On Apr 19, 2010, at 7:32 PM, Jeffrey Negro wrote:
Has anyone on Nanog had any hands on experience with the lower end
of the
new SRX series Junipers? We're looking to purchase two new
firewalls, and
I'm debating going with SSG series or to make the jump to the SRX
line. Any
input,
I prefer Junos as screenOS except for one thing :
HA is a hell to configure with Junos whereas it's really easy to do it with
screenOS, at least last time I tried a couple of months ago.
Anyway, ScreenOS cli really sucks compared to JunOS cli.
Pierre-Yves
2010/4/20 seph s...@directionless.org
Count me in as well. I ditched my personal Netscreens and replaced with SRXs
and we have done so as well at my day job. Other than a few quirky things, they
are very nice. V6 support is still somewhat limited though, but I am using an
SRX210H with ADSL2 PIM as my main router at home and it has
On Mon, Apr 19, 2010 at 08:32:47PM -0400, Jeffrey Negro wrote:
Has anyone on Nanog had any hands on experience with the lower end of the
new SRX series Junipers? We're looking to purchase two new firewalls, and
I'm debating going with SSG series or to make the jump to the SRX line. Any
On Apr 20, 2010, at 1:11 AM, Cian Brennan wrote:
On Mon, Apr 19, 2010 at 08:32:47PM -0400, Jeffrey Negro wrote:
Has anyone on Nanog had any hands on experience with the lower end of the
new SRX series Junipers? We're looking to purchase two new firewalls, and
I'm debating going with SSG
On Tue, Apr 20, 2010 at 04:18:11AM -0700, Owen DeLong wrote:
Interesting. My SRXes have been rock solid since upgrading to
10.0R1.8.
Not so much here. My basement SRX210 starts dropping bgp sessions over
an IPSEC tunnel every 30 secs or so after around 1-1.5 days of uptime,
and won't stop
I will admit I have the same issue with a both my BGP sessions over GRE as
well, which is really annoying, but I only use this for remote hopping over to
my other lab, not for anything I would ever do in production so I haven't
bothered opening a case on it yet. Glad to know I am not the only
We are in the process of replacing some SSGs (and NSes) with SRXes. The
biggest issues so far that we've faced are:
1. Although the devices can be used at the core you can't enable
multifunction IDP (i.e. you can only enable the filters for HTTP or
Fileserver etc, not all at the same time or the
SRX seems very new and many comment it as unstable, this includes some of
Juniper engineers I know in person. SSG though is phasing out. 8months ago
while I was looking for these solutions more closely, I had decided to stay
with SSG, which was good for next 3-4 years. However I believe probabyl
that was my experience...
Paul
-Original Message-
From: Mehmet Akcin [mailto:meh...@icann.org]
Sent: April-19-10 9:48 PM
To: Jeffrey Negro; nanog@nanog.org
Subject: Re: Juniper firewalls - SSG or SRX
SRX seems very new and many comment it as unstable, this includes some
of
Juniper
Much.. Go SRX over SSG every time. For anything that doesn't have an
SRX analog, consider the J-series.
SRX/J-Series == JunOS == Good.
SSG Series == ScreenOS == @)#$*#@)$(*!)(@$...@$
Just my $0.02 having dealt extensively with both environments over the
years.
Owen
On Apr 19, 2010, at 5:32
I'm with Owen. I have nothing good to say about ScreenOS. In contrast
JunOS has been great.
seph
Owen DeLong o...@delong.com writes:
Much.. Go SRX over SSG every time. For anything that doesn't have an
SRX analog, consider the J-series.
SRX/J-Series == JunOS == Good.
SSG Series ==
12 matches
Mail list logo
