I am trying to figure out how to set up a home network to optimize my security. I had an incident about 6 months back where it seemed like someone was connecting to my network and infected every computer and possibly our phones (I couldn't pin point anything for the phones but they all had issues for awhile). All the computers started running slow, registry errors caused two computers to fail to load the OS, tons of computer bugs, and various malwares/trojans/etc I had to remove pretty much daily. I replaced our linksys modem and router 4 times and now have a modem/router combo we are renting from Xfinity because I can swap it out whenever I want and that was getting expensive (I know they are terrible I just can't justify buying a new set up until I know I'm in the clear), I set up the new router with a unique SSID and password and blocked/disabled everything I can in the settings and set firewalls to maximum, replaced all the hard drives in the computers and new OS's (didn't reload any of the backups in case they had a virus or something in there), and changed all my account passwords and logins.
Now I am to the point that I want to lock down our network as securely as a residential home can be. I've thought about setting up a server and using that but idk the benefits or disadvantages of that, setting up a UniFi to segregate our connected devices, getting a VPN I just don't know which one to get, but idk what else I can do or should do. I would love to use the WPA3 that is coming out but it isn't released yet. I've run netstat commands in the command prompt and to me I see some fishy IP addresses. I've had GeekSquad out and they were useless and a private company an IT guy has and in his short 1 hr look he didn't find too much other than a fishy IP address he couldn't figure out.
What suggestions do you have for me to set up my network to make it as secure as I can? What is your set up? I am willing to spend whatever it takes to get this done because I am wasting too much money and time as it is. My network skills are just slightly above the average user but as soon as technical talk starts coming in I start to lose comprehension. Any advice would be appreciated, thanks!