A big hello from a security newbie in the UK!

I have a question about which hardware firewall to buy - I would appreciate any expert opinions that might help me out.

The scenario:

I have a customer in the travel industry who is looking to implement on-line booking to their in-house tour reservations system.

They have installed a 2MB SDSL line (with Lucent Cellpipe 20H router) to carry traffic in and out.

Their web site will pass User requests (hotel availability, prices, etc) through to a dedicated Linux system on the internal network, which will then query the Reservations system and pass the results back to the user.

Now this is a full-time Internet connection that I want to secure from all those people who might try to break in to the on-site systems, so I want to screw access down as tight as possible - only letting recognised traffic through.

I've been advised that Watchguard's Firebox products are good value (did I mention we're on a very tight budget?)

I would appreciate any help from anyone who can advise.

Thanks, and have a nice day!