Although windows products exist SFTP was primarily made popular by linux/unix, and especially the openssh implementation. The general recommendation is to use any GNU linux compatible system for SSH/SFTP hosting.
If you don't have any linux systems administration experience I'd highly recommend that you find a professional party to host this for you, as it's very easy to create holes if you don't know what you're doing.
I agree with Achiel. openssh was used by our client, but they had a complete team of experts working on and maintaining the environment. Does your client really wants to send you unstructured data over SFTP? Could you use web services for this over SSL? Seems easier than setting up a new SFTP environment...