Hone network security review

I was testing my network, and I identified something that I don’t really like.

I need few VLANs, my current router doesn’t have that capability, so I need to buy a professional one, quite expensive…

Someone online told me that by default, the NAT is enabled, thanks to an old RFC…
Well, probably, on day it was working as expected, another day my AV has identified all the devices on the network, also on another subnet… So the expected auto-NAT failed twice, and probably it has always failed.

What is a router that doesn’t f…up with these things?
Plus, I need separate VLANs to be more secure and the devices should not communicate each other.