Firewall Configuration Audits
I'd recommend nipper for this. Runs on a wide range of devices, and is targeted at firewall audits, rather than configuration management.
In my experience it's very easy to get working. Generally, you give it a copy of the config and it runs :)
Solarwinds' Firewall Browser (formerly of Athena Security) is a free tool that does this kind of analysis.
You didn't mention Checkpoint, but the Checkpoint Users Group (CPUG) has discussions of such tools--many of which are not Checkpoint specific.