Well, I tried to answer this from the professional perspective, not taking into consideration the "hacker" role. Suricata and Snort offer more granularity than Juniper in a different way. If you're in an environment that you're allowed to mix and match your own lab based learning/techniques into the overall security equations, there is a lot more you can do for the "hacker" factor.
For example, Juniper and others will usually give you an appliance. It is usually going to be a variant of Linux (embedded or otherwise) in the case of Juniper, expect a modified BSD. You WON'T be able to do much on the machine itself as it is going to be highly optimized by the vendor.
On a Suricata/Snort deployment, you're likely making a machine from scratch. This enables you to do whatever you want to do on that same box. One of the things I did when I was securing and deploying Asterisk PBXs was, using expect, shell, perl and others to do all sorts of cool things. Things I could never do on say Cisco Call Manager, Avaya, etc.
So what I would do would be strip down OSSIM (now Alienvault) using OSSEC, p0f and other tools, I would have it do some nifty automation. For example, on the PBXs I would make triggers to be detected by Snort. If a trigger occurred, I could then (on the same system) run any application I had including the ones I would make on my own. This allowed me to do some really cool things for the hacker factor. Because in this environment (VoIP) there really isn't any kind of Toll/VoIP based IDS/IPS, I made my own (VTIPS http://www.infiltrated.net/asterisk-ips.html
So don't get me wrong, I love open source based tools, they have their place however, it all boils down to the environment you're in, your management, etc.