[c-nsp] Juniper Netscreen SSG 140 versus Cisco ASA 5510 series

Phil Mayers p.mayers at imperial.ac.uk
Sat Jul 7 21:18:39 EDT 2007


On Sat, 2007-07-07 at 16:08 -0500, ChrisSerafin wrote:
> I'm a Cisco bigot, but when it comes to security, Cisco is lacking.  I 
> would go with a perimeter router for routing/BGP and a NS SSG for the 
> security portion. 

What you may not be aware of is that the recommended deployment mode for
a Juniper/Netscreen is routed; therefore if the OP is in a routed
network of any appreciable size, passing off the routing to something
else is unlikely to be on the table.

FWIW we run Juniper/Netscreens as eBGP routers between lots of MPLS VPN
VRFs and they work fine. I haven't used an ASA so can't compare.

> 
> Chris Serafin
> Security Engineer
> chris at chrisserafin.com
> 
> 
> Zahid Hassan wrote:
> > Dear All,
> >
> >
> >
> > Can anyone please comment or give any insight about the
> > Juniper Netscreen SSG 140 versus the Cisco ASA 5510 series.
> >
> > I am looking for BGP support on my perimeter firewalls and as the Cisco ASA
> > 5500
> > series still doesn't support BGP, I am thinking of going for the SSG 140
> > series.
> >
> > Any comment on the feature and reliability differences, will be greatly
> > appreciated.
> >
> >
> >
> > Thanks in advance.
> >
> >
> >
> >
> > Zahid
> >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> >
> >
> >   
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list