A first application at a first device selects one of multiple encapsulation format types based on a cost or bandwidth associated with a network, or associated with a link of the network, connected between the first application at the first device and a second application at a second device. The first application receives, at the first application from Open Systems Interconnection (OSI) layers above an OSI session layer, payload data associated with a session, and generates one or more session layer encapsulated blocks of the payload data using the selected one of the multiple encapsulated format types. The first application encrypts the payload data, and other data of the one or more session layer encapsulated blocks, and passes the encrypted session layer encapsulated block to OSI layers below the session layer for sending to the second application at the second device.