Network+ Deep Dive: Where Firewalls, Load Balancers, and APs Fit in the OSI Model

OSI Model or Open Systems Interconnect model: It is important to remember that this is a theoretical framework, meaning that it is just one way of thinking about networking.

What happens at each layer?

The table below shows examples of what exists at each layer, mainly hardware at the physical layer and protocols on the other layers.

OSI Layers	Which Headers Can Be Added at this Layer	What happens on these layers
Application	SMTP, HTTP, FTP, HTTPS, P2P, DNS, etc.	Header is added to the data (whether it is an HTTP header, SMTP, etc.)
Presentation		Handles data formatting, encryption, and compression to ensure data is in a usable format for the application layer.
Session		Managing and controlling connections between devices, including establishing, maintaining, and terminating sessions.
Transport	TCP, UDP, etc.	Handles end to end communication between two nodes or devices.          Identifies which application is making a request and which service will receive them.           Data is divided into manageable segments and sends each segment individually along with a sequence number, so that the data can be reassembled at the end according to the sequence number.          TCP or UDP (or other) header is added here. The header contains info such as sequence number, source port number, destination port number, etc.
Network	IP, ICMP, IPsec, etc. (Router)	Turns segments into packets.           Adds the corresponding header here, such as the IP header, which contains the source and destination IP addresses.           Routes the data frames across different networks.
Data Link	ARP, VLAN, STP, etc. (Switch)	Takes the data bits from the physical layer and 1) Organizes them into frames. 2) Adds headers such as MAC.
Physical	Hubs, Fiber, etc.	Transmits raw bits of data over physical connections.

Quick Study Table

OSI Layers	(PDU) Protocol Data Unit
Transport	Segments – used by protocols like TCP and UDP to manage the flow and reliability of data between applications.
Network	Packets – contain source and destination IP addresses
Data Link	Frames – contain source and destination MAC addresses
Physical	Bits – fundamental units of data (represented as 0s and 1s).

Common Devices and the OSI Layer They Operate On

What tripped me up when studying for the Network+ exam was: which layer do firewalls, load balancers, and access points operate on?

·        Firewalls can operate at multiple layers of the OSI model, most commonly at Layers 3, 4, and 7 (depending on the type of firewall).

·        Load balancers can also operate at multiple layers of the OSI model, most commonly layers 4 and 7.

·        Access points operate on layers 1 and 2.

OSI Layer	Firewall Type	Load Balancer
3	Packet filtering firewalls filter traffic based on IP addresses and protocols (similar to a router, but these firewalls offer less granular control).
4	Filter traffic based on ports (e.g., TCP and UDP), allowing or blocking connections based on port number.	Make routing decisions based on network info like IP addresses and port numbers (use TCP and UDP protocols).
7	Application or web app firewalls (WAFs) analyze the content of the packets to identify malicious activity and content filtering.	Utilize application-level data such as URLs, cookies, and content types to make more sophisticated routing decisions. (Uses application-level protocols like HTTP, HTTPS, and SMTP).

More info:

Load balancers can also:

• provide encryption / decryption (SSL offload)

• caching data so responses can come immediately from the load balancer instead of needing to go all the way to the server.

• prioritizing traffic (QoS)

Access Point

OSI Layer	Access Point (AP)
2	Manages wireless MAC addresses and frames, and bridging between wired 802.3 ethernet network and wireless 802.11 networks. APs are generally referred to as a Layer 2 device.
1	Sends and receives radio waves according to the 802/11 specifications. Transmission of data, such as encoding and decoding signals.