S3SS10N Wednesday - OSI Reference Model

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

1 hour 27 minutes
Video Transcription
Hi, This is Kelly Hander Hannon. Welcome back to Sessions Wednesday. Today's topic is tthe e os I reference model. And if you're not familiar with it or if you're just vaguely familiar with it, that stands for open systems interconnect. We're gonna talk about what it is, what it does and why it's important.
All right, so open systems interconnect,
and that also comes to us from the International Organization of Standards. So just if you listen, if you pay attention to the very name itself Opening Systems Organization of Standards, what we're looking for with the S I reference model
is to provide a framework for standardization. We're trying to promote vendor interoperability,
and the reason that West I'm model is important to us. Well, first of all, let's just, you know, hit hit one of the big points. It's very testable. If you're gonna take a security plus examine network plus exam C. I S S P most exams that revolve around networking require a pretty decent understanding of the O. S I reference model. So
let's get that out of the way. First of all,
now, the second piece is from the real world perspective. The s I model looks to make sure that we promote standards and that we have vendor interoperability. And here's Here's why this is important. When I came into networking many, many years ago, let's not go into those details.
But one of the things you'd find is you'd walk into a network and you'd have Microsoft clients on the desktop. Maybe using net buoy,
you'd have a backend server running Novell using I P. Access PX You'd have Apple systems on the desktops using
Apple talk. You might have other systems. UNIX clinic systems using TCP I P. So in one network you might have four different protocols running around. You also might have a token ring network connected to an Ethernet network. You had all of these different elements on the network, and
any time we have this sort of proprietary environment,
getting all these devices to play nicely together can really be challenging. So when we talk about interoperability, what we get is this this environment where it doesn't really matter what vendor were buying from our devices, have the same functionality
like, for instance, if we were all connected in this classroom to Annette Gear switch and that Netgear switch were to fail. We could bring the links. A switch in here we could bring a juniper or Cisco because of switch does would've switched us. And that's the beauty of the O. S. I reference model.
So let's work on standards because standards are interoperable.
Ah, standards air generally easy. They follow the same basic guidelines. And another thing that we like when it comes to networking, we like cheap
and cheap, usually goes with standard devices. Now, if you want a really high end, very granular solution that's very customized to your environment, you're not gonna get that with standardization. But if you want cheap and easy and interoperable standards or the way to go as a general rule,
so what we have is we have a seven layer model called Again the OS I reference model,
and it's a top down model, which means, ah, we started the top toe look a basic functionality and we come all the way down to the bottom with the S I model describes is a process called encapsulation, and when we say encapsulation, we're talking about wrapping packaging.
So what happens is we start out with data up the application layer.
And as we come down to the lower levels or lower layers, header information is added and that header information might be addressing. It might be formatting. It might be, ah, means that we used to determine if data was received, whatever that is.
And that process is encapsulation.
So where's up at the top? We start with data. As we move down, we get data plus headers, more headers, more headers, more headers till we're down at the physical layer, really ready to transmit or translate thes into electric signal to go across the wire. Okay,
so that's the whole purpose. That's what we're doing with the O. S. I model
now from a testable perspective. First of all, make sure that you know each of the layers
and their corresponding number,
and I will point out notice the data link layers the only layer divided into two sub layers. But any caste you're gonna take will refer to them by name, as well as by numbers. So make sure you know the boat. Now there are a 1,000,000 different tricks to memorizing the layers of the U. S. I model.
I do not recommend that you go out on Google. New Monica trips tricks for OS I model,
you will find a wide variety of things of varying levels of appropriateness. That's all I'm saying. So a very common one. Ah, from the top, all people seem to need delicious pizza.
Okay, Um, all people seem to need delicious pizza. You might hear data processing or any of those others from the bottom up.
Please do not throw sausage pizza away. Those are very, very common. My personal favorite people don't need to see Paula Abdul
argue with that, right? I'm just saying, All right, so those air the seven layers of the U. S. I model, we call it a top down model because when we look at that, ultimately as a sending system of sending computer. So I'm getting ready to connect to a website getting ready, singer, an email message, whatever I might be doing,
the data starts off in application layer justice data,
and, like we said is, it travels down. We add packaging information to get it prepared to go across the wire. All right. Now, even though the U. S I model is a top down model, it's actually easier to understand from the bottom up.
And the reason for that is at the bottom. Layers, thes air are more simple devices. Okay,
so we look at the physical layer we're talking about. Really? Dumb devices were talking about devices that have no decision making capabilities. They're really just about providing a place for the signal to travel. So when we're looking at the physical layer, we're talking about our devices like cable
connectors for that cable and hubs,
hubs and all data out all ports all the time.
Cable cable doesn't know what Dad is going across. A cable doesn't care. It's just a pathway for the signal. So when we're down it, layer one no decision making capability.
Now what you'll find is, as we go up the OS I model, we gain intelligence. So when we move up to the data link layer, we do some addressing, and the type of addressing that we do is Mac address
and Mac addresses, air bound to network cords, their unique identifies for each specific nick. And that's what allows your network card to say, Oh, this is for me and pick it up off the cable so you know, where is the hub? Sends all data out all ports all the time. Each network card
examines the dabba looks for the Mac address.
And if it's not my Mac address, I leave it on the cable. Just like if the postman delivers mail to you and it's not for you, you put it back in the box, right? You say, not at this address unless it's something from Amazon and we like to take it and see what's in there. Never mind. All right, so the bottom line is,
um, we use at the data link layer
we use Mac addressing. And Mac is one of those fun words in networking. That could mean a lot of different things. It's an acronym. That means about five different things off the top of my head. Aah! This meaning for Mac is media access, control. And again, part of the job there is to identify each network card
as unique on the network. It's a form of addressing.
Okay, so, Mac, down below Ah, well, just put it's an I D for
network cards. Well, if Mac is an I d for network cards, it makes sense that network cards function at the data link layer, and that's absolutely true. So we'll use Mac addresses here will say network cards or Knicks
and a device that uses Mac addresses
switches hope that's big enough to see Mac addresses, network cards, network interface cards and switches. Hubs know addressing all data, all ports all the time. Switches used Mac addresses to direct traffic, so they're layer two devices, a network card
layer to device. Now let me just back up and say network cards do have a portion that functions at the physical layer. They have that physical interface, right? There has to be a physical interface to plug the cable in. So that's layer one right. But the main function of the Nicky's later, too.
All right, so Mac, addressing, we said, is an I D for network cards.
The L. L C sub layer is responsible for error detection.
If you're ever connecting to a website or to a local side to share whatever and everything's quick and you glance at the back of your system, you'll see that Nick Flashing green all is right with the world. But when you see that Nick flashing Amber, what's likely happenings. You're having collisions on the network.
It's the L L C sub layer that says up.
We've got a collision I need to retransmit Okay. And then the max sub layer again. Matt gives me an I D for network cards, but it also determines who gets to communicate on the cable. That's another part that the Mac address does that basically,
it looks for any sort of signal on the cable. If nobody's communicating, puts its message out there.
If the message collides with something else than the l. L C Sub Layer steps in and says, Let's transmit, you know? That's why these two go hand in hand for the data link layer. All right, Now, as we move up, the S I model move up the food chain, we come up to the network layer and the network layers one that we talked about a lot
because his network technicians, network engineers,
we frequently air working with I p addresses. And whereas your Mac address doesn't change regardless of where you are on the planet because it's bound to your network card, your I P address is logical in nature, right? It's based on where you are. So if I take my system home,
my i p address is very likely to change that if I take it out to a hotel or business
or wherever. And i p addressing eyes something we ah, address? Nope. Well, pun intended on another session. So if you're not really familiar with I p addresses and how those work check out those sessions, so I p addresses or logical. And the devices that use the I P addresses our routers
uh, routers determined Best path based on the i. P address, how to get there and how to get their quickest.
There are other protocols that work here at the network layer. As a matter of fact, any protocol that starts with the letter I for most of the exams you take. Now, I I know that sounds a little If he you know, the point of the matter quite honestly is
the s I model was never designed to be an exam topic.
You know, you take something to make it for an exam. You say this happens here. This happens here. This happens here. That's not really the way the world works. There's a lot of flow across the OS I model in the real world. It's a very conceptual model, but for those of you that are testing, you know, they want you to memorize certain protocols, certain devices at certain levels.
So what will say, because I know many of you are gonna be testing
Is your eye protocols air here? I see. In P I g r p i, g and P like i p second all those others. Now there is a male application protocol called I'm app that isn't here, but for the most part your eye protocols happened at the network layer.
All right, we move up to transport layer and two big protocols happen here. T c, p and U T P also the determination or the addition of port numbers. So with T. C, P and U T P
ah. The big difference between the two of those is reliability
versus unreliability. If that's even work being reliable or unreliable. Sometime she'll hear phrases like connection oriented or guaranteed delivery for TCP. For UDP, you'll hear that it's unreliable, it's not guaranteed,
and sometimes UDP is even referred to is the best effort protocol, which is kind of like I'm tossing it out. Their hope. It makes it.
That doesn't feel like a bunch of best effort for me, but it's called best effort protocol. All right, so with TCP, let's say I work for, Ah, one of my friends here, Ryan, and he gets a call. I've got a couple of ways that I can get that message to him. I can pick up the phone and say, Hey, Ryan, you got a call on line one
and I've sent that out, You know, on the speaker,
I've sent that out over the intercom system. Maybe he gets the message. Maybe doesn't
I don't care. I've done my job right? That's UDP. The reason I did that way was it's very quick. Hey, call online one
if I wanted to be more thorough, What I do is I dialed his extension and I'd say, Ryan, I have a call for you on line one. Can you take it? And I wait for him to come back and say yes. And then I come back and say, Great. Here it is. That's a process called handshaking.
Ah, and TCP has a three way handshake in order to set up the connection
to make sure that we know that communications set up and ready to go. We're gonna handle that. Ah, and the process is sin. Sen Ack ack. That's fun trivia for parties. You may not need that at all, but that's the three way handshake,
so you'll find that TCP is all about
delivery. It's all about connection oriented guaranteed delivery. UDP Let's get it out there. Ah, it doesn't. You know, maybe you get it. Maybe you don't.
What's the best thing about a UDP joke?
I don't care if you get it or not.
That's my favorite joke in the entire world. Sorry. Had to do that. That's just for me. All right. So moving along past TCP and UDP port numbers, port numbers. These are little numeric. Identify IRS. They're just a little stamp on your data in the header that basically says, Hey,
this is web traffic. This is male traffic.
This is whatever type of traffic. So your port numbers once dad against your system, it's the port number that tells your system what to do with.
Okay, All right. Going up to the session layer the session layer, actually by the way. Let me add one more phrase with T C. P. You get what's called end thio end connection. Okay, so with that, we're talking about setting up a TCP session, as in,
you know, from one system to another this handshake process that says we're going to communicate.
This is kind of the pony express layer that all the upper layer service is sort of piggyback on to get their upper layer. Service is either used TCP or UDP. So if you think about like, UDP those things that have to be really time or really need a lot of speed like media streaming
Ah, file transfer protocol. Http. A lot of other ones used TCP.
All right, moving up to the session layer that is an application toe application session. So where your Web browser opens up a session with the Web server that session layer quite honestly for the real world. These three kind of go together very quickly,
and there's not a whole lot of relevant
Step one. Step two, Step three. Here. It's all about getting prepared to either display the information on the receiving computer, uh, or to prepare the information to be sent on the sending computer, So we'll go through these kind of quickly presentation does formatting.
And when we talk about formatting,
let's go ahead and add encryption and compression.
There's a lot of encryption that happens. Different layers of encryption. I mean, there's hardware based encryption. There is, um I P sec. There is S S l T l s. There's a lot of different encryption that happens in the U. S. I model. It's not that it's just added it one place.
But this is kind of file level encryption that the operating systems adding,
Ah, when we talk about formatting, we're talking about a universal format. Ah, so that data sent on ah pc could be read on the Mac and that kind of idea is that universal conversion? Uh, compression, of course.
Ah. Shrinking out redundant information.
Ah. Formatting also graphics formatting and sound formatting like MP three and J and ah, before J peg versus Jeff for graphics. Those are presentation layer.
And then when we get to the top of the O s, I model these air the protocols that applications interface with
Okay, so a lot of times when we think application, we're thinking our Web browser, not our Web browser, but the protocols that really drive our Web browser like Http FTP and we could go on and spend the day naming application layer protocols.
I mean, we've got popped three and I map in S and M P and SMTP and,
you know, again, on and on and on. These were the ones that are closest to the user. So we'll say we'll call this
the protocols behind the apse tons and tons and tons of application layer protocols. So just kind of a quick summary. When I go to make a connection to a system my Web browser, perhaps if that's what I'm working with using. Http
kind of gets that ready for the connection, coming all the way through the commands or formatted universally, we get that
application application connection. TCP is gonna add headers. Ah, that do things like Acknowledgments port numbers. As we come down to the network layer, we get a header for I p addressing.
Ah, when we come down to the data link later, we get Mac addresses stamped on there. And then by the time we get to the physical later
layer, we're we're willing we're ready to take that and converted into actual signal to travel across the wire. So once again, the OS I model is a very important theory of networking. To be honest with you, if your brand new to networking and the S I model is still sort of mysterious and nebulous.
One day in about six months from now you'll be in the shower and all of a sudden you'll go,
Oh, I get the OS I reference model. It really is one of those things that the more you work with it, the more you get it, and you have to kind of go through those preliminary steps of memorizing it before it can really sink in. AA Lot of people lump it into the group of silly things I have to memorize to pass a test. If you're new to networking, that's fine.
Memorize it.
Get the gist of what happens at each of the layers to spit it back out for a test. But I promise you, when you move into doing networking on a day to day basis, you'll find that this really is very meaningful. So I hope this was helpful to you today. I hope it helps you to prepare for whatever certification
exam that you're taking. I hope you're taking a cyber certification.
Would also any of those others that might be out there? Um and ah, we will discuss other topics in our next session. So check back with us very soon. We should best of luck in your cyber career, and we'll see you next time.
Up Next
Open Systems Interconnection Model (OSI model)

The OSI Model is a conceptual model that characterizes and standardizes the communication functions of a telecommunication or computing system without regard to their underlying internal structure and technology

Instructed By