The router model that damiano suggested is not the best for the US market. It is a VDSL model, which is great, but not for Comcast or other cablemodems.
What you seek is a router that is not for residential use. These tend to focus on streaming and wi-fi, but do not have a firewall that is robust enough to accommodate rules that will selectively allow you to manage who can and cannot get thru.
I use primarly Draytek in the US as well as some Mikrotik, Ubiquiti and until recently, some limited GWN7000.
The Mikrotik is perhaps the most flexible device on the market and at very favorable price points. However, it can be a challenge to setup for many. It is not your traditional come in a box with a manual or CD with a pretty GUI that is natively intuitive to most. As stated, it can be manipulated in about known manner known to man, but getting the correct info from the WIKI and user forums can be an experience. If you like to tinker and feel comfortable in experimenting, then go for it.
The ASA you have picked out, may be a little pricey for a SOHO, but nothing wrong with it and as the saying goes…,.,nobody ever got fired for picking Cisco. It may require some type of subscription for the threat protection.
You will need to contact Comcast once the router is installed so that they can bridge the WAN. This effectively removes their firewall and allows yours to manage the Internet connection. You will also want them ti disable any ALG functions, especially SIP. Keep in mind that it is an unknown if the Comcast device is also providing Wi-Fi and if so, you will want to find a router than can do so as well.