My professional work has exposed me to a very wide variety of firewalls, both hardware and software firewalls. Here are some of my thoughts on various firewalls.
Hardware Firewalls
Cisco ASA -- When used for packet filtering and VPN, its a solid investment. You get outside of the packet filtering and VPN services, and it gets pretty dodgy FAST. Also, its /strictly/ L3-L4 filtering, with VERY few L7-type capabilities without an add-on card -- the L7 "anti-x" card is horrifying.
Fortigate -- its interface is remarkably similar to the
SonicWall, and feature-wise its very comparable. The thing that
distinguishes the Fortigate is that there are some technologies (e.g.
web-application firewalling) that aren't available in other lower cost enterprise gear. Fortinet also has a whole ecosystem of product offerings that make it a compelling choice.
Palo Alto Networks -- This is the first, true, next-gen firewall. Its "single-pass" architecture is truly ground breaking, and the rock-solid stability of APP-ID, USER-ID and CONTENT-ID is just crazy.
Free Software Firewalls (Appliance-mode)
pfSense - this is the defacto open-source firewall solution out there. There are also commercial subscriptions available for pfSense, and frankly if you need a SOHO solution, this is where I'd start.
Software Firewalls (Host-mode)
Zone Alarm - Realistically, quite capable, but you've gotta pay to play if you want the more advanced features, and those don't stack-up, dollar-for-dollar with the McAfee product.
McAfee Host Intrusion Prevention for Desktop - Impressive. It actually works, too. This thing does HIPS, zero-day heuristic detection, and a slug of other things that make it the horse I'd ride if I have to have a Windows box.
Windows Vista/7 Firewall - Actually, it doesn't suck HALF as much as I thought it probably would. For most purposes, it is in fact, quite suitable. Not so great if you need to manage it granularly on a large-scale deployment, but even that can be done (and about twice as reliably as on other (*cough*symantec*cough*) enterprise solutions.
Ubuntu Firewall (ufw) - if you're running Ubuntu (or even straight Debian), this is a no-brainer. Turn it on, forget about it. If you *have* to do exceptions, it has three convenient ways to do them, and checkboxes to enable more "advanced" features. I love it.