Disclaimer: this post is full of sadness, and contains a very subjective opinion
The router is a crucial part of your infrastructure. And there are two things wrong with modern routers. First routers are rarely getting security updates because manufacturers are busier with releasing new products than supporting old ones. So if you have an older router you are at risk of becoming of part of a botnet or your data stolen. Or in other cases, manufacturers themselves can sell your data for their benefit. And I'm speaking about trusted brands, not even about shady ones.
The obvious solution would be installing some open source firmware. The most known ones are Tomato, DD-WRT, and OpenWrt.
But actually state of these firmwares are very sad.
- Tomato - was most user friendly and polished firmware. But as official website says is more than 3yrs from latest release. So, sadly no latest security updates here. It has fork called FreshTomato which is supported by a single developer, mostly focused on devices he owns. So not much hope here.
- OpenWrt fells modern, and have active development. To use it you need to be an expert in networking and OpenWrt itself. Most basic actions, like setting up guest networks require multiple complex steps, and I was able to achieve this only after multiple attempts. Some, like allowing admin access over LAN are unknown. I had strange problems with devices randomly disconnecting from networks, which took a lot of time to research to find that the default ipv6 configuration was wrong. After some minor configuration changes, (like assigning DHCP) my configuration become invalid and the router bricked. Maybe that's me being stupid, but supporting OpenWrt is very demanding and time-consuming.
- dd-wrt is kind of fine, supports a lot of devices, and has security updates. Even setting Guest network was simplistic, although official guide on this topic did not work in my case. But the user interface is really dated and lacks the convenience of OpenWrt. Like you need to copy-paste a lot of stuff manually and full page refresh may make stuff confusing. But in my personal opinion, it is the best we got.
Another sad thing is that all modern routers best by price/performance have newer chipsets, for which OpenWrt/dd-wrt will just not happen: TP-Link Archer AX50, D-Link DIR-X1860, Asus RT-AC66U... If you search advice on OpenWrt forums on Reddit about "best device for OpenWrt in 2021", you eiher get recommendations for 300$+ devices (400$+ because of component shortage), or some outdated routers released in 2016.
I'm not blaming any developers of these products. They are spending a lot of their time and efforts by providing the firmware for free. The work they doing is great. I'm just sad that we can't get decent routers from both open and closed source worlds.