Results 1 to 13 of 13
  1. #1
    Join Date
    Aug 2003
    Location
    Singapore
    Posts
    422

    Firewall: Juniper SSG140 and Cisco 1841

    Hey,

    Have anyone heard about these firewalls? Are they good enough as a firewall and which do you think is better?
    Jackson Yap
    APC Hosting
    http://www.apc.sg/

  2. #2
    Join Date
    Dec 2005
    Location
    NYC
    Posts
    428
    The Cisco 1841 is not a firewall it is an integrated services router. I would more appropriately compare the ssg to the cisco asa product family.
    Edge 1, LLC
    http://www.edge1.net | 800.392.2349
    Cisco SMARTnet & Licensing Specialists | Datacenter/Network Design & Management Consulting | Cisco New & Certified Refurb Equipment Sales

  3. #3
    Join Date
    Oct 2002
    Posts
    351
    How much throughput do you need? Do you know screenos or cisco ios more? 1800 series is an ISR that can do the zone-based firewall.

    SSG140 will do tons more throughput for sure, 1841 is not that beefy of a router at all. I also believe the 1841(all 1800 series for that matter) is EOL. We where looking at the 1811's for some remote sites but they are EOS next month, so we are now looking at the cisco 891.

    We looked at ssg5's but the cost savings wasnt really there as we are a cisco shop and it would require a LOT of extra time to learn screenos well enough to support it.

    FYI smartnet on the 891 is really cheap.

  4. #4
    Join Date
    Oct 2002
    Posts
    351
    Quote Originally Posted by sct4a View Post
    The Cisco 1841 is not a firewall it is an integrated services router. I would more appropriately compare the ssg to the cisco asa product family.
    I would agree with this, it depends on what your planned uses are for it. If its only firewall then you should be looking at the asa series.

  5. #5
    Join Date
    Nov 2009
    Location
    Cincinnati
    Posts
    1,585
    Wouldn't an SRX be a better choice?
    'Ripcord'ing is the only way!

  6. #6
    Join Date
    Mar 2006
    Location
    Reston, VA
    Posts
    3,131
    SRX is the juniper new line of firewalls, SSG's are a great firewall and much easier to work with than SRX, the SRX has a better interface now than before but runs on JuneOS vs the ssg which is screenOS

    If you want cisco ASA is the only thing out unless you find some EOL'd PIX's. which I would suggest against.
    Yellow Fiber Networks
    http://www.yellowfiber.net : Managed Solutions - Colocation - Network Services IPv4/IPv6
    Ashburn/Denver/NYC/Dallas/Chicago Markets Served zak@yellowfiber.net

  7. #7
    Join Date
    Nov 2009
    Location
    Cincinnati
    Posts
    1,585
    SRX are all policy driven, they can a bit complicated to setup but its rather straight forward once it *clicks*.

    We use SRX between data center for connectivity over an IPSEC tunnel.

    I would stick with SSG or SRX.
    'Ripcord'ing is the only way!

  8. #8
    Join Date
    Aug 2003
    Location
    Singapore
    Posts
    422
    Thanks! So SSG will be much better as a firewall. But is it easy to use the functions and set rules and policies?

    Do I have to buy update for the antivirus and antispam protection etc?
    Jackson Yap
    APC Hosting
    http://www.apc.sg/

  9. #9
    Join Date
    Aug 2009
    Location
    Orlando, FL
    Posts
    1,063
    The SSG has the best web-interface IMHO. You can do 95% of everything you need from the webUI. Like everyone said, the SSG and 1800 series aren't apples to apples. The SSG is a true firewall. I have many SSGs deployed in offices and data centers. Everything from the SSG5 to the SSG550.

    As far as the SRX goes, I would stay away from them for a little while longer. About a year ago I was thinking about getting some, but ended up getting two SSG 320s. The forums and even Juniper rep I spoke with said they just aren't stable enough to use in full production. Some features were buggy at best, and some things flat out didn't work. It has gotten better over last year, but I recently asked some others using them and suggest I still wait a little longer.

  10. #10
    Join Date
    May 2005
    Location
    Bay Area
    Posts
    1,211
    The SRX's were extremely buggy a year or so ago, but juniper has done a great job of fixing up all its quirks. Personally, ScreenOS drives me crazy; once you get the hang of JunOS (really not hard) you will never go back. Something like an SRX240 should be around the same price range, or close to it. I suppose though if you don't need to do anything other than firewalling, no reason not to stick with an ssg.

  11. #11
    Join Date
    Mar 2006
    Location
    Reston, VA
    Posts
    3,131
    Quote Originally Posted by RackPoint-Morgan View Post
    The SRX's were extremely buggy a year or so ago, but juniper has done a great job of fixing up all its quirks. Personally, ScreenOS drives me crazy; once you get the hang of JunOS (really not hard) you will never go back. Something like an SRX240 should be around the same price range, or close to it. I suppose though if you don't need to do anything other than firewalling, no reason not to stick with an ssg.

    The SRX can be used in two modes, flow and per-packet, per packet mode the lower end SRX's can make great CPE/NID devices and peal off mpls, i.e handle L2VPN just fine and dandy and are very very inexpensive.

    Bang for the buck the SRX has by far more capacity/throughput vs its competitors
    Yellow Fiber Networks
    http://www.yellowfiber.net : Managed Solutions - Colocation - Network Services IPv4/IPv6
    Ashburn/Denver/NYC/Dallas/Chicago Markets Served zak@yellowfiber.net

  12. #12
    Join Date
    Jun 2006
    Location
    Calgary, Alberta
    Posts
    688
    How do the SRX's compare to the Cisco counter parts?

  13. #13
    Join Date
    Aug 2009
    Location
    Orlando, FL
    Posts
    1,063
    Quote Originally Posted by benj114 View Post
    How do the SRX's compare to the Cisco counter parts?
    As far as I know, Cisco doesn't have a product like the SRX. The SRX is basically a full-featured router and firewall in one.

Similar Threads

  1. Juniper and Cisco
    By darkflow in forum Web Hosting Hardware
    Replies: 2
    Last Post: 10-31-2010, 12:12 PM
  2. Juniper University - L3 Stackables - Juniper EX4200 vs. Cisco 3750G/E/X
    By JH GLCOMP in forum Other Web Hosting Related Offers
    Replies: 2
    Last Post: 08-09-2010, 12:18 PM
  3. Juniper or Cisco
    By brendanm in forum Hosting Security and Technology
    Replies: 16
    Last Post: 01-11-2004, 09:52 AM
  4. Replies: 4
    Last Post: 10-10-2002, 11:53 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •