[j-nsp] J series users bitten by the massive memory useincrease with flow mode add, please file jtac cases.
Amos Rosenboim
amos at oasis-tech.net
Thu Jul 22 15:36:36 EDT 2010
Chris,
The discussion is about J series routers, not SRXs.
The J series are marketed as routers not security devices and turning
them to security devices all of a sudden is a decision I still don't
understand.
If you want to open a discussion about SRX we can do that.
I have no experience with the high end SRXs but a lot of experience
with the lower end SRX devices (210-650) and I can honestly say that I
consider them to be the worst piece of networking/security hardware I
ever worked with.
The software quality for these devices is catastrophic, including many
stability related bugs which crashed devices time after time.
The logging of the devices is so inconvenient and also affect
performance significantly, to a level where logging advised by JTAC
killed a device.
I heard this not only from colleagues but also from advanced JTAC
engineers.
It came to a point where my company stopped selling SRX devices and
talking to the local distributer I understand that the overall Juniper
security sales (in our small country) declined significantly.
It's important to mention that I'm a big Juniper fan (especially for
the Junos line of products), and I'm not looking to flame the product
for nothing.
Regards
Amos
On Jul 22, 2010, at 9:49 PM, Chris Whyte wrote:
>> IMO Juniper has royally screwed up in the small router/CPE market.
>> One can hope that they won't perform similar stunts on the M/MX/T
>> series.
>>
>
> There's absolutely no reason why this would be considered. The fact
> that you
> would make that statement leads me to believe that people might not
> understand why the SRX product line was created in the first place.
>
> The entire SRX product line (branch and high-end) covers the
> performance
> spectrum across M and MX series but were created specifically as
> purpose-built security devices and therefore should be implemented
> as such.
> In addition, in order to do high-end processing of (stateful) flows
> you need
> dedicated and specific hw to achieve desired performance. That hw
> doesn't
> exist on MX and T series. It only exists on high-end SRX (ie SPUs).
>
> Thanks, Chris
>
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list