Tuesday, November 7, 2017

juniper SRX cli benefits over Fortinet FortiOS

In this blog, I will hash out a few  cool functions in junos  that the SRX offers  &  when compared to the Fortinet FortiGate.


1st up  the fortiOS paging  is set from  the config sys console  setting  and  is not per-user-session. Junos allows for you to turn the  paging on per-user-session and not globally.


2nd,  system  junos is really unix ( bsd )  & we actually have  a history cmd option so we can quickly find and repeat previous commands

3rd, the kron scheduler is also native unix. So execution of  a task(s) and or function can be completed with ease and at a schedule date in the future.

4th, if have you have to  delete numerous  firewall.address.objects in fortiOS? Will  if your objects are  similar,  you could do a wildcard delete

5th, show commit detail before you commit. Commits in junos are like IOS-XR, you can actually  review all commit-changes &  before committal

6th, you  can display the  cli configuration in  various outputs that are formatted better or  for parsers
examples json  xml set

show configuration | display xml    
show configuration | display set
show configuration | display json

7th, you  can string match multi-expressions

kfelix@srxappliance> show system services dhcp pool 10.0.0.0/23 detail | grep Add | grep ssign
    Addresses assigned         49/482


next,  you can use  the interface-ranges if you need cover a range of interfaces. This is great if you need to mass-blast  configurations to  range of interfaces or look at a range of interface


I still think the fortigate is one of the best firewall on the market btw. The cli cmd options are slightly  less intuitive imho.

Ken


Ken Felix
NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com
     ^      ^
=(  @  @ )=
         o
        /  \

No comments:

Post a Comment