People do not want to maintain that stuff. Your comparative advantage as a startup is not running your own firewall.

Nb: I am employed by a Barracuda competitor, but would probably still advise against trying to run things on your own.

Which is where leveraging Open Source comes into play. We have ROMs for home networking gear, we have bootable distros for security purposes, we have open source builds for Android. No reason similar projects couldn't be aimed at enterprise type kit. You'd still require hardware manufacturers, though open standards and whitebox builds might come into being. And there'd be distro wars, but very likely 2-3 lead contenders that would be the default safe choice.

You have to maintain a crappy closed firewall just as much as you have to maintain an open source one. In fact, installing, configuring and maintaining an openbsd firewall is much easier and less involved than any of the commercial firewalls I've had the misfortune of using.