Cloud-based tunnel protocol systems and methods for multiple ports and protocols

What is claimed is: 1. A non-transitory computer-readable medium storing computer executable instructions, and in response to execution by one or more processors, the computer-executable instructions cause the one or more processors to perform the steps of: establishing a control channel of a tunnel utilizing a first encryption technique, wherein the tunnel is between a local node including the one or more processors and a remote node, and wherein the control channel includes a session identifier; establishing one or more data channels of the tunnel utilizing a second encryption technique, wherein the one or more data channels are authenticated using the session identifier from the control channel and are bound to the control channel based on the session identifier, and wherein both the control channel and the one or more data channels are between the local node and the remote node, wherein the second encryption technique is chosen based on the session identifier; performing, over the control channel, device authentication and user authentication of one or more users associated with the remote node, wherein each of the one or more users includes a user identifier; and subsequent to the device authentication and the user authentication, exchanging data packets over the one or more data channels, wherein the data packets include an application Identifier (ID), one or more keep alive packets, and a corresponding user identifier, and balancing loads associated with the one or more data channels to different servers of the local node based on proprietary information provided by the remote node. 2. The non-transitory computer-readable medium of claim 1 , wherein the first encryption technique is one of Transport Layer Security (TLS) and Secure Sockets Layer (SSL), and the second encryption technique is one of TLS and Datagram Transport Layer Security (DTLS). 3. The non-transitory computer-readable medium of claim 2 , wherein the first encryption technique is always a same one of TLS and SSL, and the second encryption technique is selected as the one of TLS and DTLS based on support of the remote node. 4. The non-transitory computer-readable medium of claim 2 , wherein the second encryption technique is selected as the one of TLS and DTLS based on whether the remote node blocks User Datagram Protocol (UDP) port 443 traffic. 5. The non-transitory computer-readable medium of claim 1 , wherein the data packets include data packets between the remote node and the local node from various ports and having different protocols. 6. The non-transitory computer-readable medium of claim 1 , wherein the local node is part of a cloud-based security system and the one or more users are connected thereto via the tunnel for firewall and Intrusion Prevention System (IPS) functions, and wherein the cloud-based security system is adapted to apply per user level functions based on user identifiers associated with the data packets. 7. The non-transitory computer-readable medium of claim 1 further including a plurality of remote nodes, wherein the local node is a node associated with a cloud-based system and the plurality of remote nodes are mobile user devices, and wherein balancing loads associated with the one or more data channels is performed on a per-user and per-application basis based on the application ID and corresponding user identifiers. 8. The non-transitory computer-readable medium of claim 1 , wherein the data packets further include the proprietary information provided by the remote node, and wherein the balancing loads includes balancing a new connection to a specific server based on the proprietary information. 9. A node comprising: a network interface, a data store, and a processor communicatively coupled to one another; and memory storing computer-executable instructions, and in response to execution by the processor, the computer-executable instructions cause the processor to establish a control channel of a tunnel utilizing a first encryption technique, wherein the tunnel is between the node and a remote node, and wherein the control channel includes a session identifier; establish one or more data channels of the tunnel utilizing a second encryption technique, wherein the one or more data channels are authenticated using the session identifier from the control channel and are bound to the control channel based on the session identifier, and wherein both the control channel and the one or more data channels are between the local node and the remote node, wherein the second encryption technique is chosen based on the session identifier; perform, over the control channel, device authentication and user authentication of one or more users associated with the remote node, wherein each of the one or more users includes a user identifier; and subsequent to the device authentication and the user authentication, exchange data packets over the one or more data channels, wherein the data packets include an application Identifier (ID), one or more keep alive packets, and a corresponding user identifier, and balance loads associated with the one or more data channels to different servers of the local node based on proprietary information provided by the remote node. 10. The node of claim 9 , wherein the first encryption technique is one of Transport Layer Security (TLS) and Secure Sockets Layer (SSL), and the second encryption technique is one of TLS and Datagram Transport Layer Security (DTLS). 11. The node of claim 10 , wherein the first encryption technique is always a same one of TLS and SSL, and the second encryption technique is selected as the one of TLS and DTLS based on support of the remote node. 12. The node of claim 10 , wherein the second encryption technique is selected as the one of TLS and DTLS based on whether the remote node blocks User Datagram Protocol (UDP) port 443 traffic. 13. The node of claim 9 , wherein the data packets include data packets between the remote node and the local node from various ports and having different protocols. 14. The node of claim 9 , wherein the node is part of a cloud-based security system and the one or more users are connected thereto via the tunnel for firewall and Intrusion Prevention System (IPS) functions, and wherein the cloud-based security system is adapted to apply per user level functions based on user identifiers associated with the data packets. 15. The node of claim 9 further including a plurality of remote nodes, wherein the node is a node associated with a cloud-based system and the plurality of remote nodes are mobile user devices, and wherein balancing loads associated with the one or more data channels is performed on a per-user and per-application basis based on the application ID and corresponding user identifiers. 16. A method comprising: establishing a control channel of a tunnel utilizing a first encryption technique, wherein the tunnel is between a local node including one or more processors and a remote node, and wherein the control channel includes a session identifier; establishing one or more data channels of the tunnel utilizing a second encryption technique, wherein the one or more data channels are authenticated using the session identifier from the control channel and are bound to the control channel based on the session identifier, and wherein both the control channel and the one or more data channels are between the local node and the remote node, wherein the second encryption technique is chosen based on the session identifier; performing, over the control channel, device authentication and user authentication of one or more users associa