There have long been mutterings that the wireless LAN security "overlay" vendors face a limited window of opportunity. The size of the window has depended on how well and how quickly the wireless LAN industry would develop better security technologies and collapse them into their own systems.Now that WLAN systems are quickly becoming Wi-Fi Protected Access (WPA)-certified, we're seeing some movement. ReefEdge, historically a maker of gateway appliances that centralize Wi-Fi security and management, this week announced it is getting into the full-blown multivendor WLAN switching and access point business.Mark Juliano, ReefEdge's vice president of strategy, explains that the company's WLAN EcoSystem takes aim at Fortune 1000 companies with many widely dispersed small sites (such as retail stores) that cannot afford $7,000 Wi-Fi switches at every site but need centralized management."A branch office can't pay much more than about $1,000 [for WLAN equipment] and needs to consolidate a lot of functions," Juliano asserts. So, he says, ReefEdge is now shipping a system that includes a device for remote sites that resembles a small switch - about half a rack size - with an antenna on it.That product is the ReefSwitch 25 ($1,390), which integrates a wireless switch, access point and network application server (currently a "placeholder" platform for application plug-ins, Juliano says)."We can also ship the device without the AP. For example, a tiny office only needing one AP might install the full device. A larger warehouse might have third-party APs and our switch," he explains.A key companion component of the EcoSystem is the ReefSwitch 200A appliance ($9,900), which resides in a headquarters office to manage and administer remote ReefSwitches and the central WLAN environment. The 200A initially downloads software, configurations, security policies, access control lists and so forth remotely to the ReefSwitch 25. Then the 25 boots itself with the full image and no longer relies on the 200A for control. "The 200A becomes a monitor in background mode," Juliano says.In addition to ReefEdge's access points, the 200A can configure Cisco, Symbol and Orinoco access points remotely, he notes. And it performs radio-frequency analysis and monitoring for rogue access points, capabilities that work with Cisco 1100 and 1200 products, Juliano says.Finally, there is the ReefSwitch 300 ($12,900 for a device with 12 10\/100 or Gigabit Ethernet ports), due to ship early next year, for large sites. It connects to third-party access points either directly in the wiring closet or via existing wired switches that connect to the access points.