I have one AP that is only WEP capable, on which I use IPSec. I used to use AuthPF but no longer need it.
Also OT:
If you're interested in learning more about these things ... this class has been interesting. Week 1's homework includes real cryptanalysis -- we are breaking a stream cipher that is using an excellent random number generator .. but which was deployed with a simple, small error in implementation.
Week 1. Yep.
(That particular implementation error exists in some encryption systems still in wide use. I'm amazed that this is so.)