As we deploy dedicated hosting servers, we often run into the issue of whether our customers need or want a firewall. We do not recommend software based firewalls, but many of our customer will use their dedicated server as a firewall as well.
However, we also find that a large number of our customers make the assumption that our network has a “firewall” of some kind protecting everything. This is definitely not the case, and we feel it would be a disservice to our customers to implement such a system. We continue to try and help our customers see the benefit in using a dedicated firewall appliance (we exclusively use Cisco ASA 5500 firewalls in our deployments) in lieu of a software solution.
Firewalls help simplify the security elements in a given dedicated server deployment because all traffic can be controlled and restricted per server. This is of course no excuse to poorly maintain one’s server from a security perspective, as no firewall is 100%.
The final recommendation is simply this: if you have data that you do not want to be used by someone else, a firewall represents your first line of defense (but definitely not your last).