I would recommend two layers of security as well but with one crucial qualifier: one software firewall; one hardware.
The hardware firewall would be specialized equipment, maybe even just a Linksys or the type router. Use this firewall to block certain protocols or IP addresses (the lower levels of the OSI model -
http://en.wikipedia.org/wiki/OSI_model)
The software firewall, the built-in windows XP one or a third party like zone alarm, should be used for the higher levels of the OSI model, mainly layer 7: the application level. The software firewall would be most useful to keep rogue applications from hijacking your computer and spyware from communicating to its originator and the like. Basically, use the software firewall to manage which applications have access to the internet.