Nice can of worms to open 😉
I will put on my flameproof underwear, and have a go at answering this one.
Everyone has their favorite, and essentially they all do the same job. Some are a bit easier to configure, some provide a bit better protection, some are less likely to be compromised, and some have better support and bug fixes.
For my money, I would go with the Cisco ASA 5505 with the unlimited licence (it comes in a 10, 50 and unlimited version). Then you have a very good firewall, it can also provide you with some VPN capability (SSL and IPSEC, and the 3DES/AES upgrade is free), so you can work from home and still access the company network, and Cisco are quick to get out fixes for most security vulnerabilites that may arise. It also has the possibility of hardware module in the future that will provide additional functionality. It is not the most straight forward to configure if you need to do anything fancy, but this forum can help you there, and there are loads of engineers you can hire for the day to configure whatever you need. For the basics, it virtually works straight out of the box.
The support on the Cisco website is second to none. I have worked with Juniper also, and while their boxes are good for the money, the support is not so good, and the website is near impossible to find anything.
Hey ! The bottom line is that you will get as many suggestions here as there are firewalls, and you just end up choosing one of them. What ever you choose, is probably better than not choosing any of them. Work out how much money you can afford, and spend it.
Good Luck !
I would recommend you look at the Netscreen firewalls which has all the same functionalities as Cisco and Checkpoint. Netscreen gives you the capabilities of the “VPN, SSL-VPN, IPS, Content Filtering”. All these features as becomes what’s known in the industry as UTM “United Threat Management”. Basically it’s alot of functions of multiple single-purpose appliances into a single “box”.