Abstract: A data security device for providing a network transport connection via a transparent network proxy that employs different encryption security mediums along a communications session between two endpoints by emulating one of the endpoints at an intermediate node such that the communication session appears as an atomic, secure connection to the endpoints yet provides appropriate security over the end-to-end connection. A sender node sends a connection request to establish a secure communication session with an intended receiver node. A transparent proxy on an intermediate node receives the request and establishes the link employing an encryption mechanism. The transparent proxy establishes a second link with the intended receiver, and applies a second, less expensive encryption mechanism. The transparent proxy combines the two links to form the trusted, secure connection but incurring only the mitigated expense over the second link.

Abstract: A data security device for providing a network transport connection via a transparent network proxy that employs different encryption security mediums along a communications session between two endpoints by emulating one of the endpoints at an intermediate node such that the communication session appears as an atomic, secure connection to the endpoints yet provides appropriate security over the end-to-end connection. A sender node sends a connection request to establish a secure communication session with an intended receiver node. A transparent proxy on an intermediate node receives the request and establishes the link employing an encryption mechanism. The transparent proxy establishes a second link with the intended receiver, and applies a second, less expensive encryption mechanism. The transparent proxy combines the two links to form the trusted, secure connection but incurring only the mitigated expense over the second link.

Abstract: A method, apparatus and computer program product for providing failover capability of cached secure sessions is presented. A cached secure session involving a first device and a second device is identified. The cached secure session is encrypted and replicated to a failover device. The encrypted session is then decrypted on the failover to device. An occurrence of a hot failover involving the second device is detected, and processing resumes between the first device and the failover device.

Abstract: A method, apparatus and computer program product for providing failover capability of cached secure sessions is presented. A cached secure session involving a first device and a second device is identified. The cached secure session is encrypted and replicated to a failover device. The encrypted session is then decrypted on the failover to device.

Abstract: A method, apparatus and computer program product for providing failover capability of cached secure sessions is presented. A cached secure session involving a first device and a second device is identified. The cached secure session is encrypted and replicated to a failover device. The encrypted session is then decrypted on the failover device. An occurrence of a hot failover involving the second device is detected, and processing resumes between the first device and the failover device.

Abstract: A data security device for providing a network transport connection via a transparent network proxy that employs different encryption security mediums along a communications session between two endpoints by emulating one of the endpoints at an intermediate node such that the communication session appears as an atomic, secure connection to the endpoints yet provides appropriate security over the end-to-end connection. A sender node sends a connection request to establish a secure communication session with an intended receiver node. A transparent proxy on an intermediate node receives the request and establishes the link employing an encryption mechanism. The transparent proxy establishes a second link with the intended receiver, and applies a second, less expensive encryption mechanism. The transparent proxy combines the two links to form the trusted, secure connection but incurring only the mitigated expense over the second link.

Abstract: A method and apparatus are disclosed for providing data from a service to a client based on the encryption capabilities of the client. Cipher suite lists are exchanged between a client and an endpoint. On the endpoint, the cipher suite list incorporates a mapping of cipher suite names to services. The endpoint uses the client's list of cipher suites in conjunction with the mapping of cipher suite names to services to determine a cipher suite match. A service is selected based on the cipher suite match. A server farm is selected based on the service. The client is informed of this cipher suite match and the endpoint retains knowledge of the cipher suite match throughout the session. Therefore, the encrypted connection between the client and the endpoint can be disconnected and later reestablished to provide data from the particular server.

Abstract: A method and system for providing a connection between a client and a server with load balancing between servers are disclosed. A computer-implemented method of the present invention generally includes binding a primary virtual server to a set of URLs, each URL having an associated real server and receiving a request from a client for connection to the primary virtual server. One of the real servers are selected for connection with the client and a redirect message is sent to the client specifying the URL associated with the selected real server. The method further includes receiving a new connection request from the client for connection with the selected real server.

Abstract: A method, apparatus and computer program product for providing failover capability of cached secure sessions is presented. A cached secure session involving a first device and a second device is identified. The cached secure session is encrypted and replicated to a failover device. The encrypted session is then decrypted on the failover device.