Skip to main content

Major Network Fundamental is Explained: OSI Model and Its Security

When networking took rapid expansion, vendors faced major compatibility issues. One vendor's proprietary solutions were not always compatible with the other. To assist network devices and network software vendors, the OSI model was proposed. This model provided a layered approach to networks that would allow vendors to create networks that were compatible with one another. As a result, the hardware and software you see today can easily communicate with products from 3rd party vendors.

The modern networks you see today don't exactly rely on the OSI model, but instead, rely on a simplified version of the OSI model; the TCP/IP model. While it may not be as popular in use, the OSI model still provides the fundamental framework for network system manufacturers. You can only learn about other network models and technologies if you know how the OSI model works. This is why it is important to clearly define all layers of this model one by one and see how they collaborate with one another.

In this article we will cover the following topics:

  • What is the OSI model?

  • What are the Layers of the OSI Model?

  • Why You Need to Master the OSI Layers?

  • How Cybersecurity is related to the OSI Model?

  • What are the Attacks on the OSI layer?

  • Why Do We Need Security at Each Layer of the OSI Model?

  • How does Zenarmor NGFW protect OSI Layer?

  • What are the tricks to memorizing the OSI Model 7 Layers?

  • History of OSI Model

What is the OSI model?

The Open Systems Interconnection (OSI) model is a conceptual model developed by the International Organization for Standardization as the initial standard for network communications in the early 1980s. All major computer and telecommunications companies have since adopted this conceptual framework. According to the OSI reference model, the communications between a computing system are partitioned into seven distinct abstraction layers: Physical, Data Link, Network, Transport, Session, Presentation, and Application.

The OSI model can be characterized as a specific type of reference model that explains how data is transferred from software applications in computer systems to a larger network. The OSI model is a seven-layer model of computer networking. A "standard model for network communications" is a better definition of OSI model. The ultimate goal of OSI model is to make it possible for software and hardware devices on a network to work together. All the major software and hardware vendors at the time, as well as the major telecommunications companies, quickly embraced this model after it was first put forth by the International Organization for Standardization (ISO) in 1984.

What are the Layers of the OSI Model?

There are seven layers in the OSI model:

  1. Physical Layer

  2. Data Link Layer

  3. Network Layer

  4. Transport Layer

  5. Session Layer

  6. Presentation Layer

  7. Application Layer

Figure 1. Layers of the OSI Model

Let's take a closer look at each layer. Note that the first three layers are usually defined as the media layer (the hardware orientation of your network), and the proceeding four layers are called the host layers (the software your network implements).

  1. Physical Layer: The lowest layer of the OSI model is the physical layer. This layer, as its name suggests, deals with the physical medium of your network. It essentially allows the physical or wireless hardware of your network to communicate with one another, including your routers, your modems, your switches, your panels, and your cabling. These devices usually transmit raw, unstructured data in simple binary code (0s and 1s) across network nodes. The physical layer ensures that devices on the sending and receiving ends can both distinguish the 1s from the 0s.

  2. Data Link Layer: The data link layer follows the physical layer. This layer assists with "node-to-node" connections, facilitating the movement of structured data from one device to the next on the same network. The data layer aids in encoding and decoding data packers; it separates data brackets into frames before delivering them to the specified location. Its major function is to make sure your data is formatted correctly and to detect errors so your data is delivered properly. This layer is further broken down into the Logical Link Control (LLC) and the Media Access Control (MAC):

    • The LLC layer helps control the flow of data while checking for errors and synchronization.
    • The MAC layer is responsible for how the network accesses data and deals with permissions for data transmission.

One example of a data link layer protocol is Ethernet, which helps specify what the data should look like before transmission.

  1. Network Layer: The network layer handles your connectivity and routing needs. This layer establishes the route your data will take within your own network and between networks. It gets data frames from the data link layer and sends them to the address of their destination. One major example of the network layer is IP (Internet Protocol) addresses or routers.

  2. Transport Layer: The transport layer, as its name suggests, deals with the transmission of data segments from one endpoint to the next, error-free and in the right order. This layer is important for making sure that your network is secure and that no unauthorized data segments can enter or leave it. Some major functions of this layer include delivering data packets, checking them for errors, controlling flow, and sequencing data packets. Firewalls, the Transmission Control Protocol (TCP), and the User Datagram Protocol (UDP) are all examples of things that are part of the transport layer.

  3. Session Layer: The session layer is the layer responsible for facilitating communications between two devices. The "session" is the time when communication between two devices is opened and closed. The session layer will ensure that the session for any data transfer is sufficient to transfer all data and will shut down the connection when all the data has been transferred successfully. It will therefore take care of establishing, maintaining, and terminating sessions between devices. A common example of the session layer is the X.225 session layer protocol which will help maintain your connection, if it breaks down the protocol will further make efforts to recover it. If the connection is left unused, the protocol may shut down the session.

  4. Presentation Layer: The presentation layer, also known as the syntax layer, ensures that your data is formatted, encrypted, and compressed properly before it is transmitted across your network. It makes sure your data is understandable at the end of the point system. Your data will pass from the presentation layer to the application layer, the presentation layer makes sure the data is "presentable" for the preceding layer to process. Not all communicating devices may encode data the same way; layer 6 helps take care of this discrepancy so all incoming data is translated into a syntax that the next layer understands. Similarly, if the connection is encrypted, it helps decode the data before sending it to the application later. An example of the presentation layer includes HTTP, or Hypertext Transfer Protocol, which has aspects of the presentation layer.

  5. Application Layer: The final layer is the application layer, which deals with end users and applications themselves. It is the only layer where the user can interact directly with the data, or, more appropriately, where you (the end-user) can interact with an application. Whenever you want to transmit your files, you'll be able to do so through the application layer. For example, the Simple Mail Transfer Protocol (SMTP) falls under the application layer and allows for email communications.

Why You Need to Master the OSI Layers?

With the introduction of the TCP/IP model, many argue that the study of the OSI layer is no longer needed, but this is untrue. The TCP/IP model, for example, only has four layers, is simpler to study, is much better documented, and carries the standard protocols. However, this model can easily be correlated with the original OSI model. Also, if you want to know more about how modern network communications work at the ground level, you need to know about the OSI layers and the OSI model.

It is important to understand that the OSI model is still very relevant today. Network administrators can use the OSI model to carefully design each layer, one over the other. Separating them into different layers also makes it much easier to find problems in the network. The easier it is to troubleshoot any network error, the easier will be its resolution. Also, manufacturers and vendors need to be able to make devices that can easily talk to each other. By following the vendor-neutral standard that the OSI model provides, they help simplify the way networks communicate with one another.

Each layer of the OSI model has its own purpose and function. This makes each individual layer prone to cybersecurity threats. Therefore each layer in turn demands proper security protocols to be in place. Think of it this way: if you have a home with 7 windows, the home can only be secure if all 7 windows are carefully locked down. If any window is left open and is vulnerable to exploits, it can affect the remaining layers.

Unless all layers of your network are secure, your network will remain vulnerable, and there is a high risk of your data being compromised. Since the OSI models deal with data transfer from the source to its destination, you should have security embedded into every layer along the way.

The security methods used within each layer of the OSI model are explained below:

  1. Physical Layer Security: Your physical layer is the hardware that holds your network together. Even the smallest piece of equipment, such as your cabling, can bring your entire network down if you compromise. To protect your physical layer, you should have preventive measures in place. This includes adding biometric security systems, key cards, or other physical monitoring systems.

  2. Data Link Layer Security: Any breach in this layer affects the flow of information. Cybersecurity measures that can be taken here include MAC address filtering, assessing wireless applications, and making sure your data encryption is up to standard.

  3. Network Layer Security: The network layer takes charge of routing your data packets to the right target designation. Adding anti-spoofing measures, putting up firewalls, and securing routing protocols are some of the most common security steps you can take here.

  4. Transport Layer Security: The transport layer is the fourth layer and is responsible for controlling data flow efficiently and securely. Transport layer security is in action here, which ensures that data segmentation and de-segmentation can be achieved without error. Installing the right firewalls, locking down ports, and limiting access to transmission protocols are all ways to improve cybersecurity.

  5. Session Layer Security: The session layer helps establish control and end dialogues or sessions between end-user applications. To make sure all your sessions with web hosts are kept secure, you should implement encrypted HTTPS protocols, prevent access to cookies, and restrict failed session attempts.

  6. Presentation Layer Security: The 6th layer makes sure that your data is formatted and sent to and from the next application layer in the right way. This includes processing machine-readable code into data that the end user may use at the application layer. Cybersecurity measures you need for this layer include having an up-to-date antivirus and malware detection system.

  7. Application Layer Security: In the last layer, the application layer, the end user can interact directly with the applications. File transfers, e-mailing, and all types of data exchanges happen here. To compare, this layer is the most vulnerable to cybersecurity attacks. There should be a number of cybersecurity measures in place, namely web application firewalls, application monitoring, intrusion prevention systems, and secure web gateway services.

Cybersecurity threats exist on all layers of the OSI model, and as discussed, there are measures you can take to protect each layer. Most threats usually begin at the application layer, making it more susceptible to attacks. This layer is the first one where the user interacts with the applications. The security threats continue to follow throughout the remaining seven layers. Some common network vulnerabilities you'll find include Trojans, spyware, worms, viruses, bots, and spam attacks.

What are the Attacks on the OSI Layer?

Here we'll discuss some of the most common attacks we've seen at each layer of the OSI model.

  1. Physical Layer Attacks: Most hackers will try to use your network to bring it down, starting with the physical layer. This is called a Denial of Service (DoS) attack. The threats at this level can range from disruptions in electrical signals to the physical destruction of cabling or network infrastructure. Natural calamities such as fires, flooding, and overcharged heat sinks can also lead to vulnerabilities in this layer.

  2. Data Link Layer Attacks: The second layer controlled the transmission of data frames. Sniffing, spoofing, Media Access Control (MAC) flooding, port stealing, spanning tree attacks, and private VLAN attacks are some of the most common frame-level exploits.

  3. Network Layer Attacks: The network layer has routers that relay information within the network and from one network to the next; therefore, exploits are generally targeted toward your router. You may find sniffing, spoofing, or distributed denial of service (DDoS) attacks on a target router, which will aim to take down the ability to route information correctly. Some other common attacks you'll find include Internet Protocol spoofing, black hole attacks, and routing attacks. Ultimately, they aim to affect your network bandwidth and bring in extra load on your firewall to open up vulnerabilities.

  4. Transport Layer Attacks: The transport layer makes use of transport protocols to enable communication across the network. TCP sequence prediction, UDP and TCP flooding, SYN flooding, and Smurf attacks are all common types of attacks on the transport layer.

  5. Session Layer Attacks: Most of the time, the session layer deals with communication between systems and helps web browsers control sessions. The common attacks in the session layer include session hijacking and MITM (man-in-The-Middle) attacks.

  6. Presentation Layer Attacks: The most common types of attacks you'll see in this layer are SSL hijacking attacks, encryption attacks, encoding attacks, and sniffing attacks.

  7. Application Layer Attacks: The application layer receives the highest number of cybersecurity threats; the ultimate goal here is to make sure users are unable to access network resources. The common attack types include viruses, worms, phishing attacks, backdoor attacks, bugs, Trojan horses, DDoS attacks, HTTP floods, SQL injections, and so on.

Types of cyber attacks that can affect each OSI layer are given in the following table:

OSI LayerType of attack
Application layerExploit
Presentation layerPhishing
Session layerHijacking
Transport layerReconnaissance / DoS
Network layerMan-in-the-middle
Data link layerSpoofing
Physical layerSniffing

Table 1. Attacks on the OSI layer

Why Do We Need Security at Each Layer of the OSI Model?

It is clear that there is no limit to the number and type of attacks each layer of the OSI model may receive. To mitigate network security risks, IT managers try to take an OSI model approach, where they address network vulnerabilities and potential exploits at every level of the OSI model. Each layer has its own security vulnerabilities, and therefore there are individual security prevention measures you can take to keep your applications protected.

The end goal is to protect the privacy, security, and accessibility of the data in your network. It can lead to major disruptions in your network activity if hackers gain unauthorized access to mission-critical applications or sensitive data. For some companies, this can even mean going out of business. In the end, the less likely it is that an intruder will get to valuable information, the more layers of the OSI model you protect.

How does Zenarmor NGFW Protect OSI Layer?

Zenarmor is software for a virtual firewall that can be set up anywhere without the need for extra hardware. It is easy to deploy, has a simple UI, and can offer you a wide range of cybersecurity features. Zenarmor can protect several layers of the OSI model from security exploits, which is an interesting feature.

Typically, next-generation firewalls such as Zenamor can help filter packets of data based on the application, meaning they operate at the seventh layer, the application layer. Recall that this is the layer that receives the vast majority of cybersecurity threats. Before, firewalls only worked on the network layer and transport layer, which are the third and fourth layers of the OSI model. Zenarmor next-generation firewall can perform functions at Layers 3, 4, and 7. Some of the most important things it can do are stateful inspection, application awareness, detection and prevention of intrusions, threat intelligence, and protection from a wide range of attacks.

What are the tricks to Memorizing the OSI Model 7 Layers?

The OSI model consists of seven distinct layers: the physical layer, the data link layer, the network layer, the transport layer, the session layer, the presentation layer, and the application layer. Keeping these in mind in the correct order may be challenging for beginners. You're not the only one struggling; you'll easily find methods to help you memorize the entire OSI model and its individual layers.

Here we'll discuss the most popular technique: the use of mnemonic devices. To recall the OSI model's seven layers, simply remember this sentence: "All People Seem To Need Data Processing."

  1. All = Application Layer

  2. People = Presentation Layer

  3. Seem = Session Layer

  4. To = Transport Layer

  5. Need = Network Layer

  6. Data = Data Link Layer

  7. Processing = Physical Layer

You can alternatively use this sentence instead: "Please Do Not Tell Sales People Anything." This will help you recall the OSI layer in low to high order.

  1. Please = Physical Layer

  2. Do = Data Link Layer

  3. Not = Network Layer

  4. Tell = Transport Layer

  5. Sales = Session Layer

  6. People = Presentation Layer

  7. Anything = Application Layer

In this way, you can memorize the OSI model in either format you like. You can always tweak the mnemonic to a sentence of your own choosing, so it is easier to recall.

History of OSI Model

The idea behind the OSI model was to introduce a networking standard that would be widely accepted and would help simplify the way we set up networks. The hardware and software manufacturers would adhere to this model and develop their proprietary networking technologies accordingly. In the late 1970s, the International Organization for Standardization (ISO) and the International Telegraph and Telephone Consultative Committee, or CCITT, were both developing their own standard models for networking.

By 1983, these two models were merged to create the new standard called The Basic Reference Model for Open Systems Interconnection, this was renamed the Open Systems Interconnection Reference Model or the OSI Model for short. ISO published this standard in 1984 under the name "ISO 7498," whereas the CCITT published it as "X.200".

But when the Internet came along, the TCP/IP protocol came along and went head-to-head with the OSI model. In the end, the TCP/IP protocol was the clear winner, and it is still the model that modern internet architecture can use. The OSI model itself is still considered vital for network security, not only because it helps with academic training, but also because it offers a diverse approach to network management.

Last updated on by Zenarmor