Your placement sounds correct, but since I have not seen the architecture, I cannot recommend yes or no. Your placement is typical in the industry.
As for Snort, it is an excellent product and will do the job. If your client doesn't like opensource/freeware the loss is theirs. I prefer (in this order) Dragon, Snort, ISS and NFR, but that's not the concrete rule. As I said, the choice must fit the company. Cisco Netranger (or whatever they are calling it) is limited, and I do not recommend it's use unless you supplement it with another IDS. Dragon will provide excellent reports, but you need to know Unix Apache and some database (not a problem, right!).
Remember, NFR is releasing the next generate of products that will ease the use, so you may want to reconsider them. If you are working for a client, then I assume you will have little choice. I recommend you fit their business requirements to the best of your ability.
Hope that answers some of your questions.
For more information on this topic, visit these other SearchSecurity.com resources:
Featured Topic: Intrusion-detection systems
Webcast Archive: Intrusion-detection systems with Ed Yakabovicz
David Strom's Security Tool Shed: Hacker tool helps identify network weaknesses
This was first published in June 2002