Security features include support for 64, 128, and 256 bit WEP and 802.1x authentication. The 802.1x feature doesn't actually perform client authentication, but just allows the AP to pass requests to primary and backup RADIUS servers.
I was disappointed to find that the 5450 did not support Wi-Fi Protected Access (WPA) for improved WLAN security, but USR says upgrade downloads will be available in September (2003) for all 11g products.
In my opinion, consumers should not purchase new products that do not include WPA support...period! Chipset vendors have had their WPA firmware available since May / June of this year and there really isn't any excuse for end-product vendors to not have it baked into new WLAN products. I don't mean to single out USR in this regard, since other vendors are also playing the WPA-will-be-available-as-a-download-soon game with newly-issued products. But WPA delivers real benefit in improving wireless security, and equipment vendors - and consumers - need to make it a must-have feature. End of rant.
The 5450 also has MAC Address filters to control wireless client association. You can enter a list of client MAC addresses, which can all be either allowed or denied association with the AP. The list of clients can't be saved or loaded to / from a file by itself, but does get included in the information saved via the AP's Backup Settings feature. Unfortunately, this backup file is not in readable format, so you won't be able to include a pre-made list.
USR has integrated a couple of useful twists into this feature. It will flash a Warn light on the AP's front panel when a denied client tries to associate with the AP. If you happen to be logged into the admin interface (and running IE as your browser), you'll also get a popup warning. Finally, when the MAC Filter feature is enabled in Deny mode, clicking the Disconnect button that appears next to each associated station at the bottom of the Status page automatically adds the client's MAC address to the filter list and disconnects the client.