one of the computers is a temporary web server. I had to put it outside of the firewall (DMZ) to make everything work because somehow the uverse router blocks everything even if I open all the ports.
Since it is now in the DMZ, I want to add some layer of hardware firewall in front of the server. I am only allowed 1 IP address in the DMZ, its the same as my external address. So the firewall, router, or whatever I use could not be on the same network as the computer in the DMZ. It would have to scan packets at the port level regardless of what network it's on.
I already have the windows 10 firewall on of course. I guess if I can't make the hardware firewall idea work I would like to add extra security against DoS and other threats on the makeshift server.