Open Systems Interconnection Model (OSI)

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/6

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

7 Terms

1
New cards

Layer 1

Physical Layer

This layer is responsible for the physical connection between devices, including the transmission of raw data (bits) over a physical medium like cables or radio waves.

While SASE is a cloud-based service, it leverages physical network infrastructure for connecting users and devices. However, it doesn’t operate directly at this layer.

2
New cards

Layer 2

Data Link Layer

This layer handles node-to-node data transfer and error detection/correction. It's responsible for the MAC (Media Access Control) addresses and ensures that data frames are transmitted reliably.

SASE typically doesn’t focus on Layer 2, but SD-WAN may interact with MAC addresses and perform link-layer optimizations when dealing with different types of media for connectivity.

3
New cards

Layer 3

Network Layer

This is the routing layer. It manages the delivery of packets across networks, determining the best path to reach the destination. IP addresses operate at this layer.

  • SD-WAN operates heavily at this layer, managing IP addressing, routing, and optimizing traffic paths across wide area networks.

  • Firewall-as-a-Service (FWaaS) inspects and filters traffic at Layer 3, controlling traffic based on IP addresses and protocols.

4
New cards

Layer 4

Transport Layer

This layer ensures end-to-end communication and data flow control between systems. Protocols like TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) work here.

  • FWaaS and Secure Web Gateway (SWG) also operate here by inspecting traffic for TCP/UDP-based protocols. Layer 4 filtering provides protection against attacks that exploit transport protocols (e.g., TCP SYN flood).

  • ZTNA ensures that secure connections are established with end-to-end encryption between the user and resources.

5
New cards

Layer 5

Session Layer

Responsible for establishing, managing, and terminating communication sessions between applications.

  • ZTNA and SWG ensure the secure initiation, management, and termination of sessions. They authenticate users and maintain secure communication channels.

  • Threat prevention services like Intrusion Detection/Prevention Systems (IDS/IPS) help ensure session integrity, preventing session hijacking or tampering.

6
New cards

Layer 6

Presentation Layer

This layer deals with data translation, encryption, and compression, making sure that data sent by the application layer of one system is readable by the application layer of another.

DLP and CASB services often work at this layer by ensuring that data is appropriately encrypted, compressed, or decrypted before being transmitted. They protect data by enforcing encryption policies and preventing the exposure of sensitive information.

7
New cards

Layer 7

Application Layer

The top layer where users interact with the network. It provides services like email, file transfers, and web browsing (e.g., HTTP, FTP, SMTP).

  • CASB, SWG, FWaaS, and DLP provide significant protection at Layer 7. This includes inspecting HTTP/S, email, and other application traffic, filtering based on content, and ensuring that only legitimate application requests are allowed.

  • Threat prevention services, such as malware detection and application-level firewalls, focus on identifying and blocking threats based on application-level behavior.