Nanahachi:
I am going to make the assumption that the $2500 USD you are saving toward the purchase of a proper source component is not going to be divested into purchasing a true NAT + SPI dedicated internet security appliance. Go to
http://www.cdw.com and click on the networking tab and do a search for the words "internet security appliance." THAT, my friend, is a true firewall system in every sense of the word; it far exceeds NAT + SPI firewall systems to give you the absolute highest level of LAN and WAN security. However, it costs thousands of dollars.
Go to
http://www.arstechnica.com and
http://www.tomshardware.com for both white / black papers on setting up a proper networking / wireless networking security along with reviews on different integrated routers/switches/ethernet hubs. The biggest question you have to ask yourself is whether you want wireless 802.XX (AKA Wi-Fi) support or not. If you do, then the other big question you have to ask yourself is whether you want to wait for the newer 802.XX standards to be ratified and brought to the marketplace or if you want to buy the 802.11A/B/G standard immediately. If I were you, then I would not buy a Wi-Fi router/switch/ethernet hub until two things occur: 1. Microsoft releases their much anticipated Service Pack 2 update, 2. the next generation of the 802.XX standard becomes ratified and brought to the marketplace because the increases in wireless security encryption systems / algorithms will be much more resilient against attacks and the speed thoroughputs will be much higher with a larger area of coverage as well.
Otherwise, I would highly recommend you think about building a traditional LAN using Category 5e cables (AKA RJ45 connections) by purchasing an inexpensive wired router/ethernet switch/hub. I recommend you stay away from D-Link because as you will read in the ArsTechnica website, their Wi-Fi enabled 802.11G+ (108MB/S model) has a "backdoor" channel that allows anyone surfing the Internet to gain full access to your D-Link Wi-Fi router and into your local area network system! So, I would recommend you go with an inexpensive Linksys router. You will need to consider the total number of physical connections depending on the number of computers and how you wish to establish physical connections of each computer to the Linksys router/switch/ethernet hub.
If all of this does not make any sense to you, then PM me and I will help.
PS: you need a robust set of security software to provide an additional layer of privacy and security in conjunction with whichever router/ethernet hub/switch you choose. I recommend you pick software packages that are not all of the rage on the PC World or PC Magazine websites because those specific software programs are 1. major advertising contributors to the coiffers of both computer trade periodicals, 2. get attacked by hackers and crackers due to their popularity.
Here is what I use:
Antivirus: AVG Free version 6.x
Firewall: KERIO Personal Firewall 4
Encryption: PGP Personal 8.3 (RSA 4096bit key)
Web browser: Mozilla FireFox 0.9
E-Mail: Mozilla ThunderBird with S/MIME, GnuPG, and PGP (RSA 4096bit key)
Anti-Spyware: Spybot Search & Destroy 1.3
Utility: VCOM SystemSuite Version 5.x
Backup: Dantz Retrospect Professional 6.5
Linksys firewall: WPA Pre-Shared Key encryption system using the AES algorithm (changed once per week) & change my SSID once per week as well
Here are the rules that I adhere to:
Change my computer passwords at least once per week
Change my bank check card once per quarter
Change my router user id and password and SSID once per week
Change my PGP passphrase once per week with a built in expiration period of 1 week
Update all of my security software twice per week if available
Check, maintain, secure, and backup my computer at least once per week
Update my Linksys firmware immediately
Anti-Virus scan every 24 hours
Anti-Spyware scan every 24 hours
Change my PayPal password once per week with a set maximum spending ceiling
Store my critical data (bookmarks, documents, financial information) on a separate physical disk apart from my HDD and within a PGP RSA 4096bit disk volume
Store my critical applications and patches on my HDD within a PGP RSA 4096bit disk volume
No file sharing enabled
Configure my KERIO Personal Firewall for zero network shared access, no advertisements, and blocking of key privacy information (banking information, passwords, PINs, user ids)
Backup my computer onto DVD+RW 4.3GB disks once per week using Dantz Retrospect Professional 6.5 (encrypted backups)
NEVER, EVER, EVER: Store your Bank Routing #s, Credit Card #s, Check Card #s within the Amazon, eBay, Half, etc. systems! (if you want to buy something, then type in your financial information each time you make a purchase; convenience can be costly).
Linksys router: USE MAC FILTER & MAC WIRELESS FILTER
Pray to God that nobody wants to steal my information or worse, that I destroy it accidentally by typing in format c: /s
