Poof! I've been summoned! Software firewalls are not absolutely necessary if you're sitting behing the harware firewall of a router, either wireless or wired. However, a software firewall gives you a degree of control that I find useful.
Windows Firewall, which is a part of Windows 10 is a 1-way firewall system. That means that it filters incoming connections to your computer. If you have not authorized, or that connection is not automatically authorized by Windows, the connection is not allowed.
A one-way firewall should be all you need unless you are a very juicy corporate target or someone would be willing to put a lot of effort forth to get into your goodies. Unfortunately, even randomly, those persistent people rarely become a big problem. I've never had such a problem.
But what if you are a bit paranoid? What if, in spite of your firewall, bad stuff gets on your computer? It can happen, because the greatest hazard to your computer is you, installing malware, and no firewall can keep you from doing that unless it just pulls the plug and your computer becomes a very bad and expensive boat anchor.
A two-way firewall filters outgoing connections too. Initially, when your programs try to make an outgoing connection a dialog box pops up and says "Bub, you really want this connection to happen?" and you say "Yes, and remember that please." And that program is authorized to send info over the Internet.
This means that if you do install a piece of malware on your system and it tries to send its information home, your two-way firewall will pop up that dialog box to alert you. You will have to authorize the connection. At the very least, that tells you that somebody's calling home. Most of the tme that's legitimate and you'll authorize the connection.
What if it is a process you don't recognize. You have a name to do a Google search with to see it you need to worry about it and its connection is interrupted until you do.
But is that valid protection? Maybe. If it's an internal Windows 10 process chances are the name will be reported honestly and if it's telemetry you can tell the firewall "No way Jose and remember that." But real malware outside Microsoft (the new king of malware) often masquerades under the name of an inoccuous process. "Do you want TimeUpdater.exe to access the Internet?" Yeah, that's legitimate. But in this case it's malware stealing the name of a normally legitimate process. See what I'm getting at? Two-way firewalls are useful but not infallable because a fallable human is running the show.
The best alternative for Microsoft snooping is
Spybot Anti-Beacon. This is a free program, updated regularly, whose sole task is to keep Microsoft malware from calling home. You have infinite control with tons of options. It's a very good program and I use it even for Windows 7.
Personally right now I'm running Windows Firewall on my one remaining Windows machine and haven't had a problem. I am also behind a hardware firewall.
I was just given one of those HP all-on-one computers with a 21" touch screen. First thing I did was dump Windows 10 off the machine and install Ubuntu 16.10. Yikes! Linux is better with a touch screen than Windows 10! It's really pretty phenominal, especially when you consider that Linux is perfectly happy WITHOUT a touch screen too. Unlike Microsoft's practice it isn't necessary to toss out the baby with the bathwater.