Software firewall is fine for a single machine - plus the hardware firewall you were quoted would restrict your throughput to only 10Mbps - which is not a lot and would be maxed out with 4-5 concurrent users
In a typical web app scenario 10 Mbit is far more than sufficient to handle hundreds or thousands of active users. Only if you're serving up large static files (or similar) would 10 Mbit become a bottleneck, and even in that case with throttling you could give ~25 concurrent users sufficient speed to stream a video, etc.