Hi,
Firewall
In your post about video acceleration you said you did everything with GUI so maybe what I'm going to say is irrelevant, but :
Firewall in Linux is handled at the kernel level. There is a legacy system called IPTABLES and a new system called netfilter tables or nftables.
You can use the new system with transaltion utilities (iptables is in fact iptables-nft wich translates iptables configuration to nftables configuration).
Every GUI firewall tools you will use rely on one of these systems. This is important to understant that if you want to make an efficient firewall configuration.
About iptables :
Basically each packet going in or out of you system will be filtered by sets of rules, each rules applying one after an other.
Rules are grouped in tables. By default a incoming packet will be treated by the INPUT table. Outgoing packets will be treated by the OUTPUT table. You will most likely add rules to those two tables, but you can create as many tables as you want. Rules can actually make a packet "jump" from a table to another, thus applying a new set of rules to the packet.
There is a table called "DROP" wich will discard every packet that lands in it. Basically this is where you jump when you want to block some network traffic.
There is a table called "ACCEPT" which will do nothing, so the packet won't be filtered anymore.
You can set a policy for input and output traffic. This is a kind of last rule that is being put in the the INPUT and OUTPUT table that makes sure a packet is either ACCEPTED or DROPPED if it reaches the end of the table.
If you are not planning to host anything, you can block every inboud TCP connections. That's a good start.
Services
Make sure you don't have any useless network services running on your machine.
Run this as root to see which services are waiting for network connections.
Malware/Virus
Anti-virus/malware have two purpose : detect programs that use system vulnerabilities (protection against 0day vulnerabilities is the most important part of it) and detect programs that you may use that are known to cause harm.
In linux the part about 0day is handled by the security applications repository that provides quick updates to patch holes (at least the ones in your system). For the harm part : applications in your distribution's repositories are checked and shouldn't cause harm.
Unless you start using untrusted applications (not from official repositories), you most likely don't need any malware/virus detection.
There is a lot of things said on securing a debian system here :
https://www.debian.org/doc/manuals/securing-debian-howto/securing-debian-howto.en.pdf