Bump-in-the-wire (BITW) is a class of communications devices which can be inserted into existing (legacy) systems to enhance the integrity, confidentiality, or reliability of communications across an existing logical link without altering the communications endpoints.[1] [2] The term was originally used to indicate that the device should introduce only a relatively small increased latency in communications compared to the original, unsecured, approach.
An example of such a device might be a security appliance which applies IPsec protection to communications between existing devices which themselves lack IPsec implementation protocol stack. Such a device might also be called a security gateway or could be implemented as part of a network firewall to implement a tunneling protocol.