Juniper vSRX Reviews

One of Juniper vSRX's most valuable features is its integration with safety applications. It keeps the software secure from developers without relying on third-party solutions.

The biggest downside of Juniper vSRX is its pricing, which may be too high for smaller organizations. While it's a decent solution, the cost may limit its accessibility to smaller customers.

I have been working with the product for five to six years. 

The solution's stability is good. It responds very quickly in crisis situations, which might be partly because I know the team there and how to get the information I need.

The tool's scalability is good. 

I've seen really fast response times with Juniper vSRX. When there's a problem, it modifies the firmware quickly to respond to the threat. With Cisco, it can take months to make changes because their architecture is more complicated. Juniper vSRX and Fortinet are straightforward. 

Positive

I rate the overall solution a nine out of ten. 

I use the solution for network authentication, what you use while accessing the network. In general, controlling the traffic going inside the enterprise and off it.

I find the VPN and the cluster the most valuable features.

The syndication or domain controllers, quick policies, and user rules - like being able to see the IP source and destination could be improved. This feature already exists in Palo Alto.

They really need to improve the GUI.

The stability is getting better. It has got some bugs.

The scalability is good. It's very flexible, but the problem is the GUI is not very easy to use.

They have good technical support but we very rarely use technical support. We go through vendors.

We previously used Cisco.

The initial setup was very straightforward. There was no problem. The initial deployment took about one hour. One person is enough for deployment and maintenance.

I implemented the solution myself.

In Saudi Arabia, Juniper has a problem with marketing. They're less well known. A lot of companies are changing or going with Palo Alto.

With the GUI, the firewall is not easy to use. It doesn't cover all the features. Juniper should enhance the GUI, and make it easier to use. Both the firewall and virtual security are hard to use. It's not easy to configure it and not friendly to users.

I would advise for those thinking about using the product, to make sure they learn as much as possible, and also look to use a redundancy.

I would rate this solution seven out of 10.

We are Value Add Resellers and we provide the Cloud for our customers.

We set up Amazon Web Services as the cloud for our customers.

It's standard, with standard routing.

Juniper vSRX has everything at the moment; they are covering it all and getting into automation, which is great.

The dashboard, customization, API, and pricing are good.

VPN access is an area that needs improvement.

I have been using Juniper vSRX for four years.

This is a product that I have been using it ever since it was released.

This product is very stable.

Juniper vSRX is scalable. 

We have four users in our organization.

Technical support has been very supportive.

The initial setup was straightforward.

We did not use a vendor team, reseller, or an integrator. The implementation was done in-house.

The pricing is reasonable.

I can recommend Juniper vSRX to others who are looking at implementing it.

I would rate this solution an eight out of ten.

I can’t really say a firewall improves anything other than security, but we have been able to solve a lot of extranet connectivity issues with these firewalls that the bigger name devices didn’t handle so well.

It is bomb proof as seen by the fact they are still in production use today. A simple human friendly command structure, making CLI edits and debug sessions easy and quick, means that they just don’t fail.

The SRX is a different device. It is much more sensitive to unexpected power loss so we had to RMA several after unexpected site power outages. The command structure is also different so that I always need my cheat sheet when debugging on them.

The NSM is its own beast. It's a 10 when it’s running properly, gives you all the info you need easily to make and document edits and monitor status of devices, but keeping it running well is almost a job in itself. It doesn’t manage its own database very well and it gets slow and unresponsive, often requiring user intervention on the server backend.

Currently we use Juniper products, SSG and SRX firewalls in about a 50/50 mix both standalone and in HA clusters. We also use their NSM for device management and logging.

The SSG models are mostly EOL and are being replaced with new “Next Gen” firewalls. The SRX models will likely continue to be used internally as support will remain available for some time.

We only use the firewall and virtual router options and they do what we need:

• The firewall is easy to configure and testing shows we are blocking the threats.
• The virtual routers make this solution a one box answer for our needs and simplify our internal networking. As they are built into the devices, they allow you to move and separate traffic in a number of ways on one set of hardware.

They constitute a solid working solution that has been able to cope with any of the unique challenges that have come up.

While the OS supports a pretty full UTM option, we found in testing that the hardware was not powerful enough to run with all the bells and whistles turned on for the amount of traffic we process. So we use other hardware for those services meaning it’s not a deal breaker for us.

We have had no issues at all with the SSG models and the SRX model only had problems with sudden power loss occasionally.

The only issue was that the Network Security Manager (which is EOL) was sold as supporting over 125 devices. That may be true if you are just managing the configurations but once you add in monitoring and logging it’s really only happy with fewer than 40 devices, as the database grows too big to deal with and needs constant maintenance.

I would rate the technical support as average, as the calls were responded to quickly but as usual it depends on who you happen to get on the phone that day. Some were very good, others times I had to ask for a different engineer to join the call.

This solution was in place when I started so I cannot answer this question.

The setup was straightforward and to get into a cluster consists of about ten commands. The hardest part is deciding on active/active or active/passive for your solution.

I’m not involved in the financial side of the purchase. Our buyers handle that. Support and licensing comes in the usual tiers, SLA for repairs and/or options turned on in the device.

I know they left Check Point and looked at Cisco products before choosing Juniper, but that decision pre-dates my involvement.

I would say get an SSG but they are EOL so for the SRX make sure you have the recovery boot system configured and a way to remote console the device.
I know this sounds like a major problem but it’s not been that big an issue. We run HA and have same day replacement on them so if we lose one it’s not a major outage, just more work to do.

The primary use case of this solution is to load traffic for our RH team so that they can connect to our servers on our other sites. 

I load source addresses to connect to the destination address with applications such as HTTP, HTTPs, and SSH to connect the servers to the RH team.

The flexibility of the commit check and the commit confirmed commands is very good. The design of the forwarding plane and the control plane in the operating system is very important in performing when we have a large amount of traffic.

The architecture of the OS in Juniper is very good. It's flexibility, scalability, and the technicality are also good.

The support can be improved. 

The GUI needs to be improved, as Cisco is more advanced with their ASDM platform.

In the next release, I would like to see improvements made to the GUI because it isn't very good.

I would like them to discard some of the existing commands because we have to delete them. It should be more practical.

I have been working with Juniper for more than two years.

The versions that I have worked with are the SRX 550, 3600 and 5800.

This solution is scalable.

I have dealt with Cisco's Technical support as well as the Technical support from Juniper, and there are some differences. Cisco is more available, and the degree of competence regarding our case is better.

We have used both Cisco and Juniper products. When comparing them, there are differences with the command line interface. Cisco is more advanced.

After some research, I think that the cost of Juniper is more than Check Point, Palo Alto, and Fortinet. 

I would recommend Juniper because they have a good product, especially the 5800 version. 

This is a good product for internet service providers.

I would rate this solution an eight out of ten.

My company is an IAP so we use the solution for virtual security to segregate work.

There are a few valuable features that offer very good quality on the solution. Especially NetScreen. We used to use NetScreen for the product line. It was a very mature solution, very robust, easy to configure, easy to manage, etc. It made it easy to do everything. 

We have some weird errors and some weird behavior on the solution occasionally. The device gets buggy without anyone touching it. It would work and then suddenly stop. Sometimes you need to just move the cards out and restart it again, and it will work. The solution itself, the hardware and the software, there must be some bugs that need to be dealt with. 

We are using high-end devices. For the high-end devices, all the features are there; we don't need more features. What we need are for the features we have to work exactly as we want them to. Especially on the IT desk. There's something wrong between the hardware and the software. As I mentioned, some hardware is not working correctly in some integrations, and I'm not sure why. 

Technical support is very bad. They never respond to any ticket you open, although we pay for the support. 

The initial setup was a little bit complex.

We used a consultant to assist with implementation. In retrospect, we probably could have handled it ourselves.

We use the on-premises deployment model.

I would rate the solution seven out of ten.

My primary use case for Juniper is to allow traffic for each team to reach servers on our other sites. I allow some source addresses to reach some destination addresses with some applications with HTTP, HTTPS, and SSH, to reach the service for each team.

Juniper is more flexible with the commit check and the commit confirmed command. The design of the forwarding and contract plan in the operating system is very important for the performance when we have very big traffic.

We worked with Cisco's support and Juniper's support and there are some differences, to be honest, Cisco is more available and is more competent at addressing our cases. So that is something negative about Juniper but otherwise, the architecture of Juniper's OS is flexible and scalable and technically Juniper is good.

The GUI is really bad. Cisco's is more advanced with their ASDM platforms. Cisco has more advantages.

I have been using this solution for more than two years. 

We also used Cisco. There are some differences in the command-line interface.

I would rate Juniper an eight out of ten. In the next release, I would like to see an enhanced GUI, graphic user interface, because the graphic user interface is very bad.

They should also discard some existing commands that we have to delete before the commands. Cisco is more practical.

I would recommend Juniper because they have a very good product. Especially, the 5800 product is a very good product for an internet service provider.

On the cloud, we use it to test functionality.

Our company is in a proof of concept mode with this product. We have not selected it yet.

• Security posture
• VPN

The GUI interface needs improvement. It also needs improvement with the VPCs.

Because we are in proof of concept, the stability hasn't been stressed more than 30 percent.

The scalability is okay. 

The size of our environment is 46 offices.

The technical support has been good.

The integration and configuration with AWS was excellent.

Our experience purchasing the solution through the AWS Marketplace was good.

We like pricing through the AWS Marketplace.

We also were considering Palo Alto Networks.

Look at this product and Palo Alto's product, then do a deep comparison analysis.

It integrates with our VPC and Direct Connect Gateway.

I am also using it on-premise. Compared to the AWS version, it is pretty transparent.