A hardware firewall is good, but its only part of a good security set up. You also need a software firewall to monitor your outbound traffic. Hardware firewalls and software firewalls do 2 different things, although they do overlap some. You really need both if you want to run windows.
Labmouse: I have a SPI firewall in my router, so it's not necesarily just in the high end equipment (I have a Linksys WRT54GS).
Also I disagree that ZA is crap. It's not perfect but its fine for most people who dont wanna take the time to properly configure a firewall "by hand" but just want it to protect them. It works, and works easily for most "average" users. also the price is right (for the free version)
So to the OP: yes hardware firewalls are very good, I strongly suggest having one and taking the time to learn how to configure it. and yes, you also need a software firewall. There are lots out there, some free, some not. Zone Alarm, Kerio, Nortons, and several others. Some are free, others cost $$. The only firewall I have personal experience with that I would recomend you NOT use is Black Ice. Otherwise just pick one and learn how to use it.
oh, and I also agree with Digitalpunk, you should never trust your security measures. Also excersise a healthy dose of scepticism when online, and when in doubt dont click on it. a careless user can easily defeat the best security measures.