I would highly recommend getting router hardware, like the RouterBoard RB333, and running "RouterOS" by Mikrotik.
Mikrotik
Then on top of this I would recommend running NTOP, which is an open source traffic monitor and packet/protocol inspector.
WISP providers (wireless ISPs) use this kind of hardware and software. The combination leads to a very secure, flexible, setup and lets you probe deeply into what is happening on your network. With so many devices connected, it will be eye-opening to see who they are talking to outside of your network. Getting it up and running is not for the faint of heart, but it's worth it. I've tried small business units like the sonicwall and Dlink DFL series, and while plenty powerful as firewalls, you really don't know if you are secure unless you can see what is going on.
About 3 years ago, a ring of hackers in Austin broke into my wireless home network (I was only using 128bit WEP at the time), hacked my router to send all traffic through another gateway, and installed a keylogger virus on all my machines. They then hacked into my bank account and started sending money out in addition to making market-trades for fun. No damage in the end, but the experience has instilled in me a core network security paranoia. They were not caught until a year later when they ran from the police after my neighbor (paranoid after my story) reported a suspicious Austin Utilities truck sitting on the main thoroughfare (interior lit up with the light from a laptop screen) at night.
For switches, the small gigabit units can run kind of hot under load. If you plan to put them in a can, make sure there is ventilation. Two linksys 8-port unmanaged units I had died after a couple months. I'm using 8-port dlink units now, they seem to be bullet proof. Make sure you get switches that support jumbo packets (faster file transfers if your NIC cards support it).
Edit: Picture of the Router Picture (black box top left)
Mikrotik
Then on top of this I would recommend running NTOP, which is an open source traffic monitor and packet/protocol inspector.
WISP providers (wireless ISPs) use this kind of hardware and software. The combination leads to a very secure, flexible, setup and lets you probe deeply into what is happening on your network. With so many devices connected, it will be eye-opening to see who they are talking to outside of your network. Getting it up and running is not for the faint of heart, but it's worth it. I've tried small business units like the sonicwall and Dlink DFL series, and while plenty powerful as firewalls, you really don't know if you are secure unless you can see what is going on.
About 3 years ago, a ring of hackers in Austin broke into my wireless home network (I was only using 128bit WEP at the time), hacked my router to send all traffic through another gateway, and installed a keylogger virus on all my machines. They then hacked into my bank account and started sending money out in addition to making market-trades for fun. No damage in the end, but the experience has instilled in me a core network security paranoia. They were not caught until a year later when they ran from the police after my neighbor (paranoid after my story) reported a suspicious Austin Utilities truck sitting on the main thoroughfare (interior lit up with the light from a laptop screen) at night.
For switches, the small gigabit units can run kind of hot under load. If you plan to put them in a can, make sure there is ventilation. Two linksys 8-port unmanaged units I had died after a couple months. I'm using 8-port dlink units now, they seem to be bullet proof. Make sure you get switches that support jumbo packets (faster file transfers if your NIC cards support it).
Edit: Picture of the Router Picture (black box top left)
