RE: Cisco vs Adtran vs Juniper

["Paul Stewart" <pstewart () nexicomgroup net>]

Thanks very much.... we're looking a series of models currently and all
the feedback I've received so far has been extremely helpful...

Best regards!

Paul


-----Original Message-----
From: Matthew Elmore [mailto:nanog () mattelmore com]
Sent: Monday, July 21, 2008 9:19 AM
To: nanog
Subject: Re: Cisco vs Adtran vs Juniper

On Jul 18, 2008, at 10:49 AM, Eric Van Tol wrote:
> > I'm looking for some constructive feedback on **real world**
> > experiences
> > please...
>
>
> We're split pretty evenly between Cisco and Juniper boxes and are
> happy with both.  It all really depends on the services you want to
> sell or support for your customers, as each box can do different
> things.

I've been using both these boxes for a while, the SSGs in particular,
so I'll chime in.

Eric is right, the WebUI for ScreenOS is not very good, but it's far
better than any of the interfaces I've seen on any other security
devices. It has its quirks, but it does get the job done.

I have no complaints about the SSG hardware, you get decent port
density across the line and 90% of the functionality you will want is
there out of the box with no additional licensing required (stateful
firewall, IPSec, all routing protocols, etc). Don't bother with the
Antivirus and Antispam on ScreenOS, it sucks and Juniper knows it. The
web filtering works pretty well, though.

They're very flexible with regards to interoperability with other
vendors (even Cisco). I've connected one to just about every vendor
imaginable and there is always a way to make it work.

If you're looking for a cheap router/firewall/VPN box, then the SSGs
from Juniper are the way to go right now. JunOS Enhanced Services
could make our lives even better too...

> Both Cisco and Juniper offer great options for this.  CPE from both
> is typically very solid.  Juniper has the added benefit of being
> able to convert their J-series boxes to Netscreen SSG firewalls and
> the cards are interchangeable between the security/J-series
> platforms.  Of course, this does cost you in license fees.  NAT on
> the J-series is a pain to set up and unfortunately, the default 256M
> flash on them is just too small to support an easy JUNOS upgrade.
> >

What he said -- with the J series you get JunOS and now JunOS Enhanced
Services, so you get a full-fledged firewall as well. No need to
convert them to ScreenOS (unless you need a feature that hasn't been
ported from ScreenOS to JunOS ES yet). The only thing I really don't
like in the J series is the lack of a non rack mount form factor. A
lot of small and branch offices don't necessarily have racks and it
can be cumbersome to convince someone they need a 19" wide noisebox to
be their router.

More on JunOS ES:
http://www.juniper.net/techpubs/software/junos-es/

Regards,
M



No virus found in this incoming message.
Checked by AVG - http://www.avg.com
Version: 8.0.138 / Virus Database: 270.5.3/1564 - Release Date:
7/21/2008 6:42 AM




----------------------------------------------------------------------------

"The information transmitted is intended only for the person or entity to which it is addressed and contains 
confidential and/or privileged material. If you received this in error, please contact the sender immediately and then 
destroy this transmission, including all attachments, without copying, distributing or disclosing same. Thank you."