Method and system for communicating over a segmented virtual private network (VPN)

What is claimed is: 1. A method comprising: establishing, by a first security peer node of a first network site, a secure data tunnel from the first security peer node to a second security peer node of a second network site remote from the first network site via a plurality of secure segments across a data communications network; providing, by the first security peer node, a notification to a first performance enhancing proxy (PEP) node of the first network site confirming the establishment of the secure data tunnel; and establishing, by the first PEP node, upon receipt of the notification from the first security peer node, a PEP connection between the first PEP node and a second PEP node of the second network site via the secure data tunnel, wherein the receipt of the notification from the first security peer node confirming the establishment of the secure data tunnel triggers the establishing of the PEP connection by the first PEP node; and wherein the PEP connection provides a performance enhancing function, and wherein the performance enhancing function multiplexes one or more data packet flows for transmission over the PEP connection from the first network site to the second network site. 2. The method according to claim 1 , wherein the establishment of the PEP connection via the secure data tunnel comprises: determining that the data packet flows are to be carried via the secure data tunnel; and establishing the PEP connection by performing a connection startup process with the second PEP node and initiating the performance enhancing function. 3. The method according to claim 1 , wherein the secure data tunnel consists of a virtual private network (VPN) tunnel formed by the plurality of secure segments across the data communications network. 4. The method according to claim 1 , wherein at least one of the data packet flows is generated in accordance with transmission control protocol (TCP)/Internet protocol (IP) data communications protocols. 5. The method according to claim 1 , wherein the PEP connection comprises a plurality of data sub-paths, wherein each data sub-path corresponds to a different priority level configured to carry data packets of the respective priority level, and wherein each data packet flow is assigned to a one of the sub-paths based on one or more predetermined priority assignment rules. 6. The method according to claim 5 , wherein the performance enhancing function includes one or more of connection startup latency reduction, acknowledgment message spoofing, window sizing adjustment, compression and selective retransmission. 7. The method according to claim 5 , wherein the predetermined priority assignment rules are based on criteria corresponding to the data packet flows, wherein the criteria comprise one or more of destination IP address, source IP address, source port number, destination port number, user datagram protocol (UDP) source port number, UDP destination port number, type of service (TOS), and data type. 8. An apparatus comprising: a first security peer node of a first network site configured to establish a secure data tunnel from the first security peer node to a second security peer node of a second network site via a plurality of secure segments across a data communications network, wherein the second network site is located remote from the first network site; and a first performance enhancing proxy (PEP) node of the first network site configured to establish a PEP connection between the first PEP node and a second PEP node of the second network site via the secure data tunnel; and wherein the PEP connection provides a performance enhancing function, wherein the performance enhancing function multiplexes one or more data packet flows for transmission over the PEP connection, and wherein the first security peer is further configured to provide a notification to the first PEP node confirming the establishment of the secure data tunnel, and the receipt of the notification from the first security peer node confirming the establishment of the secure data tunnel triggers the establishing of the PEP connection by the first PEP node. 9. The apparatus according to claim 8 , wherein the performance enhancing function includes one or more of connection startup latency reduction, acknowledgment message spoofing, window sizing adjustment, compression and selective retransmission. 10. The apparatus according to claim 8 , wherein the establishment of the PEP connection via the secure data tunnel comprises: determining that the data packet flows are to be carried via the secure data tunnel; and; establishing the PEP connection by performing a connection startup process with the second PEP node and initiating the performance enhancing function. 11. The apparatus according to claim 8 , wherein the secure data tunnel consists of a virtual private network (VPN) tunnel formed by the plurality of secure segments across the data communications network. 12. The apparatus according to claim 8 , wherein at least one of the data packet flows is generated in accordance with transmission control protocol (TCP) / Internet protocol (IP) data communications protocols. 13. The apparatus according to claim 8 , wherein the PEP connection comprises a plurality of data sub-paths, wherein each data sub-path corresponds to a different priority level configured to carry data packets of the respective priority level, and wherein each data packet flow is assigned to a one of the sub-paths based on one or more predetermined priority assignment rules. 14. The apparatus according to claim 13 , wherein the predetermined priority assignment rules are based on criteria corresponding to the data packet flows, wherein the criteria comprise one or more of destination IP address, source IP address, source port number, destination port number, user datagram protocol (UDP) source port number, UDP destination port number, type of service (TOS), and data type. 15. The apparatus according to claim 8 , wherein, upon receipt of a notification of a failure of one or more of the plurality of secure segments that inhibits the data packet flows over the PEP connection, the first PEP node is configured to terminate the PEP connection. 16. The apparatus according to claim 15 , wherein, upon an initiation of a new data packet flow to be carried over the secure data tunnel, the first PEP node is configured to determine whether the performance enhancing function should be applied to the new packet data flow, and wherein (i) in an event that the first PEP node determines that the performance enhancing function should be applied to the new packet data flow, the first PEP node is configured to establish a new PEP connection between the first PEP node and the second PEP node via the secure data tunnel for transmitting the new data packet flow over the new PEP connection subject to the performance enhancing function, and (ii) in an event that the first PEP node determines that the performance enhancing function should not be applied to the new packet data flow, the first PEP node is configured to allow the new packet data flow to function without application of the performance enhancing function. 17. The method according to claim 1 , wherein, upon receipt by the first PEP node of a notification of a failure of one or more of the plurality of secure segments that inhibits the data packet flows over the PEP connection, the method further comprises terminating the PEP connection. 18. The method according to claim 17 , wherein, upon an initiation of a new data packet flow to be carrie