Need to understand the nature of the applications you'll be supporting and the modules you might enable on a particular device. My personal experience pre-F5, we had common beefy hardware in DMZ for SSL offload and compression/caching facing the WAN, then inside the DMZ, we segmented applications by function to the business. We watched memory/cpu and ordered new hardware early enough to not exceed the functional requirements on a particular platform.
I think your task is noble, but in my humble opinion will only bring disappointment in that there just isn't a one size fits all approach to applications.
That said, if your organization has design standards for applications, and you can characterize those standards into a template, there might be hope. But if there are no standards and the developers just sling code over the wall and hope it works, it will be difficult.