2. SESSION LAYER
In the seven-layer OSI model of computer
networking, the session layer is layer 5. The
session layer provides the mechanism for opening,
closing and managing a session between end-user
application processes.
This layer allows users on different machines to
establish active communications sessions between
them
3.
4. WORKING OF SESSION LAYER
• Session Layer, which is the 5th layer in the OSI model, uses the
services provided by the transport layer, enables applications to
establish and maintain sessions and to synchronize the sessions
In order to establish connections:
• First thing is we should map the session address to the shipping
address. The second thing is that we need to select the required
transport quality of service parameters. Next thing is we need to take
care of the negotiations which should happen between session
parameters. Then we further need to transmit limited transparent user
data. Then at last, we need to monitor Data Transfer phase properly.
5. FUNCTIONS OF SESSION LAYER
Session establishment
Dialog management
Data transfer
Synchronization
Authentication
Authorization
6. 1. SESSION ESTABLISHMENT
The session layer establishes connections between devices which is known as
sessions. The session which is created allows users to share data, remote access, and
file management. When the session is released, the transport connection is mapped.
7. 2. DIALOG MANAGEMENT
The session layer keeps log data on which connections are established to transmit and
receive data, which is called dialog management. It is accountable for establishing,
synchronizing, preserving, and ending the conversation between the sender and the
receiver.
8. 3. DATA TRANSFER
It is the very basic function of the session layer, which handles the exchange of data
between systems in a full-duplex or half-duplex mode of transmission. The session layer
allows only one user to transmit data in half-duplex as well as exchange data in full-
duplex mode.
Full-duplex enables simultaneous two-way communication, which allows data to flow freely bi-
directionally.
Half-duplex enables two-way communication, but not simultaneously.
9. 4. SYNCHRONIZATION
This layer allows a process to add checkpoints which are considered as synchronization
points into stream of data. Example: If a system is sending a file of 800 pages, adding
checkpoints after every 50 pages is recommended. This ensures that 50 page unit is
successfully received and acknowledged.
10. 5. AUTHENTICATION
Authentication is about verifying the identity of a user (or system) by confirming their
credentials, while Session Management is about protecting a user's data during the
period of time when a user is actively engaged with a system or website
11. 6. AUTHORIZATION
It grants privileges after authentication of the user. Authorization means providing
access to the data that is authorized to the specific user.
12. SESSION LAYER PROTOCOLS
Session Layer uses some protocols which are required for safe, secure and accurate
communication which exists between two-ender user applications.
1. AppleTalk Data Stream Protocol (ADSP)
2. Real-time Transport Control Protocol (RTCP)
3. Password Authentication Protocol (PAP)
4. Remote Procedure Call Protocol (RPCP)
5. Socket Direct Protocol (SDP)
13. 1- ADSP:
ADSP is that type of protocol which was developed by Apple Inc. It includes a number of features that allow local area networks to be
connected with no prior setup. This protocol was released in 1985.
2- RTCP:
RTCP’s primary function is to provide feedback on the quality of service (QOS) in media distribution by periodically sending statistical
information such as transmitted octet and packet counts or packet loss to the participants in the streaming multimedia session.
3- PAP:
Password Authentication Protocol is a password-based authentication protocol used by Point to Point Protocol (PPP) to validate users.
Almost all network operating systems, remote servers support PAP.
4- RPCP:
Remote Procedure Call Protocol (RPCP) is a protocol that is used when a computer program causes a procedure (or a sub-routine) to
execute in a different address space without the programmer explicitly coding the details for the remote interaction.
5- SDP:
Sockets Direct Protocol (SDP) is a protocol that supports streams of sockets over Remote Direct Memory Access (RDMA) network
fabrics. The purpose of SDP is to provide an RDMA-accelerated alternative to the TCP protocol. The primary goal is to perform one
particular thing in such a manner which is transparent to the application.
15. FIREWALL
A firewall is a network security device, either hardware or software-based, which monitors all
incoming and outgoing traffic and based on a defined set of security rules it accepts, rejects or
drops that specific traffic.
Accept : Allow the traffic
Reject : Block the traffic but reply with an “unreachable error”
Drop : Block the traffic with no reply
17. WORKING OF FIREWALL
A firewall is either a hardware device or a software application that helps protect
your network from attackers. The firewall shields your network by acting as a 24/7
filter, scanning the data that attempts to enter your network and preventing anything that
looks suspicious from getting through.
Example: Think of a security guard with intimate knowledge of millions of potential
criminals. If the guard sees one, he or she keeps the criminal out of the building.
Similarly, a firewall’s protection comes from monitoring and regulating traffic that goes in
and out of your network. This is accomplished using a few different methods, including
packet filtering, a proxy service, and state-ful inspection.
18. HARDWARE & SOFTWARE FIREWALLS
HARDWARE FIREWALL
A hardware firewall is a physical device
much like a server that filters the traffic
going to a computer.
Protects the entire network
Requires a dedicated specialist to install
& manage
No updates needed
High cost
SOFTWARE FIREWALL
A software firewall is a piece of
software that is installed on your
computer in order to protect it from
unauthorized access.
Protects a single device
Easy to install
Regular manual updates are
necessary
Low cost
19. GENERATIONS OF FIREWALL
First Generation: Packet Filtering Firewalls
Second Generation: State-ful Inspection Firewalls
Third Generation: Application Layer Firewalls (Proxy Firewalls)
Fourth Generation: Next-Generation Firewalls (NGFW)
20. FIRST GENERATION : PACKET FILTERING FIREWALLS
Packet filtering firewall is used to control network access by monitoring outgoing
and incoming packets and allowing them to pass or stop based on source and
destination IP address, protocols, and ports. It analyses traffic at the transport protocol
layer (but mainly uses first 3 layers). Packet firewalls treat each packet in isolation. They
have no ability to tell whether a packet is part of an existing stream of traffic. Only It can
allow or deny the packets based on unique packet headers. Packet filtering firewall
maintains a filtering table that decides whether the packet will be forwarded or discarded.
From the given filtering table, the packets will be filtered according to the following
rules:
21.
22. 1- Incoming packets from network 192.168.21.0 are blocked.
2- Incoming packets destined for the internal TELNET server (port 23) are blocked.
3- Incoming packets destined for host 192.168.21.3 are blocked.
4- All well-known services to the network 192.168.21.0 are allowed.
23. SECOND GENERATION: STATEFUL INSPECTION FIREWALL
Stateful firewalls are able to determine the connection state of packet, unlike Packet
filtering firewall, which makes it more efficient. It keeps track of the state of networks
connection travelling across it, such as TCP streams. So the filtering decisions would not
only be based on defined rules, but also on packet’s history in the state table
24. THIRD GENERATION: APPLICATION LAYER FIREWALL
Application layer firewall can inspect and filter the packets on any OSI layer, up to the
application layer. It has the ability to block specific content, also recognize when certain
application and protocols (like HTTP, FTP) are being misused. In other words,
Application layer firewalls are hosts that run proxy servers.
A proxy firewall prevents the direct connection between either side of the firewall, each
packet has to pass through the proxy. It can allow or block the traffic based on
predefined rules
25. .NEXT GENERATION FIREWALLS (NGFW)
Next Generation Firewalls are being deployed these days to stop modern security
breaches like advance malware attacks and application-layer attacks. NGFW consists of
Deep Packet Inspection, Application Inspection, SSL/SSH inspection and many
functionalities to protect the network from these modern threats.
27. HOST BASED FIREWALLS
Host-based firewall is installed on each network node which controls each incoming and
outgoing packet.
It is a software application or suite of applications, comes as a part of the operating system.
Host-based firewalls are needed because network firewalls cannot provide protection
inside a trusted network. Host firewall protects each host from attacks and unauthorized
access.
28. NETWORK BASED FIREWALLS
Network firewall function on network level. In other words, these firewalls filter all
incoming and outgoing traffic across the network.
It protects the internal network by filtering the traffic using rules defined on the firewall. A
Network firewall might have two or more network interface cards (NICs). A network-based
firewall is usually a dedicated system with proprietary software installed.
29. FIREWALLS
ADVANTAGES
Protection from unauthorized access
Prevention of malware and other threats
Monitors network traffic
Promotes privacy
Network segmentation
DISADVANTAGES
Complexity
High cost
Limited visibility
Limited adaptability
Performance impact