For an ISP provided router you should probably work on the premise it is not secure enough to be useful. It is adequate for people who have no security concerns to get them on the internet.
Regarding even half decent routers (in their day in my case) there are limits on what the low cost hardware can do.
Example - I recently retired an Asus RT-N66U (I never used the wifi) which was running Advanced Tomato as there had not been any updates since 2017.
This router could apparently route upto 900mbit/s.
I swapped this for an appliance type device, an APU2 running OPNSense which has much better hardware and this again is capable of gbit routing but only as long as you are not doing any of the more useful security measures such as IDS or DPI in which case you'll be lucky to get 300mbit
I would look to at least segregate wifi from everything else and only allow what is necessary. This is a pain though which is why most people do not entertain it.
Long story short, decent security requires fairly beefy hardware so if your router is really low energy then assume it offers basic security only.
@OP - Have you looked at OpenCore? You may be able to get a bit more life out of your MacPro
I'm running Big Sur 11.2.3 on an HP 800 G2 mini with 100% compatiblity e.g. iServices, no issues with updates, Apple Watch unlock, handoff, Airdrop etc.
I'm also just waiting on a Mac Mini update but I might cave and get the standard M1 if I see one for the right price.
OPNSense on APU2 + Wireguard
PiHole + unbound
Edited by smouty (Wed 21-Apr-21 14:35:49)