Well first thing is that for something like this, you want to separate things and not use an all-in-one type device. You really want your own dedicated router/firewall, probably a real network switch (so you can supply network to all the drops in the home), and wireless access points to handle your wireless needs.
So lets talk router/firewall. In my eyes, there are really only a couple choices, pfSense or OPNsense. Personally I am using pfSense because I use the pfBlockerNG plugin which is probably the most powerful and useful firewall system you will find for protecting your home network, monitoring both incoming and outgoing data, and blocking based on industry standard blacklists (configurable by you). A lot of people know and are familiar with things like having your own DNS server like PiHole to stop ads and adware, think of pfBlockerNG as taking it to another level. Malware, spyware, and viruses/worms can get around PiHole by simply encoding the IP addresses into their code so that they do not need to do a DNS lookup (and get dropped by a pihole). That same method won't work on pfBlockerNG as not only is it dropping the DNS lookups like pihole, it also places firewall/routing rules in place to prevent the traffic from going in or out to the sites' IP addresses, blocking all methods of communication. Both of these can be run either on a ready made appliances from the main providers or they can be downloaded and run on your own hardware (as a virtual machine, or dedicated computer). I personally run on a Dell SFF 9020 which I picked up cheap used/off-lease and tossed in a small SSD and a compatible network card (in my case I used a Mellanox ConnectX-3 VPI dual port 40/56 gbps card that I connect to my switch at 40gbps and am using a router-on-a-stick design right now, but I could make it a normal router by connecting the other port, however the PCIe bus can not handle sending that much data to the card for both ports to be active at 40gbps, so it would limp to about 28gbps both ports used if I remember correctly). Total cost about $250 at the time if you don't mind buying used.
You sound like you really a hooked on the ubiquiti systems. I mean, they are a nice solid interface, but are really outclassed by other hardware at much cheaper prices (think of them as the Apple of network gear). But you can still go with them for their access points. You will probably need a minimum of 2 and probably closer to 4 or 5 if you want full coverage of everywhere in the house at the highest speed and your backyard (that might be difficult depending on the walls of your home and/or the ability to place an access point near a larger window facing your backyard). I personally have a smaller house, and am using just a single wifi router (a Netgear Nighthawk R9000) that I flashed with DD-WRT and put into access point mode. The reason I went for this is that it supports connecting at 10gbps with a SFP+ port and allows me to run multiple VAP (virtual access points, which is what the "guest network" is on your typical home router, this way I can separate the internet of things devices (like wifi controlled lights, my smart hub that connects to zigbee and zwave devices, etc) from my production network(s) and guest network(s) for added security and isolation).
For network switch, well, you are pretty much limited to gigabit with CAT5. Personally I like a fully managed L3 switch somewhere. To keep it cheap you can get a Brocade ICX6450, but they are true enterprise gear. While they have a web-interface, you really need to know the console for some things, especially initial setup. The console command line interface is running FastIron OS, which is 90-95% similar to CISCO IOS, so there are lots of help out there (youtube videos, etc), but you will need to do some work. For not wanting to do work, get a non-managed dumb switch, but you won't be able to setup and configure VLANs for networking segmentation or routing rules, access control rules, etc., for security...