A mechanism to allow hosts on the plaintext side of IP-layer encryptors to utilize Performance Enhancing Proxies (PEPs) on the ciphertext side of IP-layer encryptors is provided. Two processes are utilized for each IP-layer encryptor to extend a higher-level protocol (as represented, for example, by OSI layers 4-7) from the plaintext or red-side of the IP-layer encryptor to the ciphertext or black-side of the IP-layer encryptor. These two processes are known as the red-side Performance Enhancing Proxy Enabler (PEPE) and the black-side PEPE. The red-side and black-side PEPEs of a local IP-layer encryptor work together with red-side and black-side PEPEs of a remote IP-layer encryptor to transmit packets between the IP-layer encryptors using a higher-level protocol. Hence, PEPEs allow packets exchanged by red-side hosts separated by IP-layer encryptors to be transmitted on the black-side using a higher-level protocol. Therefore, PEPEs allow hosts on the red-side to take advantage of PEPs on the black-side.
Patent Number: 7,684,414
Date Issued: March 23 2010