OSI Model and Web Application (Layer 7) Explained

When you are looking at cyber security products you will often come across the phrase “layer 7 protection”. On its own this can be very confusing, but it’s actually referring to the Application layer of the OSI model. 

The Open Systems Interconnection (OSI) Model divides the functions of a networking system into 7 layers. Each layer interacts only with the layers above and below itself.

It is worth keeping in mind that the OSI Model is purely theoretical and designed to help describe what occurs in networking communications, not the technology involved. Even though the OSI Model is only a conceptual framework, it still needs to be useful; referencing the model helps engineers, developers, and IT professionals pinpoint what a product or protocol does and where it belongs in the network communication process.

The layers of the OSI Model

The application layer (layer 7)

This is the only layer that directly interacts with data from the user. Software applications like web browsers and email clients rely on the application layer to instigate communications. But it should be made clear that client software applications are not part of the application layer; instead, the application layer is responsible for the protocols and data manipulation that the software relies on to present meaningful data to the user. Application layer protocols include HTTP and SMTP (Simple Mail Transfer Protocol is one that enables email communications).

The presentation layer (layer 6)

This layer is primarily responsible for preparing data so the application layer can use it; in other words, layer 6 makes the data presentable for applications to consume. It’s responsible for translation, encryption, and data compression.

Two devices may use different encoding methods, so layer 6 is responsible for translating incoming data into a syntax that the application layer of the receiving device can understand.

If the devices communicate over an encrypted connection, layer 6 is responsible for adding the encryption on the sender’s end and decoding the encryption on the receiver’s end to present the application layer with unencrypted, readable data.

Finally, the presentation layer is also responsible for compressing data it receives from the application layer before delivering it to layer 5. This helps improve the speed and efficiency of communication by minimising the amount of data transferred.

The session layer (Layer 5)

This layer is responsible for opening and closing communication between the two devices. The time between open and closed communication is known as the session. The session layer ensures that the session stays open long enough to transfer all the data and promptly closes it to avoid wasting resources.

The session layer also synchronises data transfer with checkpoints. For example, if you’re transferring a 100-megabyte file, the session layer can set a checkpoint every 5 megabytes. So, if it crashes after only transferring 52 megabytes, the session could be resumed from the last checkpoint, which is 50 megabytes. Without the checkpoints, the entire transfer would have to begin again from scratch.

The transport layer (layer 4)

Layer 4 is responsible for end-to-end communication between the two devices. It takes data from the session layer and breaks it into segments before sending it to layer 3. The transport layer on the receiving device is responsible for reassembling the segments into data the session layer can read.

It’s also responsible for flow control and error control. Flow control defines the optimal transmission speed and ensures that a sender with a fast connection does not overwhelm a receiver with a slow connection. Error control is performed on the receiving end by providing that the data received is complete and requesting retransmission if it isn’t.

The network layer (layer 3)

The network layer facilitates the data transfer between two different networks. The network layer is unnecessary if the two devices communicate on the same network. The network layer breaks up segments from the transport layer into smaller units, called packets, on the sender’s device and reassembles these packets on the receiving device. The network layer also finds the best physical path for the data to reach its destination, known as routing.

The data link layer (layer 2)

The data link layer is like the network layer, but the data link layer enables data transfer between two devices on the same network. Like the network layer, the data link layer is responsible for flow control and error control in intra-network communication. The data link layer takes packets from the network layer and breaks them into smaller pieces called frames.

The physical layer (layer 1)

The physical layer of both devices must also agree on a signal convention. This layer includes the physical equipment for the data transfer, such as the cables and switches. This is also the layer where the data gets converted into a bit stream (a string of 1s and 0s). 

To find out more about the impact of DDoS and Layer 7 attacks, read our blog on Network Vs Application DDoS. Additionally, contact an adviser at CWCS Managed Hosting today for more information.