Honestly, determining whether you need a firewall isn't as simple as "yes, always, all the time" or "no you don't need one." You have to know what the firewall is doing, and what security is required. You can set up a firewall, allow all ports to be forwarded through without inspection, and while you have a firewall, it's not helping you. Or you could have a server running a secure OS with only the vital ports opened, without access to anything other than the Internet, in which case a firewall probably isn't doing you a lot of good.
Also, it seems you're talking about a software firewall installed on the server? I wouldn't trust it. If I'm running Internet accessible servers, I generally want separate hardware firewall, and I want to put those servers into a separate DMZ if I can. I might leave the built-in Windows firewall turned on if it's not causing any problems, but if I have to disable it, I don't worry too much about it because I have the hardware firewall.
A properly secured Linux/Unix server should be able to sit directly on the Internet without issues, but you may as well put it behind the hardware firewall if you have the option.
But are we talking about disabling the built-in software firewall on a machine that's only accessible by other computers on the LAN? That's probably fine. You should have some security preventing unauthorized personnel from accessing the LAN, and I would assume the SQL databse it password protected, right?
I guess my bottom line here is this: Since you can't trust a the built-in Windows firewall to actually protect from very much, you shouldn't worry too much about disabling it. Make sure your network is secure without it.