Yes, you'd want a dedicated firewall - a system that does nothing except be a firewall, sitting between your internet connection, and your internal network or networks. And, I would recommend that you have several internal networks - one for desktops; one for VoIP devices; if you're running publicly accessible servers, one for them; if you go with wireless, strongly consider a separate network for that. Depending on what you eventually decide to do with the cameras - internal security feeds only vs. owners getting to check on their pets, etc. - you might want to put them on your internal network, or on your public server network, or maybe yet another separate one. Depends on your needs, right?
There are some issues with using different vlans on the same switch for segregating networks - google for "vlan hopping" - it depends very much on the make of your switch how grave that might be. Probably the most comprehensive security vulnerability database is bugtraq
http://www.securityfocus.com/bid you might want to check for known vulnerabilities on your switch before buying, or at least when considering how to lay out the network - i.e. how much faith to put into the switch's ability to segregate networks via vlans.
Whatever you do, don't put your internet connection onto a vlan on the ethernet switch that also houses internal networks.
The balance between how much time you want to spend configuring the thing, vs how much money you're willing to put into it, gives you different options.
For a relatively large investment of time and little money, you could go with a PC running Linux, OpenBSD, or a similar free OS, with 2-5 network cards to segregate the different networks. I'd recommend Linux, since the Linux firewall deals rather better with multi-port protocols like ftp.
Since it wouldn't be a desktop, it wouldn't need to have anything interesting in the way of a graphics card; you probably wouldn't even want to install X windows at all.
For more money and less time, you could get an 'appliance' type firewall, from Cisco or a similar vendor. Basically that's just a computer that's optimized for the job of being a firewall - very minimal OS, fast networking hardware, no graphics or anything unneccessary. Some of those use free OS's, others use proprietary ones (the Cisco boxes run a proprietary OS)