A method for secure communications between a client and one of a plurality
of servers performed on an intermediary device coupled to the client and
said plurality of servers. In one aspect, the method comprises:
establishing an open communications session between the intermediary
device and the client via an open network; negotiating a secure
communications session with the client; establishing an open
communications session with said one of said plurality of servers via a
secure network; receiving encrypted data from the client via the secure
communications session; decrypting encrypted application data; forwarding
decrypted application data to the server via the secure network;
receiving application data from the server via the secure network;
encrypting the application data; and sending encrypted application data
to the client. In a further aspect, an apparatus including a network
interface communicating with the public network and the secure network at
least one processor, programmable dynamic memory addressable by the
processor, and a communications channel coupling the processor, memory
and the network communications interface is provided. The apparatus
further includes a proxy TCP communications engine, a proxy SSL
communications engine, a server TCP communications engine; and a packet
data encryption and decryption engine.