• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2269
  • Last Modified:

Cisco vs Juniper Firewalls

Hi,
I am looking for some education about the differences in ios systems of cisco and juniper networks. I have a some knowledge and experinces in configuring cisco asa, pix and other routers and switches but i have not done any junipers, so in an attempt not to look like a complete idiot i am looking for some good sites i can look at to learn about juniper and its ios. Any suggestions, i have done a traditional google search.
0
jasonpiper01
Asked:
jasonpiper01
3 Solutions
 
Istvan KalmarCommented:
Hi,

Please refer this page about coparsion:

http://www.netxg.com/Products/Juniper/Firewall-Security/SSG_ASA_CompChart.html

I like ASA, I advise to use it if you have deep knowledge...

Best regards,
Istvan
0
 
szfecoCommented:
hi
for Junos visit this site:
https://learningportal.juniper.net/juniper/user_fasttrack_home.aspx

after registration you can download more study materials, and after passing the preassesment test you can get 50% discount on the prometric exam (JNCIS-SEC)

you can also find some other tracks there.

if you need docu on juniper netscreen boxes i will ask my colleague i think he has some learning stuff.

HTH
szfeco
0
 
jasonpiper01Author Commented:
Thanks guys, i actually have a CCNA but the upper management wants to use juniper equipment. So i am forced to learn this equipment on the fly. I just want to get a head up on learning about them before we start to deploy them.
0
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

 
QlemoC++ DeveloperCommented:
For ScreenOS (Juniper SSG devices), you can have several looks at the Concepts & Examples (http://www.juniper.net/techpubs/software/screenos/screenos6.3.0/index.html). Each part can be read (almost) independently from the others. You get a good impression how that OS is structured in relation to definitions.
0
 
Cyclops3590Commented:
keep in mind that ScreenOS is on the way out in favor of JUNOS-ES.  Also, their SNMP isn't as good as Cisco.  The Juniper SRX appears to be the replacement for the Netscreens and so far doesn't support IPv6 last I checked (some one correct me if I'm wrong).

Personally, I would go with the ASA.  Junipers are cheaper and personally I do like their JUNOS devices.  However, their SSL VPN and their firewalls worth the price difference IMHO.  If you don't care about management or monitoring of the devices, but only the functionality, then Junipers may be for you though.

Finally, if you are planning on using the Juniper configuration management platform, NSM, it is not very good either for non-firewall devices.
0
 
jasonpiper01Author Commented:
Sorry guys, i just havent had a chance to actually use the knowledge here, tomorrow i will have a meeting with the boss and i hope to award points this week.
0
 
deimarkCommented:
To add to some of the comments above.

SRX does support IPv6
Screenos is not quite on its way out as yet, although Juniper have definitely preferred junos and is throwing most of its resources to junos.  Screenos will have to be around for another couple of years as a minimum as there are some pretty big customers out that use screenos as its security certified (EAL et al) and given that any new certification can take up to 2 years to acquire, juniper will need to support screenos for a wee while yet.

So for Juniper we have the following:

SSG/ISG running screenos
NS 5000 series running screenos
J series running junos
SRX running junos

If you are getting new kit, I would recommend going for the Junos based, with SRX preferred

I also agree that sadly neither junos nor screenos offers SSL VPN functionality at all, Junipers answer is that they sell a very good SSL VPN appliance.  TBH, it is a great piece of kit and knocks the socks off any competitor, but the lack of SSL VPN on a firewall can make a difference to a tender.

HTH
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now