Transport security is used to provide point-to-point security between the two endpoints (service and client). If there are intermediary systems between the client and the service, each intermediate point must forward the message over a new SSL connection.
When using transport security, the user credentials and claims are passed using the transport layer. In other words, user credentials are transport-dependent, which allows fewer authentication options compared to message security. Each transport protocol (TCP, IPC, MSMQ, or HTTP) has its own mechanism for passing credentials and handling message protection. The most common approach for this is to use Secure Sockets Layer (SSL) for encrypting and signing the contents of the packets sent over Secure HTTP (HTTPS).


When to use Transport Security?
Use transport security in the following scenarios: -
1. If you are sending a messing directly from you application to a WCF Service and the message will not be routed through intermediate systems.
2. If you have both the service and the client in an intranet.
Advantages of using Transport Security

1. It provides interoperability, meaning that communicating parties do not need to understand the WS-Security specification.
2. It may result in better performance.
Disadvantages of using Transport Security

1. Because security is applied on a point-to-point basis, there is no provision for multiple hops or routing through intermediate application nodes.
2. It supports a limited set of credentials and claims compared to message security.
3. It is transport-dependent upon the underlying platform, transport mechanism, and security service provider