The best and obvious place to start is a Next Generation Firewall – FortiGate. It is a sure value, as according to Gartner Fortinet is one of the leaders of the market: https://www.fortinet.com/solutions/gartner-network-firewalls.html#form
Fortigate can be an Appliance or a Virtual machine. There are different models that will fit seamlessly to your environment. It includes Unified Threat Management (UTM) and Secure SD-WAN capabilities, deep inspection of thousands applications, granular policy, protects against malware and uses FortiGuard Labs AI to prevent from known and unknown attacks, SSL VPN and much more. You can analyze Firewall logs in a separate system – FortiAnalyser appliance, Microsoft Azure Sentinel or use Forticloud to store your logs for free – up to 7 days or on a subscription basis up to a year.
Some Fortigate real live screen shots to give you an idea on how it looks like:
Intrusion prevention log:
Drill down dashboard:
Traditional FW rules policies: