Hii Hedi,

Thanks a lot for the replay.Just thinking that i am only the victim from the replies i am getting

may be i got some one who accepts that there are bugs in the SRX boxs.

Even i installed soo many SSG boxes and EX4200 and 3200 Swicthes with very less cases

But for my new site as i blindly thought juniper will not make me down i didnt went deep reg the new

product and deployed SRX in HA and EX2200 with 100 nos and core EX4200.

This SRX is working like Hell. No Track IP like SSG, More CPU and Memory utlization

due to 2 partions and IDP signature and dector data base issues for which the box will Hang r else

the flash r even the partion gets crouppted.I do not know with out a 100% checkup and no proper work out

they released the product in to the market and they are loosing the complete hope on the juniper brand

which will effect on the other good working products like SSG and Ex4200 and 3200 swicthes.

Even i bought EX2200 with out the minimum L2 features in it and they are telling now still they are in

implementation part and in the other releases they will fix .god knows when they will fix without bugs

i had a question to ask u .i will also ask the guys to give me SSG-520

but the IDP is not there in that and only the DI which will not block torrents.pls let me know is there any alternate

way to block the torrents with SSG-520 as its very imp for my site with no other addon device like IDP

once again thanks for the reply

RAMS

Hello,

I'm also running IDP on the SRX.

Deep inspection is not an alternative to the IDP...

If you really need an IPS, you need to by another box...

In my case, I prefer to have a stable cluster (SSG) rather than a full features (according to Juniper !) box crashing every few days.

Maybe you can install another firewall in layer two mode to handle application control, bandwidth management, IPS and other usefull features.

Sonicwall is quite good in this area. In few weeks, I could probably give you some comments about Palo Alto...

Regards,

Hedi

This post removed due to confidentiality violation

-Moderator

Dear Friend, 

Thanks for the feedback

Just want to know how can u say by the RMA details i kept the box in a frequent power failures area.

They have not mentioned any where in the case ITS WRONG stateEMENT DELIVER BY U .

Can u pls tell me from which country u belong to just to know

To ur notice i kept the box in a very secure area in which i had nealy 127 devices along with this SRX

I never mention in the case r else in the RMA that the box is having problem with power  u r mistaken

The box is having problem with flash and memory due to this there are several problems

can i know which SRX box u r using just curious not having with any problem with that

i can c in the lastest junoes release that there are nealy some 150 bugs still pendning yet to sorted out

The 1GB flash which is giving with the box is not at all sufficient for the desired requirment

Each core dump file is 100 MB and if there are 2 core dump files the box gets hangs and flash corrupts

hope u got now what i am trying to tell u .There is no problem with the power r relse the power supply

Problem  which i am facing

1.SRX240 New box

2. The box comes with dual partion primary and backup with 10.0R1

3. For my requirement i need to update to 10.4R1

4. After doing this the remaining space in Primary partion is 215 MB only

5. If i enable syslog for every 6 hours its creating one core dump file which is 100 mb

6. IF i leave for 1 day the flash gets full and device hangs

7.If i disable syslog i will get a core dump file 100 mb for every 12 hours

8.If i delete the file in time the box runs fine no problem but if i do not delete same problem

so if u have a box and u try all the above which i mentioned they tell me what u r facing

so do not tell and misguide that that problem is with power .ITS NOT WITH POWER PROBLEM K.

ITS WITH 1GB insufficiuent flash k

THANK YOU

ram

Ram,

I'm sorry to hear about the troubles you're having. Those core files need to be analyzed so we can figure out whether this is a known issue - or even if not, it should give us a clue as to the underlying cause, and hopefully a workaround.

Please get a case opened with JTAC (either direct or through your reseller) so that we can do proper diagnostics on this issue.  If you need any help with that, please let me know personally.

Any other conclusions (by anyone...)  based on the information so far would just be conjecture.

Regards,

-Keith

26 Cases with regards to an SRX240h and NSM since 31-Aug-2011 (ATAC and JTAC)

BGP Low Memory alerts from 4 different SRX240h running IDP and BGP on the same box. (This to me rules out hardware issues)

Did anyone else facing issues with the 240h get them resolved, if so please can you tell me how? (let me guess, upgrade to the latest version with be the official answer?)

I want to go back to Checkpoint!

Hi all,

I'v had experince on both ScreenOS and Junos, in ScreenOS I had exprience from SSG5 to ISG2000 and in SRXs from SRX210 to SRX 3600, I even ran a project on SRX5800 recently, it's huge milion dollar guy, SRX high end platform are much more stable than Branch SRXs, SRXs have a lot of issues now especially in branch series, but the idea behind it is great. It takes time for them to get it fix and make it stable enough specially in UTM features. But honestly NSM is stupid, specially the one that you install on Linux (Not the appliance), and NSM GUI is even more stupid than NSM itself, it crashes all the time.

Hope that day(or maybe night) come, that we see more stablity in SRX it's a kinda newborn baby.

And hey Ram, I've read your story, and I think your story is a little...bit...exaggerated, I have a SRX210 and SRX1400 in here right now, I just looked at the uptime, here's the output:

up 172 days, 22:43, 1 user, load averages: 0.25, 0.11, 0.04

and SRX1400:

up 234 days, 20:32, 2 users, load averages: 0.03, 0.03, 0.00

They're stable enough now

ATAC : "To run the NSM client properly you PC needs at least 4GB of memory"

The appliance is just as bad, JTAC : "can you restart the services"

I hate the restart mentality it doesnt FIX anything it just delays it from happening again...

I'll take a look at the high end and see how the bottom of the "high end" stack up against the branch appliances cost wise.