What are the basic measures for securing a wireless network

Change the default SSID in access points to something that does not reflect anything obvious such as the organizationÆs, building's or street's name.
Disable sending the SSID in the AP's broadcast beacon. This prevents showing the SSID to unauthorized wireless clients.
Configure strong administrative passwords, and if possible, turn off remote administration features.
Locate the AP in an area where the signal will not be picked by unauthorized clients. If possible, limit the AP's service area by reducing its power.
Reserving MAC addresses (in DHCP or an AP) to require a valid MAC address for clients is not a secure solution on itself because MAC addresses can be spoofed easily and are send in clear-text even when WEP encryption is enabled.
Consider disabling the AP's DCHP feature and assign static IP addresses to all wireless clients.
Implement a firewall and intrusion detection system between the wireless and wired networks.
Enable WEP (Wired Equivalent Privacy). Although it doesn't provide very strong security, it should be enabled nevertheless. Use 128-bit WEP encryption keys and rotate the keys often. Don't rely on WEP as your only means of encryption.
Use VPN technology, such as IPSec or L2TP. Note: the use of a VPN will greatly decrease the throughput of a wireless network.
If available, use WPA (Wireless Protected Access) with TKIP in place of WEP.
When possible, use the 802.1X port-based authentication protocol in combination with EAP (Extended Authentication Protocol) to negotiate an authentication method, such as username and password logon or the use of smartcards, and for example, a RADIUS server.