NetXG - Network Exchange - Specializing in Juniper Networks Equipment. "Building and Securing Networks for over 18 years."
Phone - Call Direct: 805-681-5071
NetXG - Network Exchange - Specializing in Juniper Networks Equipment. Switch Router Firewall wireless. Buy Juniper Network Gear Now
NetXG - Network Exchange - Specializing in Juniper Networks Equipment. Switch Router Firewall wireless.   | Home | Products | Specials | News! - Reviews | Support | Contact |
  Juniper > Firewall / IPSec VPN > Juniper SSG-vs-Cisco ASA Comparison: Juniper SSG-vs-Cisco ASA Comparison CharT
 

Juniper Networks SSG 5 and SSG 20 VS Cisco ASA 5505 and PIX 501/506 Overview
The newly announced (Aug 06), ASA 5505 is the projected successor for the PIX 501/506 and is targeted at small offices. Like the larger ASAs, the 5505 operating system combines security features from the PIX OS and SSL VPN functionality from the VPN 3000 concentrator. Architecturally, the 5505 has a single expansion slot that is not enabled as of FCS (Aug 06). If the ASA 5505 follows the same architectural direction as the larger ASA offerings, the expansion slot will be for IPS and/or AV.

Cisco PIX is the original line of dedicated FW/VPN platforms from Cisco. The PIX 501 and PIX 506 represent the small office/telecommuter solutions of the product line. These two solutions are frozen at PIX OS v6.3(4) whereas the most recent release is PIX OS 7.1, therefore these platforms are not receiving the most current feature enhancements.

Juniper SSG 5 and SSG 20 Strengths
• Purpose-built platform. SSG is a new platform designed to run current and future security and WAN routing applications
• Flexible I/O options and supporting protocols. The SSG 20 is the first small office device that supports I/O expansion cards and modularity. None of the Cisco small office firewalls provide any I/O flexibility
• Integrated security and routing. The SSG delivers best-in-class security, LAN/WAN interfaces, protocols and encapsulations to deliver powerful option of consolidating multiple devices (FW, Wireless AP, Router, Etc) – ASA does not have WAN interfaces or WAN encapsulations.
• SSG 5 and SSG 20 deliver 802.11a/b/g wireless support. None of the PIX or ASA offerings support 802.11 wireless networking.
• Proven advanced security features. Security Zones, virtual routers and virtual LANs deliver granular segmentation capabilities to facilitate internal security by dividing the network into secure domains, each with its own security policy.
VPN Resiliency. Route-based VPNs leverage dynamic routing and VPN monitoring to deliver secure communications that are resilient to network failures.
• A complete set of Unified Threat Management (UTM) security features. UTM features include Stateful firewall, IPSec
VPN, IPS, Antivirus (includes Anti-Spyware, Anti-Adware, Anti-Phishing), Anti-Spam, and Web Filtering.
• Best-in-class UTM partners delivering key technology and support.
Kaspersky for AV/AntiPhishing, Antispyware - #1 in catch rate testing
SurfControl and Websense for Web filtering - Top vendors in the Web Filtering market
Symantec for Anti Spam – Leading Anti-Spam Vendor
• SSG 5 and SSG 20 will NOT force the customer to make compromises. The ASA has one HW expansion slot, which can accept an IPS card OR an AV card. The SSG can support all of the security functionality and connectivity options without compromise.
• AntiX licensing is complex. SSG UTM licensing is an annual subscription fee supporting maximum users on the box.
AntiX licensing is tiered by functionality and by users
Basic provides Trend Micro antivirus/anti-spyware.
Plus license adds URL filtering, content filtering, anti-phishing, anti-spam
Number of users
• Centralized management. Multiple SSGs and all security, routing and UTM features, can be managed centrally via NSM. With the ASA, if customers want to centrally manage multiple AntiX modules, they need to use Trend Micro
Management (purchased from Trend).
The ASA release notes indicate that the ASA 5505 is managed only in a 1:1 manner – there is no 1:many
alternative like NSM at this time.
• Firewall product line consistency. Every one of the Juniper FW platforms runs ScreenOS, giving users consistency in operation, management and security. Cisco FW line is confusing with ISR running IOS at the low end, the ASA running PIX and SSL VPN in the mid range, and FWSM running yet another variant.
• Complementary offerings. Best-in-class complementary solutions including: SSL VPN, FW/VPN appliances, application acceleration, and enterprise class routers.

Cisco Strengths
• A market leader that can be successful based on reputation as opposed to actual capabilities. The adage is, you do not get fired for buying Cisco.
• Strong enterprise presence and not afraid to bring in executives to apply sales pressure.
• Proven router with a wide range of interfaces, protocols and routing capabilities. But also known to have very weak security and performance.
 
 
  Juniper SSG-vs-Cisco ASA Comparison CharT
 
  NetXG stocks, and specializes in Juniper Networks equipment. All network equipment we sell is completely Tested, Cleaned, and Guaranteed. We make sure everything we sell works and you are 100% satisfied with the Network Equipment you purchase from us. NetXG buys and sells all Juniper routers, switches, firewall, and modules.

If you have any questions about the Juniper SSG Firewall Series contact us. Phone 805-681-5071. We have a knowledgeable support staff and complete documentation on the Juniper SSG Firewall Series.
  Contact Us | About Us | Warranty and Terms | Privacy Policy

NetXG, Inc. Copyright © 2010 All rights reserved.