BleepingComputer.com: network diagram evaluation

We have a network of 50+ computers/laptops/networkprinters/wifi adaptors/etc.. some computers have internet access, right now it's a workgroup setup, users get internet directly from the DLS modem, users who got mail accounts get mails directly from the mail server. My job is to setup a domain server so that an ERP can run on it; setup a mail server which can be accessed from outside world and design and setup the network so that most of the security needs can be followed.

What I plan is to Setup a Linux based Firewall/Proxy (I choose Untangle for it as we can't afford a hardware firewall right now) and a Mail server (I prefer Mdaemon as I have previous experience working with it.) For Domain I'm using windows2003/R2/SP2.

Please suggest me the best network configuration I can build to achieve the desired results.
Thanks you for your time for reading this.

I'm not sure what you are asking for. Are you asking about networking hardware? You sound like you have a good plan.

thanks for the reply, I would like to know, how do I segment my network. Should I use DMZ? DHCP in local network? Where do I put my wifi network? in DMZ or in local network? or in both as some internal users need to login to domain server and company visitors also need internet access. Our mail server also needs to be accessed from outside, for this I would setup dyndns and port forwarding on my firewall/proxy box or should I setup a VPN server?

When it comes to network design I like to use the K.I.S.S. method(Keep It Simple Stupid, no not calling anyone stupid). If you start making it complicated then you will spend your time chasing problems in 15 places rather than 2.

With less than 100 devices there is no need to really break up your network that much. I wouldn't use DMZ if I can avoid it at all costs. Servers will need static IPs but the rest of your network should be handled by DHCP. Your wifi should be a part of your internal network and locked down with security. Do the visitors need access to inside resources? Like printers and such?

For the mail server - VPN would be the sexy way to get it done but why add something that could fail when what you suggested will work and is basically free?

Is this network setup ok?

Yes looks good to me.