The OSI model (Open Systems Interconnection Model) is a design concept for understanding and modeling the functioning of communications. It was created by the International Organization for Standardization (ISO) to promote collaboration between different systems and technologies.
Understanding the 7 Layers of a Firewall: In the digital age, where cyber threats loom large, firewalls act as the first line of defense for securing networks. To understand how they work, it’s important to know their relationship with the OSI (Open Systems Interconnection) model, which divides network communication into seven layers. Firewalls can function across one or multiple layers to filter traffic, monitor data packets, and prevent unauthorized access. Let’s explore how firewalls interact with these layers.
So, Firstly we have to learn the order. Here is a simple trick to learn the order of the OSI model.
- Please Do Not Share your Password To Anyone
7. Application Layer (Layer 7)
The application layer deals with software and end-user interactions. Application firewalls operate here, filtering traffic based on the content of the data, such as HTTP requests, DNS queries, or email protocols like HTTP, SMTP, or POP3. This layer is considered the user’s interface.
This layer’s data is in human-readable format because users interact with it. Therefore, there is a chance of a man-in-the-middle attack because the data is not encrypted in this layer. So, we encrypt the data in the next layer.
Example: Blocking specific websites, applications, or file types like .exe files to prevent malware.
Key Role: Preventing application-layer attacks like SQL injection or phishing.
6. Presentation Layer (Layer 6)
The presentation layer handles data translation, compression, encryption, and decryption.
- Data Translation: In data translation, this layer converts human-readable into machine language.
- Data Compression: Big data files are compressed in this layer.
- Data Encryption: We use SSL(secure socket layer) and TLS (Transport Layer Security) encryption for encryption.
Key Feature: Protecting data integrity by blocking untrusted encryption keys or malformed packets.
Example: Ensuring only properly encrypted HTTPS traffic is allowed.
5. Session Layer (Layer 5)
This layer manages sessions between devices. Firewalls operating here can track session states and prevent session hijacking or unauthorized access attempts. A “session” is the time between the beginning and end of an interaction. The session process ensures that the session remains open long enough to transfer all necessary data. The session process then closes the session to prevent unnecessary resources from being used.
Key Role: Monitoring and controlling session-level activities.
Example: Terminating suspicious or long-running sessions to prevent attacks
4. Transport Layer (Layer 4)
The Transport Layer manages end-to-end communication. It uses two main protocols:
- TCP (Transmission Control Protocol): Ensures reliable, connection-oriented communication.
- UDP (User Datagram Protocol): Offers faster, connectionless communication.
Flow Control and Error Handling
This layer also oversees data segmentation, error detection, and retransmission in case of packet loss.
Example: Blocking traffic to unauthorized FTP (File Transfer Protocol) ports.
3. Network Layer (Layer 3)
The network layer handles routing and addressing, using IP addresses for data transmission. Most traditional firewalls operate at this layer, filtering traffic based on IP addresses, protocols, and port numbers.
Key Protocols (e.g., IP, ICMP)
Core protocols include:
- IP (Internet Protocol): Handles logical addressing and routing.
- ICMP (Internet Control Message Protocol): Assists in error reporting and diagnostics
Key Feature: Packet filtering to block or allow traffic from specific IP ranges.
Example: Restricting access to specific websites using IP blocking.
2. Data Link Layer (Layer 2)
MAC vs. LLC Sublayers
The Data Link Layer is divided into two sublayers:
- Media Access Control (MAC): Manages access to the physical transmission medium. The way where is data going and who is going to take the data
- Logical Link Control (LLC): Ensures error detection and flow control.
Protocols and Responsibilities
This layer ensures data packets are correctly framed and transmitted. Protocols like Ethernet and Wi-Fi operate here, along with error-checking mechanisms such as cyclic redundancy checks (CRC).
1. Physical Layer (Layer 1)
Role and Function
The Physical Layer defines the hardware components and physical media for transmitting raw data bits. It includes specifications for cables, switches, and other transmission mediums.
Key Devices and Technologies
Common technologies at this layer include Ethernet cables, hubs, fiber optics, and wireless signals. The focus is on signal modulation and hardware-level connectivity.
Why the 7-Layer Approach is Crucial
Modern firewalls often combine functionalities across multiple layers to provide robust security. These are commonly referred to as Next-Generation Firewalls (NGFWs). They incorporate traditional packet filtering, session tracking, and advanced application-level controls into one system.
Conclusion
Understanding the 7 layers of a firewall enhances your ability to choose and configure the right security solution for your organization. By defending across multiple layers, firewalls provide a comprehensive shield against today’s complex cyber threats. Whether you’re protecting hardware, monitoring IP traffic, or filtering application content, a layered approach ensures no vulnerability goes unchecked.
Wonderful work miss neha