Just a word of advice when you are looking for a different firewall. Not all firewalls seem to behave the same with regard to VPNs. We have a big problem getting a SonicWall and a PIX to setup a tunnel. If we cannot make this work one of us probably has to buy new hardware just to keep this project going. So check compatibility issues, especially with VPNs!
Netscreen has been solid as a rock for me. Easily managed as well as affordable.
Not sure about all the software firewalls - but hardware firewalls are stateful packet inspectors.
Many of the new attacks go right through them.
P.S. We threw our WatchGuard out!
For the money, there is nothing in my opinion that can compete with the Fortinet Fortigate line. $1000 or so gets you a hardware firewall with redundant WAN links, IDS, and realtime antivirus at your network's gateway. This company boasts that because they push updates to their devices 24/7, their customers around the globe were patched for the blaster worm within 3 hours of it being recognized. Anyway, I've used the Fortigate 60 for more than one client and have had no issues/problems.