From Wikipedia, the free encyclopedia

Bump-in-the-wire (BITW) is a class of communications devices which can be inserted into existing (legacy) systems to enhance the integrity, confidentiality, or reliability of communications across an existing logical link without altering the communications endpoints.[1][2] The term was originally used to indicate that the device should introduce only a relatively small increased latency in communications compared to the original, unsecured, approach.

An example of such a device might be a security appliance which applies IPsec protection to communications between existing devices which themselves lack IPsec implementation protocol stack.[3]: 43  Such a device might also be called a security gateway or could be implemented as part of a network firewall to implement a tunneling protocol.


  1. ^ Kent, S. (2005). "RFC 4301 - Security Architecture for the Internet Protocol". IETF.org. Internet Engineering Task Force. doi:10.17487/RFC4301. Retrieved 20 July 2016.
  2. ^ Jose Rolim (30 March 1999). Parallel and Distributed Processing: 11th [i.e. 11] IPPS/SPDP'99 Workshops Held in Conjunction with the 13th International Parallel Processing Symposium and 10th Symposium on Parallel and Distributed Processing, San Juan, Puerto Rico, USA, April 12-16, 1999 : Proceedings. Springer Science & Business Media. p. 391. ISBN 978-3-540-65831-3.
  3. ^ R. Shirey (August 2007). Internet Security Glossary, Version 2. Network Working Group. doi:10.17487/RFC4949. RFC 4949. Informational.