Vlan setup

Well you can have two VLANs, and depending on your switch you can set it up accordingly. What I mean by that is that if you have a layer 3 switch you can do the switching and ACLs on that and if you just have a regular layer 2 switch then all that will happen on your router.

A classic book example of this would be the "Router on a Stick" Method. Just google it and you'll get all the help you need. (Again this is if you don't have a layer 3 switch)

Yes, I would use VLANs and VACLs to restrict traffic from traversing the VLANs.  The configuration of the VACL may be dependent on the hardware and software version. For the 3750, see the chapter on network security and ACLs.  http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_58_se/configuration/guide/swacl.html

Ok great information, I was thinking of going with a NETGEAR ProSafe FS726T switch because of the cost, what router would be a good pair with this?

I would avoid the low-end "prosumer" switches in favor of either Cisco's newer line of business class swithes (e.g., the SG300 gigabit switch line starting at about $400 street price) or HP's Procurve offerings. You really want the rock-solid performance and time-tested IOS feature set of Cisco. Note that to get IOS on the SG300 gear you have to install the latest firmware.

The cool thing about Cisco gear is that you can get inexpensive Layer 3 switches -- essentially dang fast routers -- all in one unit. The Cisco SG300-20 20-port managed VLAN-capable gigabit switch for under $400 is an example, or the SG300-26 26-port for under $600. Install the latest firmware and you have genuine Cisco IOS layer 3 switches.

HP's V1910-24G 24-port GigE switch is also a Layer3 switch under $400, but you don't get the advantage of Cisco's better Web-based admin and Cisco's renowned IOS command line configuration and administration interface (for which there are millions of trained Cisco techs and tons and tons of training materials).

You'll spend a few bucks more on these enterprise-grade switches, but the core of your network will now be much more reliable and versatile.

Cost is a factor here, so if I did not go with the Cisco or the ProCurves and did go with one of the cheaper layer 2 switches, what kind of router would I need to make this work? I am having a hard time understanding the DHCP aspect of the seperate LAN's.

A SonicWall TZ100 firewall is a high quality, easy to deploy business-class firewall that supports multiple subnets on separate LAN ports (I think it has four LAN ports, each individually addressable). It also support multiple DHCP scopes, so you can have it issue appropriate DHCP leases on each port. This will work with the Netgear switch, and all the rules are easily configurable via the SonicWall's web-based management console.

In case it isn't clear, in this context a firewall also serves as a LAN router. The SonicWall, for example, is a firewall/router supporting routing between LAN ports. Not all firewalls permit this.

BTW, I just checked and the distributor site sonicguard.com has TZ 100s at a considerable discount. However, CDW also sells them, and various outfits on Amazon. When comparing firewall street prices for any brand, it's important to verify that you're comparing the same licensed features. For example, SonicWall has a feature pack called "totalsecure" that you pay extra for, that bundles various kinds of intrusion prevention features along with a hardware warranty. The low-end "prosumer" firewalls generally are a one-price-fits-all deal. But these low-end firewalls usually lack multiple LAN subnets, multiple DHCP scopes, and LAN routing capabilities that "business-class" devices have.

Would have liked some other reccomendations besides high end products, a lot of smaller buisnesses are struggling in this economy and having cost effective reccomendations would have helped greatly.