Meh - all access points are pretty much crap when it comes to router/firewall functionality. Yeah, you can flash some of 'em with alternate firmware but it's still not ideal.
I've been running pfsense for years. It's an appliance install of BSD Unix with a nice web GUI. Fairly plug and play. Setting up firewall rules can be a bit hairy at first, but there are some good tutorials online. If your willing to tinker a little, you get a very fast and powerful system that can give you all kinds of extra functionality. I like the bandwidth tracking - and there are several add-on packages (one click install) that give you different ways to slice and dice your traffic.
I used to use an embedded fanless PC = a Cyrix x86 clone, but I noticed here after Comcast bumped our speed I wasn't seeing all of it. I snagged an HP Micrososerver from MacMall (!!) a couple months back, scored an Intel based two port SuperMicro PCI express server NIC for $40 off ebay and turned that into my pfSense firewall. Yup! My old box was the bottleneck - I've gotten sustained downloads of almost 80 mbps in the evening! I also really like having my router/firewall separate from my wifi. If I were really paranoid, I'd put the wifi on it's own port/subnet off the firewall and segment stuff out - but I'm not that paranoid
My Apple Airport Extreme is just in bridge mode - and as such it works fine. No DHCP, no firewall - nothing but passing packets from my wired network to the wifi. It also does a way better job at printer and hard drive sharing than any linksys or netgear routers I have used in the past - but not as big a deal now that I have my WHS.
If I were to get a new access point today, it would be a Ubiquity Unifi - the management software is sweet and the radios are top notch. And it's designed to be ceiling mounted which would work great in my living room - would look like a cool smoke detector. I might wait for the Unifi Pro to get 5Ghz back, but to be honest for what little I do with wifi, the 2.x Ghz bands are fine. Heck, the Unifi Mini is probably more than adequate for my needs and those are $60. Indeed, I think I just talked myself into it. I will wait for the Unifi Pro to ship - hopefully when it's released the other units will shift down a little in pricing - not that the current unifi units are expensive. And if you have a big house or property and need more than one access point to cover it, I can't recommend the Unifi units enough. The management app they come with is top notch - I installed a three pack at a non-profit I support and they are working fantastically. Yeah, they don't have the fancy near-celluar hand off of the Cisco/Ruckus/etc. systems, but then again a three pack of long range access points with the management software included was $360 compared to a minimum of $5K plus for the enterprise class systems.
Finally, if your on a Mac this is an awesome site survey tool - and it's free:
http://www.netspotapp.com/ Dunno if something similar exists for Windows - my Windows box is a desktop and my laptop is a Mac