You see, organizations abhorred the complexity that was implicit in proxy-based firewalls. A separate firewall for every application was untenable for most, so when Check Point came onto the scene with a combination of a simple-to-use GUI and its stateful packet inspection technology, it quickly became a market leader. Yes, it may not have offered the same level of protection against application layer threats available in proxy-based firewalls, but the technology's ease of use and broad applicability appealed to customers.
Proxy-based firewalls continued to have a positive effect on the market, though. They underscored the security limitations of stateful packet inspection and, I believe, pushed Check Point to address the solution with deep packet Inspection technology. Yet it was the ability to address the breadth of applications simply that was the admission card for firewalls to enter the mass market.
I think there's a similar battle going on right now in the WAN optimization space. For the longest time, the WAN optimization market has been led by Riverbed, which is focused on optimizing and improving the performance of TCP-based protocols with application layer optimizations--namely, Microsoft SharePoint, SAP, Lotus Notes, FTP and others.
Increasingly, Riverbed is being challenged by innovative up and comers, including Blue Coat, NetEx and Silver Peak. At the same time, the market is shifting. While at one time branch offices might have benefited from Riverbed's all-in-one solution for branch office connectivity, increasingly there's a compelling argument to be made for placing a virtual machine host in the branch as a platform for virtual appliances that would be needed by the branch--such as WAN optimization, firewalls and anti-virus. Riverbed has even moved in this direction to some extent.