In wireless LANs, the robust security network, or RSN, as defined in the IEEE wireless LAN security amendment, IEEE802.11i, is the goal for any new deployment of all but the most open public networks. This paper discusses and compares the differences between theory and practice - between WEP, WPA, WPA2, IEEE802.11i, RSN and TSN - and their application in public, private, commercial and government environments. While the details and analysis of a series of tests on two modes of attack on WPA2 WLANs shows a possible implementation attack on a strong configuration fails for all equipment surveyed, it illustrates the issues of weak configurations of WPA2 WLANs not meeting RSN requirements and demonstrates the vulnerabilities of such weak configurations. The empirical results are discussed, both in the context of the relevant parts of the standard, as well as in that of the intended application. The use of vendor-specific "mixed-modes" of operation (WEP with WPA/WPA2), where available, is shown to severely compromise the security of a WLAN and common failures in consumer and SOHO configurations are also substantiated. The paper concludes with specific guidance in the secure deployment of WPA2 to form a RSN and remedial actions where the existing configuration degrades security.