I have no experience with the Zyxel, the comments about quirky interface might put me off if I was trying to recommend it to someone else to configure. It also seems to be an older model.
The sonicwall would probably be my first choice out of the above list, the older Cisco would very likely require decent network config expertise, has no wireless, and wouldn’t be as up to date as the others.
In your case a security gateway would be the best option. Make sure it does have deep packet. Some you have to update the firmware to get that.
It would go between your gateway and your router. Also recommend using your own wireless access point that is on the user side of the security gateway and connected to the router. If you decide to go that way, when setting things up use MAC authentication and specifically allow only the devices you want on the network. Requiring MAC authentication does a good job of shutting down those with in range of your wireless. Be sure to disable the WiFi in the modem when using your own AP.
The gateway modems that are being used by some of the internet providers are easily breached and would negate all benefits of beefing up hardware.
As I mentioned I use SonicWall devices and subscribe to their subscription service. You get quite a lot, including deep stateful packet inspection and security updates. And the machines are very reliable. I like that they are relatively user friendly unlike some of the other good firewalls (I’m talking Cisco, specifically). The one thing I’m not thrilled with is that you must use their VPN client soft client for remote network access from a notebook, instead of the built-in VPN client from Microsoft.
If it matters they were recently purchased by Dell and managed by Dell Enterprise Security team (if I understand correctly), which is comforting. And the one time that I needed technical support it was relatively painless. I also know at least one Fortune 500 hundred company with government contracts that uses SonicWall.
Another low-cost brand that I have heard good things about is Unifi/Ubiquity, but I don’t have the need or time to take a good look. I’m not claiming that this is a hardened enterprise class product but IMHO SonicWall is good enough for my protection.
Of course you still need to use soft OS based firewalls, and practice good user security no matter what you use to protect your network. I have personal knowledge of a hardened enterprise network getting taken offline in a ransomware attack when the CEO plugged in a USB device to his desktop.