracuda CloudGen Firewall. See our Juniper SRX vs. WatchGuard Firebox report.

See our list of best Firewalls vendors and best Unified Threat Management (UTM) vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.