> I think software firewalls are good because they provide a human element (you) to them.
the only reason in your case that hardware firewalls do not, is that you don't own or manage them yourself.
> A hardware firewall won't stop some program you download from connecting to the internet (unless said port is blocked)...
since port blocking and application layer filtering are a key component to both hardware and software firewalls I fail to see your point.
> I even use zone alarm at work where we have a cisco firewall... just to be safe.
So your real argument is that you don't trust the network you're on, in which case make the firewall as local as possible. Though this is not what JohnE seems to be asking for, since he is debating whether to purchase and manage his own firewall.
> I don't 100% trust hardware firewalls.
The only reason you don't trust hardware firewalls is that you aren't the one in control of the administration of it at your work. You are misplacing the trust you should have instead placed on those who you don't trust to configure your firewalls at work.
Not trusting hardware firewalls is such a ridiculous statement, as they are not unlike software firewalls. Hardware firewalls also run on their own software. To claim that you don't trust hardware is bordering on my level of paranoia because you might as well be paranoid about your own computer being untrusted, much less the activity on the network you use.