[j-nsp] SRX Reliability
Phil Mayers
p.mayers at imperial.ac.uk
Wed Jun 12 06:28:05 EDT 2013
On 12/06/13 10:47, Andrew Gabriel wrote:
> Hi,
>
> We are evaluating the SRX 3000 series firewalls for our datacenter, and
> would appreciate some feedback from folks who are already using/deploying
> the SRX platform.
>
> I understand that the initial software versions had a large number of bugs
> and features that just wouldn't work reliably. Juniper claims that they
> have addresses most of those and that the current releases are stable and
> well received by customers.
>
> How true is that, and would you recommend the SRX platform as a core
> datacenter firewall at all?
We recently evaluated an SRX 3600, and modulo some minor cosmetic bugs
and one major one (PSN-2012-10-754, fixed in later software) they seemed
solid to me. We tested IPv4 & IPv6 layer4 firewalling, AppFW, dynamic
routing with BGP and multicast. It all seemed to work ok, and we have
gone ahead and purchased.
It might help if you could specify what sort of things you want to do on
them e.g. IPsec, IDP, inline AV/web filtering (which the 3000s can't do)
and so forth.
More information about the juniper-nsp
mailing list