Let’s start with some basic rules here. Whatever you buy needs to be 2.5Gb LAN & WAN, we are still at the point where a lot of consumer class products market 2.5Gb and it’s only WAN, OK that means you can get the full profile spread over a number of devices (wired+wifi), but it’s not true full speed.
Buying a single box solution or a un-upgradable mini PC is arguably a poor choice. If you want to upgrade, it’s all or nothing and that’s more expensive than it needs to be.
Cheap, flexible and easily upgradable? That looks like a cheap desktop SFF, my old 6th gen idles at 14w (slightly more than most SoC based stuff) with no tweaks running a dual port i225, that would be 10w (about where SoC based routers sit) if it was 8th gen. Cost is likey £50-100 all in plus Wi-Fi. If/when you get a 5Gb or above class product, a new NIC is inexpensive and 5 mins to swap out. You could go disposable again and get a Topton or similar mini PC with a bunch of 2.5Gb NIC’s, but no upgrade path and more cost/limited BIOS updates/support.
That leaves the consumer SoC options, and you need at least one multigig LAN & WAN. Flint2 from GL.inet which can either run the vanilla OWRT build, or the new custom GL.inet firmware fork, or some ASUS routers (AX6000 iirc) - I can’t stress how horrible that suggestion is - or some of the TP Link range, but as
@Rainmaker found out the hard way, the lower end SMB stuff spec has caveats and although they claim to support PPPoE and a /29 on WAN, they can’t do both together.
I could write a wall of text on the UDMP and SE, but let’s keep it simple, reasonable router/firewall that includes NVR option that depending on your needs leads you to buy some very average cameras compared to ColorVu/TiOC stuff that does full colour in pitch black near enough, but the flaming money pit of Unifi is real. £470 for an SE, a minimum of £95 for a U6+ (that's a pair of Deco x20’s near enough) and you still need to deal with the interconnect from that onboard switch’s limited uplink or break out from SFP+ to copper (£40ish for a Chinese no name mixed media switch). Also, while it can Nat at near 10Gb, IDS/IPS is limited to 3.5Gb/s and good luck getting multi IP WAN working till later on, but apparently it’s coming after *years* of being asked for/ignored. New Unifi routing options are also seemingly coming soon.
So what would I suggest and recommend? The cheapest option is to just use gigabit class products, they’re cheap and well proven at this point and you can get a lot for not a lot. A Flint2 is still pretty new, it’s hard to comment on the new firmware as it’s literally brand new and in beta, but OWRT is solid. Failing that the mini PC route is just short sighted with little significant up-side, it’ll save you a few watts, and over a few years that used to add up, but energy prices are going down generally. A cheap ex corp. desktop is cheap up front and cheap to run, easy to expand and OPNSense/OpenWRT/Untangle/Sophos XG are all decent options depending on your usage case, OWRT + AGH is probably a nice option for most. Unifi works, but you’ll be nearby £600 in new for a single AP and an SE and XGPON is 10Gb for a reason and CF will enable 5/10Gb sooner rather than later.
Personally, based on what little you have said, it would either be Flint2 or a cheap ex. Corp. PC and an i225-2T rev. C or i226 depending on where you want to go OS wise (i226 support is still not a given, but you can use Proxmox to virtualise and solve that) unless you want to burn money or have a specific need that doesn’t fit. What do I have? Usually a ex. Corp. desktop and a bunch of Deco’s, running Untangle/OPN/OWRT depending on what I am doing, but right now a UDMP-SE and U6 Pro with a bunch of Deco’s.
thank you!!