You should be ok, provided that the firewall 'on board' is properly configured, using ipfw, or pf or ipfilter. Of course, adding a firewall in front of it will always (well not allways, but mostly) give you a bit more security.
Also consider using /etc/hosts.allow for daemons such as sshd for added security. And keep all the software up to date (watch portaudit output and follow security announcements of freebsd FreeBSD).