They can be just as good. There are two reasons hosts will opt for a netscreen/PIX/checkpoint firewall over an ipchains/tables-based firewall:
1. Better configuration and monitoring tools. By better, I mean GUI, so it is easier for the employees to monitor what is happening with the firewalls, and make rule set changes.
2. These are dedicated, single purpose boxes so they should, in theory, be more secure. A person running ipchains/tables on a Linux, or *BSD box is running it on top of another operating system, so the firewall is subject to any exploits the OS is.