The Waltham, Massachusetts-based company calls the new product its InMotion MultiService Controller, or MSC, referring to the fact that Colubris sees first voice and, in the future, video going over enterprise WLANs.

It is based on a new architecture also to be unveiled by Colubris next week, namely the TriPlane Architecture, so called because it posits a physical separation of the control and data planes, as well as the already separated management plane.

In the Colubris architecture, the MSC carries out the control plane functions of setting security policy and managing roaming, at both layer 2 (between APs within the same subnet) and layer 3 (between different subnets).

The roaming control function also means it will be a cache, or as Colubris’ VP of engineering, Roger Sands, called it a master repository for the keys required for 802.1x authentication to enable both L2 and L3 roaming.

The roaming aspect of course gains increased importance in voice-over-WLAN (VoWLAN) scenarios, where phone and PDA users are more mobile than ones using a laptop.

Sands pointed out that, as handset vendors move from the less secure WEP standard to WPA, with 1x authentication on RADIUS servers, it will be vital to have the keys centrally cached to avoid the need for re-authentication as a user moves from one AP to another. Such a scenario would mean a delay longer than the 50ms beyond which voice callers start to notice a drop in quality.

Of course, the WLAN switch vendors like Aruba, Trapeze and Airespace (now part of Cisco) could also potentially cache keys, but with them the issue is then that all the data traveling over a WLAN network, including the 11x authentication data, goes through their switches, as there is no separation of the control and data planes.

This makes them a bottleneck, such that most of them can’t support large numbers of APs, said Sands. Aruba is the exception, but then that box costs $50,000.

The MSC comes in two flavors, the MSC-5200, supporting up to 25 APs and costing $4,799, and the MSC-5500, with support for up to 200 APs and a list price of $15,999. Both boxes are 1U chasses.

These prices are dimensions cheaper than WLAN switches. Indeed, while Colubris’ APs retail at slightly higher prices than the thin APs that the switch vendors can offer (because most of the intelligence in their networks is in the switch), it can still claim that total system cost is lower, referring to the cost of acquiring its APs for the data plane, the MSC for the control plane, and its InCharge Network Management System (NMS) software for the management plane.

In order to reap the full benefits of its TriPlane Architecture, of course, customers will have to buy their APs from Colubris too, as there is currently no industry standard for AP control and management in existence, though efforts are underway within the context of the IEEE’s CAPWAP working group.

In the meantime, however, Sands explained, the company’s NMS can at least manage other vendors’ APs, which means carrying out radio frequency and system management.

Furthermore, as much of the installed base in enterprises today is using only 802.11b radios, companies increasingly want to migrate to a/b/g radios for functions such as rogue AP detection, so we can manage their existing APs and help them migrate seamlessly to the TriPlane Architecture, he said.

The launch of the Architecture and the MSC devices could almost be billed as the Revenge of the Fat APs, in that the WLAN switch vendors, with their centralized management and thin APs, have enjoyed boasting rights over the previous generation of AP vendors who simply sold fat, i.e. intelligent APs for attachment to a corporate LAN, delivering wireless connectivity but creating a management headache in terms for security and access control.

WLAN switches took away that headache, but generally do not allow the APs to scale, and will almost certainly run into problems as more voice is run over WLANs, Sands predicted.

The TriPlane Architecture, with its separate control plane, is touted by Colubris as a next generation beyond the switched architectures, which in reality are overlay networks. It is, in fact, a step en route to the company’s ultimate goal of a unified WLAN architecture, in which it will leverage the WLAN switching capabilities now going into silicon from vendors such as Broadcom and SiNett, with product commercially available at the end of this year, to deliver next year unified WLAN/LAN switch, i.e. addressing wired and wireless connectivity.

Meanwhile Colubris will need to develop its route to market for the MSC if it is going to gain visibility and market share against the likes of Cisco, which had around 40% of the overall WLAN market last year.

We already have partnerships with Alcatel and Juniper, together with an emerging one with Avaya, and we’ll announce new ones with companies such as IP PBX vendors and vertical apps developers who have an interest in delivering apps on our WLAN infrastructure said Michael Welts, VP of marketing at the privately held company.

Beyond that, expect to see the company unveil a major program to built a hybrid distribution and VAR channel later this year, funded by the $15m third-round funding it raised in March.