【Table of contents】

1. 1. Introduction
   • a) What is the OSI reference model?
2. 2. Security in OSI reference model
   • a) Defense of each layer of the OSI reference model
   • b) Importance of WAF
3. 3. Conclusion

• 1. Introduction

  The role of the WAF in protecting the seven layers of the OSI reference model will be explained in detail. Before that, let's take a closer look at what the OSI reference model is and why you need a WAF.

  • a) What is the OSI reference model?

    The OSI reference model is an internationally defined network type (model) that provides an easy to understand understanding of networks. In the old days, each network equipment manufacturer decided the type of network freely, so it was often impossible to communicate with equipment from different manufacturers, which was a problem. Therefore, there was a movement to unify network types internationally, and the OSI reference model was created. Currently, TCP/IP, a type of network similar to the OSI reference model, is widely used, but if you understand the OSI reference model, it is easier to understand what devices and services exist at each layer of the network and security, and what their roles are.

    Let's take a real look at what kind of hierarchy there is.
     

    Layer	Layer Name
    Layer 7	Application Layer, L7, Layer 7
    Layer 6	Presentation layer, L6, Layer 6
    Layer 5	Session layer, L5, Layer 5
    Layer 4	Transport Layer, L4, Layer 4
    Layer 3	Network Layer, L3, Layer 3
    Layer 2	Data Link Layer, L2, Layer 2
    Layer 1	Physical Layer, L1, Layer 1

     

    For example, a network device running at the network layer is called an L3 switch, which is derived from this OSI reference model.

    Let's also take a look at what role each layer plays.
     

    Layer	Role
    Layer 7, Application Layer	This is the layer where the application interacts. For example, when you click a button on the web screen, the application layer works to send information to the web server that the button has been clicked.
    Layer 6, Presentation layer	This is the layer that determines the type of characters and data. For example, it is at this layer that we can determine if the data being communicated is a compressed file or not.
    Layer 5, Session layer	This is the layer that performs communication to start and end communication.
    Layer 4, Transport Layer	It's a layer to make sure that the communication is being delivered properly. In order to ensure that the data being communicated is not damaged, we check each time to see how far the communication has reached.
    Layer 3, Network Layer	An IP address, which is like an address on a network, is used and is the layer where communication takes place.
    Layer 2, Data Link Layer	This is the layer used to determine which machine the other party is communicating with. This is the layer where the device specific address (MAC address) is used.
    Layer 1, Physical Layer	This is the layer that makes arrangements for electronic signals for communication and for radio waves to be used.

     

    Thus, the OSI reference model plays an important role in communicating with the other party at each level. By understanding the OSI reference model, we can decompose and understand the network and security, which is very useful in considering security measures.
     

• 2. Security in OSI reference model

  Let's take a look at what kind of security measures should be taken at each layer using the OSI reference model. We will also describe the importance of a WAF that protects the seven layers of the OSI reference model.

  • a) Defense of each layer of the OSI reference model

    For the OSI reference model, each layer has a different attack method. Therefore, there are security measures that are specific to each layer. Let's take a look at what kind of attacks there are and what kind of security measures exist.
     

    Layer	Layer Name	Description of security measures
    Layer 7	Application Layer	Attacks：SQL injection and cross-site scripting attacks. Countermeasures：Use secure programming and WAF (WebApplicationFirewall).
    Layer 6	Presentation Layer	Attacks：SQL injection and cross-site scripting attacks. Countermeasures：Use secure programming and WAF (WebApplicationFirewall).
    Layer 5	Session Layer	Attacks：Eavesdropping, IP address spoofing, DDos attacks using communication verification mechanisms, etc. Countermeasures：Encryption, FW (FireWall), IPS/IDS.
    Layer 4	Transport Layer	Attacks：Eavesdropping, IP address spoofing, DDos attacks using communication verification mechanisms, etc. Countermeasures：Encryption, FW (FireWall), IPS/IDS.
    Layer 3	Network Layer	Attacks：Eavesdropping, IP address spoofing, DDos attacks, etc. Countermeasures：Encryption, FW (FireWall), IPS/IDS.
    Layer 2	Data Link Layer	Attacks：Eavesdropping, MAC address spoofing, DDos attacks, etc. Countermeasures：Encryption, FW (FireWall).
    Layer 1	Physical Layer	Attacks：Breaking into a data center, etc. Countermeasures：Place dedicated gates and guards in data centers and dedicated security rooms.

     

    In this way, we can see that the necessary security measures are different for each level of the OSI reference model. Let's take the necessary security measures for each layer.
     

  • b) Importance of WAF

    In a), we have looked at the security measures at each level. Then, we can see that at Layer 6 or 7, the only countermeasures are secure programming or WAF. However, the defenses in secure programming have their limits. For example, no matter how hard we try to secure programming, vulnerabilities in middleware and programming languages are discovered every day. The task of securely rewriting and continually updating the program each time can be quite daunting.

    With a WAF, if a vulnerability is discovered, you can simply update your signature and not make any program changes. To safely, easily, and reliably protect the seven layers of the OSI reference model, WAF is the way to go.

    Also, it is very easy to attack the application layer. A SQL injection attack is possible with application knowledge, and an attack is also possible if the vulnerability is disclosed. Because it is easy to become a target of attack, it is necessary to protect applications with products such as WAF to prevent them from being destroyed, tampered with, or accessed illegally.
     

• 3. Conclusion

  We took a closer look at the role of each hierarchy in the OSI reference model, and found that understanding the role of each hierarchy helps us to better understand networks and security. We also checked the necessary security measures for each level. Among them, WAF can be safely and easily deployed as a tool to protect the seventh layer of the OSI reference model, reducing attacks on applications and making web applications more secure.