We performed a comparison between Cisco Secure Firewall vs Juniper SRX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. Each of them have a good set of features, and the solution you choose will ultimately be dependent on your company’s specific preferences and requirements.
"The user interface (UI) is very, very good."
"The security features are about the best that I've seen anywhere."
"Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution."
"The features that I have found most valuable are the SD-WAN and their IP4 policy."
"I think that the UTM features are the most value, as it truly protects my infrastructure."
"The stability and scalability of this solution are satisfactory. Its SD-WAN, VPN, and URL filtering features are very useful."
"We use a lot of function on the IPS and it works well for us."
"We have been able to offer several services to customers in a single box."
"We have been using a 5520 for seven years in our datacenter and we are satisfied by this version."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"It's a flexible solution."
"Beats sophisticated cyber attacks with a superior security appliance."
"The most valuable features are the IPsec VPN and web filtering."
"The most valuable feature of this solution is its ability to integrate vertically."
"I work with Cisco and other partners, but the Cisco team is the best team in our country. When I call them, they always help us."
"When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well."
"I like the Junos OS, which has been very good for me. It's very clever."
"Juniper is a highly flexible platform, and you get more bang for your buck compared to a Cisco product."
"Using a Juniper CLI, you configure a "candidate configuration", then "commit" it to bring it live. If you do not like it or messed up something, you just "rollback" to the previous configuration. It can all be done in a matter of minutes. This is super handy once you get use to it."
"You can scale the solution."
"The scalability is fine."
"It provides good routing and high performance of the data center."
"Juniper has the "recovery safety feature", so if you perform a "commit confirmed" and the new configuration disconnects you. then there is no "confirmed" command with X mins (default = 10 mins). It automatically reverts (recovers) to the previous configuration. This is handy for when you do not want to make that trip down range just to reboot a router."
"One of Juniper SRX's most valuable features is the site-to-site VPN."
"I would like to see more advanced developments of a wireless controller in the future."
"Compared to some other products, the DLP is not at par for the moment."
"Fortinet FortiGate could improve if it had a cloud-managed solution."
"The graphical user interface of Fortinet's FortiGate product does not function well with text-based interfaces."
"The firewall engine is not so strong as of now, in my opinion... My second concern is that, while they have Zero-day vulnerability and anti-malware features, the threat engine needs to be strengthened, its efficiency can be increased."
"It should come integrated or have its own type of network monitor tool in a module. There should just be one package, and you are good to go."
"We have an issue with hotel guest vouchers."
"One issue that I have had is that sometimes I need to monitor the traffic, so I need to filter it according to the user and which user is using it the most. I experience a bottleneck most of the time, particularly at the peak time when the number of contracts and users are at maximum."
"Cisco is still catching up with its Firepower Next-Generation firewalls."
"MSSP oriented interface: I would like a single console which would allow me to manage settings creating consistency across all customers."
"The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team."
"Most of the time, when I try to run Java, it is not compatible with ASA's current operating systems."
"Its configuration through GUI as well as CLI can be improved and made easier."
"We had an event recently where we had inbound traffic for SIP and we experienced an attack against our SIP endpoint, such that they were able to successfully make calls out... Both CTR, which is gathering data from multiple solutions that the vendor provides, as well as the FMC events connection, did not show any of those connections because there was not a NAT inbound which said either allow it or deny it."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"I would like the ability to drill down into certain reports because currently, that cannot be done."
"The user interface and the GUI need improvement."
"The GUI needs improvement."
"The solution isn't very granular or detailed."
"I think improvement can be done to the security part, particularly the UDM, and the product should have a user-friendly interface similar to FortiGate. It should have the Azure RBAC in the next release."
"There is room for improvement in scalability and performance. It's scalable and reliable, but when using next-generation firewall features, the performance decreases significantly for Juniper SRX."
"Juniper SRX's UI is very bad."
"Improvements can be made to the GUI. The GUI can be improved by creating policies to handle IPS requirements. The configuration should be a one-step process. This would make it easier to complete the setup to register the time of operation."
"In some cases, customers encounter issues related to network interfaces, while others prioritize security concerns."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Juniper SRX Series Firewall is ranked 18th in Firewalls with 86 reviews. Cisco Secure Firewall is rated 8.2, while Juniper SRX Series Firewall is rated 7.8. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Juniper SRX Series Firewall writes "Highly scalable, user-friendly UI, and easy to maintain". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Check Point NGFW, whereas Juniper SRX Series Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Palo Alto Networks NG Firewalls, Check Point NGFW and Meraki MX. See our Cisco Secure Firewall vs. Juniper SRX Series Firewall report.
See our list of best Firewalls vendors and best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.