A couple of years ago we bought a juniper ssg5 firewall because that is what our hosting company had in front of our hosted machines and I figured, and the recommended, that the easiest thing to do would be to match on our end, what they had on their end. This juniper firewall was not easy to configure, but their technical support was awesome and several times they spent hours and hours in a remote session configuring it the way I needed. It is foreign based support so my only complaint was the thick accent that made it difficult to understand them at times. But they were always very professional and very knowledgable about their product.
Last week we had some lightning close to the office and one particularly close strike fried the juniper ssg5. So it had to be replaced. But I debated replacing it with the exact same thing, upgrading to something more powerful, or switching to a different brand all together. Several weeks ago I had sought some information about advanced reporting and web site filtering and my consultant from insight.com put me in touch with a sonicwall engineer. So I had done a little research on sonicwall and in the end I decided to replace the fried juniper with a sonicwall NSA 240. I could have bought from the TZ series, on step down but based on our available bandwidth and number of users in our office (20-30) I felt the NSA 240 better fit our needs. It also allows QOS which will help with my envisioned voip implementation.
I wasn't disappointed. When it arrived I was able to configure it myself and get my VPN tunnels to our hosting provider back up. I was never able to do that on the juniper. I can easily block stuff like gaming, social networking, or just about anything if I choose and I will be able to see some very detailed reports once I get viewpoint setup. I can't verify because the juniper didn't notify me of this, but I think the sonicwall is much more powerful when it comes to catching intrusion attempts and stuff like that. I did buy the complete care package and it has several security services like antivirus, intrusion prevention, malware protection and some others. These all run in realtime and I left the default configuration where it checks for these in real time and they claim it is at near wire speeds.