The first step before making a webservice callout is configuring Remote site settings Salesforce. This is a way of telling Salesforce that this is a valid or authorized URL. For example, if the endpoint where you will be hitting is http://www.mapquestapi.com?APPID=dvdbdfgdf123bbf, then you must add http://www.mapquestapi.com in your remote site settings. Adding only base url of the endpoint would do. You won't be able to make any callouts until you add the url in the remote site settings.
Now, since you are fetching data from an external source, choosing REST or SOAP depends upon the volume of data. If you use REST, it will be easier to maintain since it's lightweight and can also be used in mobility. I personally favor using JSON with REST callout. However, getting the response in JSON format has quite some limitations. We need to take care if the heap size governor limit in Salesforce since your JSON response may be quite huge. Anyway, if you make this callout asynchronously then this limit is doubled (from 6 MB to 12 MB), so hitting that limit would be quite difficult.
There are three classes - HTTP, HttpRequest and HttpResponse that can be utilized to form your request and retrieve your response. You should go through these three classes to understand the functionality better.
Hence, technically you would be needing two classes - one for creating the request and other for typecasting the response into the format you need. If you use JSON, you can simply serialize and deserialize the JSON string and get the work done.
If you have specific questions related to the above, you can post them in comments. We can discuss further.
Best Answer
http://krishhari.wordpress.com/2012/02/08/making-authenticated-web-service-callouts-from-salesforce-to-ibm-cast-iron-part-iii/
If the server is updated with one way SSL just use https and update your remote access settings .No further configuration is needed .
http://wiki.developerforce.com/page/Making_Authenticated_Web_Service_Callouts_Using_Two-Way_SSL
Tutorial 2 in the above document explains one way SSL.