If you were talking to someone whose organization is considering Juniper SRX, what would you say?
How would you rate it and why? Any other tips or advice?
Overall, this is a really good product. I would rate this solution an eight out of ten.
At the moment the solution satisfies our needs. There are no extra features that we need at the moment. I would rate this solution 8.5 out of 10 because it seems to satisfy our needs. Everything seems good and works fine.
I would rate this solution a 7 out of 10.
I find that the interfaces are okay. The big thing is performance. With all the features turned on it slows down. The advice I would give to everyone is to specify a larger box than you think you need. Due to the performance indications, I'd rate this product as a 7 out of 10.
We have found this solution to be easy to implement and easy to use. It is a little more expensive than some products, but it is worth the investment. I would rate this solution an eight out of ten.
If you're looking for a product that can give you routing as well as security services, and you're not looking for too much taxing on the security part, I guess this is a good product. If, however, you're looking for security services on a greater edge, maybe something like next-gen firewall features, referencing services, or IPS to a greater level, I would recommend going with other security products. If you want integration of both, you can use this, and maybe if you evaluate, or move forward with better services over a period of time and better models of that, maybe this is something that you can always look for both, routing as well as security services. SRX is a security product that's not that good on security, but it's good at routing, so they actually balance out. I would rate them around six of ten. Cisco does one thing right. Cisco has AnyConnect so they can fully integrate SSL routing services. Previously Juniper used to have Pulse Secure and MAG devices. They sold it off to Pulse Secure, but maybe they could try to integrate SSL VPN with their products. Maybe that would help them increase market share.
My advice is to make sure that you have local support because it is very important. Juniper does have some good options in terms of support. This is not a perfect solution because I think that there is still room for improvement, but I think it is the best solution that I have tested for MBPN. I would rate this solution an eight and a half out of ten.
This solution is really nice to use. It's very similar in terms of capabilities to a Cisco, but it's just that the operating system is so much nicer to use. I would say that you need some time to get comfortable with the operating system if you've never used it before, but don't let that scare you. Buy it and put it on your desk for a week, then play with it. If you've got a live environment or if you've got some type of simulation you can set it up in, it won't take long and you can feel comfortable using it. I would rate this product an eight and a half out of ten.
Further advice regarding this solution is that anyone planning to implement this product should understand the Juniper suite. They should understand the firewall concept, Juniper configuration, and the command line. They need previous experience with Juniper products. On a scale from one to ten, one being the worst and ten being the best I'd give Juniper SRX an overall rating of eight because of its' competitive price. But it's a very complex product compared with other similar products.
Make sure to have skilled local support. We are planning to move to the bigger version of Juniper SRX later this year (SRX5800). We are also planning to move to IPv6.
Juniper is good at the routing protocol. If you want a solution to protect your environment from the internet, I would propose a firewall gateway solution but ultimately it depends on what the customer needs. We are partnered with Juniper, so if customers ask for a firewall solution, the first solution that we pick is generally a Juniper firewall. If a customer wants a firewall other than Juniper, we offer it. Usually, we will do a firewall like FortiGate or Palo Alto, if the customer has enough money, as Palo Alto is very expensive.
You have to be aware of Linux commands, which will make you able to use this device, like exporting file, saving file, monitoring your logs, and making a new script.
You need to know what your company's strategic vision is, and then map the security part of that. I don't just mean cost-related, but the strategy for profit-related future ventures. You need to know why you want a particular firewall. Don't ignore the functions and future growth and products on the horizon from each of the vendors. What you go with has to meet your current needs but, more importantly, is the company a going concern - meaning if they're going to get better - then how do they complement your particular industry's growth? Are they going to be there to make remote access and extranets and research easier to deliver? The product has to be configurable, with lots of options should you need to subscribe to those options. The most important criterion, for me, when selecting a vendor is that they have to rank high in industry ratings. Juniper has just not been there. I haven't seen the 2018 reports, but year after year Juniper is not only the least visionary but one of the least in terms of performance. I also don't like the fact that they spun off their VPN to Pulse Secure. I know that's a subsidiary, but I don't necessarily want to have a separate appliance for a light-duty VPN. I would rate Juniper at seven out of 10. It's a little harder to configure from a VPN perspective, VPN Tunnels. Their tech support is the big problem for me. I don't want to be bounced around. I don't want to get half an answer when I ask a whole question. I would take an inferior product with better tech support, without question. If I have a responsive engineering team that will fix problems when they come in, with firmware releases, etc., I'd clearly take an inferior product with that better support. It's all about function. I probably wouldn't have chosen the Juniper in this environment. We just don't need yet another knowledge base to learn. And it doesn't fold into some of our Cisco services. For example, the assets control doesn't integrate well with the Radius servers. Something like that could be downloadable ACLs, for instance.
They can use the Juniper SRX as a data center firewall. Juniper needs to focus more on their perimeter firewalls. Our most important criteria is to look for 24-hour support, prices, partnerships, and what they offer to partners. Also, we want to know if the product can function with Juniper.
It crashed, and we could not change it for some reason. I don't want to keep Juniper within my network anymore. Most important criteria when selecting a vendor: * Dedicated support team * Easy configuration.