On the security front, most of this year's edge switches will employ the IEEE 802.1X standard for network-based authentication. This standard lets you control access to your switch and internal resources. Although 802.1X is frequently mentioned with regard to wireless networks, the standard was developed for Ethernet. Most vendors provide fine-grained control over which users have access to specific networked resources or of which VLAN they'll be a part. With 802.1X, it's easy to set up guest logins with access to the Internet only or let internal users access the company's intranet network but not the payroll computers.
2005 Survivor's Guide
Although such security policies aren't new, 802.1X makes them much easier to set up based on user. These resources require additional layers of authentication, but the standard still hardens the center of the network. You don't have to sacrifice performance to add security to internal networks. Most vendors can do access lists in ASICs on their core routers, so there's no penalty for the extra overhead of filtering every packet.
Wireless features also continue to cross into the wired network. Extreme Networks, Foundry Networks and other vendors have edge switches that incorporate intelligence formerly found on the access points. This is done to simplify security and make it possible to roam from one AP to another. Cisco Systems released its WLSM (Wireless LAN Services Module) card this year for the high-end 6500 chassis. That card forces all wireless traffic to the core.