Wanted: Secure reliable router; how to be more secure?
1. I seek help finding a reasonably secure highly reliable wired+wireless router.
2. Desireable features:
A. Be able to configure to connect to either a wired Internet source, or a wireless one. Currently I use a bridge to connect to the shared home FIOS wireless router, but that adds an extra imperfectly reliable component.
B. Configuration should be locked down to one wired ethernet port - or maybe an RS-232 serial port.
C. It must have the type of access control which lets me limit access to specific devices that I choose.
D. It should be possible to assign each device a dedicated local IP address, specified by me - and to specify which wired port they are connected to. (Reason: when a PC goes into sleep or hibernate, my current router thinks the IP address is available, and sometimes assigns it to another device. When the PC wakes up, there is a conflict.)
E. For wireless devices, I still want to be able to assign each device a dedicated local IP Address.
F. It should be possible to specify which devices can connect to which other devices.
F. Current devices that sometimes require Internet access: PCs (Windows 7 & 10), Android tablets and Android phone, Magic Jack, Roku Express and Roku Ultra, Android TV, ZEO sleep monitor. GPS, TIVO, smart offbrand watch OS watch, bluetooth DVD with Internet access, automotive built in radio/phone access device. (Most of these aren't connected most of the time.) May add an an AVR and a smart TV. When possible I try to use wired Ethernet connections instead of WiFi, but some of these devices can't do that.
G. Rock solid reliability. I used an old DLink DIR 168 router for many years reliably. Had everything I needed. It burned out, possibly in a power glitch (despite a UPS), so I switched to a NetGear AC150 (it was on sale), which isn't as easy or even possible to configure to do the sorts of thing I want, and has been nothing but trouble. It keeps getting into a mode where it loses Internet connectivity (the Internet light goes orange, and I can't connect to it in any way), even if I have only a PC or streaming device connected. I can reset it by unplugging it for a few seconds, but the problem typically recurs within a few hours or less. (Why can't it reset itself when it gets into this mode? Oh well.)
H. Many wired ports. Preferably 6 or more, but at least 3.
3. My primary goal in using a dedicated router is security. I'm not sure what I need to do to be secure. Here is what I have done so far:
A. I changed the passwords and network name on the bridge and router, use passwords on all accounts on the PCs and Android devices, and do not use the same password on different websites. I turn off all Guest accounts on all machines that I can.
B. I tried to make the wireless network hidden, but some of the devices can't work with that.
C. I use WPA2 encryption on the wireless network.
D. I tell every device that can be so told that they are on a "public network", not a "home network".
E. I would like devices to be able to talk to each other - but to specify which devices can. E.g., I would like to be able to display my Android phone and tablet screens onto my TV, through my Roku Ultra. (My TV is not smart.) (Obviously, I would probably need to tell both devices they are on a home network for that to work.
F. What else can I do on my router to make it more secure?
G. Are there any inexpensive routers that are more reliable than my NetGear AC150?
4. Other basic security steps I have taken on Internet connected devices:
B. I turn off things on my PCs like remote access, and all HP bloatware (2 of the PCs are HPs). I use Windows Firewall and Defender. I occaisionally do virus scans, including Microsoft Defender boot time scans, but they never find anything. I've tried running McAfee antivirus software all the time, but it slows my PCs down too much. Also, it conflicts with Defender.
C. I use wired USB on my printer, and turn off wireless access to it.
D. I do frequent user PC file backups onto flash drives, and occaisional full image disk backups using Clonezilla, onto external hard disks. Before running Clonezilla, I run chkdsk/b on all partitions. The external disks are not left connected when not in use. Because external hard disks sometimes fail, I am considering switching to external SS hard drives, which a Best Buy geek squad member claimed to be more reliable than flash drives and external hard disks.
E. I usually lie to websites when they ask for private information. But I had an identity theft problem, and have been informed of data breaches several times affecting my private info. My social security # and email address are defnitely known to hackers - and, hackers keep setting up social media accounts with my email addresses. Sometimes I can't lie to some websites, such as government or financial institution websites.
F. I try to keep my most of my passwords on paper, not computer files, but PlayOn and FitzyTV have to know my streaming passwords, and some streaming devices do too. I mostly avoid services that can charge me for additional things.
G. When signing onto multiple services at once, I use multiple browsers, because browser windows seem to share passwords and account access with each othe. E.g., I once signed onto LinkedIn at the same time I was signed into webmail in a seperate private window. LinkedIn automatically sent invitations to connect with me through LinkedIn, to everyone on my email contact list.
H. I would appreciate any other security suggestions that wouldn't substantially slow down my devices.
Last edited by MRG1; 01-10-2020 at 12:14 PM.