I see that as a good analogy and I understand that the OSI model is broken down into seven layers and each layer has a job to do I was wondering which of these layers would be most important in developing security protocols for my company?
Since no one else answered this one I thought I would take a stab at what I would say to my “potential client” if I was asked this very legitimate question during my hypothetical meeting. Here goes: When it comes to developing security protocols for your organization the OSI model will play a critical role in determining what risks are present to each area of the network, by evaluating each layer of the OSI model and protecting each vulnerability found. The physical layer shows us that the physical network and resources need to be protected. Doors to server rooms need to be kept under lock and key, and only authorized personnel need to have access to these resources. Another important part of the physical layer would be the actual data storage and recovery. It is important to have a source for information backup kept offsite, in the case of an environmental disaster on location. The next layer, the data-link layer, exposes a vulnerability in the exposure of datagrams on the network. At the data-link layer there are threats such as MAC flooding,, ARP and Spanning-Tree attacks, or MAC spoofing to gather traffic destined for a different machine. Hackers use these methods to grab data from the network which can include usernames and passwords to even more sensitive information. It is important to disable untrusted Layer 2 ports. This will limit traffic between hosts and close up any vulnerabilities. Layer 2 switches can also establish Virtual Local Area Networks, which separate networks logically on the same physical network. QoS protocols can also provide additional protection by providing better bandwidth utilization. At the network layer, which is responsible for addressing and routing frames, the best path is determined for communication between hosts. At this layer hosts have their own unique IP address that distinguishes them from other hosts on the network. To protect this information from potential abuse Network Address Translation service and Port Address Translation services allow users to hide their private IP address from the public by masking it with a public IP address. Though different in their operation their function provides anonymity by hiding the actual IP address of the host computer by either hiding behind another IP address or by assigning virtual ports to a single IP address. Another consideration at this layer would be the way hosts on the network get their IP address for communication on the network. Many networks employ DHCP addressing which automatically assigns an IP address to an authorized host on the network. It might be more secure to provide a static IP address for hosts, or consider a shorter lease time for each assignment. Next we have the Transport layer, which is responsible for address translation services and port assignment. Many applications by default use well known ports for transmission and reception of information, one way to be secure on Layer 4 would be to use private ports for communication instead of more well-known ports. This will make it less likely that a virus or other malicious program could gain access to the network through an open port. Data confidentiality and integrity are also other potential issues at this layer. It is important to use methods that ensure data integrity such as State Transition TCP and Extended Three-way Handshake to identify transmissions and Message Authentication Code to check the data for modifications. Data encryption at this layer can also ensure confidentiality of the data on the network as well. The next layer in the OSI model is the Session layer, it is responsible for establishing, maintaining, controlling, and ending connections between hosts on a network. It is important that there is a way for the...
Please join StudyMode to read the full document