Security Levels of Routers

I found this from the domain unixgeeks.org

"From a security standpoint, the most secure firewall is a standard
proxying firewall, where all traffic is inspected on an application layer.
However, that isn't always the most practical solution. A strictly proxy
environment is slow and difficult to maintain. Proxies have to be written
for new applications as they come out. An adaptive proxy, using a
combination of proxying and packet filtering, is far more likely to be
encountered."

It spoke of "standard proxy" as the most secure and "adaptive proxy" as a reasonable tradeoff for speed.

Can I get either of these with common routers?

I noticed that there are huge differences in the price of routers. What would be the steps in the "security range" of routers that are commonly available?

And what step would you advise a person to reach for "very strong" security?

He's referring to actual intelligent routers like a Cisco or the other major brand of which I can't think of the name.

With a Cisco router you manually enter in your ranges of what you want, what you don't want, where to send what, etc. You hand pick what you want. It is tedious for the first setup, time consuming, and out of the knowledge level of most people. You generally need to explicit training to get Cisco equipment to work. Even using the GUI is not as good as command lines.

The other brand uses a GUI and seems to be fairly easy to configure and comes recommended. You're paying the price because you have a whole new system checking everything. Your standad NAT router will cost $50-$150.
Your intelligent true router will be in the high hundreds, most likely thousands.

Your Linksys Router with 4 port switch actually isn't even in a true router but that's the name used to reference it.

Of course the best firewalls would be one that is of handling all seven layers but you have to keep in mind the performance of any device that does deep inspection. A device has to work a lot harder if it has to look into layer 7 than a firewall that only needs to look at layer 4. All business class routers, e.g. Netscreen, Pix, checkpoint, etc are all capable of deep inspection, but when your firewalls pass traffic at 800000 packets/second, you don't want to look further than layer 4.

Interesting - i was always told that if you have a NAT enabled Router then you dont actually need a software firewall....

Am i wrong?

This device has basic firewall functions, like filtering based on IP address and perhaps ports and it claims to be a stateful packet inspection device, but that doesn't really mean much for these home devices.

As riser stated, NAT is not firewall. NAT is network address translations and it gives the capability of a router to translate or map private IP addresses to public IP addresses in a one-to-one nat or a port in the case of a NAT overload or PAT (port address translation).

It would be a very good idea to have a host based firewall as well because the host based firewall will also do application monitoring