It would be helpful to know your intended software solution. I use a re-purposed sandy bridge i5 to run my home router. I use a hypervisor (HyperV) to run an instance of Sophos XG, FreeNAS, and a steam-cache server. I have one Gigabit port on the motherboard, and a pair of cheap dual port PCI-E gigabit cards installed in it (they are used Intel server nics that I got for real cheap). My setup uses one of the card based NICs to handle the WAN link to my ISP, the on board RJ-45 for a connection to a Linksys wireless broadband router (What I was using before this setup) in bridged mode, providing just the access points for both the 5G and 2.4g bands for my built in devices and for the unregulated devices (smart phones for the adults, smart TVs, IoT devices), another card based RJ-45 for a second WiFi access point (bridged Apple Airport, which was free from a friend that was upgrading, it's got a good setup for turning off the kids' wifi access on a schedule among other things) that holds the highly regulated, monitored, and protected wireless network for all of my kids' devices, a third card mounted RJ-45 for a link to an older NAS device that supports network based backups for everything and a fourth card mounted RJ-45 for future expansion (I'm going to do something with a home media server system to replace my cable boxes soon).
It doesn't take a lot of processor to make it all run. I have Sophos defined as dual core, and the others are single at the moment. Doing all of that on one system still yields me wire speed forwarding on my 100Mbps ISP connection, and by my calculations, will handle everything through 500Mbps without a problem. It'll show some limitations at a full gigabit, but that's largely because of the level of packet inspection that I've got enabled. I'm on the lookout for a good price on a used Ivy Bridge I7 that is compatible with my board for when fiber makes it into my neighborhood in the next year or so. You might find that RAM amount a bit tight. Sophos XG supports 6GB max (though, I'm rarely going above 2), and a NAS box can use as much as you can throw at it for file caching. I'd suggest you try to get to 8GB as it looks like you might want to run 3 VMs at some point.
What are you using for a boot drive? If you can find it, I'd suggest that you look for a cheap, low capacity SSD. You can often find them used online for very little. Remember, for this purpose, size and write speed aren't a big issue. Just something that consumes very little power that can help your server get booted back up quickly after a power outage. A lot of people like to use USB sticks for that, and that's fine, but I find that they can be quite slow, and often don't like being used that way long term. I use an older 120GB SATA SSD for mine and it does just fine. I also have a 500GB 7200 RPM hard drive setup as a proxy cache for the Sophos firewall, but I don't see it helping a whole lot. I had it, already and didn't have a use for it, so I just threw it in there to see if it would help.
