@mulhollandm wrote:
my company is buying a couple of srx1400s to act as application firewalls, something like the citrix netscaler
At the risk of sounding a bit... negative... let me just start by saying, "I hope not..."
Comparing the SRX1400 to the Citrix NetScaler is kind of like comparing a bicycle to a golf club -- they really have little to no similiarity between them. An "Application Firewall" and an "Application Delivery Appliance" are very different animals.
The NetScaler is an application delivery appliance, that means it's built for application acceleration, content switching, SSL acceleration, and load balancing. You won't find that functionality in a SRX appliance, the SRX is a security gateway -- it's a firewall, IPS/UTM, and optionally application-aware firewall (but that does not mean it's an application delivery platform.) The NetScaler can be more appropriately compared to F5 BigIP, Brocade ServerIron ADX, Radware, Cisco ACE or ADC (yikes!), Barracuda Load Balancer, and others that are out there.
If you're looking to do what you can do with a NetScaler with an SRX, you're probably not going to be too happy with the results.
Now, if you're buying the SRX1400 as a security applicance, then great... on to your other questions.
- can someone recommend a juniper guide for junos (cli and gui)
Your best bet is to start with the Fast Track program. It's free, and is a very good way to start learning the basics of Junos and the SRX platform. I actually started there when I got my first SRX devices, and just look at me now! LOL, Ok.. maybe not the best example.
- can i run the same version of junos used on the srx1400 in gns3?
I have no idea on this one... the stuff I've seen for gns3 was all based around rather old versions of Junos, and I think they were router versions so you won't have any of the security features available, which would make it kind of pointless. Perhaps with an adequate level of hacking and perseverance you can get a more modern Junos to work, but I've never tried. An SRX100 is pretty affordable, and is a great testbed for learning Junos. Probably save you a lot of headaches trying to get Junos to run in an emulated mode. The SRX100 isn't exactly like the 1400, as the 1400 has a different hardware architecture and there are some differences, but for the most part, the SRX100 will give you 90% or 95% the same experience as far as how Junos works, how to build out and configure your systems, and even features.
- what version of junos should i be looking at
This question gets asked a lot here, you can find plenty of other threads that discuss this and make your decision based on information you find, but, as a basic starting point, you've got a few choices:
Junos 10.4R8.5 -- the current recommended version by JTAC. Note that 10.4 does not support clustering on the SRX1400, so if you plan to run your SRX1400s as a cluster, then you will need 11.1 or higher. Various improvements were made in 11.2 and 11.4, and there have also been some reports around the forums about problems with 11.2. I would recommend you go through the release notes for the major versions and find what features are most important to you. 11.4 has some great features, and reports seem to be that it's pretty stable, but everything is going to depend on your particular environment. 11.4 is still at the R1 stage, which historically has been only for the brave of heart and strong of patience, but Juniper tends to play the "but REALLY, we know we've said this 14 times before, but REALLY, this time, this one really is BETTER!" card...