Small office (30 PCs) Network + WiFi hardware advice

Don't use wireless for any PCs IMO in an office setting. Every station should be wired. Get a 24 port (or 48 port) 100Mbit ethernet switch. Use wireless only for hand held devices. If you are going to allow personal devices, then you need a guest network for them. You HAVE to protect the business network.
30 PCs should have a windows domain associated with them IMO.
Don't use home quality devices -- like an Asus router. Get something from a business networking provider, engenius, ubiquiti, cisco. Assume you will need hardware VPN at some point in the near future. I would think you would want three networks on the back side of the router. Business wired, business wireless, guest.
Consider your REQUIREMENTS for record keeping, e-mail archiving, web filtering, etc. Do you need a heavy duty firewall or can a built-in firewall on the router handle it?
If you are budget limited, skip the wireless at first.

The main reason to buy something other than a consumer router to start is so you do not have to replace in 6 months when you find you have requirements.

I suspect your largest issue is you are think of this as just a bigger home network. You have much to learn. Hiding the business wifi is something only inexperienced people talk about. It provides no extra security other and can cause issues with connections.

Your problem is not just the hackers coming in from the outside it is also the misuse of the network by trusted employees. If for example some idiot employee decides to run illegal torrents from the office. Unlike a home user that does this and the only risk they have is having their internet shutdown a business stands a very good chance to get sued because things like the RIAA know that they have a better chance of getting money out of a business than a individual. Just think what happens when someone is posting child porn from the office network and you have no way to track who did it. Even simple tracking of what computer went to what web sites and telling the employees you are tracking them stops most of this.

The reason you buy quality equipment to start is so that as you learn the requirements it is just a matter of configuration and not complete replacement.

Life would be much simpler if you could trust people to not do bad things.

I don't have any experience with your ISP specific equipment, so I can't comment on it.

I will try to provide some lessons-learned from thirty years as a technical engineer in high performance computing environments...

Know YOUR limits. Admit when you are over-your-head and need assistance from more experienced engineers.

The network is only part of a commercial infrastructure. Don't work in a vacuum. With 30 workstations, you need some server infrastructure. Windows AD, shared storage, etc. That has to fit into the network also.

DON'T do 30 stations without a domain controller and group policies. Besides centralizing the administration of the desktops, it give a lot more control over the users.

Disaster recovery needs to be planned for. Backups. Offsite backups. What is the COST of an outage. These are topics that have to be discussed with management. They are writing the checks and need to know the risks and potential costs. Convincing them to put a little more capital up front to avoid problems later. This is where JUSTIFYING commercial grade hardware comes it. A core network switch with hot swap redundant power supplies costs more. A UPS costs extra. Both of these things contribute to uptime. You have to justify those costs to management. The justification is the cost of an outage.

Provide a plan to management. Itemized, with acquisition costs and schedule. Have alternatives in your back pocket. Don't go in with the low-ball solution. Provide the BEST technical solution (within reason). Make management make the decisions to cut cost. Have the lower cost option in mind but make sure you let them know the risks. "Yeah, we can run without the UPS, but this area has severe thunderstorms every spring and we can expect some power hits during work hours. That means the people will be idle while we bring the system back."

I said this in my first post, make sure you know what information has to be kept for legal or forensic reasons. This is a management question (again). Technical shouldn't have to guess. If (as @bill001g said) somebody does something that causes a legal issue for the company, what information needs to be available? Do you need network access accounting? Login accounting? As a side note, make sure you setup network time sync for all devices so that the logs are sync'ed.

Enterprise quality hardware -- has features that make integration into a system easier. For instance, SNMP support for network gear. RADIUS support for login admin. The use of NTP to sync logs. Remote logging -- The ability to use centralized syslog services to consolidate all the admin info in one place (so that it can be archived -- see disaster recover and forensics above).