Educause Security Discussion mailing list archives
Re: juniper srx 3400/3600 vs. cisco asa 5580
From: Dexter Caldwell <Dexter.Caldwell () FURMAN EDU>
Date: Wed, 19 May 2010 14:23:56 -0400
I haven't managed any Srx Series Junipers or 5580 ASAs, however, we do have ISG Series (1000-Advanced, 2000-Advanced) Juniper firewalls and few ASA 5540s. I like the Junipers better for managing a lot of polices, and performance-wise they're basically asleep (asic-based). , but the ASAs are solid too. Cisco ASDM (management software) can be daunting, but a good effort for Cisco's usual web interface reputation. The occasional firmware update from Juniper can be problematic if you don't read the release notes prior to see if anything affects your environment. Support is also pretty accessible and pretty good with Juniper. On firmware, I seldom have anything other than a good experience, because I usually call engineering and ask which version is really the best from a support standpoint - despite the recommended version posted on the web, among other typical homework items. ASAs to me can be a little trickier to figure out but I like them. More importantly I'm not so much on dealing with TAC (Cisco support). It's generally a pain anytime I have to do it- The silly website areas, the levels of beauracy, Licensing issues with resellers and CCO account and licensing issues. It's just generally a pain. I really like Cisco equipment, but no love affair with support. That said when you get to an engineer they can usually help you. If you're used to Cisco already, then this point will likely be moot for you. Keep in mind, I can only comment on the Juniper ISG platform which is running ScreenOS, not the SRX models. I think the ASA platform is pretty nice, but it's probably less intuitive/more complicated to pick up. If you are familiar with Cisco products you might prefer it somewhat. D/C The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> writes:
I am looking for advice/likes and dislikes/comparisons/comments from anyone with experience with either or both of these firewall models in the areas of software/hardware support, ease of administration, code complexity, available feature sets, expandability, or anything else you feel is pertinent like any differences you see between juniper and cisco regardless of the equipment. thanks for the input. Michael Renne Network Analyst College of Liberal Arts 127 Sparks phone: 865-5889 help desk: 865-3412
Current thread:
- juniper srx 3400/3600 vs. cisco asa 5580 Michael Renne (May 19)
- <Possible follow-ups>
- Re: juniper srx 3400/3600 vs. cisco asa 5580 Razi Ahmad (May 19)
- Re: juniper srx 3400/3600 vs. cisco asa 5580 Julian Y. Koh (May 19)
- Re: juniper srx 3400/3600 vs. cisco asa 5580 Mike Patterson (May 19)
- Re: juniper srx 3400/3600 vs. cisco asa 5580 Dexter Caldwell (May 19)