A similar situation, is familiar with Cisco. And at work there is one pathetic Juniper SRX-100 firewall router. I had to learn and understand it. I will say from my own experience that Cisco IOS and JunOS are quite similar, you need to understand the very structure and logic of JunOS and everything will go like clockwork. There is a good video course on flash in Russian, it is ideal for you, as examples are shown of how “something” is configured in Cisco IOS, and how the same is configured in JunOS. If you want to save money - take Juniper, you will get a good product, at a price less than Cisco.
The video course itself is https://www.juniper.net/us/en/training/technical_education/jsl_international_editions/russian/course_start.html

The question smells like trolling. Which is better, Christianity or Buddhism? no offense will be said, but based on the question, the author has no experience with any of the vendors, so you can advise anything, up to a PC with several network cards.
Tell me why firewalls? Do you have Internet channels in branches more than 10 Mb/s? Are you planning to use IPS/IDS? Will you have a dedicated DMZ for servers? Do you have less than 5 branches? If the answer is “no” to half of the questions, then take a router (I work with Cisco, so I recommend it :)-)
Based on what considerations was the 3560 offered to you? Why not WS-C3750G-24TS, which, IMHO, is cooler as a “core” for a small office?
If there are no more than 20 people in the branches, take one Cisco 861 (K9), if more - Cisco 1921. Raise the ACL on it to protect against the Internet and DMVPN in the CO. Raise OSPF on it with central heating.
Put Cisco 2921 as a one-armed router in the central heating center, put Cisco 2921 on the network core 3750, as an external firewall - Cisco ASA 5505 and live happily - it will be beautiful and convenient.
Here is the IPSec performance table - anticisco.ru/pubs/ISR_G2_Perfomance.pdf

Our company needed to install an L3 switch and firewalls in the main office and branches.

I have certificates for both juniper and tsiska. To be honest, Junos is better for the core of the network and the level of aggregation in the provider network. Since mpls is better implemented compared to Cisco and there is a proprietary L2VPN Kompella protocol, the price of cards is also cheaper than that of a cisco. But the syntax and, in general, the management parameter are many times better than those of Cisco.

perhaps the answer will be a little off topic, but I recommend looking at the Chinese like huawei.
Alliedtelesys are extremely good.
And so ... push the Junes on discounts ... 30% percent - how to do it ... especially if they find out that ciscars have sunk. Apply shuttle diplomacy.

I agree, according to Alliedtelesys, I went too far with praises ...
Call the huawei, listen to what they offer ... you might like it ... And if you don’t like it, push the tsiska. June is more of an operator class, and entry-level equipment is not the main market for them, so I would choose a tsiska.

I don’t know how it is now, but when I was working in one large office 3560, I also did internal “routing” there (which one I won’t say for a long time ago, then I didn’t know Cisco at all) I was engaged in. So, according to the reviews of my knowledgeable colleagues - the routing was sad for 3560, I had to change it. Maybe they have corrected it now. but at my current job with 3560, I had to tinker a bit until I realized that she needed a default route so that she could reach anywhere from the management vlan.

Fires at Juniper I like more. Maybe because I worked with them mostly.
In reality, Cisco 3560 and Juniper ssg3xx coexist remarkably on one of the projects ...
But on these 2 vendors, the light did not converge like a wedge - look at FortiGate, they are enough for branches.

This is your answer smells like trolling. If you think these manufacturers are the same in quality, then write so. I didn’t have to communicate with juniper at all, I just saw that they also install operators in data centers. I'm asking for opinions on this. Maybe the equipment for branches they have complete shit?
Why firewalls? They are more productive in ipsec, the traffic is planned to be much more than 10Mb / s. This is basic. There are also more than 5 branches.
The issue of price, by the way, should not be relegated to the last place.
And what's the point in 3750? There are no plans to stack switches in the near future, and the cost of 3750 is noticeably higher.

I have been working with Jun for 10 years, of course, the tasks are without voice. There are no complaints.
In terms of price performance - there are few competitors - this applies to a network such as a provider or hosting. If you want to indulge in voice, then Cisco is out of competition - unfortunately it has become the de facto standard for connecting to city networks or for transmitting voice traffic over a hill.

Работаю с Juniper 2 года, в сети бегает в т.ч. и голос.
Парк от NetScreen NS-5 до SRX-650 и EX2200-4200.
Физические интерфейсы только Ethernet (E,FE,GE).
Основным плюсом для меня оказался очень удобный CLI, гораздо удобнее чем cisco и фичи Junos Automation.
EX2200/3200 вполне подходят для использования в роли маршрутизаторов со статическими маршрутами, на EX3200 уже в базе доступен OSPF, но потребуется лицензия на BGP.
Сетевые экраны SSG-5 (EOS) будут весьма полезными если консоль вызывает отторжение, IPsec VPN они поддерживвают нормально, в нормальных условиях филиалы (20 человек в филиале, 4 туннеля, 2 WAN) загружены на 20% CPU и около 50% памяти (SSG5-SB).
SRX100 сейчас нормально разруливает филиал с 50-100 сотрудниками в нагрузке около 50% по памяти и также около 20% по CPU.
В сети нормально бегает голос. На ранних версиях Junos был баг с максимальной длинной UDP датаграм - замечено на прохождении DNS запросов.
Голосовая сеть прописана в [Ethernet-switching-options voip], заюз LLDP-med и CoS.
Со временем немного надоело отсутствие возможности быстро "передёрнуть" интерфейс.
ОЧЕНЬ важный аспект: Junos не имеет встроенного L2TP/PPTP клиента, что может отсечь возможность подключения к некоторым провайдерам, хотя для этого есть workaround в виде подключения SRX через SOHO маршрутизатор.
За cisco сказать ничего не могу, но разве что её язык конфигурирования менее удобен
Oh yes, Juniper has a very handy library and don't forget about the forum.

You can buy a used or ref Cisco from us and not think about it. The price list on bu Cisco, Juniper will be much lower. www.buycisco.ru
Regarding Cisco or Juniper. As a supplier, I can say that 70-80% buy Cisco and only 20-30% Juniper.
Our prices for example Juniper EX3200-24T used - 780 Euro
Cisco WS-C3560X-24T-S used - 1200 Euro

Friends! Unexpectedly, I ran into a serious problem. Juniper router failed. Juniper Networks, provided that we pay huge money for a service contract (“Next business day”), the condition of which implies the replacement of equipment by the manufacturer in the near future, does absolutely nothing but ship the router from the warehouse. We have been waiting for more than 10 days, but there is no result! A device that is out of order is key to the organization of the regional level and can not be quickly replaced with something else. So think about it, is it worth spending money on purchasing Juniper service? Or do you still choose the option with another manufacturer who respects their client? Has anyone else experienced this, are we the only ones? We sit, we wait more than a week, how long to wait? How do other vendors do it? Do they score as well?