Home / IT Security / Security+ / THE OSI MODEL


The OSI (Open System Interconnection) reference model is a layered network model. The model is of course abstract; we do not directly run the OSI model in our systems (most now use the TCP/IP model).

Rather, it is used as a reference point, so “Layer 1” (physical) is universally understood, whether you are running Ethernet or an ATM, for example. “Layer X” in this book refers to the OSI model.

The OSI model has the seven layers, as show in the table below. The layers may be listed in a top-to-bottom or bottom to the top order.

Using the latter, they are Physical, Data Link, Network, Transport, Session, Presentation and Application.


Layer 1: Physical

Physical is a layer 1 of the OSI model. This first layer describes the units of data such as bits represented by energy (such as light, electricity, or radio waves) and the medium used to carry them, such as the copper or fiber optic cables.

WLANs have a physical layer, even though we cannot physically touch it.

Cabling standards such as thinnet, thicknet, and unshielded twisted pair (UTP) exist in layer 1, among many other devices, including hubs and repeaters.

Layer 2: Data Link

The data link layer handles access to the physical layer as well as the LAN communication. An Ethernet card and its media access control (MAC) address are at layer 2, as are switches and bridges.

Layer 2 is divided into the two sublayers: media access control (MAC) and logical link control (LLC).

The MAC layer transfers data to and from the physical layer, while LLC handles LAN communications. MAC touches the layer 1 and LLC touches the layer 3.

Layer 3: Network

The network layer describes the routing, which is moving data from a system on one LAN to a system on another.

IP addresses and routers exist at layer 3, where protocols include the IPv4 among others.

Layer 4: Transport

The transport layer handles the packet which is sequencing, flow control and the error detection.

TCP and user datagram protocol (UDP) are the 4 layer protocols.

Layer 4 makes a number of features available, such as the resending or resequencing packets.

Taking advantage of these features is a protocol implementation decision. As we will see later, TPC takes advantage of these features, at the expense of speed. Many of these features are not implemented in the UDP, which chooses speed over the reliability.

Layer 5: Session

The session layer manages the session, which provide maintenance on connections. Mounting a file share via a network requires a number of maintenance sessions, such as remote procedure calls (RPSc), which exist at the session layer.

The session layer provides connections between the application and uses simplex, half-duplex, and full duplex communication.


The transport and session layers are often confused. For example, is “maintenance of connections” a transport layer or session layer issues?

Packets are sequenced at the transport layer, and network file shares can be remounted at the session layer;

You may consider either to be maintenance. Words like “maintenance” imply more work than packet sequencing or retransmission; it requires “heavier lifting,” like remounting a network share that has been unmounted, so session layer is the best answer.

Layer 6: Presentation

The presentation layer presents the data to the application and user in a comprehensible way.

Presentation layer concepts include the data conversion, character sets such as ASCII, and image formats such as GIF (graphic interchange format), JPEG (joint photographic expert group), and TIFF (tagged image file format).

Layer 7: Application

The application-layer is where you interface with your computer application. Your web browser, word processor, and instant messaging client at layer 7.

The protocols Telnet and FTP are application-layer protocols.

About Jahanzaib Khan

Jahanzaib Khan is Web Designer & Ethical Hacker. He Who has been working since 2014, and is managing several successful websites on the internet for about 3 years. Jahanzaib-khan.com

Check Also

Information Security Governance

Information Security Governance

Information security governance is the information security in the organizational level, which includes senior management, …

Leave a Reply

Your email address will not be published. Required fields are marked *