Microsoft has released a new prescriptive paper describing in step-by-step fashion how to deploy a secure wireless LAN using Protected Extensible Authentication Protocol (PEAP) and passwords:

The Securing Wireless LANs with PEAP and Passwords solution guide is designed to help small- and medium-sized organizations protect their wireless local access network (LANs). This prescriptive guidance will assist you in planning, deploying, testing, and managing a wireless LAN security infrastructure using Microsoft Windows XP, Windows Server 2003, and Pocket PC 2003. The guide is a companion to the earlier solution guide Securing Wireless LANs – a Certificate Services Solution. However, this updated guide uses passwords to authenticate users and computers to the LAN instead of digital certificates.

The solution uses industry standards such as 802.1X to ensure broad interoperability. Windows XP Wireless Auto Configuration and the Microsoft Active Directory directory service help to minimize the complexity of installing and managing the solution—many of the more complex operations are automated in scripts that are provided with the guide. You can also install the solution entirely on existing servers in your environment to keep costs low.

Also useful in the context of these articles:

• Planning a Secure Wireless LAN using Windows Server 2003 Certificate Services: Designing Your PKI
• Securing Wireless LANs - A Windows Server 2003 Certificate Services Solution
• Windows Server 2003 W-Fi resources from microsoft.com
• Windows XP Resource Kit - Wireless networking for IT professionals
• Enterprise Deployment of Secure 802.11 Networks Using Microsoft Windows
• Newsgroup: microsoft.public.windows.networking.wireless