A multi-level network security system is disclosed for a computer host
device coupled to at least one computer network. The system including a
secure network interface Unit (SNIU) contained within a communications
stack of the computer device that operates at a user layer communications
protocol. The SNIU communicates with other like SNIU devices on the
network by establishing an association, thereby creating a global
security perimeter for end-to-end communications and wherein the network
may be individually secure or non-secure without compromising security of
communications within the global security perimeter. The SNIU includes a
host/network interface for receiving messages sent between the computer
device and network. The interface operative to convert the received
messages to and from a format utilized by the network. A message parser
for determining whether the association already exists with another SNIU
device. A session manager coupled to said network interface for
identifying and verifying the computer device requesting access to said
network. The session manager also for transmitting messages received from
the computer device when the message parser determines the association
already exists. An association manager coupled to the host/network
interface for establishing an association with other like SNIU devices
when the message parser determines the association does not exist.