I don’t think a single section would make much sense, since that would imply that you can freely choose between the two. (e.g. Choosing between cloud-based or self-hosted email, you don’t need both.) A con of a hardware firewall is that it will only protect you while on your home network (unless you VPN into your home network, if, but I think such a setup becomes too complicated, especially if you want to use a public VPN for your public internet traffic). On the other hand, hardware firewalls have clear benefits to software-based ones, like the obvious fact that Apple can’t choose to bypass your hardware firewall when it comes to their own apps.