Educause Security Discussion mailing list archives
Re: Juniper SRX Firewall
From: Julian Y Koh <kohster () NORTHWESTERN EDU>
Date: Fri, 15 Aug 2014 18:21:20 +0000
On Fri Aug 15 2014 12:58:29 CDT, Ying Zhang <yingzh () UNB CA> wrote:
We are currently using a pair of Juniper NetScreen 5400 and are thinking about a replacement. I’ve seen a lot of positive feedbacks on the PaloAlto firewall on the list. But it also comes with a big price tag. Comparatively Juniper SRX is much affordable. Just wondering if anyone out there used or are still using SRX, and how do you like it? Especially for those who used both, how do you compare them? Any feedback is appreciated.
We use SRX’s for our data center firewalls as well as for many of our little departmental-level firewalls (also have a bunch of ScreenOS devices left in that role as well). We have a Palo Alto 5060 cluster at our border that we are using primarily as an IPS, not a firewall. The SRX line has been quite solid for us as a pure traditional firewall platform. The PA brings in all of the “next generation firewall” buzzword features that are very interesting in terms of application level filtering and the like. We’ve had some stability issues on the PA platform, but we are working through those and generally have been gaining some confidence in it. There has been a definite new benefit/feature that we’ve been using heavily for URL filtering to help reduce our exposure to phishing messages. We’ve also moved some of the filters that we previously had at our border router to the PA as well. So in short, it’s hard to make a direct comparison in our case since our use cases for the platforms are different, but both are working well for us at the moment. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html>
Current thread:
- Juniper SRX Firewall Ying Zhang (Aug 15)
- Re: Juniper SRX Firewall Julian Y Koh (Aug 15)
- Re: Juniper SRX Firewall Roger A Safian (Aug 18)
- Re: Juniper SRX Firewall Ying Zhang (Aug 18)