I have a managed network with 40 users, 4 managed switches, Vlans, double wan, several access points. A Proliant HPE server is providing network services and even exposing a couple of websites to the open internet behind a revers proxy (Nginx). All clients-pc on the network are running on Linux or Mac. I have a static public IP. All together I would say a small business size network.
I do not have a firewall installed and I wonder if I need one. To date I got away implementing security on each of the VM exposed to internet locking down SSH (public keys and no passwords), some rule on UFW. I do not have high internal threads. So far, I have survived the wild internet.
I am not keen to install a firewall which would take away my router functions because I am used to it and because it offers nice tools to manage the network over the clouds (similar to Ubiquiti). I am considering installing a firewall between the router and the first switches in transparent mode as to avoid affecting the network management tools available on the router (Ruijie EG105G-V2).
My question is: Do I really need a firewall, and would it give me any benefit if installed in transparent mode between the router and the switch leaving the DHCP/Vlans and port forwarding management to the router? Finally, which Firewall?
I know there may be much more information needed to give me a direction, however your comments will be appreciated.