Comparison – Juniper SRX1400 Vs Checkpoint IP4800 Vs Fortigate 800c

By | March 22, 2013

Its March and Financial year end in India. Everybody these days is aggressive for business closures, more closures means more numbers rolling in and same means more incentive for the sales guys, but to help sales team in closing more and more deals, Technical team need to accomplish some boring documentation work and making competitive product comparison is one of those.

I was preparing a comparing between Juniper SRX 1400, Checkpoint IP 4800 and Fortigate 800C. I googled to find some stuff on internet but found nothing useful. So, had to prepare one by myself. I found it worth posting here to help anybody sailing in the same boat. Here goes the comparison –

Features / products

Juniper SRX 1400

Checkpoint IP 4800

Fortigate 800C

Stateful inspection firewall

10 GBPS

11 GBPS

20 GBPS

IPS

3 GBPS

6 GBPS

6 GBPS

IPsec VPN

4 GBPS

2 GBPS

8 BGPS

Concurrent sessions

1.5 Millions

3.5 Millions

7 Millions

Connection establishment rate

70000 connections per second

70000 connections per second

190000

Security policies

40000

?

10000

 Stateless firewall filter

YES

NO

NO

 IPsec VPN

YES

YES

YES

 Intrusion prevention system (IPS)

YES

YES

YES

 Network address translation (NAT)

YES

YES

YES

 User authentication and access control

YES

YES

YES

 Public key infrastructure (PKI) support

YES

YES

YES

 Virtualization

YES

YES

YES

 Dynamic Routing

YES

YES

YES

 IPv6

YES

YES

YES

 Layer 2 (transparent) mode

YES

YES

YES

 Layer 3 (route and/or NAT) mode

YES

YES

YES

 IP address assignment

YES

YES

YES

 Traffic management QoS

YES

YES

YES

 HA

YES

YES

YES

 Application Security

YES

YES

YES

 Management

YES (Built-In)

YES, External Utility

YES (Built-In)

 Administration

YES (Built-In)

YES, External Utility

YES (Built-In)

 Logging/monitoring

YES

YES, External Utility

Requires Fortianalyzer

 Stateful inspection of IPv4, IPv6, General Packet Radio Service

YES

YES

Yes except GPRS

tunneling protocol (GTP), and applications at layers 4-7

YES

?

?

 SSL decryption

YES

YES

YES

 IP and GTP IPS

YES

?

?

 Denial of service/distributed denial of service (DoS/DDoS)

YES

YES

YES

application logic

YES

YES

Yes, Limited to 1000 Apps

 Multiple (virtual) routing instances

YES

YES, Max 25

Max 10 Virtual Domains

 Appfirewall (AppFW, AppDoS, AppTrack, AppQoS, and IPS)

YES

YES

Yes, Limited to 1000 Apps

 LSYS

YES

YES, Max 25

Max 10 Virtual Domains

 In-Service Software Upgrade (ISSU)

YES

NO

NO

 Streams Control Transmission Protocol (SCTP)

YES

YES

NO

 Application-level gateways (ALGs)

YES

YES

 Operating temperature

32° to 104° F (0° to 40° C)

32° to 104°F / 0° to 40°C

32 to 104 deg F (0 to 40 deg C)

 Non-operating storage temperature

 -40° to 158° F

: -4° to 158°F / -20° to 70°C

-13 to 158 deg F (-25 to 70 deg C)

 Altitude

10,000 ft (3,048 m)

?

?

 Humidity

5% to 90% noncondensing

5% – 95% @ 60°C (non-condensing)

5 to 95% non-condensing

Power Supply

200 to 240 VAC, 50 Hz, 2.5 A

100 – 240V

100-240 VAC, 50-60 Hz, 8.0 Amp (Max)

Dimensions

17.5 x 5.25 x 13.8 in

17.25 x 16.14 x 1.73 in.

1.75 x 16.75x 12

Rack Height

3U

1U

1U

 

This is a very basic comparison among three most popular appliances. Please share any feedback or additional differentiating inputs.