C1841

Well that depends on what you mean.

You can do access-lists and with reflexive access lists you can arrange to allow "return" traffic back in to the router. There is also "TCP established".

You do not get any intrusion prevention, control of web surfing, e-mail protection, virus scanning redirection, point to point or remote access VPNs. There is no payload inspection of any kind.

Yes - ok. My main concern was was that there would be basic firewalling services(port blocking, services blocking)against hacking from outside traffic coming in. The router was purchased and emplaced in the network behind a cable modem. Just looking through sdm once(i normally work from command line). I noticed that it didn't render anything when the firewall tab was clicked. So i got concerned about that. I can't ping the router, or get to any services that the servers are running internally, from the outside, without allowing it in with a ip nat inside source static statment. So it seems that the router/firewall is protecting the internal network from hacking.

Good protection must have outbound filtering too with special accent on detection of tunneling trough protocols allowed outbound from your LAN. People often think that they are safe when they can't communicate with LAN from the outside world, but many common attacks are conducted by activating "something" on inside hosts that allows communication with my "attacker" computer on the Internet.