Ethical Hacking Tutorial

What is OSI Model in Computer Networking? Layers, Diagram, Protocols, Devices, Data Flow, Pros & Cons


What is Open Systems Interconnection or OSI model in computer networking? We are going to cover everything in this write-up, including:

  • What is OSI model in a computer network?

  • 7 Layers of the OSI model

  • OSI model protocols

  • How does the OSI model work?

And much more…

This chapter is one of the most important parts of our comprehensive ethical hacking tutorial for beginners. In the tutorial, we have already covered numerous topics related to computer networking, such as:

Now, let’s get started with understanding the concept of open systems interconnection in networking.

What is OSI Model in Computer Networking? Definition Explained

The full form of OSI is Open Systems Interconnection.

The OSI model is a standard and conceptual model for computers and devices which is used to enable connection with other computers and devices. The communication between devices follows a standard protocol. 

Created by ISO (International Organization for Standardization), the OSI model divides the communication between systems into seven different layers. The role of every layer is different and is connected to the layers above and below it. 

Ethical hackers and professionals refer to these layer names when mentioning the relevant functionalities of the Open Systems Interconnection.

OSI Model Diagram in Computer Network

Here is the diagram of the OSI model in networking to have a better understanding of its different layers:

OSI Model Diagram in Computer Network


Image source: The Unstoppable Power

Why is OSI Model Used? What Are Its Role & Importance?

The OSI model in networking is very useful when it comes to troubleshooting issues related to networking

For instance, if someone cannot connect his desktop to the internet or a website becomes inaccessible for hundreds of its users, the OSI model helps find the issue and fix it. Network pros usually bring down the issues to a specific layer to troubleshoot them easily.

Here is a look at why the OSI model is important:

1. Handles Threats and Vulnerabilities

The OSI model breaks down the communication system into seven layers, allowing it to resolve networking issues at their origin. 

One can identify vulnerabilities across the network, detect risks at different stages, and troubleshoot security issues, such as cabling problems, communication failure, and bad routers, without hampering the entire OSI framework. The model allows the freedom to secure, optimise, and troubleshoot each layer independently.  

2. Ensures Secure Cloud Adoptions

Cloud computing has gained immense popularity over the years, and many companies are moving to the cloud to attain IT modernization. However, cloud systems come with a few security issues, such as malware injection, data breaches, data loss, insecure API, etc. 

OSI model, with its data-centric perspective, helps detect these security threats throughout the tech stack during cloud migration. Hence, organizations can implement enhanced strategies to zero in on the right cloud systems to adopt, which can mitigate security risks.

3. Helps Create an Inventory of Applications

With OSI layers, you can categorize your company’s assets to create inventory for applications that your team use often. You get a better understanding of where the company data is stored, whether it is on the cloud or on-premise. 

You can select and invest in relevant security solutions with enhanced data visibility and knowledge of OSI layers. For example, your company data is stored in SaaS services. In this case, an API-based solution is more beneficial for monitoring and securing data than an endpoint manager. 

You can invest in a more effective API data discovery solution meant specifically for monitoring cloud services. 

4. Beneficial for Equipment Manufacturers

The OSI model is also beneficial for hardware manufacturers as they can create their devices with unique configurations that can communicate over any network. 

What Are 7 OSI Model Layers? How Does OSI Model Work?

We’ll describe OSI layers “top-down” from the application layer that directly serves the end user down to the physical layer.

1. Application (Layer 7)

Software apps such as browsers and email clients depend on protocols and data manipulation for bringing data to the user. 

The application layer is used to begin communications between the user and the emails and relevant applications. It uses protocols like SMTP and HTTP. It is also the closest layer to the users.

Functionalities of OSI Model Application Layer

  • It primarily facilitates the transfer of files between two network devices using FTP (File Transfer Protocol).

  • It is the only layer where web surfing is possible, enabled by some protocols, such as HTTP (Hypertext Transfer Protocol), HTTPS (Hypertext Transfer Protocol Secure), etc.

  • It also facilitates remote host login with protocols such as Telnet. The layer is also known as the software version of a physical terminal in the network.

  • Emails are sent from one device to another on a network through the Application layer. Protocols such as Simple Mail Transfer Protocol (SMTP) are used for sharing emails.

2. Presentation (Layer 6)

As the name suggests, the presentation layer prepares the data and makes it presentable for the application layer in OSI model. It translates, encrypts, and compresses the data between two devices communicating. 

This is important because the devices may use different formatting methods. The presentation layer checks it and prepares the data in a way that users can understand easily. 

The American Standard Code for Information Exchange (ASCII), Extended Binary Coded Decimal Interchange Code (EBCDIC), Unicode, JPEG, etc., are part of the presentation layer. 

Functionalities of OSI Model Presentation Layer

  • Data translation is the process of translating or changing data from one form to another. This is what the Presentation layer does, transforming high-level user language data to an equivalent low-level machine-level language and vice-versa. For this purpose, it uses the standards such as EBCDIC, ASCII, etc.

  • Data compression refers to reducing bit numbers in data. Although it can be lossless or lossy in nature, lossless data compression is preferred for critical data items.

  • Data encryption is about converting plain text into cypher text for enhanced security, and it is applied on the sender’s side. On the other hand, data decryption focuses on decoding ciphertext into plain text and is applied at the receiver’s end. This layer encrypts and decrypts data through SSL (Secure Socket Layer).

3. Session (Layer 5)

When communication happens between two devices, the time taken from the start to the end is termed a session. It is important for the sessions to remain open until the data between the devices is exchanged. 

This is where the role of the session layer in OSI model comes into play. It opens and closes the session depending on the time required for data exchange.

Moreover, this layer also sets checkpoints for the data being transferred. For instance, if you are sending a 50 MB file, the layer will set checkpoints after every five MB. So, if the transfer fails due to any reason at 27 MB, then the transfer will resume from 25 MB rather than from scratch. 

Functionalities of OSI Model Session Layer

  • One of the key functions of the Session layer is authentication, a process to verify the user. It asks devices to enter valid credentials to secure data connection.

  • Next comes authorization, a step to determine a user’s authority to access data. This layer confirms that the device has permission to access the message or its components.

  • It also synchronizes the data at the sender’s and receiver’s end by adding various checkpoints. If data transfer fails, it is resumed for the last checkpoint, so there is no need to retransfer the data from the beginning. 

4. Transport (Layer 4)

The transport layer in OSI model divides the data flowing between two devices into small segments. It obtains data from the session layer and sends it to the network layer after breaking it into segments. 

In other words, it enables end-to-end interaction between the devices by preparing the data to be consumed by the session layer. 

This layer controls the flow so that the data transmission is done at an optimal speed. The transport layer also controls the errors to make sure that the receiver gets the complete data. 

It uses TCP and UDP as the primary protocols. 

Functionalities of OSI model Transport Layer

  • The Transport layer checks the data for any errors using the checksum bits available in the data header. The layer can also request the retransmission of data if it doesn’t reach the receiver’s end.

  • Segmentation is dividing data into multiple segments. The Transport layer assembles and reassembles data at the sender’s and receiver’s ends, respectively. Each segment has a source number to direct that data segment to the correct application and a sequence number that keeps them in the correct order when the data reaches the receiver’s side.

  • It also looks after maintaining a proper connection between devices. It uses TCP (Transmission Control Protocol) for connection-oriented transmission. The protocol is slow but reliable and can be used for long-distance transfer. UDP (User Datagram Protocol) is a fast bit not so reliable protocol used for connection-less transmission. It is often preferred for short-distance transmission. 

  • This layer also controls data flow while it is transmitted. The aim is to improve data transmission efficiency and avoid any risk associated with data loss.

5. Network (Layer 3)

After receiving the segments from the transport layer, the network layer in OSI model divides these segments into packets. The segments are divided on the end of the sender and then reassembled on the end of the receiver. 

The network layer also finds the best route for transmitting data between sender and receiver. 

However, remember that the network layer works only when both devices are on different networks. If these are on the same network, then it is not required. 

IP and ICMP are the primary protocols used on layer 3. 

Functionalities of OSI Model Network Layer

  • IP (Internet Protocol) address is a unique identifier assigned to every computer device on a network. The Network layer is responsible for attaching the destination and source IP address to the data to transmit it to different networks. It uses IPv4 and IPv6 for logical addressing.

  • Path determination refers to selecting the right path from numerous available options based on the routing information. This layer determines the optimum path to transmit data.

  • Routing defines the process used by data packets to travel from one node to another. The routing decisions are made in this layer based on IP addresses.

6. Data Link (Layer 2)

The purpose of the data link layer in OSI model is the same as the network layer. The only difference is that it works for devices that are on the same network. So, the data link layer is responsible for the communication between two systems on a local network. 

The primary protocols used in this layer include Virtual LAN (VLAN), Address Resolution Protocol (ARP), Ethernet, and Frame Relay. 

Functionalities of OSI Model Data Link Layer

  • It controls errors, flow, and access to data. The Data Link layer uses header information or checksum bits to identify errors and also looks after the rate of data transmission to control data flow. Moreover, it provides data access using the MAC address.

  • The Data Link layer gives media access to upper layers using framing, as it is responsible for the physical addressing of the data.

7. Physical (Layer 1)

As the name hints, the physical layer in OSI model is all about the physical equipment used for communication between two devices. Cables and switches are examples of the equipment. 

The physical layer is where the data is converted into bits (strings of 0s and 1s) to determine the way pulses are managed on the wire. The protocols used on the physical layer include 10BaseT, 10Base2, 100BaseTX, and 1000BaseT.

Functionalities of OSI Model Physical Layer

  • It specifies the data rate, i.e., the bits number sent every second, over the defined media.

  • The layer defines the line configuration of the network, be it multiport or point-to-point.

  • Also looks after the transmission media between two connected devices.

  • Defines data encoding type used in the transmission.

  • Defines network topology, such as Ring, Star, Bus, Tree, Mesh, and Hybrid.

  • Defines modes of data transmission, such as Simplex, Duplex, and Half-duplex.

Understanding OSI Model Data Flow

Data flows down from layer 7 to layer 1 on the sender’s device and from layer 1 to 7 on the recipient’s device. When a system receives an unstructured bit stream through a physical wire, each layer removes the applicable information. 

The following explanation depicts the data flow through the OSI model when an email is shared from one device to another:

  1. The Application layer (layer 7) is where an app creates data, such as email messages, to be sent to a user. This is the layer where the header field with specifications like font, screen size, etc., is placed.

  2. As soon as the sender clicks the ‘Send’ button to share an email, the message it sent to the Presentation layer (layer 6) through a defined protocol. This layer adds another layer to the information, compresses data, and sends it to the Session layer (layer 5). 

  3. This layer also follows the same process, adds relevant header information, and sends it to the Transport layer (layer 4).

  4. Here, data is segmented, adding another layer, such as acknowledging that the segment was received. The message is then passed on to the Network layer (layer 3).

  5. This layer breaks the segment into packets and places another layer of header 3 information, such as destination and source address. The Network layer determines the ideal delivery path and passes it to the Data Link layer (layer 2).

  6. Here, packets are broken down further into frames, placing layer 2 header and trailer information, which includes Frame Check Sequence (FCS). After ensuring that the information is not corrupt, the packer is sent to the Physical layer (layer 1).

  7. Here, data is converted into a bit stream, which is transmitted as ones and zeros across the media, such as cables or wireless connections.

  8. This is also the time when layer 1 ensures bit synchronization to assemble end-user data in the correct order.

  9. Once the message is received, the steps are reversed on the destination device. It collects raw bits from cables and transfers them to the Data Link Layer, which removes headers and trailers and passes the information to the Network layer. The process is continued so forth until the message is received by the Application layer. Once it’s done, the second device will get a notification to indicate that a new email has been received.

List of OSI Model Protocols in Each Layer

Here are the OSI model protocols supported at different layers:




Layer 7



Layer 6



Layer 5



Layer 4



Layer 3



Layer 2

Data Link

RAPA, PPP, Frame Relay, ATM, Fiber Cable, etc.

Layer 1


RS232, 100BaseTX, ISDN, 11.

OSI Model Devices by Layer

Below is a list of OSI model devices for each layer:


OSI Layer












Data Link

Switch, Bridge, Access Point


Hub, NIC, Cable, Wireless

What Are Advantages of OSI Model?

We have listed the primary benefits of OSI model below:

  • Helps to standardize routers, motherboard, switch, and other hardware

  • It is a generic model and works as a guidance tool to create a network model

  • Supports connected-oriented and connectionless services

  • Standardises interfaces and mitigates complexities

  • Accelerates evolution

  • Ensures interoperable technology

  • Makes troubleshooting easier

  • Changes in one layer don’t affect another layer, provided interfaces between layers aren’t changed

  • Facilitates modular engineering

  • Provides flexibility to adapt to different protocols

  • A standard model in computer networking

  • Easy to replace protocols in each layer based on the nature of the network

  • Separates interfaces, services, and protocols, adding to its flexible nature

What Are Disadvantages of OSI Model?

The following are the main disadvantages of the OSI model:

  • OSI model is more theoretical and conceptualized without considering the availability of the appropriate technology

  • It can only be used as a reference model.

  • The OSI model is also quite complex, and its initial implementation is slow, expensive, and tedious.

  • It doesn’t define specific protocols.

  • Fitting the protocols is also a complicated task.

  • Even the standards of the OSI model are theoretical, with no relevant solutions for network implementation.

  • In the model, some functions or services are repetitive in different layers, such as flow control, addressing, and error control is duplicate services offered by multiple layers.

  • The time of launching the model was inappropriate. When the OSI model was introduced, the TCP/IP was already in motion, so organizations were not so convinced to use it.

  • Despite having many layers, some of them have little functionality when deployed practically, especially the Session and Presentation layers, which are used for session management and user interaction and are not as useful as other layers.

  • Layers are unable to work parallel to each other as they first need to receive data from the previous layer.

  • Once launched, the OSI model failed to meet the practical demands and the TCP/IP model. Hence, it was considered of inferior quality.

OSI Model vs TCP IP Model (Differences)

The following tabular comparison shows what are the differences between TCP IP and OSI model:

OSI Model

TCP/IP model

Stands for Open System Interconnection.

Stands for Transmission Control Protocol.

The model has been developed by ISO (International Standard Organization).

The model has been developed by ARPANET (Advanced Research Project Agency Network).

OSI model is an independent standard and generic protocol that works as a communication gateway between the network and the end user.

TCP/IP consists of standard protocols, leading to the development of the internet. It is a communication protocol that connects the hosts.

Has 7 layers.

Has 4 layers.

It clearly distinguishes between interfaces, services, and protocols.

There are no clearly defined points to distinguish between services, interfaces, and protocols.

It uses the Network layer to define routing standards and protocols.

Uses the Internet layer for the purpose.

Here, the Transport layer guarantees the delivery of the packets.

The Transport layer doesn’t assure the delivery of packets, but it is still a more reliable model.

Uses two different layers, Physical and Data Link, to define the functionalities of the bottom layers.

TCP/IP uses only the Link layer for the same.

Allows standardisation of the devices, such as a router, switches, motherboard, and other hardware devices.

Doesn’t help in the standardisation of the devices but allows connection between different computers.

Based on a vertical approach.

Based on a horizontal approach.

OSI model protocols are hidden and easy to replace with technological evolution.

Protocol can’t be replaced easily.

Also called a reference model, and networks are built through it. For example, the TCP/IP model is built from the OSI model. It is also known as a guidance tool.

It is an implemented model of the OSI model.

Data Link and Physical layers are separate.

Both layers are combined as a single host-to-network layer.

The Session and Presentation layers are different.

The session and Presentation layers are combined in the application layer.

Supports connection-oriented and connectionless services.

Supports only connectionless services.

The minimum OSI header size is 5 bytes.

The minimum header size is 20 bytes.

Usage is low.

Usage is high.


FAQs About Open Systems Interconnection (OSI) Model

Below are some of the frequently asked questions related to the OSI model in a computer network.

1. Who developed the OSI model?

The OSI model was developed by ISO (International Standard Organization).

2. How many layers are there in OSI model?

There are 7 layers in the OSI model, which are named:

  1. The Physical Layer

  2. The Data Link Layer

  3. The Network Layer

  4. The Transport Layer

  5. The Session Layer

  6. The Presentation Layer

  7. The Application Layer

3. What does the OSI model stand for?

OSI stands for Open Systems Interconnection.

4. RTP flows at which layer of the OSI model?

Real-Time Transport Protocol (RTP) is created at the Application layer, and then it’s transferred to the Transport layer for delivery. 

5. Is the OSI model used today?

The OSI model is still relevant and important for the following reasons:

  1. It helps identify vulnerabilities and threats across the tech stack within an organisation.

  2. It plays a crucial role in developing a security-first mindset during cloud migration.

  3. Helps maintain a data-centric security posture.

  4. It can be modified to ensure secure cloud infrastructure.

6. What is the difference between a packet and a frame with reference to the OSI model?


When we communicate through networks, it involves sending and receiving information and files. This data shared between a source and a destination is divided into packets recombined by the destination device.


Frames are also small units of a message transmitted through the network. The Data Link layer and payload data jointly construct a frame. It helps identify the data and find the right way to decode and interpret it. 

The primary difference between the two is their association with the OSI layers. Packets are the unit of data in the Network layer, while frames are a part of data used in the Data Link layer. 

The data part of a frame is referred to as a packet. Hence, we can say a frame encapsulates a packet. A frame contains more information regarding the message being transmitted than a packet. 

7. What is a PDU in the OSI model?

A PDU (Protocol Data Unit) is an open system interconnection (OSI) term often used in telecommunication to refer to a group of information that an OSI layer adds or removes. Throughout the model, every layer uses PDU to exchange information, which a peer layer reads on the receiving device and hands over to the next upper layer after stripping. 

To simplify it, the information at every layer is called PDU, and it contains protocol-specific control information. As PDU moves through 7 layers, each of them adds or deletes protocol information. PDU is known by different names at each layer based on its role. 

8. What is data encapsulation in the OSI model?

Encapsulation means adding more information to the data while it travels in the OSI model. The information is added on the sender’s end, starting from the Application layer to the Physical layer.

9. OSI model was developed in which year?

 The OSI model was introduced in 1982/1983 and was adopted by ISO as an international standard in 1984.

Did you find this article helpful?