When a firewall works, few notice it or even remember that it is there. When someone fails to have an adequate firewall or does not have one at all, it gets a lot of attention, once the inevitable attacks occur. A firewall can save your home computer or your server from a myriad of network attacks, but it does have its limitations. The key is knowing when to rely on it and when to take other security measures.
Many attackers scan for vulnerabilities in servers and look for possible points of entry. Those entry points are usually unsecured network ports. The more ports you have open, the more exposed your server is to possible attacks. Good firewalls also include other network security features that can help against denial of service (DoS) attacks and other major threats.
Some server ports must stay open. Ports for services like a web server (port 80) and an SSH server (port 22) are usually open on most servers. In such a case, a firewall may do little to prevent an attacker from exploiting other weaknesses. Therefore, even if the server hosting your website has a firewall, that will not protect a site with a weak password, outdated web application, or poorly-written scripts.
A data center typically has firewalls enabled on its network routers, and those routers will protect the servers from common external attacks. Nevertheless, it is a good idea to also have a software firewall installed on the server itself. Even then, a good server administrator will install an application firewall to catch some attack methods that seek out server-side scripting vulnerabilities. And even with all of those precautions in place, you can still harden the security on each individual website to prevent even the most resourceful hacker from doing serious damage.
The proper way to view a firewall is like the first line of defense in a battle. You expect it to hold up against most attacks, but it is not enough to withstand every attack. For that, you need more defenses and the proper safety measures to ensure your data stays safe.