You have a router, it has a firewall, that is meant to be used to control access to the network, you don't have to assign rules to every device you can assign default interface rules that apply to any connection.
Just because you get a publically routable address doesn't mean the internet defines physics and hops over your router and firewall.
Also as an aside - perimeter security is a very outdated way of looking at security, yes the perimeter is still important but if it is your first and only line of defense you are gonna be in for a bad time, defense in depth as it is called where you look at your systems and networks as layers to an onion is the more modern standard and NAT as a security mechanism has never been standard in either because it isn't.