The kind of services that you want to set up can use generic network software such as is available on Linux and the BSD systems. Windows has nothing to do with it. Of course Microsoft has expensive Windows based solutions but it you take the Linux or BSD route you don't have to do anything special just because the client machines are running Windows.
You should take inventory of the capabilities of the equipment that you already have such as routers that are already in service. If possible make use of their capabilities. That will spread the load over more machines. For instance a cable modem or dsl modem actually provides several network services. Typically these little boxes provide DHCP server, inbound and outbound firewall, IPSec tunnels, and possibly other network services.
Then figure out what is left. In your case you want a web proxy server at a minimum. Almost any distribution can be configured for this but there are a couple that are geared specifically for network security services. These include, but are not limited to, Monowall and IPCop.
The software that provides these types of services are Squid for web proxy and Snort for intrusion detection.
Squid can actually perform several useful services. The documentation has complete information.
Squid web proxy software http://www.squid-cache.org/
Snort intrusion detection software http://www.snort.org/
Dans Guardian web proxy software http://dansguardian.org/
That should keep you busy for a while.