I'm a software developer and may want to host a small website on a virtual machine here on my local network. The website would offer remote desktop sessions to a handful of my clients; it would not intentionally have a public face. Since I can't expect these users to use a vpn I'm not sure it won't have a public face though. I am just not very literate with networks. Years ago I tried smoothwall for this purpose, and it was too complex for me. I bought a zyxel security appliance after that, and never even tried to set it up. Thus I've never hosted anything for my clients. But the topic has come up again. Two questions really - is this router, plus dd-wrt, a sufficient safeguard against getting my LAN hacked? And two, would configuring it be manageable for someone as weak in the knees with these topics as I am? My notion is that the 'site' would be a windows 7 vm running on windows server 2012 hyper-v. It would not need to be directly on the same LAN ip range, if that helps. The data on the 'site' needs to be secure, but it's not medical data or ssn or anything like that. I mostly need to be sure that someone couldn't have an easier time hacking my network from the vm that hosts the site.
Related - how is a 'security appliance' like the zywall I bought more secure than a router-firewall like the asus RT-N16 I have? This stuff is so hard to get a handle on for a non-expert like myself, and there seems to be far less info out there on the web about it compared to questions about OS features etc.