US Patent 9608963 Scalable intermediate network device leveraging SSL session ticket extension

An intermediary network device receives a request for a secure communication session between an endpoint server and an endpoint client through the network device. The secure session between the endpoint server and the endpoint client is divided into a first session and a second session. The first session is between the endpoint server and the network device. The second session is between the network device and the endpoint client. The network device receives a first session ticket from the endpoint server. A session state of a proxy client in the first session, including the first session ticket, is determined. The network device also determines a session state of a proxy server in the second session. The combination of the session state of the proxy client, including the first session ticket, and the session state of the proxy server are encapsulated as part of a second session ticket.