Neither is better. First, what are your requirements. Second, what is your budget? To determine your requirements, you have to have a security plan. Blah, blah, blah. Even for a home network, you have to decide what you are trying to protect, and how much you want to spend.
Hardware firewalls have a performance advantage, but tend to be harder to upgrade when problems are found with the firewall. Software firewalls have a flexibility and cost advantage (for minimal requirements), but tend to ramp up in cost for higher performance.
Of course, there seems to be some confusion in this thread as to what a hardware or software firewall is, so I'll tell you what *I* think of when people use the terms. To me, a hardware firewall is a firewall built with specific performance, design, quality, etc. goals in mind. The firewall code can be hardwired, programmed into PROM, or loaded off a hard drive (in the case of a special purpose, black box system, which many also call a hardwire firewall). In other words, you buy a complete system or hardware and software, and to upgrade it, you typically replace it.
Software firewalls, on the other hand, are firewalls that can be run on general purpose computers. You buy whatever computer has sufficient processing power to handle the expected network load, and then pay some company tons of money for an install CD and license key for their software.
Strictly speaking, all firewalls are software firewalls, in my eyes. Just some run on specialized hardware, while others run on general purpose hardware.
The other class of firewalls I refer to are personal firewalls. They are software based, but are designed to only protect a single host. Ultimately, I believe you are actually asking if it is better to have a personal firewall or a dedicated firewall box (hardware or software). The thing is, most cable/dsl routers are not actually firewalls, but are just NAT (Network Address Translation) devices. This *CAN* provide some security, but don't assume you are secure just because you are behind a NAT box.
If you are indeed asking whether it is better to used a personal firewall or a NAT capable cable/dsl router, I'd say use both. In fact, I recommend ZoneAlarm (free or pro) plus Black Ice. ZoneAlarm is a host based personal firewall, so it can catch incoming attacks/probes. Black Ice is a host based intrusion detection system, so it can catch outgoing connections. Both together do a good job of protecting your system, although either can be a hassle at times (ZA for generating excessive logs, BI for prompting for outgoing traffic all the time).
If you really want to know if a special purpose computing environment based firewall (hardware) is better than a general purpose computing environment firewall (software), the answer is it depends. You have to know what you want to defend, how much time and money you are willing to put into defending it, and what capabilities you have to make sure your protection is working.
So, did that help?
RagManX