The Internet is an inherently insecure medium. Sensitive data must be encrypted before being dispatched, meaning that all Virtual Private Network (VPN) traffic must be encrypted before it is transmitted. This is particularly important for e-commerce involving credit card numbers, bank statements, corporate proprietary records, and other sensitive data.
The growing popularity of e-commerce and VPNs is making cryptographic security a critical gateway feature. But at the same time, it is creating a major gateway bottleneck. Internet gateways handle enormous volumes of traffic from many simultaneous sessions. Computational demands of security are greater compared to other gateway tasks. Consequently, as secure sessions become more common, the usual gateway architecture is increasingly less suitable.
Security functions are overly burdensome largely due to the nature of algorithms employed and the fact every byte in a packet must be processed. Most other gateway tasks only operate on packet headers. Cryptography works on the premise that an encrypted message is virtually impossible to decode by an unauthorized user, but is merely difficult to the authorized user. The algorithms used to implement security, encryption, compression, and authentication can be performed in software, which is ideal for systems handling small numbers of connections.