Just about anything these days can be sold as an "appliance." The point, from a marketing perspective, is to promote the fact that the system is easy to use and requires little intervention from the operator. Just like your toaster, you just push down the lever and it works.
I like the appliance model but offer one caveat. If your appliance is really just a Linux box in a fancy case, you haven't solved your system management problem; you've just hidden it under the covers.
Say, for example, you use an appliance firewall that runs on Linux. When the latest Linux security vulnerability is released, will your appliance vendor fix it for you in a timely fashion? Make sure that it will. A large number of appliance products run on general-purpose OSs, even Windows! When you are evaluating an appliance product, find out what is running "under the covers." Then ask your vendor how it deals with security issues in the underlying OS. Appliance products can be real timesavers in systems management, just make sure your expectations are clear.
Some appliances use custom OSs and hardware and can better claim to be an appliance in function (though this doesn't eliminate the security issues because the custom OS can still have problems). These devices have no configurable OS running underneath them. The only user interface is the application configuration. Some devices commonly sold as appliances include the following:
One way to find out what a system is running underneath is to watch for a major vulnerability in a common application and then look at the list of vendors affected by it. For example, the Apache web server had a vulnerability described by the Computer Emergency Response Team (CERT): http://www.cert.org/advisories/CA-2002-17.html. In looking through the list of affected vendors, you can see several you wouldn't expect to be running the Apache server. This isn't a bad thing. In fact, I would prefer vendors to use a publicly available and code-reviewed web server rather than build their own. Just be aware that appliances still need fixes, and when you are running an appliance, it might not always be easy to determine if you are affected.
Part I. Network Security Foundations
Network Security Axioms
Security Policy and Operations Life Cycle
Secure Networking Threats
Network Security Technologies
Part II. Designing Secure Networks
General Design Considerations
Network Security Platform Options and Best Deployment Practices
Common Application Design Considerations
Identity Design Considerations
IPsec VPN Design Considerations
Supporting-Technology Design Considerations
Designing Your Security System
Part III. Secure Network Designs
Edge Security Design
Campus Security Design
Teleworker Security Design
Part IV. Network Management, Case Studies, and Conclusions
Secure Network Management and Network Security Management
Appendix A. Glossary of Terms
Appendix B. Answers to Applied Knowledge Questions
Appendix C. Sample Security Policies
INFOSEC Acceptable Use Policy
Guidelines on Antivirus Process