2013 Gartner Magic Quadrant for Enterprise Network Firewalls give a view to current firewall markets:
Gartner states, “Advances in threats have driven mainstream firewall demand for next- generation firewall capabilities. Buyers should focus on the quality, not quantity, of the features and the R&D behind them. This market includes mature vendors and new entrants.” Palo Alto web page 2013 Gartner Magic Quadrant for Enterprise Network Firewalls allows you to view the Garner report when you give your contact information to them.
Virtual Firewalls or Physical? Wrong Question. article tells that people are people getting bogged down in rather meaningless arguments as to whether or not firewalls will be virtualized. They will (and, in fact, are). The bigger trend is the shift from proprietary hardware to software running on commodity hardware (in almost all cases, x86). That’s the big shift.
My comment is that the shift has been on this direction to use commodity x86 hardware has been going on for a long time. Many firewall products have been based long time on pretty normal PC hardware (for example several Nokia IPSO firewalls used x86 CPU) packaged in custom rack mount box.
Virtual Firewalls or Physical? Wrong Question. article says that whether or not a given security control is packaged as a virtual machine is a matter of requirements (and to some extent preference). Some information security people prefer to see a separate box because they like the sense of “strong” separation of duties. The mistake here is equating physical separation with logical separation of duties or an outdated belief that “infrastructure can’t protect infrastructure”.
Keep on mind that many Linux systems have pretty powerful firewall functionality built-in (netfilter/iptables) that can be used to firewall a Linux server without extra hardware or use it as an addition to extra hardware. And those same tools are used also in commercial firewall appliances that run on Linux (with or without manufacturer specific additions). So there are technologies where the firewall functionality is built into the Linux device infrastructure itself. Depending on case the user might rely on that only (for example in many embedded applications) or use it together with external firewall device (corporate server setups behind main firewall).
Modern Windows systems have also some built-in firewall functionality (and there are many third party software for this) to provide some security, but I would not feel safe to rely only on it on Internet connected servers.
When reading those predictions keep in mind that Gartner, which has a long track record of spectacularly wrong predictions (like 2012 Hype Cycle for Emerging Technologies, PC sales data) get every day more than its fair share of attention in IT industry (and even on this blog). Predicting future is hard, and keep in mind that while some predictions are right, very many predictions given even by big name sources go often wrong.
Pointers to more firewall information:
Comparison of firewalls
Choosing a next-generation firewall: Vendor comparison
Best Enterprise Firewall 2011
How-To: Build your own network firewall