How were you planning to offer the rest of your LAN access to the Internet? You don't say how you are getting access via your LAN now. Is it not firewalled? There are both hardware and software firewall products in every price range. Since you were planning to dedicate a server for the broadband connection, you might consider Microsoft's Internet Security and Acceleration Server. In addition to being an excellent firewall, it can also act as a proxy and limit access to the Internet. IT could be given different access than the rest of the LAN, or even be the only ones allowed access. There are also hardware-based firewalls and software-based "personal" firewalls. You may want to consider determining what your organization's security policy is or should be, and then developing a solution that provides faster access, but is secure.
In addition, don't make the mistake of thinking that "just" having a firewall will make you secure. There are many other components you might want to think about in your security plan, such as intrusion detection and response, antivirus protection, etc. Remember, fast but insecure not only has the danger of slowing you down in the future, it can put you out of business.
This was first published in November 2002