Juniper Partners On SRX Issues: Forgiven But Not Forgotten


Stung by angry customers consistent in their criticism of Juniper's SRX services gateways over the past year and a half, solution providers are upbraiding Juniper for what they say was a too-slow response from Juniper's sales and engineering teams to respond to and fix SRX's technical flaws.

The SRX issue was a frequently mentioned subject at Juniper's Global Partner Conference in Las Vegas this week, and one that partners said Juniper, to its credit, is no longer ignoring.

"My big takeaway from this is that they've recognized that partners are unhappy and customers are unhappy," said Helen Lesser, executive vice president at Nexum, a Chicago-based solution provider. "Products have flaws all the time -- it's almost the norm with a new product set -- but where the ball stopped rolling with the SRX issue was that we were escalating feedback on issues and not getting acknowledgment."

Juniper debuted its SRX series dynamic services gateways in 2008, touting the increased throughput over traditional firewalls as well as other features such as intrusion prevention, distributed denial-of-service protection, dynamic routing and quality of service, and network address translation. The idea was to provide a firewall product that ran on Juniper's universal OS, Junos, and that could be customized based on customer needs.

Sales of SRX surged, but customers reported technical issues with SRX products ranging from overall stability to flaws in areas such as unified threat management (UTM) and intrusion detection. Several solution providers interviewed by CRN singled out Juniper's lower-end SRX products, including its SRX100, SRX210 and SRX240, as being especially problematic.

"What they touted from a product perspective and what it was actually, truly capable of were not the same," said Dominic Grillo, executive vice president at Atrion Communications Resources, a Branchburg, N.J.-based solution provider. "A lot of the UTM-type features they're trying to add and make seamless with the other features haven't been as seamless or as stable as they should be."

Customer complaints about the products were widespread starting in mid-2010, solution providers told CRN, and it wasn't until nearly a year later that Juniper began aggressively updating SRX in response to the concerns.

At Juniper’s partner conference, Bob Muglia, executive vice president, software solutions, and Stefan Dyckerhoff, executive vice president, platform systems, acknowledged the SRX problems during their presentation -- a sign to many partners that Juniper was owning its "mea culpa."

"There's a better feedback loop now, which is going to re-instill confidence," Nexum's Lesser said. "It goes a long way to have Juniper backing me up for the customers I own."

SRX issues came up frequently in security-focused sessions at the partner conference. Several partners who attended closed-door sessions said Gary Olson, who joined Juniper as global managing director for security in October 2011 following a stint at Blue Coat, acknowledged the SRX flaws and said Juniper's fixes to the platform would be much more rapid and comprehensive.

Juniper also is reaching out to customers on the potential problems with SRX that might arise and how to troubleshoot them.

"We don't do a large percentage of SRX, but we did have some challenges in the past 18 months," said David Nahabedian, principal and co-founder of Integration Partners, a Lexington, Mass.-based solution provider.

Juniper has told partners it will adjust its software release schedule in an attempt to more quickly fix technical issues such as those present in the SRX, he said.

"Their schedule may have worked six years ago, but it's not sustainable," Nahabedian said. "New products have quality issues, so it's understandable. It's a function of how many engineers you have."

NEXT: Winning Back Juniper Customers