Juniper SSG5 vs. Sophos UTM 220

Posted on 2012-08-30
Last Modified: 2012-09-04
We currently have 2 Juniper SSG5's setup in Active/Passover High availabilty setup.  We want to upgrade the devices to get more IPS capabilities and are looking at the Sophos UTM 220 with Network Security license/package.  I know it has HA support as well.

For anyone that has experience with both or with just one and knows about the other, I'd like to find out more information about how these devices compare to each other?  In particular, which one can hanlde more load (it will be used at our Data Center for our web applications. It will not be used for web application  filtering (just yet) or website (http/https) filtering (going out), or email filtering).  Is the management of one better than the other or is there something you like better about one?  Any other info on comparing these 2 devices would be helpful.

Question by:sliknick1028
    LVL 60

    Expert Comment

    I am not a user of those UTM but thought this link can help to sieve further. Note that Sophos bought over AStaro, so I see it as their representative. There is a small table test finding on recovery time, although the actual product is not listed but the criteria to lookout such as clustering and time to recovery are something to ask further from vendor. Importantly, it the proper failover and clustering need to be assure..we cannot expect both being claiming a Node master (become two FW)

    The argument here is that any performance benefits achieved from an active/active configuration would pale in comparison to the guarantee that when a HA event occurs to an active/passive configuration, you'll still have just as good performance as before the event. Because a typical HA event might be a hardware failure that could take a box out for 24 to 72 hours, having the same performance before and after would be pretty important.

    A more comprehensive list here
    LVL 60

    Accepted Solution

    Maybe old but thought just for info on SSG series

    Although there's not an open source utility in sight these security services are pretty much standard across a range of vendors but Juniper's deep inspection capabilities make the SSG family stand out. The appliance benefits from protocol anomaly detection and signature inspection which have been taken from Juniper's IDP platforms. The former compares protocols with their RFC to ensure they conform whilst the latter looks for known attacks in the relevant parts of each packet. For example, signature inspection will look in the control portions of an email for a potential attack but not in the header or message body.

    Author Closing Comment

    Thanks for the info!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Suggested Solutions

    In every aspect, security is essential for your business, and for that matter you need to always keep an eye on it. The same can be said about your computer network system too. Your computer network is prone to various malware and security threats t…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    12 Experts available now in Live!

    Get 1:1 Help Now