Before you begin to think about installing a firewall, or any other security device for that matter, you should document what your network looks like. This means generating a map of the network, which illustrates all of the major points of interest, and diagramming how they all logically connect together. Although it is not necessary to document individual workstations, you should document:
Important servers (either individually or as a group)
There are a few automated tools that may be able to help with this. For example, Microsoft Visio provides some automatic mapping functionality. Lumeta seems to be one of the most promising. Their maps of the Internet ...