Selective encryption delineation

What is claimed is: 1. A system, comprising: a network device associated with provision of a network used to communicate with a data center; and a proxy device communicatively coupled between a client device and the network device, wherein the proxy device is configured to: receive outbound data from the network device; identify a first insensitive portion and a second insensitive portion of the outbound data; identify a sensitive portion of the outbound data; encrypt the sensitive portion of the outbound data to generate an encrypted payload; generate a partially encrypted data stream at least in part by including the first insensitive portion in the partially encrypted data stream, wherein an encrypted portion sentinel is included in the partially encrypted data stream after the first insensitive portion, wherein the encrypted payload is included in the partially encrypted data stream after the encrypted portion sentinel, wherein an end encrypted portion sentinel is included in the partially encrypted data stream after the encrypted payload, wherein the end encrypted portion sentinel comprises a set of characters with a length and character combination not occurring in the outbound data, and wherein the second insensitive portion is included in the partially encrypted data stream after the end encrypted portion sentinel; and transmit the partially encrypted data stream to the client device. 2. The system of claim 1 , wherein the partially encrypted data stream comprises an additional encrypted portion sentinel subsequent to the end encrypted portion sentinel. 3. The system of claim 2 , wherein the end encrypted portion sentinel is configured to indicate to the client device that data included in the partially encrypted data stream subsequent to the end encrypted portion sentinel is decrypted until the additional encrypted portion sentinel is present in the partially encrypted data stream. 4. The system of claim 1 , wherein the end encrypted portion sentinel comprises a different value than the encrypted portion sentinel. 5. The system of claim 1 , wherein the proxy device is configured to: determine data values of the outbound data; and determine characters used as the end encrypted portion sentinel as one or more characters not included in the data values of the outbound data. 6. The system of claim 1 , wherein the proxy device is configured to: determine data values of the outbound data; and determine characters used as the end encrypted portion sentinel as one or more characters unlikely to be included in the data values of the outbound data. 7. The system of claim 1 , wherein the proxy device is configured to: determine data values of the outbound data; and determine the end encrypted portion sentinel as a string of characters longer than that of the data values of the outbound data. 8. The system of claim 1 , wherein the proxy device is configured to determine the end encrypted portion sentinel as non-character data value. 9. A method of delineating an encrypted portion of a selectively encrypted data stream, the method comprising: receiving first data to remain unencrypted and second data to be encrypted; generating a partially encrypted data stream, wherein generating the partially encrypted data stream includes: including the first data as an unencrypted data portion in the partially encrypted data stream; encrypting the second data to generate an encrypted data portion; including an encrypted portion sentinel in the partially encrypted data stream subsequent to the unencrypted data portion; including the encrypted data portion in the partially encrypted data stream subsequent to the encrypted portion sentinel; and including an end encrypted portion sentinel in the partially encrypted data stream subsequent to the encrypted data portion, wherein the end encrypted portion sentinel comprises a set of characters with a length and character combination not occurring in the encrypted data portion; and outputting the partially encrypted data stream. 10. The method of claim 9 , wherein the partially encrypted data stream includes data encoded in accordance with a defined encoding scheme. 11. The method of claim 10 , wherein the defined encoding scheme is a Unicode encoding scheme. 12. The method of claim 10 , comprising: generating the encrypted portion sentinel as a valid code in the defined encoding scheme; generating the end encrypted portion sentinel as a valid code in the defined encoding scheme that differs from the encrypted portion sentinel; and including the unencrypted data portion in the partially encrypted data stream includes including the unencrypted data portion in the partially encrypted data stream as a first partially encrypted data stream portion, such that: the first partially encrypted data stream portion includes codes that are valid in the defined encoding scheme; the first partially encrypted data stream portion om its codes other than codes that are valid in the defined encoding scheme; the first partially encrypted data stream portion om its the encrypted portion sentinel; and the first partially encrypted data stream portion omits the end encrypted portion sentinel; and the encrypted portion includes codes that are valid in the defined encoding scheme, om its codes other than codes that are valid in the defined encoding scheme, omits the encrypted portion sentinel, and om its the end encrypted portion sentinel. 13. The method of claim 9 , wherein identifying the encrypted data portion comprises identifying encryption metadata, and wherein including the encrypted data portion in the partially encrypted data stream comprises: including an encryption metadata start sentinel in the partially encrypted data stream; including the encryption metadata in the partially encrypted data stream subsequent to the encryption metadata start sentinel, wherein the encryption metadata omits the encryption metadata start sentinel, and omits an encryption metadata end sentinel; and including the encryption metadata end sentinel in the partially encrypted data stream subsequent to the encryption metadata. 14. The method of claim 9 , wherein generating the partially encrypted data stream comprises generating the partially encrypted data stream by a server in a first network domain, wherein outputting the partially encrypted data stream comprises transmitting the partially encrypted data stream to an edge encryption proxy in a second network domain, and wherein the encrypted data portion is encrypted such that decryption information for decrypting the encrypted data portion is unavailable to the server and is available to the edge encryption proxy. 15. A non-transitory, tangible, computer-readable storage medium, comprising executable instructions that, when executed by a processor, cause the processor to perform operations to exchange a mixture of sensitive and insensitive data, the operations comprising: receiving unencrypted data from a first computing device; identifying a first insensitive portion of the unencrypted data and a second insensitive portion of the unencrypted data; identifying a sensitive portion of the unencrypted data; encrypting the sensitive portion to generate an encrypted payload; generating a data stream at least in part by: including the first insensitive portion in the data stream; including an encrypted portion sentinel in the data stream after the first insensitive portion; including the encrypted payload in the data stream after the encrypted portion sentinel; including an end encrypted portion sentinel in the data stream