I set up a wireless network for a buddy, and here's what I did:
1) Get the Wireless G stuff. It works with 802.11b AND g, but if you use b on it, every device's speed is knocked down to b speeds.
2) even though WEP sucks, use it anyway. Use a 128bit WEP key, and if you're worried about people sniffing it, and figuring it out, change it every couple of weeks.
3) Disable SSID broadcast. That way, someone just driving around may pick up your wireless signal, but not your network name. They won't be able to log on without it.
4) Along these same lines, for Pete's sake CHANGE THE DEFAULT SSID!! You'd be surprised how many people that have say, a Linksys wireless access point just leave the name of the SSID as "linksys" (stupid to do!) Even with SSID disabled, if they know your network name, it makes it easier for them [:D]
5) yes, you can restrict usage, but only REALLY via MAC address. Just find out the MAC addresses of all the wireless clients that will be on the network, and configure the Wireless Access Point to ONLY ALLOW those MAC addresses.
That's about all I can remember to do. Wireless is pretty open, especially with the sniffer tools that are out. I know that WEP can be busted, and I'm pretty sure that MAC addresses can be spoofed. Best bet is to change the WEP every so often. I _believe_ that to obtain the WEP key, you have to listen to a TON of traffic on the wireless network. So hopefully changing it every two weeks or so would defeat that. Good luck!
-Gloftoe