Few solution providers said they had lost customers as a result of SRX performance issues, but most said that convincing angry customers to give Juniper another chance with SRX updates has been a big challenge. Juniper has provided a number of free product updates and has authorized solution providers to offer customer incentives and protections to win them over, partners said.
"Two of my marquee accounts had singled out UTM and a lot of the intrusion-prevention stuff as what they wanted out of SRX, and they jumped all over me when it wasn't nailing those things," said a senior executive at one nationally known Juniper partner, who requested his name not be used. "Juniper is doing what needs to be done from the engineering side, but I will need assurances now and will be more thorough in the technical assurances we get from Juniper before I try to sell SRX to new customers."
In an interview with CRN during the conference, Juniper CEO Kevin Johnson said customer demand for SRX was high and that Juniper might have been too aggressive in adding features and porting features from ScreenOS and the Juniper-acquired NetScreen products that preceded the SRX gateways.
"The SRX provides this fantastic scale when it comes to securing a network," Johnson said. "I think a number of customers asked for a wide range of features that would enable them to do a lot of things, and as those features were shipped there was a period we had to go through to harden those with the customers."
Johnson disagreed with the notion that Juniper rushed its SRX products out of the development phase.
"Looking back, there are things we could have done differently. Maybe we rushed too many features at once, but I don't think we rushed the product," he said. "In the spirit of trying to respond to customer needs, I think we were doing all the right things and perhaps we could have done some things to sequence those features in different ways."
Some Juniper partners said the SRX issue is a wake-up call for Juniper as a security vendor. Smaller competitors such as Check Point Software Technologies and Palo Alto Networks have ramped up public criticism of Juniper and are talking about how their products are displacing Juniper firewalls, and Juniper in December sued Palo Alto over firewall patent infringement.
But the most telling sign for many solution providers that Juniper's security strategy is a concern was the most recent installment of researcher Gartner's influential Magic Quadrant for firewalls. Juniper was removed from the all-important "leaders" quadrant of the report, downgraded to the "challengers" category.
"What they didn't mention from the stage is that they dropped out of that leadership quadrant," said Frank Kobuszewski, vice president, technology solutions group, at CXtec, a Syracuse, N.Y.-based solution provider. "You can't pull that wool over partners' eyes. Just stand up there and acknowledge it and say, ‘OK guys, we fell on our faces this year.’"
NEXT: Juniper’s Mobile Device Security Strategy