Bullshit. Just use a firewall the proper way and stop using crap.
If your machines are that vulnerable you are already screwed. Hiding behind NAT and thinking you are safe is a joke.
Wait, you think firewalls provide security?
Even if your network is one of the rare ones that doesn't just allow any internally initiated traffic out, you'll at least have ports open for web access, email, ftp, dns, etc. Guess where the vast majority of the attacks come from? Web, email, etc. The exact ports you already have open on your firewall.
Attackers aren't stupid. They go where the opportunities are.
Traditional firewalls (stateful, L3/L4) are mostly about access control. They don't protect your vulnerable machines other than reducing the ports they can be attacked on.