Advice a good hardware firewall

I wouldn't bother with a black box solution. I'd go for an x86 cheap box with SmoothWall or IPCop, and three network cards to cover your incoming, outgoing and DMZ requirements.

This question still needs more details if you expect actual suggestions for specific solutions. But I think you should be able to answer this one on your own with some more research. Cisco, Juniper, FortiNet, SonicWall, etc will all have a solution that fit your needs. The speed and number of WAN links you're trying to protect is going to be the biggest factor in sizing the unit, aka what model you need. Beyond that it's going to boil down to price and features that you need for all your requirements.

I personally prefer FortiGate units from FortiNet over the Cisco ASA's but it's a personal preference. I've never used the Juniper solutions so I can't speak on those but I've heard good things about them.

This is a little OT, but don't get lazy on hardening the IIS server or application just b/c it's behind a firewall. Everyone loves to jump to the conclusion that the security check box is checked b/c they have a firewall but it just takes one misconfiguration to get past your security. Also IDS/IPS systems are not 100% affective and have to be configured properly for your environment or you'll get a lot of noise from them.