Juniper versus Cisco

[probably better suited to comp.dcom.sys.cisco - added to the group]

We're doing the same thing. We also have a very large network.

Cisco pros:

1) support model is well understood. Never have to worry about whether they can get the parts there or not. 2) IOS is well understood. 3) Has more enterprise/legacy features.

Cisco cons:

1) IOS quality has degraded with each and every version. 2) IPSec is not as robust as it should be, IMO. 3) No support for modular upgrades. It's all or nothing. 4) You can't encrypt multicast traffic w/o using GRE tunnels. So if f you want to encrypt OSPF & data packets, you *have* to use GRE. 5) Multiple IOS images can be a pain to manage. 6) Control plane is *just* being protected with later IOSes.

Juniper pros:

1) Operational features such as "commit" and "rollback n" can really make backing out of changes a no brainer. 2) Performance is not really in question. 3) IPSec can be encrypted since the AS/ES PICs are IP addressable. 4) High availability is pretty much built in. 5) Some accounting counters are done on the line cards. Easy to get stats. 6) Control plane is well protected. 7) You can do modular upgrades to JunOS.

Juniper cons:

1) Support model is still not proven. Can they hit every office that I have??? Not sure. 2) The J series routers are a new item. Granted, Juniper's mantra of same JunOS everywhere! is a plus. 3) The J series has a button that will reset the router to a "known good" configuration. Can be quite useful for remote locations. 4) No support for legacy protocols. May be a deal breaker for some enterprises.

We looked at 6500/Sup720/VPN-SMs vs M10i/M20i/AS-PICs and they are about the same price. Performance wise, VPN-SM and AS-PICs pushed about 480Mbps in either direction. I prefer Juniper's implementation of AS-PICs over VPN-SM but they had the luxury of starting late in the game.

Hi Hansang,

You may wish to view the Miercom Cisco vs. Juniper Core Router Head-to-Head Comparison:

as well as the Miercom Cisco vs. Juniper Edge Router Head-to-Head Comparison:

Sincerely,

Brad Reese BradReese.Com Cisco Repair Worldwide United Kingdom: 44-20-70784294 U.S. Toll Free: 877-549-2680 International: 828-277-7272 Fax: 775-254-3558 Website:

We completed the transition from Cisco to Juniper a while back. Juniper produces clean code. If you are replacing 7200/7300/7500 series routers, you probably can get away with a M7i/10i. Juniper SE's are some of the best I have worked with. I bet you will have a good experience.

-mike

The problem is that Cisco paid for this as far as I can tell. I wonder if Juniper SEs were on site to tweak? I didn't read it thoroughly but I'm thinking Cisco had an army there to assist.

It's hard to take vendor-paid-for testing too seriously. For example, would they have let Miercom publish it if it showed that Junipers won?

First paragraph after "Key findings and conclusions," 2nd Sentence:

Juniper declined to actively participate in the testing.

First paragraph after "Key findings and conclusions," 2nd Sentence:

Juniper declined to actively participate in the testing.

example,

Good points! But I admire Cisco for their "lets-get-it-on" competitiveness.

Miercom clearly states that Juniper declined to actively participate in the testing.

Brad Reese

Hello, BradReeseCom! You wrote on 7 Feb 2005 03:16:25 -0800:

??>>> You may wish to view the Miercom Cisco vs. Juniper Core Router ??>>> Head-to-Head Comparison: ??>>>

??>>>

B> First paragraph after "Key findings and conclusions," 2nd Sentence:

B> Juniper declined to actively participate in the testing.

From reading test results done by different companies I got an idea that company which is not paying for test always "declines to actively participate".

With best regards, Andrey.

Well, maybe they knew in advance that Juniper would decline to actively participate in testing :-).

Hi,

I have not read any of the test results or specifications referred to in this thread.

My understanding of some network equipment testing is that company A funds a test of company A kit vs company B kit. They specify the test EXACTLY. The independant testers follow the script they are paid to follow EXACTLY and get the EXACT results that company A knew they were going to get. Company B knows that they are in for a kicking since the test has been specified for that purpose by clever people and declines to participate. They fund their own test that they specify EX............

Test results can be informative however I feel that care is needed in interpreting them and the tests used should be examined very carefully.

I have heard rumours of code being altered to change test results as opposed to being optimised purely for expected production environments.

I seem to recall that some NIC and switch vendors were rumoured to reduce the interframe gap on CS/CDMA ethernet so that they would "win" more often in head-to-head contests where the two nics were connected simultaneously to the same collision domain and both were offered trafic to transmit. The less well informed purchaser could easily be taken in by such treatment.

An (almost obsolete now) example might be that a particular vendor could be attacked if a competitor could find a 'reasonable' requirement that 'forced' a configuration that resulted in traffic being process switched.

Buyer beware.

Minor nit: I see an url which promises me a micros~1 generated html page, and I get a .pdf.

``actively participate'', as ObOtherPoster notes, meaning sponsoring, tweaking by their own experts (who subsequently aren't on-site when joe random netadmin has to configure the stuff, facing a deadline), etc. I'd actually prefer to have the companies I'd test equipment of to maybe lend me the equipment and provide normal support _when I ask_, so as to give a more accurate reflection of the reality at seen those for who the report would be useful. So Juniper here did the right thing, where cisco apparently was eager to emerge favourably regardless of actual merits. In fact, I'd probably count the very fact the test company wanted incentives from the vendor beyond the hardware to test as a red flag.

In short, the critique still stands.

I'd compare that to what micros~1 calls ``getting the facts'', but I would count that as inviting an invocation of Godwin's law.

Which is good for clarity, but doesn't change the critique a bit.

*looks through the report until xpdf crashes*

I can't say I like the report format a bit. It starts out with key points and conclusions, ``powerpoint style'', before even stating what the test tried to prove or what the full equipment list was. If that counts as ``excellence'' I'm borrowing one of their jumps, and my conclusion is that they just made it on my blacklist of FUD sources for the next 15 years, regardless of who ``won'' the test.

Excellent feedback from all.

Miercom Competitive Testing:

Miercom offers private competitive head-to-head testing for any vendors who choose to participate in such an event.

This testing is conducted using our Product Evaluation Policy to ensure fair and accurate testing.

Miercom will not accept any payment to produce a report that is not factual, honest and relevant.

Sincerely,

Brad Reese

I used to admire Cisco for thier competitive edge. But in recent times (like almost all big companies) they've lost the edge. The IOS quality is beyond shameful. I'm not saying Juniper is the panacea because we

*FOUND* bugs in their code during *ROUTINE* testing. It was almost as if we are the *ONLY* company in the world that runs OSPF with IPSec and GRE tunnels.

As far as paid testing goes, it's often dicated by the company that pays for the test. So they get to determine what gets tested and how. Cisco employs some very smart people. Juniper does too. It would be less then trivial for both companies to come up with scenarios that would benefit only their gear. Not saying this is what happened as I don't have any first hand knowledge. But I saw a lot of phrases that may may be say "hmmm"

As an example, this is typical "academia" speak....

"It has long been known that..." ==> "I haven't bothered to look up the original referece" "Three of the samples were chosen..." ==> "Other experiments didn't make sense or made the research look bad so it was ignored.." "Typical results are shown..." ==> "The best results are shown..."

You get the idea.

• Hansang Bae :

It tells great lengths that Miercom didn't publish the configurations used.

You can make ANY vendor's hardware look bad if you use insider knowledge about pathological corner cases where the hardware at hand has specific problems and how to exploit them via specially crafted, far-from-realworld configurations.

ACK.

Best regards, Daniel