@JediShark - that's super helpful, thank you.
@KTS915 - Thanks for your response. In testing the cache issue, I have set Varnish to OFF and purged cache. I have used a fresh browser window to successfully login to the site, then "Sign Out". This redirects to the unprotected homepage. Great.
If I then close the browser window, open a new one and type in the URL of a known protected page, I can still access it -- If I then clear the cache on the browser and reopen a fresh window and try the protected URL again -- Bingo! Redirects me to the Sign Up page.
QUESTION: I guess I'm wondering, why doesn't S2Member operate like other sites and simply log the user out and ensure that even if there's a cached version of the protected page, the user is redirected to log back in?