Comodo and most other software firewalls inspect the packets properly, hardware firewalls on the other hand can be an issue.
Router manufacturers like to say that their routers are firewalls. When buying a router, many manufacturers use SPI as a term. Now they never say how it is implemented so it is hard to compare the technologies (If someone knows, please tell us).
Basically the following is to what to look for when buying a router to support COMODO firewall (-: :
NAT: Network Address Translation, basically hides your IP from the internet and redirects packets. It is not reliable on its own because it does not check that the IP is the real originating IP.
SPI: This is critical to the proper functioning in my opinion, SPI means that your router can tell if a packet is spoofed, this is important to deter attacks that spoof the IP to pretend to come from within your network. Spoofing with SNMP can allow access to your routers settings and to allow people then to rewrite the settings on your router (This is still a problem with some because an updated firmware has not been released). It stops generic IP spoofing attacks.
IDS: This is a technology you will pay for in the price, basically it consists of signatures of known network worms and Trojans and scans traffic for them, this is most useful when it tells you of known worm traffic within your local network. (Is a nice feature to have, not really necessary for home computers. Its still cool though (:TNG))
Antivirus scanning: I think this technology is ineffective (Industrial/business implementations would most likely be stronger), but besides my bias, you will in most cases need to pay for yearly subscription updates to this service i reckon it is not worth it but who knows.
WPA(2) : this is what to look for in wireless connections, either WPA or WPA2 or anything with WPA in the name is good. Avoid WEP unless it is all your hardware supports. No matter what encryption look up compatibility problems with the proposed hardware to be added .
What ports, so if you need RJ45 ports then make sure that is the connection type. You may want a dial up port so make sure it has one for connection backup.
IE: I have a wireless modem and want to buy another wireless card, the wireless cards i have in the other computers are not available any more, so i have a wireless card that looks good. Make sure that wireless card supports the same encryption standards and that their are no known problems on the internet between your two pieces of hardware. (Buying from the same brand on wireless hardware is the safest assuming both support the encryption in use).
Check for known problems with the router and your ISP, call/email your ISP and ask what to look for when selecting a router to make sure it is compatible with your internet connection.
Make sure your Firmware in the router is up-to-date. IF you need to update it then make sure it is the firmware for your region/country.
When you have upgraded firmware, go through the steps that are in the installation guide. Some routers have quirks that need to be worked around.
DLINk are just wonderful (:TNG) with a bit of further research i found some hints with firmware upgrades in general (This is my first router):
Some brands don’t like you using the settings backup feature to backup setting on the original firmware and applying them to the new firmware after an upgrade (It makes sense, but in my case their were no significant changes between firmware versions that would require that…) This was something not pointed out in the documentation or the online page for this specific router…
Turn off your AV, Firewall, real time file scanners.
Return router to factory settings before and after upgrading the firmware (Just to make sure), keeping in mind that you can’t use the backed up settings after this!!!).
So the above rules applied to my router, and are a good idea for most routers i would imagine (Look up the manufacturer site for details).
Look DEEP in the manufacturers site…
Following the install instructions to the letter once you have upgraded your firmware!!
DO NOT conduct firmware upgrades over a wireless connection, this is a general rule that always will hold.
Remote Administration (Goes by other names too) - Basically allows other people on the internet with the admin account password for your router to logon and change settings. Having this disabled is desired as someone could brute force the password. If you have not passworded the user account then someone could logon and view your settings looking for misconfigurations.
EDIT: Remote Administration bit