[c-nsp] Cisco FWSM vs Juniper NetScreen 5400
jason.plank at comcast.net
jason.plank at comcast.net
Thu Aug 9 09:14:03 EDT 2007
Maybe there are different degrees of sucking, but juniper support is absolutely horrid.
As far as which vendor I would go with, it probably depends on $$$ and throughput demands. Junipers firewalls kick Cisco's ass in terms of throughput (Although I hear a newer products coming in the fall...). If the expectation is to run a routing protocol on the firewall, and you are stuck on EIGRP that's obviously an issue.
If you can afford the extra money for the juniper it's a nice product. If you grow your infrastructure - do yourself a favor and stay the f!ck away from NSM.
--
Regards,
Jason Plank
CCIE #16560
e: jason.plank at comcast.net
-------------- Original message ----------------------
From: Gert Doering <gert at greenie.muc.de>
> Hi,
>
> On Thu, Aug 09, 2007 at 06:43:28PM +1000, Dale Shaw wrote:
> > Alas, the routing protocol is EIGRP. This shouldn't pose too much of a
> > problem though as I only need to segment about 20 VLANs.
>
> Well, it will be for the Netscreen - it can only do OSPF or RIP (and BGP).
>
> Besides this, I really hate PIXen, and Netscreens mostly are a pleasure
> to work with. They have a few design quirks that you need to get used to
> (like: for established state, the session table is consulted before the
> routing table, so some things work in surprising ways, if your routing
> is asymmetric) - but that's like "for a PIX, everything is a NAT", it
> needs getting used to.
>
> Netscreen tech support sucks, but it's no worse than TAC.
>
> 10G on Netscreens is going to cost two arms and a leg. At least.
>
> gert
> --
> USENET is *not* the non-clickable part of WWW!
> //www.muc.de/~gert/
> Gert Doering - Munich, Germany gert at greenie.muc.de
> fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list