You're not going out on a limb; you're absolutely right, and I've been
saying that for years. I'll quote myself:
Although firewalls are a useful part of a network security
program, they are not a panacea. When managed properly, they
are useful, but they will not do everything. If
firewalls are used improperly, the only thing they buy you
is a false sense of security.
Beyond that, different security policies have a much greater impact
than different brands or types of firewalls.
--Steve Bellovin, http://www.research.att.com/~smb